Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Rene on za 09-04-2016 at 13:28:01,59. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Rene\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 9-4-2016 13:29:41 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\ALM deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\Rene\AppData\Local\ActiveSync deleted successfully C:\Users\Rene\AppData\Local\PackageStaging deleted successfully C:\Users\Rene\AppData\Local\softthinks deleted successfully C:\Users\Rene\AppData\Local\VirtualStore deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4273996765-3856707541-530888196-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{14754904-E794-4327-BD66-39A179B6A938} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{14754904-E794-4327-BD66-39A179B6A938} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{14754904-E794-4327-BD66-39A179B6A938} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Acrobat Reader DC - Nederlands Adobe Illustrator CC 2015 Adobe Update Management Tool AutoCAD 2014 - English AutoCAD 2014 Language Pack - English Autodesk 360 Autodesk App Manager Autodesk AutoCAD 2014 - English Autodesk Content Service Autodesk Content Service Language Pack Autodesk Featured Apps Autodesk Material Library 2014 Autodesk Material Library Base Resolution Image Library 2014 Autodesk ReCap Autodesk ReCap Language Pack-English ByteFence Anti-Malware Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CyberLink LabelPrint 2.5 CyberLink Media Suite 10 CyberLink Media Suite Essentials CyberLink Power2Go 8 CyberLink PowerDirector 10 CyberLink PowerDVD 12 Dell Backup and Recovery Dell Data Vault Dell Digital Delivery Dell Product Registration Dell SupportAssist Dell SupportAssistAgent Dell Touchpad Dell Update DW WLAN Card FARO LS 1.1.501.0 (64bit) Google Chrome Google Update Helper Intel(R) Management Engine Components Intel(R) Processor Graphics Intel© Trusted Connect Service Client McAfee SafeKey(alleen installatie verwijderen) McAfee SecurityCenter McAfee Virtual Technician McAfee WebAdvisor Microsoft Office Professional Plus 2016 - nl-nl Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Office 16 Click-to-Run Extensibility Component Office 16 Click-to-Run Licensing Component Office 16 Click-to-Run Localization Component PowerISO QuickPar 0.9 Quickset64 Realtek Card Reader Realtek High Definition Audio Driver SketchUp Import for AutoCAD 2014 Spotnet VLC media player Wacom-tablet WebTablet IE Plugin WebTablet Netscape Plugin WIDCOMM Bluetooth Software WinRAR 5.20 (64-bit) ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Users\Rene\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Rene\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rtop deleted successfully ==== Deleting Files \ Folders ====================== C:\Program Files\ByteFence deleted C:\PROGRA~3\{010DD54D-6F97-418D-BC47-2089F30A0075} deleted C:\PROGRA~3\Package Cache deleted C:\PROGRA~3\ByteFence deleted C:\Users\Rene\AppData\Local\cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\windows\SysNative\tasks\ByteFence deleted C:\windows\SysNative\tasks\ByteFence Scan deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8097 MB CPU Info: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz CPU Speed: 1704,3 MHz Sound Card: Luidsprekers/koptelefoons (Real | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | Intel(R) HD Graphics Family Monitors: 2x; Generic PnP Monitor | Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Dell Wireless 1704 802.11b/g/n (2.4GHz) | Realtek PCIe FE Family Controller | Bluetooth Device (Personal Area Network) CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVD+-RW GU90N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 918,9GB | F: 931,0GB | G: 500,5MB Hard Disks - Free: C: 833,4GB | F: 821,7GB | G: 474,7MB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | | DELL - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: Dell Inc. 0GDYPP Country: Nederland Language: NLD ==== System Specs (Software) ====================== Default Browser: Google Chrome 49.0.2623.112 Internet Explorer Version: 11.162.10586.0 Google Chrome version: 49.0.2623.112 Adobe Reader version: 15.10.20056.167417 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-04-08 16:55:59 692CA5EBC9E0CEF0A8D0BE4DF7400CEE 9528 ----a-w- C:\WINDOWS\diagwrn.xml 2016-04-08 16:55:59 692CA5EBC9E0CEF0A8D0BE4DF7400CEE 9528 ----a-w- C:\WINDOWS\diagerr.xml ====== C:\Users\Rene\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-04-08 18:17:58 EC21FC40C74206DAB19F1A8F9132EFAB 890368 ----a-w- C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-04-08 18:17:58 E3C2853C8F2EED113646F07D62D08C9E 503296 ----a-w- C:\WINDOWS\SysWOW64\SettingSync.dll 2016-04-08 18:17:58 C8F351BE29CEA63BC5EE5A175576B7F3 1105920 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2016-04-08 18:17:58 C86784A6F08E733BE19D62C82182FA7D 266752 ----a-w- C:\WINDOWS\SysWOW64\MSFlacDecoder.dll 2016-04-08 18:17:58 C117F577BB0CC6545EA181FBB3FACE99 980352 ----a-w- C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2016-04-08 18:17:58 B65549A1CDB2C827AD022A3F35994FCF 2180136 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll 2016-04-08 18:17:58 B315EB17077EF082A79922D4EA47DBF4 163328 ----a-w- C:\WINDOWS\SysWOW64\fwbase.dll 2016-04-08 18:17:58 B073C14F8B76DF8652415488C22F10A1 670928 ----a-w- C:\WINDOWS\SysWOW64\mfds.dll 2016-04-08 18:17:58 AF209F751EB761084CEFE2CF10E1CE8D 895080 ----a-w- C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2016-04-08 18:17:58 A7583A49B0F4A91E5B2E154C3582DF82 420928 ----a-w- C:\WINDOWS\SysWOW64\msvproc.dll 2016-04-08 18:17:58 A34EDEA5F401143A0190642EABA28518 709688 ----a-w- C:\WINDOWS\SysWOW64\mfsvr.dll 2016-04-08 18:17:58 A19A2DDCC69FF16B5FB68AD4F02B564A 480256 ----a-w- C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-04-08 18:17:58 9DEB4C56FAAB147839BF68B6C28A38FC 164864 ----a-w- C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2016-04-08 18:17:58 964DE3052B6A869EFBC86930DD51E8BD 379392 ----a-w- C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2016-04-08 18:17:58 8C2E49ACD2A820A3FA7C598B811F3803 450912 ----a-w- C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2016-04-08 18:17:58 8BD7A79F9A8FF011B89A61C8AC796988 502112 ----a-w- C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-04-08 18:17:58 888D41F5EFD6995491326C0DEEA2124A 713824 ----a-w- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2016-04-08 18:17:58 7734BD0E9C8ED7DC48F559A67D0A79F4 20480 ----a-w- C:\WINDOWS\SysWOW64\wfapigp.dll 2016-04-08 18:17:58 5D676C1C350EA4976B888804444932CE 2061312 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-04-08 18:17:58 550ECFF3C3808065169BFEA6C2B7837C 400896 ----a-w- C:\WINDOWS\SysWOW64\winspool.drv 2016-04-08 18:17:58 49CF99392314B7CAD65DE8A05ABFE30D 882720 ----a-w- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-04-08 18:17:58 463DA1563BB9C1849527967BA80C1810 287712 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll 2016-04-08 18:17:58 162CB5DE3BAB5A029E658180A2E0673A 2919320 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2016-04-08 18:17:58 160CC95D34D62B6A72F9E4E3EE52EBCC 369664 ----a-w- C:\WINDOWS\SysWOW64\FirewallAPI.dll 2016-04-08 18:17:58 0C39C1CC2ABC5D88D586EA0D86E79EEE 2793472 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-04-08 18:17:58 05B15BD9C92BE52F35A2295B22C5D892 168448 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2016-04-08 18:17:56 E83DA16178E4E97B572900803183419D 1542816 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2016-04-08 18:17:56 D641F5B6C115C334FD990827979028F3 18677760 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-04-08 18:17:56 AD1B282BDE4A19D7CE2D405409DBB8D0 1497088 ----a-w- C:\WINDOWS\SysWOW64\WMPDMC.exe 2016-04-08 18:17:56 AA20E6BCDC5A617F4333EE5EEE3CC79E 5661696 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-04-08 18:17:56 7BB6C35792323E4761AC6624E2D42397 12125696 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-08 18:17:56 780795062541AF34415CCCE4072FBBB8 12586496 ----a-w- C:\WINDOWS\SysWOW64\wmp.dll 2016-04-08 18:17:56 2D0C2AB110A51895D9D1E875201013DE 1557768 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2016-04-08 18:17:56 22269B90E92BECDEB3D67EBE1DDB378E 3666432 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2016-04-08 18:17:56 00CE414BA74B576960B559C8C2674106 19339776 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-08 18:17:55 FABAF2C5E74BA9ADC07D28BB03F5C32A 349696 ----a-w- C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-04-08 18:17:55 F40196C743D54C56C7C2CCDD6FDE262E 572272 ----a-w- C:\WINDOWS\SysWOW64\taskschd.dll 2016-04-08 18:17:55 CA57FE09C1255009C9AC1462B7D7264D 957608 ----a-w- C:\WINDOWS\SysWOW64\ole32.dll 2016-04-08 18:17:55 9DB69A637142A6C72DF22706CF2F6F7B 31744 ----a-w- C:\WINDOWS\SysWOW64\TimeBrokerClient.dll 2016-04-08 18:17:55 97E96ABEBCB6CF556406781C47C5282A 78848 ----a-w- C:\WINDOWS\SysWOW64\asycfilt.dll 2016-04-08 18:17:55 8CE4D365EF60DA0A098757371DD43752 88576 ----a-w- C:\WINDOWS\SysWOW64\olepro32.dll 2016-04-08 18:17:55 76B9CA3DF18D9E116051652EB4CD2FF2 9919488 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-04-08 18:17:55 5A98CF000F5202776E4A58438AB2E070 4412928 ----a-w- C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-04-08 18:17:55 4591BC3EC5FD8336642F8B94EABD4D4F 187744 ----a-w- C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-04-08 18:17:55 42248856CC8A2AE6642B5D1B170EAB35 450560 ----a-w- C:\WINDOWS\SysWOW64\SyncController.dll 2016-04-08 18:17:55 2BECAD7E55AB723F361254477270ED2F 1707520 ----a-w- C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-04-08 18:17:55 197948552BE23DACBEF10ECC8168FD11 29696 ----a-w- C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-04-08 18:17:55 100E983F59F3BF3A3F8BFA327CF9B438 157184 ----a-w- C:\WINDOWS\SysWOW64\WiFiDisplay.dll 2016-04-08 18:17:55 0C60922D59461C8D1B0A2AA3CF493438 21124344 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2016-04-08 18:17:53 FC90756CB632C0E4AC0D6A60AF2DF9AD 585216 ----a-w- C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2016-04-08 18:17:53 F7447D7EDE2E9F4FEC87143F5CC021F5 65536 ----a-w- C:\WINDOWS\SysWOW64\wininetlui.dll 2016-04-08 18:17:53 EBD26D676238C0B3938AFF925043576F 394752 ----a-w- C:\WINDOWS\SysWOW64\werui.dll 2016-04-08 18:17:53 EB5DBA11B7C79B28A759AF12F03A17BB 769536 ----a-w- C:\WINDOWS\SysWOW64\ContactApis.dll 2016-04-08 18:17:53 E43400F37F8F0FA9281FEB64E3D7F72B 754176 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-04-08 18:17:53 E34395496B11CF5C8C5B6D2E438BFA43 18944 ----a-w- C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll 2016-04-08 18:17:53 DD73501C379ABF585DC7CC1765BE8E2E 303104 ----a-w- C:\WINDOWS\SysWOW64\atmfd.dll 2016-04-08 18:17:53 DB6C9645A16676FDE0D730CB05D8F6E1 1443328 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-04-08 18:17:53 D8DA5B9D54225B46242011154C9E417A 133632 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-04-08 18:17:53 D1817C1F148C21EC4403186D731DF042 540752 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-04-08 18:17:53 CF342DCC0B8053DCABA7C5D30BE4B5C3 1500672 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-08 18:17:53 CE9B87CDE4D7BCEA229D676720E28C6B 1859960 ----a-w- C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-04-08 18:17:53 CA2EA5401563387162E61444AE15AF59 53248 ----a-w- C:\WINDOWS\SysWOW64\profext.dll 2016-04-08 18:17:53 C9B1E5A2FE0C7BF75B8B751311331EB4 2604032 ----a-w- C:\WINDOWS\SysWOW64\CertEnroll.dll 2016-04-08 18:17:53 C97B5BEADC79FFC5DAF1C9011CAE796B 5242496 ----a-w- C:\WINDOWS\SysWOW64\windows.storage.dll 2016-04-08 18:17:53 C406A5FDC8A1ECF2A9632F302B7D0EC3 294752 ----a-w- C:\WINDOWS\SysWOW64\msv1_0.dll 2016-04-08 18:17:53 C23A52581FEA6CD49A49160BFA794BF7 6952088 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-04-08 18:17:53 C012CE3AB0120D01C75EDBB869AC463E 523752 ----a-w- C:\WINDOWS\SysWOW64\dxgi.dll 2016-04-08 18:17:53 B014F98BEE810D5BF9F8C1C75F0EAD92 489984 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.dll 2016-04-08 18:17:53 AC42505CBCEE5825BB2695C34E43B1D0 184832 ----a-w- C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2016-04-08 18:17:53 A8EF9AEDACF24908E12E910BF3977DC9 703840 ----a-w- C:\WINDOWS\SysWOW64\WWAHost.exe 2016-04-08 18:17:53 A43688711B5DA91ED9FC159BB8F8AF14 646656 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-04-08 18:17:53 9B60985A87BA2FED9F57DA30F191098E 315904 ----a-w- C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2016-04-08 18:17:53 978D6640C869D7FA4FCDD877E4A5C2C7 93696 ----a-w- C:\WINDOWS\SysWOW64\fontsub.dll 2016-04-08 18:17:53 952D6065F133D9525B399E6274CFE027 793600 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll 2016-04-08 18:17:53 93B7ED5F44D9C3FB0A74C059E1B9E68B 89088 ----a-w- C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-04-08 18:17:53 88D538838692B2D66514301CCB37B4E7 83456 ----a-w- C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-04-08 18:17:53 856AD15FD2D187EA8435564A135C85C0 228352 ----a-w- C:\WINDOWS\SysWOW64\deviceaccess.dll 2016-04-08 18:17:53 7F0A9630C78E3783680CC9620C4E09C0 6740992 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll 2016-04-08 18:17:53 7A2A3BAAA05C8124D95B2915E904F900 141664 ----a-w- C:\WINDOWS\SysWOW64\wermgr.exe 2016-04-08 18:17:53 75B5C1588D3703F44004D3EB2BD358AD 129024 ----a-w- C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2016-04-08 18:17:53 6FA3485DB4DE58EE9E73597CAC493AB4 37376 ----a-w- C:\WINDOWS\SysWOW64\atmlib.dll 2016-04-08 18:17:53 6DFDAD2B0EA3385069276DF547F4CAC8 2186864 ----a-w- C:\WINDOWS\SysWOW64\d3d11.dll 2016-04-08 18:17:53 6DA0B412C0DD9DDB5382527488A5AD2E 237056 ----a-w- C:\WINDOWS\SysWOW64\thumbcache.dll 2016-04-08 18:17:53 65D0043F608A12AF75ED37A65AFB906B 342528 ----a-w- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-04-08 18:17:53 64B0C2833EB2501DAE37C0A9700BF48F 45568 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll 2016-04-08 18:17:53 620737C11CD32E03299E0B60BC896230 552960 ----a-w- C:\WINDOWS\SysWOW64\AppointmentApis.dll 2016-04-08 18:17:53 5A212173FC0622865F409B16ED77C9DF 98304 ----a-w- C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2016-04-08 18:17:53 594B272EA8C34067CD74AAE90EFFBE88 1626624 ----a-w- C:\WINDOWS\SysWOW64\dwmcore.dll 2016-04-08 18:17:53 56315A6A6598E701BB0A5F506DA6143E 200704 ----a-w- C:\WINDOWS\SysWOW64\cemapi.dll 2016-04-08 18:17:53 4D2E3D6BC01E7A5E9C6F9AFDBFAF98BB 220064 ----a-w- C:\WINDOWS\SysWOW64\sqmapi.dll 2016-04-08 18:17:53 4B9DE8EAA2E16C34E018749F325BAEFF 949248 ----a-w- C:\WINDOWS\SysWOW64\Unistore.dll 2016-04-08 18:17:53 44F1D7984F8B7739EF7EF50DEC6B41B9 2229760 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-04-08 18:17:53 43AE8C9F7D031AB3DBEADA4C17D8C682 150528 ----a-w- C:\WINDOWS\SysWOW64\VCardParser.dll 2016-04-08 18:17:53 3BFCD46B7D67D0B137BD54C2BE644C4A 161280 ----a-w- C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-04-08 18:17:53 3B1F2F6F89F3F4ED75C5FADDB2E7CFE1 56320 ----a-w- C:\WINDOWS\SysWOW64\POSyncServices.dll 2016-04-08 18:17:53 39E7BAB659A6AB4419A908E578BE7029 56320 ----a-w- C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll 2016-04-08 18:17:53 395F9E50709FAE503C339047207E46CF 540160 ----a-w- C:\WINDOWS\SysWOW64\ChatApis.dll 2016-04-08 18:17:53 392434472351B2DA0499AEC962E988CE 37888 ----a-w- C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll 2016-04-08 18:17:53 38EE252AD45EB7D6834F718B9487D3F9 538736 ----a-w- C:\WINDOWS\SysWOW64\wer.dll 2016-04-08 18:17:53 3547D79A60007624BFEBAFCAE158E992 169984 ----a-w- C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2016-04-08 18:17:53 3249EA75874EE3DD3FCBA141656DF210 713728 ----a-w- C:\WINDOWS\SysWOW64\netlogon.dll 2016-04-08 18:17:53 31657EDEEA6039E71C708BDA61AB62D5 37888 ----a-w- C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll 2016-04-08 18:17:53 2C84609F09FD003FA955567D395EEA8A 575488 ----a-w- C:\WINDOWS\SysWOW64\EmailApis.dll 2016-04-08 18:17:53 259517866C369BCC5990292BCB57E709 223744 ----a-w- C:\WINDOWS\SysWOW64\ExSMime.dll 2016-04-08 18:17:53 242708810A22D373904539EDF39FFAD1 196608 ----a-w- C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2016-04-08 18:17:53 1ECA3CCBC61038D780FC179C9CB5F0CA 1944576 ----a-w- C:\WINDOWS\SysWOW64\InputService.dll 2016-04-08 18:17:53 1AEBF2230422716D8CE1BEBCBAE961D3 48128 ----a-w- C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll 2016-04-08 18:17:53 15E75D27F0C67A7A21D5A514601F0E5A 135168 ----a-w- C:\WINDOWS\SysWOW64\AppxSip.dll 2016-04-08 18:17:53 05B81C404A34101E1DC17C0D9A67EA32 5321728 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-04-08 18:17:53 053E2D136DB8A4743E4C40D5D979834B 200704 ----a-w- C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-04-08 18:08:10 F432E0E5B0958F4982D40EB622FBD7FC 35480 ----a-w- C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2016-04-08 18:08:10 BF9CAA33ADD4C21C118148B5CFC5494B 778936 ----a-w- C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2016-04-08 18:08:10 6F391E9286733CC6B34FC0FAB23B8DF3 103120 ----a-w- C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-04-08 17:55:19 79422D76818752C6D935A97C8FFC4EEA 44147 ----a-w- C:\WINDOWS\SysWOW64\license.rtf 2016-04-08 17:27:20 F16BF0E24EE8C8346376E6210C23D2E5 103944 ----a-w- C:\WINDOWS\SysWOW64\OpenCL.DLL 2016-04-02 07:25:09 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\WINDOWS\SysWOW64\XAPOFX1_5.dll 2016-04-02 07:25:09 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\WINDOWS\SysWOW64\XAudio2_7.dll 2016-04-02 07:25:07 4FD7BCB9D8AF6A165E9BA0C2EB702E7C 239960 ----a-w- C:\WINDOWS\SysWOW64\xactengine3_7.dll 2016-04-02 07:25:06 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\WINDOWS\SysWOW64\D3DCompiler_43.dll 2016-04-02 07:25:05 83EBA442F07AAB8D6375D2EEC945C46C 1868128 ----a-w- C:\WINDOWS\SysWOW64\d3dcsx_43.dll 2016-04-02 07:25:04 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\WINDOWS\SysWOW64\d3dx11_43.dll 2016-04-02 07:25:03 20C835843FCEC4DEDFCD7BFFA3B91641 470880 ----a-w- C:\WINDOWS\SysWOW64\d3dx10_43.dll 2016-04-02 07:25:02 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\WINDOWS\SysWOW64\D3DX9_43.dll 2016-04-02 07:24:59 F1726346E583442541FE73429F8E9C10 62672 ----a-w- C:\WINDOWS\SysWOW64\xinput1_1.dll 2016-04-02 07:24:58 7C9952111F4C743B9F0D8B68B6ED93C9 229584 ----a-w- C:\WINDOWS\SysWOW64\xactengine2_1.dll 2016-04-02 07:24:58 4E961525CC7FF0E5D7DA19E170B7C14C 14032 ----a-w- C:\WINDOWS\SysWOW64\x3daudio1_0.dll 2016-04-02 07:24:50 E415862612E65F10D7D888443ECD7594 2388176 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_30.dll 2016-03-27 06:23:40 CBF3CFC9EE1FD29707D95C63A5E7A78B 19808 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2016-03-27 06:23:40 C1096DA4634AD3356A10C00B24F53393 22368 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2016-03-27 06:23:40 B23936CF83DAC4B64660A88711B5234A 12128 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2016-03-27 06:23:40 9F9FE5F52E9B2AD655C896B849883B1A 12128 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2016-03-27 06:23:40 9D66FCC681389EC619D4E801F1DDBB2F 17760 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2016-03-27 06:23:40 94FEB4417CF3E39C8C58A1B73620687E 66400 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2016-03-27 06:23:40 8E534F49C77D787DB69BABFF931A497A 12640 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2016-03-27 06:23:40 85CEBA9A21CE5D51B35EF2DE9EBFBAC4 12128 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2016-03-27 06:23:40 73CED8B30963E54D262DAE2559116E46 13664 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2016-03-27 06:23:40 6C7F782FDBF9AEFFE7663FA1579A610E 17760 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2016-03-27 06:23:40 4669249FB01EA369C7FD40A530966FA1 12640 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2016-03-27 06:23:40 408019E57D3D2DA62A9F28389EED0AC1 16224 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2016-03-27 06:23:40 39F9D0F1B698D53D78C79576C7C60526 14176 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2016-03-27 06:23:40 33E8CCBE05123C8146CD16293B688417 15712 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2016-03-27 06:23:40 00A0A24BB2E9AADE11494B627EB164C4 12640 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-04-08 18:17:58 FEBBA212353E4FA90C6164AA970B772F 536256 ----a-w- C:\WINDOWS\Sysnative\AudioSes.dll 2016-04-08 18:17:58 F9B6E75F16F92CB79F68DA3ABCB576E0 989536 ----a-w- C:\WINDOWS\Sysnative\SecConfig.efi 2016-04-08 18:17:58 F6B9E6CB351D86A0C318B37E14B97656 196608 ----a-w- C:\WINDOWS\Sysnative\fwpolicyiomgr.dll 2016-04-08 18:17:58 EB05F5368F8BBF75157B87FD1F689167 2581504 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2016-04-08 18:17:58 E9B10E704AD5B1BA5E531809C89A085B 93184 ----a-w- C:\WINDOWS\Sysnative\wpninprc.dll 2016-04-08 18:17:58 D79FFE2219AE3BA3B871BA2D39B16519 1152328 ----a-w- C:\WINDOWS\Sysnative\mfasfsrcsnk.dll 2016-04-08 18:17:58 D12D3DD397A35EF06CDF41C1A9E3EE45 613376 ----a-w- C:\WINDOWS\Sysnative\SettingSync.dll 2016-04-08 18:17:58 C9BFE1D6420BFADB249162039C321F63 1131520 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Audio.dll 2016-04-08 18:17:58 C3F15E167CB84E2E6027AF17D49D5904 372224 ----a-w- C:\WINDOWS\Sysnative\MDEServer.exe 2016-04-08 18:17:58 C3D11EE0D07D6CAF9F8D4073B9F5579E 557056 ----a-w- C:\WINDOWS\Sysnative\PsmServiceExtHost.dll 2016-04-08 18:17:58 BD70B866034C1366D74CCBB5CA97395E 2544264 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll 2016-04-08 18:17:58 BC767AD01E4DAFD08C21D5D07CC290C9 567808 ----a-w- C:\WINDOWS\Sysnative\MCRecvSrc.dll 2016-04-08 18:17:58 AA97AC06BFA15DA23C7C9C145A226C2D 25600 ----a-w- C:\WINDOWS\Sysnative\wfapigp.dll 2016-04-08 18:17:58 9C4C3EB6A2371A2038E2BB3A9D54CDE0 498448 ----a-w- C:\WINDOWS\Sysnative\MFCaptureEngine.dll 2016-04-08 18:17:58 9AE80C03EA83537F17B286ECBBA13D43 184320 ----a-w- C:\WINDOWS\Sysnative\fwbase.dll 2016-04-08 18:17:58 9610CE53A9ED0789C8B669A5F86008F7 1054208 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2016-04-08 18:17:58 92F74BF86088520654BD5636A69E37F1 848168 ----a-w- C:\WINDOWS\Sysnative\mfsvr.dll 2016-04-08 18:17:58 751F5B6AF16546162E06211AF1FC2979 794888 ----a-w- C:\WINDOWS\Sysnative\mfds.dll 2016-04-08 18:17:58 6E76BB89EED6C2BD7B1E7B5F9A1C41F0 320000 ----a-w- C:\WINDOWS\Sysnative\MSFlacDecoder.dll 2016-04-08 18:17:58 6E0BFE7FAFAC7B5D0C13062D5884B135 369912 ----a-w- C:\WINDOWS\Sysnative\audiodg.exe 2016-04-08 18:17:58 6A5290128257BC733107E7819648CA76 526336 ----a-w- C:\WINDOWS\Sysnative\FirewallAPI.dll 2016-04-08 18:17:58 669F733F85FEBE6F7438C66CBF7FD3FD 1062480 ----a-w- C:\WINDOWS\Sysnative\mfmp4srcsnk.dll 2016-04-08 18:17:58 63F861960D2EA541831072D88E08EABA 3425792 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll 2016-04-08 18:17:58 5C6B3AFF685A17163315276E86CE173E 696160 ----a-w- C:\WINDOWS\Sysnative\NetSetupEngine.dll 2016-04-08 18:17:58 553F19DC6F3F73545CB17FCD7A8AE37B 870912 ----a-w- C:\WINDOWS\Sysnative\MPSSVC.dll 2016-04-08 18:17:58 48E90F12346EE70764CEE435826ABD31 493568 ----a-w- C:\WINDOWS\Sysnative\mfmkvsrcsnk.dll 2016-04-08 18:17:58 47323DE2A684895004CE63EC66FB4AB4 401408 ----a-w- C:\WINDOWS\Sysnative\sharemediacpl.dll 2016-04-08 18:17:58 468D29ECE0AD7700B790A20FA2765313 408120 ----a-w- C:\WINDOWS\Sysnative\AUDIOKSE.dll 2016-04-08 18:17:58 42BF7FA295F453618104B5A50BEE105B 275456 ----a-w- C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll 2016-04-08 18:17:58 3D58D04A9269CE21B61960544A05573D 204288 ----a-w- C:\WINDOWS\Sysnative\NetSetupSvc.dll 2016-04-08 18:17:58 350CFCC870E30BEE151F3DFB83BD0178 1017032 ----a-w- C:\WINDOWS\Sysnative\mfsrcsnk.dll 2016-04-08 18:17:58 28343B7C30E6AF073B02288EB579D984 476728 ----a-w- C:\WINDOWS\Sysnative\msvproc.dll 2016-04-08 18:17:58 218CEC10714AF029BF4D8BCE600AD1DA 819648 ----a-w- C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll 2016-04-08 18:17:56 EB850DDF36D7462F1ADC1B6A329CE266 7835648 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-04-08 18:17:56 E0932D924DA7C363F40E5B90DC9D2669 129536 ----a-w- C:\WINDOWS\Sysnative\flvprophandler.dll 2016-04-08 18:17:56 C78D43083400B8FAE408FEB1E99F9DA8 1847808 ----a-w- C:\WINDOWS\Sysnative\WMPDMC.exe 2016-04-08 18:17:56 BF0B4D43097A7FEFE3F7F9EEC13C31FB 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2016-04-08 18:17:56 54E585CFCD208E460A70D1356CD489BE 13382656 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-04-08 18:17:56 40D666AEFB8775F25AA403EDB5D2414E 4894208 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2016-04-08 18:17:56 408E62A03168C0016B986C80ECFD088C 24600576 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-04-08 18:17:56 3ED081A1F371E63BC6DA0327E1E51D22 22376960 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-04-08 18:17:56 3E80E2B0C0010154CC504DC51BE21968 14252544 ----a-w- C:\WINDOWS\Sysnative\wmp.dll 2016-04-08 18:17:56 2985697A74DE409D53C6ACD2CD30FDAA 1818696 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2016-04-08 18:17:56 0088614FE67298E6996AD19B05AE90C7 1997328 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2016-04-08 18:17:55 FF07BE14ED82E218C3EEE7C986118A2E 307712 ----a-w- C:\WINDOWS\Sysnative\usbmon.dll 2016-04-08 18:17:55 F8083C536BEDE61AFB4069D8A8C16DA7 456704 ----a-w- C:\WINDOWS\Sysnative\ipnathlp.dll 2016-04-08 18:17:55 F3FE9C939D684607118E306B98CEBBBC 22564328 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2016-04-08 18:17:55 F0D97E9816795E1AAA17396ABD2660C4 4827136 ----a-w- C:\WINDOWS\Sysnative\ExplorerFrame.dll 2016-04-08 18:17:55 F01ADB9BD13B60B6AB9538447F901921 365568 ----a-w- C:\WINDOWS\Sysnative\atmfd.dll 2016-04-08 18:17:55 EA30B6E587862DF15E35525C60CCAFA9 838144 ----a-w- C:\WINDOWS\Sysnative\uDWM.dll 2016-04-08 18:17:55 E9A0D466F6D8EC349DB526146618BCB6 606720 ----a-w- C:\WINDOWS\Sysnative\wcmsvc.dll 2016-04-08 18:17:55 D20C52607024BD08A88CF1CA6B339C9B 517632 ----a-w- C:\WINDOWS\Sysnative\winspool.drv 2016-04-08 18:17:55 D1241DFC397FA8CCFB4BB4B63AAD31AC 755712 ----a-w- C:\WINDOWS\Sysnative\spoolsv.exe 2016-04-08 18:17:55 A80237F337639402450C5F6CE9B75C94 474624 ----a-w- C:\WINDOWS\Sysnative\NetSetupShim.dll 2016-04-08 18:17:55 A78E76034D230AFE6B74B57BAF8C8BF2 27648 ----a-w- C:\WINDOWS\Sysnative\WiFiConfigSP.dll 2016-04-08 18:17:55 A74CEC306AB99D74559F7075EDB60A9B 451584 ----a-w- C:\WINDOWS\Sysnative\werui.dll 2016-04-08 18:17:55 96B060E7FDDD6E2902282C12C3BFD6AE 630632 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe 2016-04-08 18:17:55 91038CB7820CFB27E7C9D10320307301 1390080 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll 2016-04-08 18:17:55 8AF0CBE3FC6129C42D7A2A73B681F226 1118208 ----a-w- C:\WINDOWS\Sysnative\localspl.dll 2016-04-08 18:17:55 84ADBF35DAF6404148AE85973BE26D59 48640 ----a-w- C:\WINDOWS\Sysnative\wfdprov.dll 2016-04-08 18:17:55 7185B16516478DF0061C2561C1B072CE 228352 ----a-w- C:\WINDOWS\Sysnative\wsqmcons.exe 2016-04-08 18:17:55 717FDDACE38C314CA5A517E12162CC6D 216576 ----a-w- C:\WINDOWS\Sysnative\QuickActionsDataModel.dll 2016-04-08 18:17:55 6CA51117CDDB89DB6AE9F196B01C3491 389992 ----a-w- C:\WINDOWS\Sysnative\wlanapi.dll 2016-04-08 18:17:55 68B34C3558BEE0F6B822FA603E9AE441 258280 ----a-w- C:\WINDOWS\Sysnative\sqmapi.dll 2016-04-08 18:17:55 610D0502400BDAFD4BB8EA10713234C7 74240 ----a-w- C:\WINDOWS\Sysnative\SMSRouter.dll 2016-04-08 18:17:55 6072C7DB85FD3FE8D308EE44865C04DE 305664 ----a-w- C:\WINDOWS\Sysnative\wifiprofilessettinghandler.dll 2016-04-08 18:17:55 557496EE056CEF8D1D569D2663BC701F 988160 ----a-w- C:\WINDOWS\Sysnative\SharedStartModel.dll 2016-04-08 18:17:55 53AC4B2658807691D2A485EE0F8A50E9 463360 ----a-w- C:\WINDOWS\Sysnative\wlansec.dll 2016-04-08 18:17:55 52623F9ED4D00357F3874DD31BB232FD 45568 ----a-w- C:\WINDOWS\Sysnative\atmlib.dll 2016-04-08 18:17:55 453740989239803FE363FF8B40EA2E08 2295808 ----a-w- C:\WINDOWS\Sysnative\wlansvc.dll 2016-04-08 18:17:55 417D1526811D9646A7E8779209F11361 1213440 ----a-w- C:\WINDOWS\Sysnative\wwansvc.dll 2016-04-08 18:17:55 3F8466CC13D1F614C8FAC24B1C030D59 214528 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Scanners.dll 2016-04-08 18:17:55 2C8130AFF9C3F0E99DE4B52A0A187CB3 118272 ----a-w- C:\WINDOWS\Sysnative\fontsub.dll 2016-04-08 18:17:55 2989A5B700D1C706ED496CCA75DCFA67 7533568 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll 2016-04-08 18:17:55 186BAF9C9F422E6B784E4C990585E2E3 673792 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.dll 2016-04-08 18:17:55 0ED8556CB47EC7689D0046791F3427AE 26112 ----a-w- C:\WINDOWS\Sysnative\wlansvcpal.dll 2016-04-08 18:17:55 0D7BB44BFFFA4E153F4EA1E05522D2C3 37376 ----a-w- C:\WINDOWS\Sysnative\LaunchWinApp.exe 2016-04-08 18:17:55 09918925526BC0B5B823CF1A2473D909 412672 ----a-w- C:\WINDOWS\Sysnative\wlanmsm.dll 2016-04-08 18:17:55 043051E7D39381BC1DCA5B25236BBA72 11545600 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-04-08 18:17:53 FF1FF1A83425C77D1CAFF9EC7AFA8C1F 108544 ----a-w- C:\WINDOWS\Sysnative\InputLocaleManager.dll 2016-04-08 18:17:53 FF0F6AAD313DCD878D2ECF1BA0B32478 2624512 ----a-w- C:\WINDOWS\Sysnative\InputService.dll 2016-04-08 18:17:53 FBC8C56814642A7CA88ACBCA8DD1121F 145408 ----a-w- C:\WINDOWS\Sysnative\dssvc.dll 2016-04-08 18:17:53 FB2FBCF8AD0DF4F8A50B1639F0256D83 555520 ----a-w- C:\WINDOWS\Sysnative\SyncController.dll 2016-04-08 18:17:53 FA7FE5ECB4E0103F132BB00E526E67EF 852480 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll 2016-04-08 18:17:53 F7526C133AC265F283012E9CD751F873 625000 ----a-w- C:\WINDOWS\Sysnative\ClipSVC.dll 2016-04-08 18:17:53 F66EEB5365413D4B968C5B51D25F88B8 141560 ----a-w- C:\WINDOWS\Sysnative\AuthHost.exe 2016-04-08 18:17:53 F2232A78D975E8F1B99DAC4873CBDC89 414720 ----a-w- C:\WINDOWS\Sysnative\bcastdvr.exe 2016-04-08 18:17:53 F07301C282AA222C33F8C28B4F545275 591872 ----a-w- C:\WINDOWS\Sysnative\SmsRouterSvc.dll 2016-04-08 18:17:53 EEA1E99FBC7D91A1A271012F2B4567BB 60416 ----a-w- C:\WINDOWS\Sysnative\PimIndexMaintenanceClient.dll 2016-04-08 18:17:53 EBD07BD20B5E0E92A398566EF8720F79 31232 ----a-w- C:\WINDOWS\Sysnative\seclogon.dll 2016-04-08 18:17:53 EAB4B1DD5E18EE57853ACD0156AE92E6 199168 ----a-w- C:\WINDOWS\Sysnative\InstallAgent.exe 2016-04-08 18:17:53 EA195B8BC11C1CDB313CFD456EFFA0E9 997376 ----a-w- C:\WINDOWS\Sysnative\schedsvc.dll 2016-04-08 18:17:53 E78793375E53690605E4441078CCBF84 87552 ----a-w- C:\WINDOWS\Sysnative\AppxSysprep.dll 2016-04-08 18:17:53 E7588419770BDDB510741F734D290E27 1318912 ----a-w- C:\WINDOWS\Sysnative\wifinetworkmanager.dll 2016-04-08 18:17:53 E4AFFF129D51A779B75164CB6D077FC1 1831936 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2016-04-08 18:17:53 E432FCF8572682126C3362AA856DC4AE 221184 ----a-w- C:\WINDOWS\Sysnative\PhoneCallHistoryApis.dll 2016-04-08 18:17:53 E1D8055043DF089DB8ADB67C21DF2CC4 70656 ----a-w- C:\WINDOWS\Sysnative\POSyncServices.dll 2016-04-08 18:17:53 DEFF4C7B937F60923980D4BB7D1724B8 274944 ----a-w- C:\WINDOWS\Sysnative\ExSMime.dll 2016-04-08 18:17:53 DD877B48C28AB34197AD88902971B81D 45056 ----a-w- C:\WINDOWS\Sysnative\UserDataLanguageUtil.dll 2016-04-08 18:17:53 DD57E9F1482E1A9BD2514F6D017DF58A 258560 ----a-w- C:\WINDOWS\Sysnative\UserDataAccountApis.dll 2016-04-08 18:17:53 DAFECF80513C6E6892BBEBB48D555A31 115712 ----a-w- C:\WINDOWS\Sysnative\srpapi.dll 2016-04-08 18:17:53 DAB53783AD08864E873A6B7B874D1783 3671888 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2016-04-08 18:17:53 D4170CA7268AEDE7DE43EE54D7C8F639 256512 ----a-w- C:\WINDOWS\Sysnative\accountaccessor.dll 2016-04-08 18:17:53 D169A4C1EDA2F63545628420014F2FE3 808800 ----a-w- C:\WINDOWS\Sysnative\WWAHost.exe 2016-04-08 18:17:53 CD8C4364BC6040C0226638EF37E13CBB 161280 ----a-w- C:\WINDOWS\Sysnative\CallHistoryClient.dll 2016-04-08 18:17:53 CB902A15DD21B363FECA5DCCF34F5C57 1224704 ----a-w- C:\WINDOWS\Sysnative\Unistore.dll 2016-04-08 18:17:53 C6856D20BE1DB90407C9154B0EC319B9 77824 ----a-w- C:\WINDOWS\Sysnative\provpackageapidll.dll 2016-04-08 18:17:53 C64B693DF26EB7BFF25F9BAD8B54D571 649216 ----a-w- C:\WINDOWS\Sysnative\ngcsvc.dll 2016-04-08 18:17:53 C62ACC8B1B1136464583F871EBB4ACE1 1946624 ----a-w- C:\WINDOWS\Sysnative\dwmcore.dll 2016-04-08 18:17:53 BEF109D45139E2646C116DD9B6E53E3C 847360 ----a-w- C:\WINDOWS\Sysnative\netlogon.dll 2016-04-08 18:17:53 BE8C62B0B7BBA8F1152A6A7FCF248404 915456 ----a-w- C:\WINDOWS\Sysnative\configurationclient.dll 2016-04-08 18:17:53 BAEFEFB04D7F9A554C029FBA52A02BB8 652392 ----a-w- C:\WINDOWS\Sysnative\dxgi.dll 2016-04-08 18:17:53 B8CBDF64077D764D26E6E0255270B7BF 224256 ----a-w- C:\WINDOWS\Sysnative\PackageStateRoaming.dll 2016-04-08 18:17:53 B6877446C93D3110E56C90CF13CBEC89 45568 ----a-w- C:\WINDOWS\Sysnative\UserDataTypeHelperUtil.dll 2016-04-08 18:17:53 B58CE40AC84F1B068A2004400E68245B 87040 ----a-w- C:\WINDOWS\Sysnative\MDMAppInstaller.exe 2016-04-08 18:17:53 B37F21B4C25BF10605A196791F93E324 360448 ----a-w- C:\WINDOWS\Sysnative\vaultsvc.dll 2016-04-08 18:17:53 B174232356859EBB0CF8FA950119DA1E 159232 ----a-w- C:\WINDOWS\Sysnative\DeviceCensus.exe 2016-04-08 18:17:53 AFAF7063071A1124985A63382B2BC34C 161792 ----a-w- C:\WINDOWS\Sysnative\AppxSip.dll 2016-04-08 18:17:53 AE46FC3FC01DA2DC876D75776F5943B0 86528 ----a-w- C:\WINDOWS\Sysnative\AppCapture.dll 2016-04-08 18:17:53 A9073B21B807C28A5A2246BB1440E823 1030416 ----a-w- C:\WINDOWS\Sysnative\winresume.efi 2016-04-08 18:17:53 A407435633C74CB1D6911DC05A90D939 2912256 ----a-w- C:\WINDOWS\Sysnative\CertEnroll.dll 2016-04-08 18:17:53 A34D9229F8D3A7164247213C9A283DB0 189952 ----a-w- C:\WINDOWS\Sysnative\WiFiDisplay.dll 2016-04-08 18:17:53 A249C98D869623F1AF0DB4BCFFF6D2A8 68096 ----a-w- C:\WINDOWS\Sysnative\UserDataPlatformHelperUtil.dll 2016-04-08 18:17:53 9CB84B6398F10BCF0CE357F2C7B6056D 286720 ----a-w- C:\WINDOWS\Sysnative\deviceaccess.dll 2016-04-08 18:17:53 9BE5ECE2F17B3BEDE6FDE1175BD23266 376536 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.MediaControl.dll 2016-04-08 18:17:53 9A3D731707AC0059E0ACBD4E8CDF46E6 1731584 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-04-08 18:17:53 9972A886D911234F833A265D5D641D30 587776 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll 2016-04-08 18:17:53 9953FA89A4E3BC33296DAFB1ACFDC62F 617984 ----a-w- C:\WINDOWS\Sysnative\StorSvc.dll 2016-04-08 18:17:53 9822B613AEB1CF24E05EFEE748160637 25088 ----a-w- C:\WINDOWS\Sysnative\irmon.dll 2016-04-08 18:17:53 98112F9B965646D338896FD7B13BB32E 1173344 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2016-04-08 18:17:53 96BAB1499995B85B91C312BA5114CA03 1322248 ----a-w- C:\WINDOWS\Sysnative\ole32.dll 2016-04-08 18:17:53 95D2BD6AC94FB337AF69F8AFE056BEBE 147808 ----a-w- C:\WINDOWS\Sysnative\wermgr.exe 2016-04-08 18:17:53 907B65AD953EA159B573A0BCC82F6DB0 243712 ----a-w- C:\WINDOWS\Sysnative\cemapi.dll 2016-04-08 18:17:53 8EC4F381818F8A073DEC52C6D1ED9C76 86016 ----a-w- C:\WINDOWS\Sysnative\DeviceEnroller.exe 2016-04-08 18:17:53 8CDC28FB78253481353A882FA3139FBB 2654872 ----a-w- C:\WINDOWS\Sysnative\CoreUIComponents.dll 2016-04-08 18:17:53 8465AF051B7C887C0D163AB939FDF570 358752 ----a-w- C:\WINDOWS\Sysnative\msv1_0.dll 2016-04-08 18:17:53 83012CF88DF6EC835B2308941B47CA8A 7474528 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-04-08 18:17:53 80021DC2AF64B92F3FA8935C0D5C81D7 69632 ----a-w- C:\WINDOWS\Sysnative\wininetlui.dll 2016-04-08 18:17:53 7E81E3E0D7F83BFE3C3975020B6C7F12 163840 ----a-w- C:\WINDOWS\Sysnative\TimeBrokerServer.dll 2016-04-08 18:17:53 7C6B51E0233814D401905289AFD27BC5 1390592 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2016-04-08 18:17:53 7C20F3EC0BA5ACB8ED40CDEF41B0AC56 779384 ----a-w- C:\WINDOWS\Sysnative\taskschd.dll 2016-04-08 18:17:53 7BD715D15060E0B6E4AF222CA7120BD1 69632 ----a-w- C:\WINDOWS\Sysnative\EnterpriseDesktopAppMgmtCSP.dll 2016-04-08 18:17:53 797497201A406D6CFDB72FE0545F990C 6972416 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll 2016-04-08 18:17:53 7890990143812A452858058BBD52149F 297472 ----a-w- C:\WINDOWS\Sysnative\thumbcache.dll 2016-04-08 18:17:53 77B2F9C522467B1FC8770028D09534DB 91648 ----a-w- C:\WINDOWS\Sysnative\asycfilt.dll 2016-04-08 18:17:53 7489ACBF86C3774E7EF0DC8C7616B07E 641536 ----a-w- C:\WINDOWS\Sysnative\enterprisecsps.dll 2016-04-08 18:17:53 722FA682ED9EA8B85FA843A5C8F39E61 2273792 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-04-08 18:17:53 7118498F6E48758A2EF5A7D1982E2B62 1139712 ----a-w- C:\WINDOWS\Sysnative\XblGameSave.dll 2016-04-08 18:17:53 70BA4CAAC5D621DCE88082DA0B1FF014 23552 ----a-w- C:\WINDOWS\Sysnative\ExtrasXmlParser.dll 2016-04-08 18:17:53 703430E9FFF072334B247B5E88428331 288768 ----a-w- C:\WINDOWS\Sysnative\vaultcli.dll 2016-04-08 18:17:53 6F9775D843AA4595A3F60A60829B11A9 1098752 ----a-w- C:\WINDOWS\Sysnative\dosvc.dll 2016-04-08 18:17:53 6E04BBE242E2889B37300C4DF5CE1126 3449168 ----a-w- C:\WINDOWS\Sysnative\WSService.dll 2016-04-08 18:17:53 6D31FB3E4263749BD994B3895322D799 982016 ----a-w- C:\WINDOWS\Sysnative\AppxPackaging.dll 2016-04-08 18:17:53 69B6B69C95E1FBDC796F5B2019A8B24D 791744 ----a-w- C:\WINDOWS\Sysnative\generaltel.dll 2016-04-08 18:17:53 6855984AA46D2452A7C518787E1F2643 1996288 ----a-w- C:\WINDOWS\Sysnative\ActiveSyncProvider.dll 2016-04-08 18:17:53 6817CD1A33EB94CDE8FBBCB7E3C4E469 1317640 ----a-w- C:\WINDOWS\Sysnative\winload.efi 2016-04-08 18:17:53 6807A6D971AA7A26245397ADDFE3B5D8 2755584 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-04-08 18:17:53 61C99C1A4BB5EE14563ED321A859ACB6 726528 ----a-w- C:\WINDOWS\Sysnative\ChatApis.dll 2016-04-08 18:17:53 5D88798FC34BB61C74256CDD66BDD205 318976 ----a-w- C:\WINDOWS\Sysnative\domgmt.dll 2016-04-08 18:17:53 5CBB046266CD7CD1593354C93BCDBE91 870400 ----a-w- C:\WINDOWS\Sysnative\modernexecserver.dll 2016-04-08 18:17:53 5B5F518D6487FDCC9C40A74D3C72B8EE 828928 ----a-w- C:\WINDOWS\Sysnative\Windows.AccountsControl.dll 2016-04-08 18:17:53 5B50521452D87A439A87B1EAEBC138C7 208896 ----a-w- C:\WINDOWS\Sysnative\storewuauth.dll 2016-04-08 18:17:53 597AA6F5B21B1B15C87982FAFD1555EE 6607080 ----a-w- C:\WINDOWS\Sysnative\windows.storage.dll 2016-04-08 18:17:53 56027D21265759F4EADD0555E7915D9A 957952 ----a-w- C:\WINDOWS\Sysnative\SRH.dll 2016-04-08 18:17:53 5548D83C60E37CBB1B451A1108D4142C 513888 ----a-w- C:\WINDOWS\Sysnative\devinv.dll 2016-04-08 18:17:53 5125BB69518578E5EDC4117BABF2A687 874968 ----a-w- C:\WINDOWS\Sysnative\winresume.exe 2016-04-08 18:17:53 50007CDB0F9801A7186F3E81D3377D12 2773096 ----a-w- C:\WINDOWS\Sysnative\d3d11.dll 2016-04-08 18:17:53 4C3A93515CA70A7017CBA3A6A95CF080 121856 ----a-w- C:\WINDOWS\Sysnative\AppointmentActivation.dll 2016-04-08 18:17:53 497EB340D13433E8FE53625103E0C2D0 146432 ----a-w- C:\WINDOWS\Sysnative\AuthBroker.dll 2016-04-08 18:17:53 46D84D62993CEB88542EFA438F4D6E82 167936 ----a-w- C:\WINDOWS\Sysnative\dafBth.dll 2016-04-08 18:17:53 45FDB4ACF680DF92D6510F77E7FF3E7F 713568 ----a-w- C:\WINDOWS\Sysnative\invagent.dll 2016-04-08 18:17:53 4098813724BDAC23A74DD6E75CA360CC 450560 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Bluetooth.dll 2016-04-08 18:17:53 405A419F4CDAC3C18F91FEDBD146C0A8 948736 ----a-w- C:\WINDOWS\Sysnative\XblAuthManager.dll 2016-04-08 18:17:53 3EEB5260D4321F7F124955E1D228FDF2 274944 ----a-w- C:\WINDOWS\Sysnative\DisplayManager.dll 2016-04-08 18:17:53 3DF25A56F18D2AB4CF58C1300C8CD323 2158592 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2016-04-08 18:17:53 3CE8EBC0B1A74A7AC639C5FAFC549CCA 436736 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentClient.dll 2016-04-08 18:17:53 39D5E08E69BFC5CBFA94EE09656D6427 1713664 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll 2016-04-08 18:17:53 3932940E0DB7A31B00A415F6B3D3E242 700416 ----a-w- C:\WINDOWS\Sysnative\AppointmentApis.dll 2016-04-08 18:17:53 333F190DFAE2E1EE500234B78ADDA297 640472 ----a-w- C:\WINDOWS\Sysnative\wer.dll 2016-04-08 18:17:53 32509061F29DA432B62336A4462ADEBF 3593216 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-04-08 18:17:53 2E165E1CF278FC2B4959B825642A595B 558080 ----a-w- C:\WINDOWS\Sysnative\MBMediaManager.dll 2016-04-08 18:17:53 2DDEA2BEDD3169F483C9BE610ADFE8B1 8705672 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Protection.PlayReady.dll 2016-04-08 18:17:53 2BCCAEB08EAF8C5D6BD024B3F020D0EA 790528 ----a-w- C:\WINDOWS\Sysnative\EmailApis.dll 2016-04-08 18:17:53 29C0CB42B16F323AB8003A73B7E81DD5 1141504 ----a-w- C:\WINDOWS\Sysnative\winload.exe 2016-04-08 18:17:53 28CFFDB411375B2BBB0EBF295ABAEF29 382464 ----a-w- C:\WINDOWS\Sysnative\wuuhext.dll 2016-04-08 18:17:53 2771EBB565F5C121E66060B173991D4D 1490432 ----a-w- C:\WINDOWS\Sysnative\UserDataService.dll 2016-04-08 18:17:53 2362BCA98EAF8CE0487664467F720861 178176 ----a-w- C:\WINDOWS\Sysnative\psmsrv.dll 2016-04-08 18:17:53 215C9C65601378F56BEECDECBD1EF4AE 216416 ----a-w- C:\WINDOWS\Sysnative\AppxAllUserStore.dll 2016-04-08 18:17:53 21098276051C6BEBBA7C8EB79AAF4E22 938496 ----a-w- C:\WINDOWS\Sysnative\ContactApis.dll 2016-04-08 18:17:53 20E6B1B1F23615B5CF21AC3CE0A2E227 52224 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll 2016-04-08 18:17:53 1D445E497D7BE9566D51BD60CA8B8CE7 175616 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Core.TextInput.dll 2016-04-08 18:17:53 1D00BBEEE33FA7F64A8CBFF471968CB0 195072 ----a-w- C:\WINDOWS\Sysnative\VCardParser.dll 2016-04-08 18:17:53 1C8474EF741ABA77E53BE94DE8E89D26 990720 ----a-w- C:\WINDOWS\Sysnative\SettingSyncCore.dll 2016-04-08 18:17:53 1A0945D67F0499600E7B43A69210EC5B 41984 ----a-w- C:\WINDOWS\Sysnative\TimeBrokerClient.dll 2016-04-08 18:17:53 15D174719872A30F2FDD6B5B1B8BA5D9 1613664 ----a-w- C:\WINDOWS\Sysnative\diagtrack.dll 2016-04-08 18:17:53 0FEE16BB03B1A97A70121165E7414903 67584 ----a-w- C:\WINDOWS\Sysnative\profext.dll 2016-04-08 18:17:53 04F7878E7017105AB782353231561749 252928 ----a-w- C:\WINDOWS\Sysnative\PimIndexMaintenance.dll 2016-04-08 18:17:53 04BB77409644685810DBD63D86F5720E 99328 ----a-w- C:\WINDOWS\Sysnative\ngckeyenum.dll 2016-04-08 18:17:53 023338E1DA5B6E5C2EFC7E5ADA7929C5 685568 ----a-w- C:\WINDOWS\Sysnative\scapi.dll 2016-04-08 18:17:53 020AD2DA67F206DC160053F88454A0D4 111616 ----a-w- C:\WINDOWS\Sysnative\UserDataTimeUtil.dll 2016-04-08 18:08:04 E91942A0D00C6AA014B2EA33EE0ED0A3 35480 ----a-w- C:\WINDOWS\Sysnative\TsWpfWrp.exe 2016-04-08 18:08:04 E2296A6174894682DF8F0FF29FDDCC82 1166520 ----a-w- C:\WINDOWS\Sysnative\PresentationNative_v0300.dll 2016-04-08 18:08:04 C5FEF4B4A7FB961ECDB0AB07DBCF379E 124624 ----a-w- C:\WINDOWS\Sysnative\PresentationCFFRasterizerNative_v0300.dll 2016-04-08 18:07:53 48E7F01CD9246CAF86702F5CB9100C9F 1087488 ----a-w- C:\WINDOWS\Sysnative\reseteng.dll 2016-04-08 18:07:53 20B48DC4AF4492B31A756528444BDA8C 304752 ----a-w- C:\WINDOWS\Sysnative\systemreset.exe 2016-04-08 17:55:19 79422D76818752C6D935A97C8FFC4EEA 44147 ----a-w- C:\WINDOWS\Sysnative\license.rtf 2016-04-08 17:48:26 BC743EB39911372870146D97CB4AD301 22980 ----a-w- C:\WINDOWS\Sysnative\emptyregdb.dat 2016-04-08 17:45:39 69318E04AB971342A5ACC45A28BD1384 1847504 ----a-w- C:\WINDOWS\Sysnative\PerfStringBackup.INI 2016-04-08 17:27:24 5C5A797761421CF9B72087F3BC8A5259 180 ----a-w- C:\WINDOWS\Sysnative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-04-08 17:27:24 1373F6562D5E4C715D5D3583E350093E 200 ----a-w- C:\WINDOWS\Sysnative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-04-08 17:27:20 E7806F4DF276CFBF72C72F8CF1F3626B 99848 ----a-w- C:\WINDOWS\Sysnative\OpenCL.DLL 2016-04-02 07:25:09 E9739AE8B2FA28DCD6F2EF5525DA8827 77656 ----a-w- C:\WINDOWS\Sysnative\XAPOFX1_5.dll 2016-04-02 07:25:09 4F7513FF4DE6303088DB28DCBCEF372C 518488 ----a-w- C:\WINDOWS\Sysnative\XAudio2_7.dll 2016-04-02 07:25:07 BDEC09A032DB44D9CDB3A0D97224D64E 176984 ----a-w- C:\WINDOWS\Sysnative\xactengine3_7.dll 2016-04-02 07:25:06 ADA0C39D4EACDC81FD84163A95D62079 2526056 ----a-w- C:\WINDOWS\Sysnative\D3DCompiler_43.dll 2016-04-02 07:25:05 5F1DA86286A2DFB01C4FED55C2DD1D61 1907552 ----a-w- C:\WINDOWS\Sysnative\d3dcsx_43.dll 2016-04-02 07:25:04 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\WINDOWS\Sysnative\d3dx11_43.dll 2016-04-02 07:25:03 AD7FA9485059F4DC53C98B49CAB13F0B 511328 ----a-w- C:\WINDOWS\Sysnative\d3dx10_43.dll 2016-04-02 07:25:02 7160FC226391C0B50C85571FA1A546E5 2401112 ----a-w- C:\WINDOWS\Sysnative\D3DX9_43.dll 2016-04-02 07:24:59 6F9D3289D8B166E478AFFF9EFA92C42C 83664 ----a-w- C:\WINDOWS\Sysnative\xinput1_1.dll 2016-04-02 07:24:58 F77D5AB654881E683CFF6650916C424E 16592 ----a-w- C:\WINDOWS\Sysnative\x3daudio1_0.dll 2016-04-02 07:24:58 0CC809422AB40974DFF8078392E4D507 352464 ----a-w- C:\WINDOWS\Sysnative\xactengine2_1.dll 2016-04-02 07:24:50 E09A9CF383ACF4A28038561E62277377 3927248 ----a-w- C:\WINDOWS\Sysnative\d3dx9_30.dll 2016-03-27 11:57:04 6FB144600FAE112D455DC5792091B42A 301728 ------w- C:\WINDOWS\Sysnative\MpSigStub.exe 2016-03-27 07:00:15 CA0C6CEBB04627E6D5063EA3EE0F921C 143659408 ----a-w- C:\WINDOWS\Sysnative\MRT.exe 2016-03-27 06:52:45 8D5B7A9F72484042E68561BAC21F22A6 733696 ----a-w- C:\WINDOWS\Sysnative\SkyDriveTelemetry.dll 2016-03-27 06:40:02 484E3AD4E215A7850B4197A4A6D97134 41984 ----a-w- C:\WINDOWS\Sysnative\UtcResources.dll 2016-03-27 06:33:57 02D5A262E0D8CC6ACCD6725B5EB60BAA 408576 ----a-w- C:\WINDOWS\Sysnative\DfpCommon.dll 2016-03-27 06:31:03 A329A8498AD1138D93FC35EECF1933F7 32256 ----a-w- C:\WINDOWS\Sysnative\dfp.exe 2016-03-27 06:23:40 F97E7878A2B372291B1269D80327BBF6 12640 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-heap-l1-1-0.dll 2016-03-27 06:23:40 ED14B64C94F543974B7FDC592FA0594B 12640 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-conio-l1-1-0.dll 2016-03-27 06:23:40 ECCF5973B80D771A79643732017CEA9A 17760 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-string-l1-1-0.dll 2016-03-27 06:23:40 E9F6D776545843A9817D8ACF38D06D09 19808 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-multibyte-l1-1-0.dll 2016-03-27 06:23:40 CC337898E64D9078CB697AC19F995C7F 12128 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-utility-l1-1-0.dll 2016-03-27 06:23:40 BBAE7B5436D6D1B0FC967FF67E35415F 16224 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-runtime-l1-1-0.dll 2016-03-27 06:23:40 AF851DFD0D9FECB76FF2B403F3C30F5B 12128 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-environment-l1-1-0.dll 2016-03-27 06:23:40 761DDD8669A661D57D9CF9C335949C06 12128 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-locale-l1-1-0.dll 2016-03-27 06:23:40 6631C212F79350458589A5281374B38B 12640 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-process-l1-1-0.dll 2016-03-27 06:23:40 653CB5DF3CEC6A4A0E402B33D8AA5C08 63840 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-private-l1-1-0.dll 2016-03-27 06:23:40 56556659C691DD043DBE24B0A195D64C 20832 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-math-l1-1-0.dll 2016-03-27 06:23:40 53E9526AF1FDCE39F799BFE9217397A8 17760 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-stdio-l1-1-0.dll 2016-03-27 06:23:40 1908861649E67CDC20C563C234A89914 15712 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-convert-l1-1-0.dll 2016-03-27 06:23:40 0F143310FADE4DE116070A3917A79C18 13664 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-filesystem-l1-1-0.dll 2016-03-27 06:23:40 090DD0BB2BDDEE3EAAE5B6FF15FAE209 14176 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-time-l1-1-0.dll 2016-03-26 15:36:37 CCBD7980E8617C364B9A1AE022FF4603 275368 ----a-w- C:\WINDOWS\Sysnative\mfevtps.exe ====== C:\WINDOWS\Sysnative\drivers ===== 2016-04-08 18:17:58 1A490555FD330CA2764D89191177C867 285696 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys 2016-04-08 18:17:56 58BFFEF692A47FCE3FAAEDBC8F3DCBBB 2152288 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2016-04-08 18:17:56 0B3B0C1D86050355676640488FA897D3 430944 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2016-04-08 18:17:55 E3C82823B22463BC38AA4F8ADA852624 104960 ----a-w- C:\WINDOWS\Sysnative\drivers\rasl2tp.sys 2016-04-08 18:17:55 A4411C522D41707D5BCA817A5BB9E30B 114688 ----a-w- C:\WINDOWS\Sysnative\drivers\bridge.sys 2016-04-08 18:17:53 F45665E77D11F3C1552EDBEAD1559DC8 1997152 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-04-08 18:17:53 F279536122B83FD0D8E158AA753E1B7C 238592 ----a-w- C:\WINDOWS\Sysnative\drivers\xboxgip.sys 2016-04-08 18:17:53 EDDB0D726DBECDFC1DBCC6DB464E5A13 146272 ----a-w- C:\WINDOWS\Sysnative\drivers\appid.sys 2016-04-08 18:17:53 DBACD4E4FE191D0CE7C624ACA389535E 29696 ----a-w- C:\WINDOWS\Sysnative\drivers\xinputhid.sys 2016-04-08 18:17:53 CEFF59649E90987D263D96078724A54A 954368 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2016-04-08 18:17:53 B7E1CAA9429E4C3E7E01CB35B97E1536 534368 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2016-04-08 18:17:53 8949F77132A4F8F3BA17C6727099F002 127840 ----a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS 2016-04-08 18:17:53 74727B8BF0227820660A79450F2D94EF 176640 ----a-w- C:\WINDOWS\Sysnative\drivers\rfcomm.sys 2016-04-08 18:17:53 64D4F5DE44B64B8284BADE5819B5195A 394080 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2016-04-08 18:17:53 469441BAE3FF8A16826FC62C51EF5E18 563552 ----a-w- C:\WINDOWS\Sysnative\drivers\acpi.sys 2016-04-08 18:17:53 36417FC4F11C31C880CB428037DEDF3F 112640 ----a-w- C:\WINDOWS\Sysnative\drivers\bthenum.sys 2016-04-08 18:17:53 33190E86460C4FF7382848187463DC28 576864 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-04-08 18:17:53 0D279373091AA1BBEEE958AAF02B5EDF 84992 ----a-w- C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS 2016-04-08 18:07:53 F871CE85AF64D81A9CB6C361CF797144 185184 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2016-04-08 18:07:53 70165A0A2653FB8AFDE3D85000727F29 277856 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2016-04-08 17:27:36 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_SynTP_01011.Wdf 2016-04-08 17:26:25 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2016-04-08 17:26:17 EDB99BFDA56A8217B7B9DB39F0D56BAE 19678 ----a-w- C:\WINDOWS\Sysnative\drivers\rtwavesmaprocap.dat 2016-04-08 17:26:17 DE8F1C08787A9C00BCCE541545372ABA 31095 ----a-w- C:\WINDOWS\Sysnative\drivers\rtwavesEFX.dat 2016-04-08 17:26:17 B999812ACF16518997420F1A821170B8 10945 ----a-w- C:\WINDOWS\Sysnative\drivers\rtwavesMFX.dat 2016-04-08 17:26:17 00C963690FA0EC173DFD88855D83B0BC 455938 ----a-w- C:\WINDOWS\Sysnative\drivers\rtwavesmapro.dat 2016-03-26 15:42:27 E7AF59F1E0352F5EBEC4ECD32103D405 207208 ----a-w- C:\WINDOWS\Sysnative\drivers\HipShieldK.sys 2016-03-26 15:40:44 74DCBD4FC3ADEA87315281D8D17A62B2 79248 ----a-w- C:\WINDOWS\Sysnative\drivers\cfwids.sys 2016-03-26 15:40:42 24AEBF843F88CF0A5B455F483F8F0100 83096 ----a-w- C:\WINDOWS\Sysnative\drivers\mfeelamk.sys 2016-03-26 15:40:31 B9E87313F2AECFFCD6ABCB364A8DB44D 496368 ----a-w- C:\WINDOWS\Sysnative\drivers\mfefirek.sys 2016-03-26 15:39:37 F8B33D091747D746550BC05CC9DEF609 245096 ----a-w- C:\WINDOWS\Sysnative\drivers\mfewfpk.sys 2016-03-26 15:36:49 F280FF5882EC38F996AECE08045F3CC2 351144 ----a-w- C:\WINDOWS\Sysnative\drivers\mfeavfk.sys 2016-03-26 15:36:48 0AD2A3FFE438E5F7E9F0C16E6917B5BA 419624 ----a-w- C:\WINDOWS\Sysnative\drivers\mfeaack.sys 2016-03-26 15:36:42 AC1394617F8537EBDEBF2F6B3BEAA547 846080 ----a-w- C:\WINDOWS\Sysnative\drivers\mfehidk.sys 2016-03-25 22:17:56 37E4600E2CDAD3C1A3613A25B97D457C 18216 ----a-w- C:\WINDOWS\Sysnative\drivers\wacmoumonitor.sys 2016-03-24 21:50:34 BAC92F6380AD959629B309613CE53B4A 137280 ----a-w- C:\WINDOWS\Sysnative\drivers\scdemu.sys 2016-03-24 21:17:40 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf ====== C:\WINDOWS\Tasks ====== 2016-04-08 17:27:38 A0240C0A38653B96A32B4B3C0D70F1A4 264 ----a-w- C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job 2016-03-28 20:49:49 9BDE07507614606DCA1C1B507A3E8CC7 3114 ----a-w- C:\WINDOWS\Sysnative\Tasks\Dell SupportAssistAgent AutoUpdate 2016-03-28 19:16:22 B6D10148A429BAFC023559E4F772218C 2862 ----a-w- C:\WINDOWS\Sysnative\Tasks\PCDEventLauncherTask 2016-03-28 19:16:20 EB2E6E9BC87BF45671719C6A19A58F7D 3658 ----a-w- C:\WINDOWS\Sysnative\Tasks\PCDoctorBackgroundMonitorTask 2016-03-28 19:16:19 3ED4D8AFB3C5D28933BF62973A343DC1 2972 ----a-w- C:\WINDOWS\Sysnative\Tasks\PCDDataUploadTask 2016-03-28 19:16:17 221DED00E3CC84C0FA46E6B1623D9F37 2848 ----a-w- C:\WINDOWS\Sysnative\Tasks\SystemToolsDailyTest 2016-03-25 09:12:36 77B1B809D9E834CAE0EF067B9936B636 2764 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Acrobat Update Task 2016-03-24 20:39:20 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Aviata 2016-03-24 20:37:57 7349A80A5CE8B993F6786E0AE22C9399 1072 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-03-24 20:37:57 10F9BC6E6BCFC38412A9EDA65A2BBF5C 3440 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2016-03-24 20:37:56 6D60016F7B191B0AD53457787F97FEBC 3212 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2016-03-24 20:37:56 1CE2240F0B22B1D96E6688A73D948672 1068 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-03-24 20:36:18 367CDB4DEA686AF12EF951D7108FD14E 4184 ----a-w- C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{6C7CD4BF-F49F-49E9-953B-E9057F1259FB} 2016-03-24 20:36:10 18F744017B4D5B5636B29BF802861A2F 2810 ----a-w- C:\WINDOWS\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4273996765-3856707541-530888196-1001 ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-04-09 10:53:59 -------- d-----w- C:\Program Files\trend micro 2016-04-08 18:09:02 -------- d-----w- C:\Program Files\Reference Assemblies 2016-04-08 18:09:02 -------- d-----w- C:\Program Files\MSBuild 2016-04-08 17:26:45 -------- d-----w- C:\Program Files\Intel 2016-04-08 17:25:35 -------- d-----w- C:\Program Files\Realtek 2016-04-08 17:25:25 -------- d-----w- C:\Program Files\Synaptics 2016-04-04 11:53:52 -------- d-----w- C:\Program Files\Microsoft Office 15 2016-04-02 07:33:40 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared 2016-04-02 07:30:08 -------- d-----w- C:\Program Files\Common Files\Autodesk Shared 2016-04-02 07:30:08 -------- d-----w- C:\Program Files\Autodesk 2016-03-28 19:15:45 -------- d-----w- C:\Program Files\Dell Support Center 2016-03-26 15:38:47 -------- d-----w- C:\Program Files\Common Files\AV 2016-03-25 09:23:21 -------- d-----w- C:\Program Files\Adobe 2016-03-25 09:21:26 -------- d-----w- C:\Program Files\Common Files\Adobe 2016-03-24 21:50:33 -------- d-----w- C:\Program Files\PowerISO 2016-03-24 20:47:43 -------- d-----w- C:\Program Files\WinRAR ======= C:\PROGRA~2 ===== 2016-04-08 19:26:30 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2016-04-08 18:09:03 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2016-04-08 18:09:03 -------- d-----w- C:\PROGRA~2\MSBuild 2016-04-08 17:26:39 -------- d-----w- C:\PROGRA~2\COMMON~1\Intel 2016-04-02 07:27:09 -------- d-----w- C:\PROGRA~2\Autodesk 2016-04-02 07:25:41 -------- d-----w- C:\PROGRA~2\COMMON~1\Autodesk Shared 2016-03-28 20:47:39 -------- d-----w- C:\PROGRA~2\Dell 2016-03-27 14:13:25 32372200 ----a-w- C:\PROGRA~2\COMMON~1\lpuninstall.exe 2016-03-27 14:11:27 -------- d-----w- C:\PROGRA~2\SafeKey 2016-03-25 22:17:42 -------- d-----w- C:\PROGRA~2\Tablet 2016-03-25 10:40:40 -------- d-----w- C:\PROGRA~2\TabletPlugins 2016-03-25 09:12:23 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe 2016-03-25 09:12:23 -------- d-----w- C:\PROGRA~2\Adobe 2016-03-24 21:46:02 -------- d-----w- C:\PROGRA~2\QuickPar 2016-03-24 21:21:36 -------- d-----w- C:\PROGRA~2\VideoLAN 2016-03-24 20:37:55 -------- d-----w- C:\PROGRA~2\Google ======= C: ===== 2016-03-24 20:37:54 F60BB7489BDDA351360C95AE94290376 114 ---ha-w- C:\DBAR_Ver.txt ====== C:\Users\Rene\AppData\Roaming ====== 2016-04-08 18:07:24 -------- d-----w- C:\Users\Rene\AppData\Local\MicrosoftEdge 2016-04-08 18:03:12 -------- d-----w- C:\Users\Rene\AppData\Local\Publishers 2016-04-08 18:02:10 -------- d-----w- C:\Users\Rene\AppData\Local\Comms 2016-04-08 18:01:42 -------- d-----w- C:\Users\Rene\AppData\Local\TileDataLayer 2016-04-08 17:46:14 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages 2016-04-08 17:43:14 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2016-04-08 17:38:14 DE25017DCF4A0BD2ACB5D4ACEA1B3A9E 373728 ----a-w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2016-04-08 17:30:16 -------- d-s---r- C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-04-08 17:30:16 -------- d-----w- C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-04-08 17:30:16 -------- d-----w- C:\Users\Rene\AppData\Roaming 2016-04-08 17:30:16 -------- d-----w- C:\Users\Rene\AppData\Local\Temp 2016-04-08 17:30:16 -------- d-----w- C:\Users\Rene\AppData\Local\Microsoft 2016-04-08 17:30:16 -------- d-----w- C:\Users\Rene\AppData\Local 2016-04-08 17:30:16 -------- d-----r- C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-04-08 17:30:16 -------- d-----r- C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-04-08 17:30:16 -------- d-----r- C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-04-08 17:30:16 -------- d-----r- C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-04-02 07:33:13 -------- d-----w- C:\Users\Rene\AppData\Local\Autodesk 2016-03-26 15:45:42 -------- d-----w- C:\Users\Rene\AppData\Local\Diagnostics 2016-03-25 10:48:37 -------- d-----w- C:\Users\Rene\AppData\Local\CEF 2016-03-25 09:21:47 -------- d-----w- C:\Users\Rene\AppData\Local\Programs 2016-03-25 09:17:03 -------- d-----w- C:\Users\Rene\AppData\Local\Adobe 2016-03-24 21:46:03 -------- d-----w- C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar 2016-03-24 20:48:01 -------- d-----w- C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-03-24 20:42:59 -------- d-----w- C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotnet 2016-03-24 20:42:49 -------- d-----w- C:\Users\Rene\AppData\Local\Spotnet 2016-03-24 20:42:48 -------- d-----w- C:\Users\Rene\AppData\Local\SquirrelTemp 2016-03-24 20:38:54 -------- d-----w- C:\Users\Rene\AppData\Local\Aviata 2016-03-24 20:37:45 -------- d-----w- C:\Users\Rene\AppData\Local\Google 2016-03-24 20:37:31 -------- d-----w- C:\Users\Rene\AppData\Local\Apps 2016-03-24 20:36:27 -------- d-sh--w- C:\Users\Rene\AppData\Local\EmieUserList 2016-03-24 20:36:27 -------- d-sh--w- C:\Users\Rene\AppData\Local\EmieSiteList 2016-03-24 20:35:15 -------- d-----w- C:\Users\Rene\AppData\Local\GWX 2016-03-24 20:34:10 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2016-03-24 20:32:09 -------- d-----w- C:\Users\Rene\AppData\Local\Power2Go8 2016-03-24 20:29:56 -------- d-s---w- C:\WINDOWS\serviceprofiles\networkservice\AppData\LocalLow 2016-03-24 20:29:43 -------- d-----r- C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2016-03-24 20:29:43 -------- d-----r- C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2016-03-24 20:29:09 -------- d-----w- C:\Users\Rene\AppData\Local\Packages 2016-03-24 20:26:31 -------- d-----w- C:\Users\Rene\AppData\LocalLow ====== C:\Users\Rene ====== 2016-04-09 10:49:50 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Rene\Downloads\RSITx64.exe 2016-04-09 08:58:22 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom-tablet 2016-04-09 08:30:57 DB860041B47FE83E68045B1F241AE833 8264528 ----a-w- C:\Users\Rene\Downloads\Setup_serial_sSKTog8rZvUrDICMip36yw2_key.exe 2016-04-08 18:01:39 -------- d-sh--w- C:\Users\Rene\IntelGraphicsProfiles 2016-04-08 18:01:29 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Rene\ntuser.ini 2016-04-08 17:30:16 -------- d--h--w- C:\Users\Rene\AppData 2016-04-08 17:26:10 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\ProgramData\DP45977C.lfl 2016-04-04 11:59:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-hulpprogramma's 2016-04-04 11:52:52 6CCFB0D7D8AD6CF2A50169374465A7AB 3288264 ----a-w- C:\Users\Rene\Downloads\Setup.x86.nl-NL_ProPlusRetail_NMMM8-62DVP-89PJY-YTXMQ-YBH7H_act_1_.exe 2016-04-02 07:45:30 -------- d-----w- C:\ProgramData\FLEXnet 2016-04-02 07:38:29 -------- d-----w- C:\ProgramData\FARO 2016-04-02 07:38:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap 2016-04-02 07:34:07 014AE830595EB24B05A547A4C6376375 153 ----a-w- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc 2016-04-02 07:33:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2014 - English 2016-04-02 07:30:45 -------- d-----w- C:\Users\Public\Documents\Autodesk 2016-04-02 07:26:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2016-04-02 07:20:24 -------- d-----w- C:\ProgramData\Autodesk 2016-03-29 09:24:34 E6C383AB5B8EBE85D12B78493014B8B3 692928 ----a-w- C:\Users\Rene\Downloads\CreativeCloudSet-Up.exe 2016-03-28 20:47:39 -------- d-----w- C:\ProgramData\SupportAssistAgent 2016-03-28 19:20:24 95F9F318AEAC1187CA641E520280DF96 211312 ----a-w- C:\Users\Rene\Downloads\mvt (1).exe 2016-03-28 19:19:42 95F9F318AEAC1187CA641E520280DF96 211312 ----a-w- C:\Users\Rene\Downloads\mvt.exe 2016-03-28 19:15:53 -------- d-----w- C:\ProgramData\PC-Doctor for Windows 2016-03-27 12:42:59 -------- d-----w- C:\Users\Rene\Etch ON TOP 2016-03-26 15:27:45 65C603619E86AE4B3B3E030BA0664EA3 8201992 ----a-w- C:\Users\Rene\Downloads\Setup_serial_tqVkm5NP4ESjwAXKOzARpg2_key.exe 2016-03-25 09:27:49 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe 2016-03-25 09:12:07 -------- d-----w- C:\ProgramData\Adobe 2016-03-24 21:51:07 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol 2016-03-24 21:50:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO 2016-03-24 21:46:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar 2016-03-24 21:22:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-03-24 20:48:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-03-24 20:42:59 -------- d-----w- C:\ProgramData\Spotnet 2016-03-24 20:37:27 -------- d-----w- C:\ProgramData\softthinks 2016-03-24 20:34:25 -------- d---a-r- C:\Users\Rene\OneDrive 2016-03-24 20:29:43 -------- d-----r- C:\Users\Rene\Searches 2016-03-24 20:29:43 -------- d-----r- C:\Users\Rene\Contacts 2016-03-24 20:26:30 -------- d-----r- C:\Users\Rene\Videos 2016-03-24 20:26:30 -------- d-----r- C:\Users\Rene\Saved Games 2016-03-24 20:26:30 -------- d-----r- C:\Users\Rene\Pictures 2016-03-24 20:26:30 -------- d-----r- C:\Users\Rene\Music 2016-03-24 20:26:30 -------- d-----r- C:\Users\Rene\Links 2016-03-24 20:26:30 -------- d-----r- C:\Users\Rene\Favorites 2016-03-24 20:26:30 -------- d-----r- C:\Users\Rene\Downloads 2016-03-24 20:26:30 -------- d-----r- C:\Users\Rene\Documents 2016-03-24 20:26:30 -------- d-----r- C:\Users\Rene\Desktop ====== C: exe-files == 2016-04-09 10:53:59 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Rene.exe 2016-04-09 10:49:50 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Rene\Downloads\RSITx64.exe 2016-04-09 08:30:57 DB860041B47FE83E68045B1F241AE833 8264528 ----a-w- C:\Users\Rene\Downloads\Setup_serial_sSKTog8rZvUrDICMip36yw2_key.exe 2016-04-09 07:50:38 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Windows\Temp\5AEED656-94F4-4332-A9DA-EC3B69D33DF2\DismHost.exe 2016-04-08 18:42:24 55BEEABD97E0D556E08A463A58FC17FF 2547800 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\49.0.2623.112\49.0.2623.112_49.0.2623.110_chrome_updater.exe 2016-04-08 18:17:58 E25912F0DA86EF6D0812ED848BDA60C0 797024 ----a-w- C:\Windows\Boot\PCAT\memtest.exe 2016-04-08 18:17:58 C3F15E167CB84E2E6027AF17D49D5904 372224 ----a-w- C:\Windows\System32\MDEServer.exe 2016-04-08 18:17:58 BD0C18CCF84C65F091F670181032BF75 2095968 ----a-w- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe 2016-04-08 18:17:58 6E0BFE7FAFAC7B5D0C13062D5884B135 369912 ----a-w- C:\Windows\System32\audiodg.exe 2016-04-08 18:17:58 09D8EBC01776C2D117918993EDDC19B2 1474560 ----a-w- C:\Program Files\Windows Media Player\wmpnetwk.exe 2016-04-08 18:17:56 C78D43083400B8FAE408FEB1E99F9DA8 1847808 ----a-w- C:\Windows\System32\WMPDMC.exe 2016-04-08 18:17:56 AD1B282BDE4A19D7CE2D405409DBB8D0 1497088 ----a-w- C:\Windows\SysWOW64\WMPDMC.exe 2016-04-08 18:17:56 3B27CD5D7CE5023586EE861EE56069FB 7305072 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 2016-04-08 18:17:56 29C0CB42B16F323AB8003A73B7E81DD5 1141504 ----a-w- C:\Windows\System32\Boot\winload.exe 2016-04-08 18:17:55 FA457DEBC6875EF5DFC0DF6B7A1003B8 654688 ----a-w- C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe 2016-04-08 18:17:55 D1241DFC397FA8CCFB4BB4B63AAD31AC 755712 ----a-w- C:\Windows\System32\spoolsv.exe 2016-04-08 18:17:55 96B060E7FDDD6E2902282C12C3BFD6AE 630632 ----a-w- C:\Windows\System32\fontdrvhost.exe 2016-04-08 18:17:55 7185B16516478DF0061C2561C1B072CE 228352 ----a-w- C:\Windows\System32\wsqmcons.exe 2016-04-08 18:17:55 197948552BE23DACBEF10ECC8168FD11 29696 ----a-w- C:\Windows\SysWOW64\LaunchWinApp.exe 2016-04-08 18:17:55 0D7BB44BFFFA4E153F4EA1E05522D2C3 37376 ----a-w- C:\Windows\System32\LaunchWinApp.exe 2016-04-08 18:17:53 F66EEB5365413D4B968C5B51D25F88B8 141560 ----a-w- C:\Windows\System32\AuthHost.exe 2016-04-08 18:17:53 F2232A78D975E8F1B99DAC4873CBDC89 414720 ----a-w- C:\Windows\System32\bcastdvr.exe 2016-04-08 18:17:53 EAB4B1DD5E18EE57853ACD0156AE92E6 199168 ----a-w- C:\Windows\System32\InstallAgent.exe 2016-04-08 18:17:53 D1817C1F148C21EC4403186D731DF042 540752 ----a-w- C:\Windows\SysWOW64\fontdrvhost.exe 2016-04-08 18:17:53 D169A4C1EDA2F63545628420014F2FE3 808800 ----a-w- C:\Windows\System32\WWAHost.exe 2016-04-08 18:17:53 B58CE40AC84F1B068A2004400E68245B 87040 ----a-w- C:\Windows\System32\MDMAppInstaller.exe 2016-04-08 18:17:53 B174232356859EBB0CF8FA950119DA1E 159232 ----a-w- C:\Windows\System32\DeviceCensus.exe 2016-04-08 18:17:53 A8EF9AEDACF24908E12E910BF3977DC9 703840 ----a-w- C:\Windows\SysWOW64\WWAHost.exe 2016-04-08 18:17:53 95D2BD6AC94FB337AF69F8AFE056BEBE 147808 ----a-w- C:\Windows\System32\wermgr.exe 2016-04-08 18:17:53 8EC4F381818F8A073DEC52C6D1ED9C76 86016 ----a-w- C:\Windows\System32\DeviceEnroller.exe 2016-04-08 18:17:53 83012CF88DF6EC835B2308941B47CA8A 7474528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-04-08 18:17:53 7A2A3BAAA05C8124D95B2915E904F900 141664 ----a-w- C:\Windows\SysWOW64\wermgr.exe 2016-04-08 18:17:53 5125BB69518578E5EDC4117BABF2A687 874968 ----a-w- C:\Windows\System32\winresume.exe 2016-04-08 18:17:53 5125BB69518578E5EDC4117BABF2A687 874968 ----a-w- C:\Windows\System32\Boot\winresume.exe 2016-04-08 18:17:53 3BFCD46B7D67D0B137BD54C2BE644C4A 161280 ----a-w- C:\Windows\SysWOW64\InstallAgent.exe 2016-04-08 18:17:53 29C0CB42B16F323AB8003A73B7E81DD5 1141504 ----a-w- C:\Windows\System32\winload.exe 2016-04-08 18:08:10 F432E0E5B0958F4982D40EB622FBD7FC 35480 ----a-w- C:\Windows\SysWOW64\TsWpfWrp.exe 2016-04-08 18:08:04 E91942A0D00C6AA014B2EA33EE0ED0A3 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe 2016-04-08 18:07:53 20B48DC4AF4492B31A756528444BDA8C 304752 ----a-w- C:\Windows\System32\systemreset.exe 2016-04-08 18:06:19 E4D26B91BBDC51ADF460F371323AECD1 8076992 ----a-w- C:\Users\Rene\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\OneDriveSetup.exe 2016-04-08 18:06:19 E4D26B91BBDC51ADF460F371323AECD1 8076992 ----a-w- C:\Users\Rene\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\OneDriveSetup.exe 2016-04-08 18:06:07 092405FB2D6BC20668BEA02647FE2393 164040 ----a-w- C:\Users\Rene\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\FileSyncConfig.exe 2016-04-08 18:06:00 1E9D2587344160BB2AF16C503F062868 171712 ----a-w- C:\Users\Rene\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\FileCoAuth.exe 2016-04-05 20:29:03 E4D26B91BBDC51ADF460F371323AECD1 8076992 ----a-w- C:\Users\Rene\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe 2016-04-05 20:28:53 092405FB2D6BC20668BEA02647FE2393 164040 ----a-w- C:\Users\Rene\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncConfig.exe 2016-04-05 20:28:50 1E9D2587344160BB2AF16C503F062868 171712 ----a-w- C:\Users\Rene\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe 2016-04-04 12:05:37 61F488AC3053DEB2AADB6A34DEBC8876 551104 ----a-w- C:\Users\Rene\AppData\Local\Microsoft\OneDrive\OneDrive.exe 2016-04-04 12:00:35 AD3F21682114AE4314482E724CE0436E 737480 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\lync99.exe 2016-04-04 12:00:34 B8E4A1EC5A02C241F57D0543C0B7B012 28952 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX40.exe 2016-04-04 12:00:33 804F4C7BEF55C0A883ADCE26EB13EBFA 222912 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLED.EXE 2016-04-04 12:00:31 763F7AFB6E6A3A1791255694D22966AF 121032 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE 2016-04-04 12:00:29 85A75FDB2B0CED5A7626EC1A96AA2611 950040 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\DW\DW20.EXE 2016-04-04 12:00:24 0718F6C803E0B2FDDF47ABF588EFC681 186056 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSREC.EXE 2016-04-04 12:00:23 FDEE9A7D7F33B14A59A44B0CFA824601 185088 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\DCF\DATABASECOMPARE.EXE 2016-04-04 12:00:23 BD459987B3B81A9A627D65DC3B3D07C2 104672 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\110\SQLDumper.exe 2016-04-04 12:00:18 9FEEDD6F14CD546B1068CDE0086FB8E3 29952 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\DCF\Common.ShowHelp.exe 2016-04-04 12:00:13 FE9C0029E1AF26350D9985D00520E5C8 5132888 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 2016-04-04 12:00:13 F1034F353B8EC2E98E48F6E3E2E24F50 48328 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\AppSharingHookController64.exe 2016-04-04 12:00:12 EC5CE4253D8D0C9977E1124307CCD91D 27904 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Smart Tag\SmartTagInstall.exe 2016-04-04 12:00:12 6F88BE69CB18F92D58ED85BE6E0EF959 3758272 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\ACCICONS.EXE 2016-04-04 12:00:12 51B1DD85FE3FE9FDC004E6898A28A0FD 770240 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\protocolhandler.exe 2016-04-04 12:00:11 1AFCC427034C49868BADB9BEF957953F 3695808 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\XLICONS.EXE 2016-04-04 12:00:10 50CF3BCD1B14CB675F8A847B2ACCC511 3025600 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\WORDICON.EXE 2016-04-04 12:00:09 6CAE775406F31D332FBC08FE0BD08AAD 28440 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.exe 2016-04-04 11:59:52 53110F8CF0BDF669F97ED2D40DC881B2 1644224 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe 2016-04-04 11:59:51 AB32215B1261B5B362199A10D9F0C970 38656 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\DCF\Common.DBConnection.exe 2016-04-04 11:59:49 4CBF66D7A22FC12087633CBB0E9A4F34 37624 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\DCF\Common.DBConnection64.exe 2016-04-04 11:59:48 EFCDF636070F5E61FDE0C1B5BCCED409 464128 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\DCF\SPREADSHEETCOMPARE.EXE 2016-04-04 11:59:46 2A5A9D9541AAB89203E9A7EF3D66A118 53504 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Flattener\Flattener.exe 2016-04-04 11:59:45 37C04300FC230044BD52BBA9B889C52A 3519680 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\PPTICO.EXE 2016-04-04 11:59:40 D0912CD9CCDECCF40FE21FE2D192707B 5961928 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CMigrate.exe 2016-04-04 11:59:40 900438E973697057320F9E388DB18049 624832 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOICONS.EXE 2016-04-04 11:59:37 411B2C3641F704DF64BEAC9E40C10E2C 28952 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX45.exe 2016-04-04 11:59:27 E1284FFC00EA92FE3ACDEF3B00791F36 251648 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\DCF\filecompare.exe 2016-04-04 11:59:27 5D3A10F21450FB577C054ED238737CCD 192200 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOSQM.EXE 2016-04-04 11:59:27 555CC90AB721CDD80575A837FDEA0C55 192328 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\DW\DWTRIG20.EXE 2016-04-04 11:59:22 2CE247193C41FF23B473B2E0D91012D9 8792256 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\CMigrate.exe 2016-04-04 11:59:19 93A5F983E70114C92F4B8416C43F084A 10305736 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\PDFREFLOW.EXE 2016-04-04 11:59:18 81180394BA74C4FE711D1413DED58518 295648 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\FLTLDR.EXE 2016-04-04 11:59:14 DA427CF5CEFD22E658FD7F467BD9F40A 104136 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\MSOHTMED.EXE 2016-04-04 11:59:05 59A605608E6EF3A71885179131A53417 231616 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE 2016-04-04 11:59:03 AD60A39A820804E89BC2EAD599ED94E1 8067784 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Integration\OneDriveSetup.exe 2016-04-04 11:58:52 3C283C1BFA1D88C2D4D52148CE62A7C7 543360 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\EQUATION\eqnedt32.exe 2016-04-04 11:58:51 5CF52EDCBD751EC4A805F092AC389D2B 211152 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Source Engine\OSE.EXE 2016-04-04 11:58:51 3A8B5B38E0530DBC32FDBBDE80B5726F 2533152 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe 2016-04-04 11:58:44 7715246915D39F71728C10A98FCC7E95 1556160 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\OcPubMgr.exe 2016-04-04 11:58:43 CD6AD45E26D2A9E637D60F8B789BD494 43200 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\AppSharingHookController.exe 2016-04-04 11:58:43 AFCB1AC67E9FD9D1DFCE698DDC2EF82D 48320 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\msotd.exe 2016-04-04 11:58:43 7EB1EC0CB88800215E8CC63D867B3EC7 48320 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\msoev.exe 2016-04-04 11:58:42 F13365B361F802677684DE1CD4D34286 1095360 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe 2016-04-04 11:58:42 2F4B98E1EE6207D938922513E551E6CE 57032 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\SCANPST.EXE 2016-04-04 11:58:42 061ADC9F856D5E3925A83F049720FE06 202440 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\IEContentService.exe 2016-04-04 11:58:42 00B5258F82516CCB46094E3D5659016E 9736904 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\lynchtmlconv.exe 2016-04-04 11:57:11 B938D7799AF4B54ED5578978A0329EB4 37568 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\Wordconv.exe 2016-04-04 11:57:11 922EFC4B67D07FD43DF102B8405BC156 370888 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\SELFCERT.EXE 2016-04-04 11:57:11 7E6761FBA4E4DD5D2E03A0C939154280 774344 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\FIRSTRUN.EXE 2016-04-04 11:57:11 178D786BA535DAB8DFC3BCB26025E82A 146112 ----a-w- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe 2016-04-04 11:57:01 EDD5B87C6676EF9826D6BC883214FB00 704192 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\MSQRY32.EXE 2016-04-04 11:57:01 C5CE057CC0BB79B81DE6D57AF6F9E630 576200 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\ORGCHART.EXE 2016-04-04 11:57:01 BA876E8474626D980A08B291D136CA3E 26093256 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\excelcnv.exe 2016-04-04 11:57:01 B65B49A84829C4BF097F9B394B94C185 1036992 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\misc.exe 2016-04-04 11:57:01 A76C05B34B463B0E7D33F4B5C61EC078 393416 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\CLVIEW.EXE 2016-04-04 11:57:01 87F959761CB79B799CD8DF042AA3C436 89280 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOHTMED.EXE 2016-04-04 11:57:01 80350ECC91AF7F7F69106C3D6DCA1BBE 112320 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\NAMECONTROLSERVER.EXE 2016-04-04 11:57:01 5B4ED1416DE05ACA78B9865779BE65BE 4417736 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\GRAPH.EXE 2016-04-04 11:57:01 5271729D063BC244B88884F5B4E97795 467144 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE 2016-04-04 11:57:01 2863B1176132090FA5CFAB274171DDCE 66248 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE 2016-04-04 11:57:01 077E613716DE44E17A7CAFACD5312C65 532168 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOUC.EXE 2016-04-04 11:56:58 73BBECFB92385C3C0BC5D02D5BFB437B 318664 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\VPREVIEW.EXE 2016-04-04 11:56:58 6A0561ABC88FB1FE3B75F6EF73AA0282 177856 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\CNFNOT32.EXE 2016-04-04 11:55:42 3A8B5B38E0530DBC32FDBBDE80B5726F 2533152 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Integration\Integrator.exe 2016-04-04 11:55:39 5304413D853D4B6893A362B43340E66B 255192 ----a-w- C:\Program Files (x86)\Microsoft Office\root\client\AppVDllSurrogate64.exe 2016-04-04 11:55:39 0CBA2B76646FE403EB9C09B0A63283F2 378520 ----a-w- C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe 2016-04-04 11:55:38 E2112E22C8BF7682854DC410F4FD6EBC 215768 ----a-w- C:\Program Files (x86)\Microsoft Office\root\client\AppVDllSurrogate32.exe 2016-04-04 11:55:34 EAE050EF5D4B76FEA6743326FFB7F7E0 15781568 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE 2016-04-04 11:55:31 A13FD82C1209BA4F07E6DF635F04C2D6 10161864 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE 2016-04-04 11:55:23 7986981A3E1CF491C9F9BFFD07742141 22751424 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe 2016-04-04 11:55:19 7EF38A8FE2E9C8A2808E37DBBAEA9F01 170176 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE 2016-04-04 11:55:19 5A30632DBAD0C87477508024E1BAE090 1697984 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE 2016-04-04 11:55:15 362D62DA586ED8143CB5E4B58789A220 25934528 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE 2016-04-04 11:55:11 9CC4CB53798CA64D18C10944DCB5BE5E 1859264 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE 2016-04-04 11:54:47 C59FB7FDE547C7B9B6870296A9D2C5BE 1936576 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE 2016-04-04 11:54:46 1F581D68D15BB550BB1DD5B1A8526D73 10428096 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE 2016-04-04 11:54:44 A15AB5B2A4714C756E7C96B50E46883A 30082248 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE 2016-04-04 11:53:54 E0E15CFDC76B9597A35A4B49E041E9AD 326848 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\PerfBoost.exe 2016-04-04 11:53:52 2AB2AF1901F31058068C2DE4030C87D4 1161032 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe 2016-04-04 11:53:52 2AB2AF1901F31058068C2DE4030C87D4 1161032 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\IntegratedOffice.exe 2016-04-04 11:53:47 E1A14B503F8E6C583CD4662037B96FF8 6153480 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe 2016-04-04 11:53:47 00B0F3CA2EC79B59181CC043B821A408 2838768 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe 2016-04-04 11:53:46 C0589DC5A21074D0F64989CC332DA910 1162568 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe 2016-04-04 11:53:46 B4146989F503516551069FC9E82A1CF2 358616 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe 2016-04-04 11:53:46 64327F3E0BA663BAF2F9DF3BEE215520 263896 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe 2016-04-04 11:53:45 015BF5FFF559B32EA2F372546A0BB942 2053848 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe 2016-04-04 11:52:52 6CCFB0D7D8AD6CF2A50169374465A7AB 3288264 ----a-w- C:\Users\Rene\Downloads\Setup.x86.nl-NL_ProPlusRetail_NMMM8-62DVP-89PJY-YTXMQ-YBH7H_act_1_.exe === C: other files == 2016-04-08 18:35:30 D7A6112088C433FEBA27AE56B4B55BB4 1236889 ----a-w- C:\ProgramData\Microsoft\DataMart\PaidWiFi\OffersCacheTemp.zip 2016-04-08 18:17:58 1A490555FD330CA2764D89191177C867 285696 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2016-04-08 18:17:56 58BFFEF692A47FCE3FAAEDBC8F3DCBBB 2152288 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2016-04-08 18:17:56 0B3B0C1D86050355676640488FA897D3 430944 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2016-04-08 18:17:55 E3C82823B22463BC38AA4F8ADA852624 104960 ----a-w- C:\Windows\System32\drivers\rasl2tp.sys 2016-04-08 18:17:55 A4411C522D41707D5BCA817A5BB9E30B 114688 ----a-w- C:\Windows\System32\drivers\bridge.sys 2016-04-08 18:17:53 F45665E77D11F3C1552EDBEAD1559DC8 1997152 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2016-04-08 18:17:53 F279536122B83FD0D8E158AA753E1B7C 238592 ----a-w- C:\Windows\System32\drivers\xboxgip.sys 2016-04-08 18:17:53 EDDB0D726DBECDFC1DBCC6DB464E5A13 146272 ----a-w- C:\Windows\System32\drivers\appid.sys 2016-04-08 18:17:53 DBACD4E4FE191D0CE7C624ACA389535E 29696 ----a-w- C:\Windows\System32\drivers\xinputhid.sys 2016-04-08 18:17:53 CEFF59649E90987D263D96078724A54A 954368 ----a-w- C:\Windows\System32\drivers\bthport.sys 2016-04-08 18:17:53 B7E1CAA9429E4C3E7E01CB35B97E1536 534368 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS 2016-04-08 18:17:53 8949F77132A4F8F3BA17C6727099F002 127840 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2016-04-08 18:17:53 7C6B51E0233814D401905289AFD27BC5 1390592 ----a-w- C:\Windows\System32\win32kbase.sys 2016-04-08 18:17:53 74727B8BF0227820660A79450F2D94EF 176640 ----a-w- C:\Windows\System32\drivers\rfcomm.sys 2016-04-08 18:17:53 64D4F5DE44B64B8284BADE5819B5195A 394080 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2016-04-08 18:17:53 469441BAE3FF8A16826FC62C51EF5E18 563552 ----a-w- C:\Windows\System32\drivers\acpi.sys 2016-04-08 18:17:53 36417FC4F11C31C880CB428037DEDF3F 112640 ----a-w- C:\Windows\System32\drivers\bthenum.sys 2016-04-08 18:17:53 33190E86460C4FF7382848187463DC28 576864 ----a-w- C:\Windows\System32\drivers\dxgmms2.sys 2016-04-08 18:17:53 32509061F29DA432B62336A4462ADEBF 3593216 ----a-w- C:\Windows\System32\win32kfull.sys 2016-04-08 18:17:53 0D279373091AA1BBEEE958AAF02B5EDF 84992 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS 2016-04-08 18:07:53 F871CE85AF64D81A9CB6C361CF797144 185184 ----a-w- C:\Windows\System32\drivers\dumpsd.sys 2016-04-08 18:07:53 70165A0A2653FB8AFDE3D85000727F29 277856 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2016-04-08 18:05:58 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\Rene\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\CollectOneDriveLogs.bat 2016-04-08 17:27:24 5C5A797761421CF9B72087F3BC8A5259 180 ----a-w- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-04-08 17:27:24 1373F6562D5E4C715D5D3583E350093E 200 ----a-w- C:\Windows\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-04-05 20:28:48 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\Rene\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\CollectOneDriveLogs.bat 2016-04-05 11:34:30 900CDE4600863A4D766CA719E5C65FB0 254513 ----a-w- C:\Users\Rene\Downloads\Laser_cutting_materiale_template.zip 2016-04-04 13:22:45 CA581636455C7A190ED4D25BC226DD7B 5860469 ----a-w- C:\Users\Rene\Downloads\The-Blooming-Elegant-Font-Trio (2).zip 2016-04-04 13:22:25 CA581636455C7A190ED4D25BC226DD7B 5860469 ----a-w- C:\Users\Rene\Downloads\The-Blooming-Elegant-Font-Trio (1).zip 2016-04-04 13:19:06 CA581636455C7A190ED4D25BC226DD7B 5860469 ----a-w- C:\Users\Rene\Downloads\The-Blooming-Elegant-Font-Trio.zip 2016-04-04 13:18:23 628CD3BC24764F0B09760B09B28F0A46 458675 ----a-w- C:\Users\Rene\Downloads\Calligraphy-font-Willow-Bloom (1).zip 2016-04-04 12:02:38 B23995F0EBBD2EA8936CD30C3D33AF90 11528 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\System.Windows.Controls.Theming.Toolkit.zip 2016-04-04 12:02:19 0E8E66888D88884A0D8195957C99FEDC 88443 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\Ocomprivate.zip 2016-04-04 12:02:03 A2F3063073DFF39723044E24735D1480 86734 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\Microsoft.Lync.Model.zip 2016-04-04 12:02:03 99A69D7C2BC69C8AE6C50332670E6283 70705 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\Microsoft.Lync.Utilities.zip 2016-04-04 12:02:02 5A4AF2F27934D3149B1AD488B6ADAC65 29139 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\Microsoft.Lync.Utilities.Controls.zip 2016-04-03 10:37:00 628CD3BC24764F0B09760B09B28F0A46 458675 ----a-w- C:\Users\Rene\Downloads\Calligraphy-font-Willow-Bloom.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-4273996765-3856707541-530888196-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" "OneDrive"="C:\Users\Rene\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" "OneDrive"="C:\Users\Rene\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX5REC" "WavesSvc"="C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe" "QuickSet"="c:\Program Files\Dell\QuickSet\QuickSet.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-03-2016 22:37] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-03-2016 22:37] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [15-01-2014 22:27] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe] "C:\WINDOWS\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe] "C:\WINDOWS\SysNative\tasks\Dell SupportAssistAgent AutoUpdate" [C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\PCDDataUploadTask" ["uaclauncher.exe"] "C:\WINDOWS\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\Dell\SupportAssist\sessionchecker.exe"] "C:\WINDOWS\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\Dell\SupportAssist\uaclauncher.exe"] "C:\WINDOWS\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{6C7CD4BF-F49F-49E9-953B-E9057F1259FB}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Dell\Dell Product Registration" [C:\Program Files (x86)\Dell Product Registration\prodreg.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [29-12-2015 13:20] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [29-12-2015 13:20] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions agbnjankikoaabjkmfbaceggjliabkbn - C:\Program Files (x86)\SafeKey\lpchrome.crx[27-03-2016 16:13] bahkljhhdeciiaodlkppoonappfnheoi - No path found[] fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[21-03-2016 13:15] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions bahkljhhdeciiaodlkppoonappfnheoi - No path found[] Google Docs - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Sheets - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap AFAS Personal Bijwerk Assistent - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhdjnejhhklnclpkbnfmfimijnlmghfk SiteAdvisor - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Google Docs Offline - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vlc-media-player.nl.softonic.com_0.localstorage deleted successfully C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vlc-media-player.nl.softonic.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://nl.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_pwrisofs_16_12¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dnl%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BzztB0AyBtB0A0D0C0A0E0E0FtBtAyEtN0D0Tzu0StCyDyEyEtN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StAyE0D0EtByByD0EtGtA0AyB0CtGzy0F0E0BtGtAyBtCyDtG0D0CzytDyEyD0BtDtCtB0DyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyE0FtD0BtCtByDtGtA0F0E0DtGyEtDyDtBtGzyyCtA0DtGtByDzyzy0E0D0BtD0CyCyBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D1909542293%26a%3Dwbf_pwrisofs_16_12%26os_ver%3D6.3%26os%3DWindows%2B8.1" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{14754904-E794-4327-BD66-39A179B6A938}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{14754904-E794-4327-BD66-39A179B6A938}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{14754904-E794-4327-BD66-39A179B6A938}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB HKLM\Wow6432Node\SearchScopes "DefaultScope"="{14754904-E794-4327-BD66-39A179B6A938}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Policies\Chromium deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O2 - BHO: McAfee SafeKey Vault - {9DB059B3-DD36-4a55-846C-59BE42A1202A} - C:\Program Files (x86)\SafeKey\LPToolbar.dll O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL O3 - Toolbar: McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe O4 - HKCU\..\Run: [OneDrive] "C:\Users\Rene\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Global Startup: Install SafeKey IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O8 - Extra context menu item: McAfee SafeKey-formulierinvullingen - file://C:\Users\Rene\AppData\LocalLow\SafeKey\context.html?cmd=fillforms O8 - Extra context menu item: SafeKey - file://C:\Users\Rene\AppData\LocalLow\SafeKey\context.html?cmd=lastpass O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O9 - Extra button: McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\SafeKey\LPToolbar.dll O9 - Extra 'Tools' menuitem: McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\SafeKey\LPToolbar.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe O23 - Service: @oem186.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing) O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe O23 - Service: McAfee Boot Delay Start Service (McBootDelayStartSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\WINDOWS\system32\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe O23 - Service: TabletServiceWacom - Unknown owner - C:\WINDOWS\system32\Wacom_Tablet.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Rene\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Rene\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Rene\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Rene\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=561 folders=65 53634274 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Rene\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 09-04-2016 at 13:51:51,19 ======================