Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Thierry on vr 15/04/2016 at 17:30:44,38. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Thierry\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-04-14-184759.log 5267 bytes ==== Running Processes ====================== C:\Program Files (x86)\Avira\Antivirus\sched.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Avira\Antivirus\avguard.exe C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\AirDroid\AirDroid.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Avira\Antivirus\avgnt.exe C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe C:\WINDOWS\sysWow64\SearchProtocolHost.exe C:\Users\Thierry\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 7963 MB CPU Info: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz CPU Speed: 2355,7 MHz Sound Card: luidspreker/Hoofdtelefoon (Real | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | Intel(R) HD Graphics Family Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Ralink RT3290 802.11bgn Wi-Fi Adapter | Microsoft Wi-Fi Direct Virtual Adapter | Realtek PCIe FE Family Controller CD / DVD Drives: 1x (E: | ) E: hp DVDRAM GU70N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 674,5GB | D: 22,1GB Hard Disks - Free: C: 553,9GB | D: 2,0GB Manufacturer *: Insyde BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 1 Time Zone: Romance (standaardtijd) Motherboard *: Hewlett-Packard 2163 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Internet Explorer Version: 11.212.10586.0 Adobe Reader version: 15.10.20056.167417 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-04-10 16:49:44 34535223F84E310A1BA43B6D02D69A00 2793581 ----a-w- C:\WINDOWS\chromebrowser.exe ====== C:\Users\Thierry\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-04-13 19:00:36 E07F85C08C025B08F25150E60CB69B44 37376 ----a-w- C:\WINDOWS\SysWOW64\atmlib.dll 2016-04-13 19:00:36 529ADF562993ACA4B8AB43847F42F9B0 18673664 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-04-13 19:00:36 49A21B514FC10B2D55499D58DC78E862 45568 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll 2016-04-13 19:00:35 C31E805C9AD3DBEA0A75337312967E77 792064 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2016-04-13 19:00:35 B4102814D9B1D1FC6C39869D7F224E12 303104 ----a-w- C:\WINDOWS\SysWOW64\atmfd.dll 2016-04-13 19:00:35 2BFF4D19D7FC686C150879A2FD5BAE77 2229760 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-04-13 19:00:34 FD639F1372389D7C5990663D6A100CFE 541304 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-04-13 19:00:34 D5BF10F0C309C82820813A7190CE1F5F 65536 ----a-w- C:\WINDOWS\SysWOW64\wininetlui.dll 2016-04-13 19:00:34 51A5FD6E5EF1E9A2C63C615F238961F9 1500672 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-13 19:00:34 17998B6098C06B8FAA32890D6E1F7A58 19340800 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-13 19:00:33 F172B5FDEACA0C57A4892208F617AB91 12125184 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-13 19:00:32 D28C3C4AAB51D00FD6EFA07F6DCC1CBA 1862008 ----a-w- C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-04-13 19:00:21 B74C5FA6221607F864C62090F74FDB80 799744 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll 2016-04-13 19:00:20 C57E960CD2C7F64AE0295DF0423FE071 1444352 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-04-13 19:00:16 3D74763FFF3EF03D8CC9233B5A0EBBB2 13018624 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-04-13 19:00:13 65930B7D5917CB0D76CAA51A46F3850B 9918976 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-04-13 19:00:13 408AF8141C4A44BC120F4204F8F79A75 1944576 ----a-w- C:\WINDOWS\SysWOW64\InputService.dll 2016-04-13 19:00:10 0822CB125008CFCA3DFB52C9DF118273 5662208 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-04-13 19:00:04 15C9692077BA7E20D64E34AE6210B438 5202944 ----a-w- C:\WINDOWS\SysWOW64\BingMaps.dll 2016-04-13 19:00:03 287FAD133D3E5F47DB367B86DC523631 2798080 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-04-13 19:00:00 265DB46FE368D8F701A74976D3823ADC 986976 ----a-w- C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-04-13 18:59:58 4B6F30BA21606440EC91852F15B296A9 1626624 ----a-w- C:\WINDOWS\SysWOW64\dwmcore.dll 2016-04-13 18:59:57 CC2F923F02D8EB36D0C442CE709B6CD9 1139712 ----a-w- C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2016-04-13 18:59:56 402A33FCE08200518FB0012A6BF2E966 2722816 ----a-w- C:\WINDOWS\SysWOW64\esent.dll 2016-04-13 18:59:55 395AC69CCD9E2D590775AA6ADD2AE1D2 649728 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-04-13 18:59:54 127D1DD4E7385AB56A32D72CF948DB9B 711680 ----a-w- C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-04-13 18:59:53 2C313D0D6CAF3467664058F15742CC98 354304 ----a-w- C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-04-13 18:59:51 E46FCEC3EAC209AFCDB2825386E51423 415232 ----a-w- C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-04-13 18:59:51 52A1E3042711C59E316936C9EDE560F8 502104 ----a-w- C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-04-13 18:59:49 D57F7D9FB771CA0B434E975F76413430 1072128 ----a-w- C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2016-04-13 18:59:49 70128BC69D515F2D38577D2438861424 133632 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-04-13 18:59:49 4135F625D8F20D76FB29F86FE7A4CC48 93696 ----a-w- C:\WINDOWS\SysWOW64\fontsub.dll 2016-04-13 18:59:48 B8AC85F66A12455FB3F2FDB916B1C679 498176 ----a-w- C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-04-13 18:59:48 B71A99EC3D8818A6662A6A9D26FE5807 346624 ----a-w- C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-04-13 18:59:48 B1D8636E375413D57B50BDE20CA5E710 358400 ----a-w- C:\WINDOWS\SysWOW64\AccountsRt.dll 2016-04-13 18:59:47 BED401741C226F05FCD2C2678F9E9F14 350720 ----a-w- C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-04-13 18:59:47 897906025BD3616BF9C30A3979A73DEE 712704 ----a-w- C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2016-04-13 18:59:46 88E6A274B44C66EDBD26F2BA9E0ACE8F 253088 ----a-w- C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-04-13 18:59:46 6D062C6E2C47B3DCDE8F4C3FDB634DEE 83456 ----a-w- C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-04-13 18:59:45 FEB304F6F577D923E390F5D6BE7DF870 800768 ----a-w- C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-04-13 18:59:45 C31BB8559C52E389B82A4B533C2FB39A 764928 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2016-04-13 18:59:45 3ABE2040F4F9BDDD008EC5D4713D5ABE 294752 ----a-w- C:\WINDOWS\SysWOW64\msv1_0.dll 2016-04-13 18:59:43 594D1C58958A1F980336964B643784F3 3671040 ----a-w- C:\WINDOWS\SysWOW64\msi.dll 2016-04-13 18:59:42 CA3C908B5C24293F1F1FB89301D63F16 1588224 ----a-w- C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-13 18:59:41 F29EDA4FE119EBF4881C9BA9AE7B27E7 84832 ----a-w- C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-04-13 18:59:41 CC68ABFB0AA40F62E7BD740101A0C92B 1117184 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2016-04-13 18:59:41 ACE2B02BA07DF7F13F59D07F7A38AA18 161792 ----a-w- C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-13 18:59:41 7C557ABB26C2B2D930AA005FF6A8C025 592384 ----a-w- C:\WINDOWS\SysWOW64\Windows.Web.dll 2016-04-13 18:59:41 6A7ACABAE92C837F5C1330188EAE36AE 535080 ----a-w- C:\WINDOWS\SysWOW64\dnsapi.dll 2016-04-13 18:59:41 64229C17CFE9262689EAE3E852D3975F 296488 ----a-w- C:\WINDOWS\SysWOW64\policymanager.dll 2016-04-13 18:59:41 2C0BBF7FC5526D7285BEAD239895C473 682496 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2016-04-13 18:59:41 2BDB397DC5EC7D3186358F7F2388A009 59904 ----a-w- C:\WINDOWS\SysWOW64\MosStorage.dll 2016-04-13 18:59:41 1F19665881A6167CC9E31A42C1F98AC3 638464 ----a-w- C:\WINDOWS\SysWOW64\TokenBroker.dll 2016-04-13 18:59:41 0BF6FDE72035DDC32FAF24344853B80B 777728 ----a-w- C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2016-04-13 18:59:40 D1600085065675F98F41A01DCD03AA6E 854528 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2016-04-13 18:59:40 C122D52ED9662F09EC2650B010544468 73872 ----a-w- C:\WINDOWS\SysWOW64\srvcli.dll 2016-04-13 18:59:40 B9378EA1892974391D15D54E57056130 151040 ----a-w- C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-04-13 18:59:40 7D276C5DF303462091092C3311027D30 129024 ----a-w- C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2016-04-13 18:59:40 7C7CC816CEEB07022EBCC6B779B16E1D 521728 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2016-04-13 18:59:39 C5F501F481234D821457CA3A270BFCE7 83968 ----a-w- C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll 2016-04-13 18:59:39 B65D241B81A010B6A78CCEEA900CCFC0 56320 ----a-w- C:\WINDOWS\SysWOW64\wkscli.dll 2016-04-13 18:59:39 AD1EC1102124182624F1224768FFAE96 564224 ----a-w- C:\WINDOWS\SysWOW64\WSDApi.dll 2016-04-13 18:59:39 8D9CB9BB31AC17112D75456E928C3839 103936 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2016-04-13 18:59:39 7D51637A2E604113F1A4E96FF3F2727C 51128 ----a-w- C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-04-13 18:59:39 6C2B2CA75F486449921ED10A39DB9799 69744 ----a-w- C:\WINDOWS\SysWOW64\netapi32.dll 2016-04-13 18:59:39 6920DEFBFA38033B2438ED9760231C12 219648 ----a-w- C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-04-13 18:59:39 5E52C817BCF919CF11CD523A2EC4A456 638464 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.dll 2016-04-13 18:59:39 35B0826C3EF8A0E16DF4F4A8D30246C7 705536 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll 2016-04-13 18:59:39 1A341701906986F1865766C6849269FC 323072 ----a-w- C:\WINDOWS\SysWOW64\oleacc.dll 2016-04-13 18:59:38 F0D9C0E953ACE5E5B8D3DD799B089B00 306176 ----a-w- C:\WINDOWS\SysWOW64\ieproxy.dll 2016-04-13 18:59:38 B4643C990D071EE99D9713336052F97B 193024 ----a-w- C:\WINDOWS\SysWOW64\credprovhost.dll 2016-04-13 18:59:38 92B98A16E41005D74CF7B2EF28AB1FCF 26112 ----a-w- C:\WINDOWS\SysWOW64\wsdchngr.dll 2016-04-13 18:59:38 806D3A66BBC91F7F2B4FCC337C13EFAE 239104 ----a-w- C:\WINDOWS\SysWOW64\NotificationObjFactory.dll 2016-04-13 18:59:37 F297B1F54D3FF42732C89C738AEC041F 141824 ----a-w- C:\WINDOWS\SysWOW64\easwrt.dll 2016-04-13 18:59:37 EAF904785CA7849C66F6DC2EF0A0E0E7 22528 ----a-w- C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe 2016-04-13 18:59:37 E9B121C13C171C28E8AF4871B52AABA0 450560 ----a-w- C:\WINDOWS\SysWOW64\SyncController.dll 2016-04-13 18:59:37 9A9CDAB4049BDB383C5CA8746F44E4CB 269824 ----a-w- C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-13 18:59:37 3EB91A44E6BCD05CA257E113FCA1DA0C 43520 ----a-w- C:\WINDOWS\SysWOW64\browcli.dll 2016-04-13 18:59:37 2E947792E9B1C738E33FD5794B1650F9 30208 ----a-w- C:\WINDOWS\SysWOW64\tbauth.dll 2016-04-13 18:59:36 E793B893135F3B6942B6230D45E27610 61440 ----a-w- C:\WINDOWS\SysWOW64\samlib.dll 2016-04-13 18:59:36 DDD613E502D30A6E2E407F3280521311 87040 ----a-w- C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-04-13 18:59:36 DBC451C2509141BFA9F851004A5DF99B 2193408 ----a-w- C:\WINDOWS\SysWOW64\actxprxy.dll 2016-04-13 18:59:36 C9D7861D1C984E1997A3778A97DD1AF9 162816 ----a-w- C:\WINDOWS\SysWOW64\MTF.dll 2016-04-13 18:59:36 BF769A5BEA8E50F12264746D30D57C6F 52736 ----a-w- C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll 2016-04-13 18:59:36 BC5D8155DBA7DC0E4F92430701C19901 161280 ----a-w- C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-04-13 18:59:36 979CCB709243FE7B0E75E9CDCCF8C9A8 784896 ----a-w- C:\WINDOWS\SysWOW64\NMAA.dll 2016-04-13 18:59:36 96BFB1E4B3F38D999E418D286BE45BFB 118272 ----a-w- C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-13 18:59:36 91ED19257EAA98C1C95A7E5F0FF07FF0 10240 ----a-w- C:\WINDOWS\SysWOW64\oleacchooks.dll 2016-04-13 18:59:36 2823A28AB08EE9DCE85436C700799D66 80384 ----a-w- C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll 2016-04-13 18:59:36 144B4EDF56E0D48C501F4AAEE5E032B0 6297088 ----a-w- C:\WINDOWS\SysWOW64\mos.dll 2016-04-13 18:42:54 B90A65D6A3BACF76884081C645017A72 1875542 ----a-w- C:\WINDOWS\SysWOW64\PerfStringBackup.INI ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-04-13 19:00:35 7A0E065E46156F9288AE32B1E0399247 52224 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll 2016-04-13 19:00:34 E2B2525EF375D716E0DE6FE8F3ADCEDB 365568 ----a-w- C:\WINDOWS\Sysnative\atmfd.dll 2016-04-13 19:00:34 AE6A68A065D4C26AF4BEFAA53623B266 2755584 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-04-13 19:00:33 CD885F960066DDD538CD1BBD509A0EC0 69632 ----a-w- C:\WINDOWS\Sysnative\wininetlui.dll 2016-04-13 19:00:33 4025493B778984A65B1A310864C4F08C 970752 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2016-04-13 19:00:33 0F85790D9E32FA0B8798AECBBEF6F5F4 1731584 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-04-13 19:00:32 F7391A45172C10D8B79A239CDD8BA88B 209408 ----a-w- C:\WINDOWS\Sysnative\storewuauth.dll 2016-04-13 19:00:32 B21B08D436D2B9E7D280FCF9BCBB5DDE 22378496 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-04-13 19:00:32 60C04811AC0BB0BFC5E00D293B8F4464 630632 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe 2016-04-13 19:00:31 A6A8B92FBADFA793794C0EEFA77941C3 13382656 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-04-13 19:00:31 A2B2198B126C8BB489585994A453B064 7474016 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-04-13 19:00:31 7F7591CCC146EC7D9EB77C1277D605F4 1213440 ----a-w- C:\WINDOWS\Sysnative\wwansvc.dll 2016-04-13 19:00:31 14D75B31BA6A28F4A46D7432B48C26B3 45568 ----a-w- C:\WINDOWS\Sysnative\atmlib.dll 2016-04-13 19:00:30 703F15FBAEA94F88FD5E12EFA94A0F7E 2656952 ----a-w- C:\WINDOWS\Sysnative\CoreUIComponents.dll 2016-04-13 19:00:30 5417FA7098B9A1F5A6EECB198A7B4BFC 3592704 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-04-13 19:00:30 3D0DE8170ECCEC20CBF205D79C535BA1 2275328 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-04-13 19:00:29 DBADA23940BA56E3D96762C961145654 24602112 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-04-13 19:00:29 92FB4032354D2074DA0DC9E70D8305B1 1388032 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2016-04-13 19:00:20 6870232D80480DA4FF1FBE3373FCA06E 965632 ----a-w- C:\WINDOWS\Sysnative\SRH.dll 2016-04-13 19:00:20 2F9B478546FC00827CB269BAD949D98B 16985600 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2016-04-13 19:00:20 290D24F50396B379338790B8E8D1C503 1714688 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll 2016-04-13 19:00:14 2291CACFF9BE4252C2D39D1A6D27B4E4 11545600 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-04-13 19:00:13 04EDE78320552097AC7EB3CE69A4A0BD 118272 ----a-w- C:\WINDOWS\Sysnative\fontsub.dll 2016-04-13 19:00:12 99D5C132D5085DACBFF909C3AAF832AC 2624512 ----a-w- C:\WINDOWS\Sysnative\InputService.dll 2016-04-13 19:00:12 775B118277B9A81BF9B23AA386A9196D 7836160 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-04-13 19:00:09 F8FAB3E1281FB937DB1C8109842A9534 3994624 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll 2016-04-13 19:00:06 32F3BA2C4849ED727508C021F999E147 3428864 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll 2016-04-13 19:00:03 5DFAF8BE5A3CABAABF6795BC09EB7876 948736 ----a-w- C:\WINDOWS\Sysnative\XblAuthManager.dll 2016-04-13 19:00:02 D0CCDC8D0D00DA363F9D87C2E9A803EF 1297752 ----a-w- C:\WINDOWS\Sysnative\LicenseManager.dll 2016-04-13 19:00:02 5276C6CCA158FD73D20642C6A7A507E7 1946112 ----a-w- C:\WINDOWS\Sysnative\dwmcore.dll 2016-04-13 19:00:01 93E597D2B5C653E94680E8B8E1C59B36 641536 ----a-w- C:\WINDOWS\Sysnative\enterprisecsps.dll 2016-04-13 19:00:01 0C015924C6DA5368E6B102CC597AC640 1390080 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll 2016-04-13 19:00:00 BE7D6EA3650F1C25076335A9C1F3D59B 1098240 ----a-w- C:\WINDOWS\Sysnative\dosvc.dll 2016-04-13 19:00:00 92840BF0817C457BB011220BA21BAE9B 1832448 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2016-04-13 19:00:00 2A2C0983B6FE62F02E7183335B1F5C20 1054208 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2016-04-13 18:59:59 B471A4DA6F8DFF957B6F109FA182C366 3575296 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsThresholdAdminFlowUI.dll 2016-04-13 18:59:59 2F844EBBB6BAA883BDDC472C44B738AE 1388544 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2016-04-13 18:59:58 DB0C2721BE0E21EAA0C4C70B07F481DE 3078144 ----a-w- C:\WINDOWS\Sysnative\esent.dll 2016-04-13 18:59:57 EFA3EFE172FDA2EE7C3F64F17277181C 7199232 ----a-w- C:\WINDOWS\Sysnative\BingMaps.dll 2016-04-13 18:59:56 F99D8BF6ACA4728C9E285BD161C22BCB 938496 ----a-w- C:\WINDOWS\Sysnative\MapControlCore.dll 2016-04-13 18:59:56 E8A201E7ACF39359D99EEDD3D059E5AC 1395712 ----a-w- C:\WINDOWS\Sysnative\UIAutomationCore.dll 2016-04-13 18:59:56 D8F3E820C39808C00A687AED554D23C0 859136 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll 2016-04-13 18:59:56 9065EB3B7E982A5370790BF729EDBBA7 696664 ----a-w- C:\WINDOWS\Sysnative\NetSetupEngine.dll 2016-04-13 18:59:55 E5421101B84007FBC3D11501A6887F42 471552 ----a-w- C:\WINDOWS\Sysnative\NetSetupShim.dll 2016-04-13 18:59:55 49FDB6B2E192AD639F09EF90C32A0395 852480 ----a-w- C:\WINDOWS\Sysnative\MapsStore.dll 2016-04-13 18:59:55 42C6780C909074A1879F8BBA34920FE6 988160 ----a-w- C:\WINDOWS\Sysnative\SharedStartModel.dll 2016-04-13 18:59:55 0F3C165B71F8140F50A1DB5DE3E6D695 2158592 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2016-04-13 18:59:54 EF953237B34D1468B81A6AB260A3C524 1317640 ----a-w- C:\WINDOWS\Sysnative\winload.efi 2016-04-13 18:59:54 C59CF7385D070450643D61C8ADEFFE3C 958976 ----a-w- C:\WINDOWS\Sysnative\RemoteNaturalLanguage.dll 2016-04-13 18:59:54 BFE2669F7B0EB1EBAF587490E9E591AA 630272 ----a-w- C:\WINDOWS\Sysnative\PhoneProviders.dll 2016-04-13 18:59:54 92291BFE95AD37CF486BD3E4B31F746B 1141504 ----a-w- C:\WINDOWS\Sysnative\winload.exe 2016-04-13 18:59:54 1BF000CFA56FD272B4ECAC167CDF6A8F 1211904 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Cred.dll 2016-04-13 18:59:53 492FB85E61768950CDD27C87AED6E8FA 587776 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll 2016-04-13 18:59:52 77981E6F98F4A8743D3AEB1A8AF4DE09 108544 ----a-w- C:\WINDOWS\Sysnative\InputLocaleManager.dll 2016-04-13 18:59:52 518A992A6700A86A47F79388F91737C0 1090048 ----a-w- C:\WINDOWS\Sysnative\RDXService.dll 2016-04-13 18:59:51 C1C169EFA8E5E30A0A521C0409CAC153 874968 ----a-w- C:\WINDOWS\Sysnative\winresume.exe 2016-04-13 18:59:51 B0236F0FB7402381A50F2EBF031C49CF 1030416 ----a-w- C:\WINDOWS\Sysnative\winresume.efi 2016-04-13 18:59:51 258BCD1FE978849EDB02D131FD1F7893 989536 ----a-w- C:\WINDOWS\Sysnative\SecConfig.efi 2016-04-13 18:59:51 0271B5C23A375E008C34024088D0F396 1575936 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Speech.dll 2016-04-13 18:59:50 6A0745D04DFB6E37A6D0FEE339A0B742 556032 ----a-w- C:\WINDOWS\Sysnative\PsmServiceExtHost.dll 2016-04-13 18:59:50 46E51F35566F8B73540D56EAA0A97E46 175616 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Core.TextInput.dll 2016-04-13 18:59:49 834D1648124F0F2729462BF79DB0C2CD 369912 ----a-w- C:\WINDOWS\Sysnative\audiodg.exe 2016-04-13 18:59:49 728146F5877FD08DE65B21817ABB19A8 765952 ----a-w- C:\WINDOWS\Sysnative\fveapi.dll 2016-04-13 18:59:49 62300878366762EABAC7834543964A6E 498688 ----a-w- C:\WINDOWS\Sysnative\tileobjserver.dll 2016-04-13 18:59:49 45D26646E3AD737E5DE3DB91CCCE7DBA 339968 ----a-w- C:\WINDOWS\Sysnative\SensorService.dll 2016-04-13 18:59:49 3F4C879B631C77878B42F89990518F72 460288 ----a-w- C:\WINDOWS\Sysnative\MapConfiguration.dll 2016-04-13 18:59:49 1AE232355968BBCA3787B5B35DCA0FD0 550912 ----a-w- C:\WINDOWS\Sysnative\StoreAgent.dll 2016-04-13 18:59:48 E5C3042B68D4EA89B3C52E150E553DA0 617984 ----a-w- C:\WINDOWS\Sysnative\StorSvc.dll 2016-04-13 18:59:48 C5DEEC4F7ED591D1E322899ADC4EE45F 207360 ----a-w- C:\WINDOWS\Sysnative\NetSetupSvc.dll 2016-04-13 18:59:48 85EE46E85C3E76809BC454A50564ECD6 418304 ----a-w- C:\WINDOWS\Sysnative\dmenrollengine.dll 2016-04-13 18:59:48 7ED9629564A44BF0ECAEDEDE7B1BC1FF 988160 ----a-w- C:\WINDOWS\Sysnative\NMAA.dll 2016-04-13 18:59:48 1F3D69B0AE210874DDC300C3EF1C9CCD 438784 ----a-w- C:\WINDOWS\Sysnative\AccountsRt.dll 2016-04-13 18:59:48 1E1631970DDFD63EDD4483D33E18EC89 300104 ----a-w- C:\WINDOWS\Sysnative\LockAppHost.exe 2016-04-13 18:59:47 281C61D772D6F267FEABDF71E38C621C 821760 ----a-w- C:\WINDOWS\Sysnative\TokenBroker.dll 2016-04-13 18:59:47 167176E3A8B095C2E807D27CBE6AB0D3 1902592 ----a-w- C:\WINDOWS\Sysnative\msxml3.dll 2016-04-13 18:59:46 D842C2B65E77C13273B626317A5BC5C4 555520 ----a-w- C:\WINDOWS\Sysnative\SyncController.dll 2016-04-13 18:59:46 B7C13F4BE0263F3A8303404A96F4246D 358752 ----a-w- C:\WINDOWS\Sysnative\msv1_0.dll 2016-04-13 18:59:46 8790833B243AB6DD22A1F86FFB26B689 1052160 ----a-w- C:\WINDOWS\Sysnative\MsSpellCheckingFacility.dll 2016-04-13 18:59:46 3C994D13A234D0E33D592CDF55F09B01 628736 ----a-w- C:\WINDOWS\Sysnative\MessagingDataModel2.dll 2016-04-13 18:59:45 C1FD242DB2679B7E8F9D54955131A603 1056256 ----a-w- C:\WINDOWS\Sysnative\JpMapControl.dll 2016-04-13 18:59:45 AB3F697651DDAE1C424C9B2412EFBB59 1239552 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Bluetooth.dll 2016-04-13 18:59:45 87F0EA669FB37C03207A8870C3B91174 1410560 ----a-w- C:\WINDOWS\Sysnative\Windows.Web.Http.dll 2016-04-13 18:59:45 82A4EFF3567A00EAAA5929C64C42F22D 269824 ----a-w- C:\WINDOWS\Sysnative\moshostcore.dll 2016-04-13 18:59:45 7ECAE31725C1DC35CC448FA8D0EA09D9 324608 ----a-w- C:\WINDOWS\Sysnative\RDXTaskFactory.dll 2016-04-13 18:59:45 335995302980B83CA6B1974A84AC6009 730344 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Shell.Broker.dll 2016-04-13 18:59:43 F374C27099807E99A156953F8416D34A 361472 ----a-w- C:\WINDOWS\Sysnative\bdesvc.dll 2016-04-13 18:59:43 DB2911201B4AAC79AF712C5551F0C41D 688640 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.Connectivity.dll 2016-04-13 18:59:43 8024D7BDD26E9C1280B8B6D605488179 848896 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll 2016-04-13 18:59:41 E15D10FA246ADC4DC59B93C13F417AA3 440320 ----a-w- C:\WINDOWS\Sysnative\CredProvDataModel.dll 2016-04-13 18:59:41 D3406F98BD98633780820C5EDBA9A5B4 166400 ----a-w- C:\WINDOWS\Sysnative\AboveLockAppHost.dll 2016-04-13 18:59:41 C8B840675B83DC8A257B075BFE5F9357 261376 ----a-w- C:\WINDOWS\Sysnative\LsaIso.exe 2016-04-13 18:59:41 B82C04128A96A05139F9F58ED07D0DB2 3351040 ----a-w- C:\WINDOWS\Sysnative\msi.dll 2016-04-13 18:59:41 B232CE503C6666873E7B9E4BA769C524 92160 ----a-w- C:\WINDOWS\Sysnative\policymanagerprecheck.dll 2016-04-13 18:59:41 AC71C0A77ED618382D5422C6AB1747E4 169472 ----a-w- C:\WINDOWS\Sysnative\mdmmigrator.dll 2016-04-13 18:59:41 AA5E227F977D03198227E09804394A24 127488 ----a-w- C:\WINDOWS\Sysnative\VEDataLayerHelpers.dll 2016-04-13 18:59:41 9A3E17CDB177913C2A111C80F3D0DBB4 686976 ----a-w- C:\WINDOWS\Sysnative\dnsapi.dll 2016-04-13 18:59:41 7E0078F1EFEB6F8F47CF85C1D73C7EBC 328192 ----a-w- C:\WINDOWS\Sysnative\profsvc.dll 2016-04-13 18:59:41 5CB565C1A0A30D76D7B099EEF9654297 256000 ----a-w- C:\WINDOWS\Sysnative\accountaccessor.dll 2016-04-13 18:59:41 542C143FA639E4F488005E889C8A9CFD 74752 ----a-w- C:\WINDOWS\Sysnative\MosStorage.dll 2016-04-13 18:59:41 51449675B00C62F970B497A2FBF1BC46 787456 ----a-w- C:\WINDOWS\Sysnative\Windows.Web.dll 2016-04-13 18:59:41 5066575F39AEECAA7A9E03C0FA007A90 881664 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Input.Inking.dll 2016-04-13 18:59:41 4C5D035670EB045123DCF87EE2FDB33B 162816 ----a-w- C:\WINDOWS\Sysnative\enrollmentapi.dll 2016-04-13 18:59:41 2F0FA6F60BC9A971BFBF31D1D2C8AF08 167936 ----a-w- C:\WINDOWS\Sysnative\dafBth.dll 2016-04-13 18:59:41 03416DA86664FF2141A5820868B0B9B1 88576 ----a-w- C:\WINDOWS\Sysnative\AppxSysprep.dll 2016-04-13 18:59:40 FDBDA93BA9CD3B78060705B41BFCF92D 288256 ----a-w- C:\WINDOWS\Sysnative\fveui.dll 2016-04-13 18:59:40 F432ACF44EABBE3EB98F613E1573DA6F 334736 ----a-w- C:\WINDOWS\Sysnative\policymanager.dll 2016-04-13 18:59:40 DF0321E30FD7D00BC8178FC58550B8C0 115040 ----a-w- C:\WINDOWS\Sysnative\NetSetupApi.dll 2016-04-13 18:59:40 CFF6A3799F83060D3FF538564E4264CA 374008 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsAdminFlows.exe 2016-04-13 18:59:40 B3B3BF36976D72C06C2D3524AC040643 81144 ----a-w- C:\WINDOWS\Sysnative\netapi32.dll 2016-04-13 18:59:40 AF13258A6E8FD57CE0B9C6BEDCDF80CB 144896 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Devices.dll 2016-04-13 18:59:40 A6969BAD3166EDA1C79988DD782A87CF 888320 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.dll 2016-04-13 18:59:40 9FDAC1F65E074C1CF12C3E80BD5195E4 176640 ----a-w- C:\WINDOWS\Sysnative\mdmregistration.dll 2016-04-13 18:59:40 2804ACDD73835F051CE71DA4DB25337D 110584 ----a-w- C:\WINDOWS\Sysnative\srvcli.dll 2016-04-13 18:59:40 24146738C422814EEB2A98FF1FC5C6E1 338432 ----a-w- C:\WINDOWS\Sysnative\ncbservice.dll 2016-04-13 18:59:40 21045DC8C67DA8600529FED2A6F90D6A 848896 ----a-w- C:\WINDOWS\Sysnative\samsrv.dll 2016-04-13 18:59:40 11C782F631D915895E56FC1CD8214E51 100232 ----a-w- C:\WINDOWS\Sysnative\omadmapi.dll 2016-04-13 18:59:39 E5E09ABD5171EB8622821059D8757F43 239616 ----a-w- C:\WINDOWS\Sysnative\credprovhost.dll 2016-04-13 18:59:39 E34A89A196F45473D61CCDAB193293D1 119808 ----a-w- C:\WINDOWS\Sysnative\BitLockerDeviceEncryption.exe 2016-04-13 18:59:39 DA4F2FBA02ADB65797953219ABEF0C44 58400 ----a-w- C:\WINDOWS\Sysnative\SensorsNativeApi.dll 2016-04-13 18:59:39 CFF415024C353DA284731CB72FE3F8FF 770640 ----a-w- C:\WINDOWS\Sysnative\iuilp.dll 2016-04-13 18:59:39 AEBD5FCFBFF0294A2D87048D4F5417CB 74424 ----a-w- C:\WINDOWS\Sysnative\easinvoker.exe 2016-04-13 18:59:39 998015F786B2B9EE029FB556393CF848 78040 ----a-w- C:\WINDOWS\Sysnative\wkscli.dll 2016-04-13 18:59:39 95A03F67830FDCB950E70261128D540D 957952 ----a-w- C:\WINDOWS\Sysnative\IKEEXT.DLL 2016-04-13 18:59:39 6758ABE6A73AE709A6C74F121C666CC1 841216 ----a-w- C:\WINDOWS\Sysnative\win32spl.dll 2016-04-13 18:59:39 5839A317C25F70979433E0905DFABB1B 284672 ----a-w- C:\WINDOWS\Sysnative\dnsrslvr.dll 2016-04-13 18:59:39 4BE54893EC2A3B26140DF44E7B6D4E99 230400 ----a-w- C:\WINDOWS\Sysnative\DAFWSD.dll 2016-04-13 18:59:39 3385A5D97C974EA03D6E17E97830F340 686592 ----a-w- C:\WINDOWS\Sysnative\ieproxy.dll 2016-04-13 18:59:39 12D83590FEF1C8C28DBF3323C61E831A 31232 ----a-w- C:\WINDOWS\Sysnative\wsdchngr.dll 2016-04-13 18:59:39 0C8955B4BB1E9D588B4B62D0BD2E5E78 411648 ----a-w- C:\WINDOWS\Sysnative\oleacc.dll 2016-04-13 18:59:38 F72F137EEFF89D0B5A2FB8867B4ACEED 402432 ----a-w- C:\WINDOWS\Sysnative\FWPUCLNT.DLL 2016-04-13 18:59:38 F5B8CC586CE9D6187F412B5DFE932468 33280 ----a-w- C:\WINDOWS\Sysnative\wuautoappupdate.dll 2016-04-13 18:59:38 F40C5151476B066A4061E67DFA641657 128512 ----a-w- C:\WINDOWS\Sysnative\dmcsps.dll 2016-04-13 18:59:38 B8293D5BCBCE179870AAB09CCF21B120 151040 ----a-w- C:\WINDOWS\Sysnative\VEStoreEventHandlers.dll 2016-04-13 18:59:38 A2902A998C3A8A049D26235A75DBE300 174592 ----a-w- C:\WINDOWS\Sysnative\easwrt.dll 2016-04-13 18:59:38 94612B9F7FC2B1A5C6D337C649B346F1 278528 ----a-w- C:\WINDOWS\Sysnative\NotificationObjFactory.dll 2016-04-13 18:59:38 81B78E1782DB1BA758FDA7B993C9FEB5 91136 ----a-w- C:\WINDOWS\Sysnative\browserbroker.dll 2016-04-13 18:59:38 722A68A4CC2BC8BC3C0B776B0711A3C9 285696 ----a-w- C:\WINDOWS\Sysnative\VEEventDispatcher.dll 2016-04-13 18:59:38 7119946D6A8D221C65514267D9F4D520 4774912 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2016-04-13 18:59:38 56C238ACFE4CB020D3E38508249039EA 87040 ----a-w- C:\WINDOWS\Sysnative\tzautoupdate.dll 2016-04-13 18:59:38 38C87ECB57CB973AA5DA633B91778670 676352 ----a-w- C:\WINDOWS\Sysnative\WSDApi.dll 2016-04-13 18:59:37 F0BBBF8807D5725102A9EB06AEB9C1C5 58368 ----a-w- C:\WINDOWS\Sysnative\browcli.dll 2016-04-13 18:59:37 E083BE4900FCBB6BC42943438DCF2CAD 176128 ----a-w- C:\WINDOWS\Sysnative\SystemSettings.DeviceEncryptionHandlers.dll 2016-04-13 18:59:37 D9A795240A84C9E3DA78BC1B9E239FCF 95744 ----a-w- C:\WINDOWS\Sysnative\samlib.dll 2016-04-13 18:59:37 D22A2DEC01300ECEB41D22AB60B1E4B3 66048 ----a-w- C:\WINDOWS\Sysnative\OnDemandConnRouteHelper.dll 2016-04-13 18:59:37 C10E0567A0C9541F839EC5B4758795DA 48128 ----a-w- C:\WINDOWS\Sysnative\wups.dll 2016-04-13 18:59:37 A617BE5E429A035A1CA8217C1B16F0BB 134656 ----a-w- C:\WINDOWS\Sysnative\browser.dll 2016-04-13 18:59:37 A15D9F32A84660FA62F9D27577B0F105 324608 ----a-w- C:\WINDOWS\Sysnative\fvecpl.dll 2016-04-13 18:59:37 9BC40C5A140B5F380042E391CC95993F 66560 ----a-w- C:\WINDOWS\Sysnative\moshost.dll 2016-04-13 18:59:37 91F08041D932816D0D9607F68578A87E 34816 ----a-w- C:\WINDOWS\Sysnative\dmenterprisediagnostics.dll 2016-04-13 18:59:37 8FFFDB163436D790369E39700B8A7DC1 27648 ----a-w- C:\WINDOWS\Sysnative\LicenseManagerShellext.exe 2016-04-13 18:59:37 82E25186617BA6C15010F0D47C705705 65536 ----a-w- C:\WINDOWS\Sysnative\basesrv.dll 2016-04-13 18:59:37 727E03710FB2320AC0C114A9BF40AB40 7979008 ----a-w- C:\WINDOWS\Sysnative\mos.dll 2016-04-13 18:59:37 712AE16ED8FC7F2363F7EA1D8F6D546A 821248 ----a-w- C:\WINDOWS\Sysnative\fvewiz.dll 2016-04-13 18:59:37 63939B50C5C103FA71A419BCEA5B1CF0 26112 ----a-w- C:\WINDOWS\Sysnative\TokenBrokerCookies.exe 2016-04-13 18:59:37 594FDF2DB7568C73C282B282845E30CF 36352 ----a-w- C:\WINDOWS\Sysnative\tbauth.dll 2016-04-13 18:59:37 5300F190147040AECDA4F8D669B7D673 28672 ----a-w- C:\WINDOWS\Sysnative\mapsupdatetask.dll 2016-04-13 18:59:37 3F4461644840A3C5572DDC726C36BDF7 92160 ----a-w- C:\WINDOWS\Sysnative\SensorsNativeApi.V2.dll 2016-04-13 18:59:37 37F5E2385CB4D10AB42186974B9C241A 794112 ----a-w- C:\WINDOWS\Sysnative\BFE.DLL 2016-04-13 18:59:37 0D9E0BDCCCE10F07A7B66A61B27C1F71 116224 ----a-w- C:\WINDOWS\Sysnative\FontProvider.dll 2016-04-13 18:59:37 091D5AE5E663A66EE73B539AF7C32EC5 69632 ----a-w- C:\WINDOWS\Sysnative\fveskybackup.dll 2016-04-13 18:59:36 F4F6D943E788447DAE29DA217B6743E6 147456 ----a-w- C:\WINDOWS\Sysnative\mtxoci.dll 2016-04-13 18:59:36 E95C204F9042223B355C4D04CE675D50 86528 ----a-w- C:\WINDOWS\Sysnative\AppCapture.dll 2016-04-13 18:59:36 E81A803BE3E7D49DE669FB8C30B18BA4 414720 ----a-w- C:\WINDOWS\Sysnative\bcastdvr.exe 2016-04-13 18:59:36 CA24B0764C9DFE243D15A8708580673B 107520 ----a-w- C:\WINDOWS\Sysnative\BdeHdCfgLib.dll 2016-04-13 18:59:36 C3BB5D3E3DD24AC0BFA9223F2877F136 76800 ----a-w- C:\WINDOWS\Sysnative\NetCfgNotifyObjectHost.exe 2016-04-13 18:59:36 AB416599057FFDC84E28BBB6DA69EADC 235008 ----a-w- C:\WINDOWS\Sysnative\MTF.dll 2016-04-13 18:59:36 A4CA6FE3F02C6299EED8B7296DC902D6 12800 ----a-w- C:\WINDOWS\Sysnative\oleacchooks.dll 2016-04-13 18:59:36 81D0BDE09DA9D13C4A5A47A8ADCE0993 120320 ----a-w- C:\WINDOWS\Sysnative\MapsBtSvc.dll 2016-04-13 18:59:36 6B5963BC0C0074448A502FD19209D1BB 89088 ----a-w- C:\WINDOWS\Sysnative\MapsCSP.dll 2016-04-13 18:59:36 5118193C56A2F8D07554395B78A6FDCC 223232 ----a-w- C:\WINDOWS\Sysnative\fveapibase.dll 2016-04-13 18:59:36 446882966C68D7EF2783E6B327421493 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2016-04-13 18:59:36 087FF4F0D29833949962F8EE60DA345E 199168 ----a-w- C:\WINDOWS\Sysnative\InstallAgent.exe ====== C:\WINDOWS\Sysnative\drivers ===== 2016-04-13 19:00:32 19BD8A88AAC580592668B070AC0727D9 2152280 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2016-04-13 19:00:02 3B866F8CB10719A5AF9E410B1B149714 605440 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-04-13 18:59:50 2A0EF9AF5FD3FCCC25E17C47198D6E25 954368 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2016-04-13 18:59:48 63C3F74DC398A1C1A77E39DFB9C312CA 1089888 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2016-04-13 18:59:43 083A727D784009F9CCFB120C7841B7AF 2403680 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2016-04-13 18:59:41 E582DA849A58524E645545FB68B6625D 1152864 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2016-04-13 18:59:41 9E9D58F5E1702955B2F4D62996F80E8E 378208 ----a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2016-04-13 18:59:41 28B8E1C6CBCF9FFE2FABFF3160C26ADF 258912 ----a-w- C:\WINDOWS\Sysnative\drivers\ufx01000.sys 2016-04-13 18:59:40 DA0807D87A62D076C29C4E30F1E84F46 26112 ----a-w- C:\WINDOWS\Sysnative\drivers\xinputhid.sys 2016-04-13 18:59:40 935823F79CBEDB91637B63D37E3A5A36 148480 ----a-w- C:\WINDOWS\Sysnative\drivers\dfsc.sys 2016-04-13 18:59:39 B24408471C1BCB17FC44F5B47EA8DEA3 277856 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2016-04-13 18:59:39 AA4CD20708B7E0412A5316D7E2875103 530432 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2016-04-13 18:59:39 8359F776CA899E761852F2293B724EAE 185184 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2016-04-13 18:59:39 2BC2E99623119521EEF7910A11D0FDE0 694784 ----a-w- C:\WINDOWS\Sysnative\drivers\WdiWiFi.sys 2016-04-13 18:59:37 249A563C48DFD9E42A37587653E003BB 83968 ----a-w- C:\WINDOWS\Sysnative\drivers\serial.sys 2016-04-13 18:59:37 0731E8F4D8D3B8D3FD98A46A8ABFE0A0 333824 ----a-w- C:\WINDOWS\Sysnative\drivers\portcls.sys 2016-04-13 18:59:36 B13CB5CCEE91ACA77C985B8E0D53A7D4 84992 ----a-w- C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-04-14 15:35:40 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2016-04-10 18:25:30 -------- d-----w- C:\PROGRA~2\COMMON~1\Macrovision Shared 2016-04-07 15:23:20 -------- d---a-w- C:\PROGRA~2\COMMON~1\DESIGNER ======= C: ===== ====== C:\Users\Thierry\AppData\Roaming ====== 2016-04-14 18:49:36 -------- d-----w- C:\Users\Thierry\AppData\Local\ActiveSync 2016-04-14 18:40:40 -------- d-----w- C:\Users\Thierry\AppData\Local\Temp 2016-04-14 18:20:39 -------- d-----w- C:\Users\Thierry\AppData\Local\Deployment 2016-04-14 18:20:39 -------- d-----w- C:\Users\Thierry\AppData\Local\Apps 2016-04-12 17:56:06 CEB1D6E52A3E0018016A6B3B3A83283A 419688 ----a-w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat ====== C:\Users\Thierry ====== 2016-04-10 19:06:29 -------- d-----w- C:\ProgramData\FLEXnet ====== C: exe-files == 2016-04-14 15:35:40 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Thierry.exe 2016-04-13 19:00:34 FD639F1372389D7C5990663D6A100CFE 541304 ----a-w- C:\Windows\SysWOW64\fontdrvhost.exe 2016-04-13 19:00:32 60C04811AC0BB0BFC5E00D293B8F4464 630632 ----a-w- C:\Windows\System32\fontdrvhost.exe 2016-04-13 19:00:31 A2B2198B126C8BB489585994A453B064 7474016 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-04-13 19:00:16 34FEF4E83D0C5A86E10BE8E2AE1A9593 7344496 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 2016-04-13 19:00:11 A5B4D0B41EAA275EB1A06F78E5ABD14A 9371992 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 2016-04-13 18:59:54 92291BFE95AD37CF486BD3E4B31F746B 1141504 ----a-w- C:\Windows\System32\winload.exe 2016-04-13 18:59:54 92291BFE95AD37CF486BD3E4B31F746B 1141504 ----a-w- C:\Windows\System32\Boot\winload.exe 2016-04-13 18:59:51 C1C169EFA8E5E30A0A521C0409CAC153 874968 ----a-w- C:\Windows\System32\winresume.exe 2016-04-13 18:59:51 C1C169EFA8E5E30A0A521C0409CAC153 874968 ----a-w- C:\Windows\System32\Boot\winresume.exe 2016-04-13 18:59:49 834D1648124F0F2729462BF79DB0C2CD 369912 ----a-w- C:\Windows\System32\audiodg.exe 2016-04-13 18:59:48 D7523E13533827B34ED7781036C5C528 797024 ----a-w- C:\Windows\Boot\PCAT\memtest.exe 2016-04-13 18:59:48 B9FC60861ACCAD828AF94CE0FDBCF206 578048 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe 2016-04-13 18:59:48 1E1631970DDFD63EDD4483D33E18EC89 300104 ----a-w- C:\Windows\System32\LockAppHost.exe 2016-04-13 18:59:46 88E6A274B44C66EDBD26F2BA9E0ACE8F 253088 ----a-w- C:\Windows\SysWOW64\LockAppHost.exe 2016-04-13 18:59:41 C8B840675B83DC8A257B075BFE5F9357 261376 ----a-w- C:\Windows\System32\LsaIso.exe 2016-04-13 18:59:40 CFF6A3799F83060D3FF538564E4264CA 374008 ----a-w- C:\Windows\System32\SystemSettingsAdminFlows.exe 2016-04-13 18:59:39 E34A89A196F45473D61CCDAB193293D1 119808 ----a-w- C:\Windows\System32\BitLockerDeviceEncryption.exe 2016-04-13 18:59:39 DC9F4F8710C24F1CA8BBE401928F35E4 2095968 ----a-w- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe 2016-04-13 18:59:39 AEBD5FCFBFF0294A2D87048D4F5417CB 74424 ----a-w- C:\Windows\System32\easinvoker.exe 2016-04-13 18:59:39 0BF7DC1EE93410D13683C3DCF627878C 219136 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe 2016-04-13 18:59:37 EAF904785CA7849C66F6DC2EF0A0E0E7 22528 ----a-w- C:\Windows\SysWOW64\TokenBrokerCookies.exe 2016-04-13 18:59:37 8FFFDB163436D790369E39700B8A7DC1 27648 ----a-w- C:\Windows\System32\LicenseManagerShellext.exe 2016-04-13 18:59:37 63939B50C5C103FA71A419BCEA5B1CF0 26112 ----a-w- C:\Windows\System32\TokenBrokerCookies.exe 2016-04-13 18:59:36 E81A803BE3E7D49DE669FB8C30B18BA4 414720 ----a-w- C:\Windows\System32\bcastdvr.exe 2016-04-13 18:59:36 C3BB5D3E3DD24AC0BFA9223F2877F136 76800 ----a-w- C:\Windows\System32\NetCfgNotifyObjectHost.exe 2016-04-13 18:59:36 BC5D8155DBA7DC0E4F92430701C19901 161280 ----a-w- C:\Windows\SysWOW64\InstallAgent.exe 2016-04-13 18:59:36 2F808173122FCDBAD1138FAE1A9FC2E4 104448 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe 2016-04-13 18:59:36 087FF4F0D29833949962F8EE60DA345E 199168 ----a-w- C:\Windows\System32\InstallAgent.exe 2016-04-10 18:25:30 227846995AFEEFA70D328BF5334A86A5 654848 ----a-w- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 2016-04-10 17:11:59 D301CF92D4B6A1DBC78E62FF91E35327 486108144 ----a-w- C:\Users\Thierry\Documents\Vuze Downloads\Adobe CS3 Photoshop Extended and Illustrator - All Cracked\Adobe Trial Install Packs\ADBEPHSPCS3_WWE.exe 2016-04-10 17:11:59 8BBFFD6536EF589FC2D2820F6E377ABD 44814336 ----a-w- C:\Users\Thierry\Documents\Vuze Downloads\Adobe CS3 Photoshop Extended and Illustrator - All Cracked\Cracked EXE\Photoshop.exe 2016-04-10 17:11:59 54F5BC3DDBF88C28676AE5F64ECD54F3 20180648 ----a-w- C:\Users\Thierry\Documents\Vuze Downloads\Adobe CS3 Photoshop Extended and Illustrator - All Cracked\Cracked EXE\Illustrator.exe 2016-04-10 17:11:59 28F412ED0547128E1EBE2EF29EB922AD 795278976 ----a-w- C:\Users\Thierry\Documents\Vuze Downloads\Adobe CS3 Photoshop Extended and Illustrator - All Cracked\Adobe Trial Install Packs\ADBEILSTCS3_WWE.exe 2016-04-10 16:49:44 34535223F84E310A1BA43B6D02D69A00 2793581 ----a-w- C:\Windows\chromebrowser.exe === C: other files == 2016-04-15 15:20:44 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-r- C:\Users\Thierry\AppData\Local\Temp\_MEI71002\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2016-04-15 15:20:44 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-r- C:\Users\Thierry\AppData\Local\Temp\_MEI71002\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2016-04-13 19:00:32 19BD8A88AAC580592668B070AC0727D9 2152280 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2016-04-13 19:00:30 5417FA7098B9A1F5A6EECB198A7B4BFC 3592704 ----a-w- C:\Windows\System32\win32kfull.sys 2016-04-13 19:00:02 3B866F8CB10719A5AF9E410B1B149714 605440 ----a-w- C:\Windows\System32\drivers\cng.sys 2016-04-13 18:59:59 2F844EBBB6BAA883BDDC472C44B738AE 1388544 ----a-w- C:\Windows\System32\win32kbase.sys 2016-04-13 18:59:50 2A0EF9AF5FD3FCCC25E17C47198D6E25 954368 ----a-w- C:\Windows\System32\drivers\bthport.sys 2016-04-13 18:59:48 63C3F74DC398A1C1A77E39DFB9C312CA 1089888 ----a-w- C:\Windows\System32\drivers\http.sys 2016-04-13 18:59:43 083A727D784009F9CCFB120C7841B7AF 2403680 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2016-04-13 18:59:41 E582DA849A58524E645545FB68B6625D 1152864 ----a-w- C:\Windows\System32\drivers\ndis.sys 2016-04-13 18:59:41 9E9D58F5E1702955B2F4D62996F80E8E 378208 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS 2016-04-13 18:59:41 28B8E1C6CBCF9FFE2FABFF3160C26ADF 258912 ----a-w- C:\Windows\System32\drivers\ufx01000.sys 2016-04-13 18:59:40 DA0807D87A62D076C29C4E30F1E84F46 26112 ----a-w- C:\Windows\System32\drivers\xinputhid.sys 2016-04-13 18:59:40 935823F79CBEDB91637B63D37E3A5A36 148480 ----a-w- C:\Windows\System32\drivers\dfsc.sys 2016-04-13 18:59:39 B24408471C1BCB17FC44F5B47EA8DEA3 277856 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2016-04-13 18:59:39 AA4CD20708B7E0412A5316D7E2875103 530432 ----a-w- C:\Windows\System32\drivers\nwifi.sys 2016-04-13 18:59:39 8359F776CA899E761852F2293B724EAE 185184 ----a-w- C:\Windows\System32\drivers\dumpsd.sys 2016-04-13 18:59:39 2BC2E99623119521EEF7910A11D0FDE0 694784 ----a-w- C:\Windows\System32\drivers\WdiWiFi.sys 2016-04-13 18:59:37 249A563C48DFD9E42A37587653E003BB 83968 ----a-w- C:\Windows\System32\drivers\serial.sys 2016-04-13 18:59:37 0731E8F4D8D3B8D3FD98A46A8ABFE0A0 333824 ----a-w- C:\Windows\System32\drivers\portcls.sys 2016-04-13 18:59:36 B13CB5CCEE91ACA77C985B8E0D53A7D4 84992 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-1049643930-549260389-1984244956-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "AirDroid 3"="C:\Program Files (x86)\AirDroid\AirDroid.exe /start" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" [HKEY_USERS\S-1-5-21-1049643930-549260389-1984244956-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" "Uninstall C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" "Uninstall C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Avira SystrayStartTrigger"="C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" "avgnt"="C:\Program Files (x86)\Avira\Antivirus\avgnt.exe /min" "IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "AirDroid 3"="C:\Program Files (x86)\AirDroid\AirDroid.exe /start" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" "Uninstall C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" "Uninstall C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/12/2015 22:39] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/12/2015 22:39] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{274C796D-747B-4FC6-B185-93EC930A948D}" [C:\WINDOWS\system32\msfeedssync.exe] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions flliilndjeohchalpbbcdekjklbdgfkk - No path found[] khjilmcjipkeokomeekfnhkpbnhmgaje - No path found[] ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE O4 - HKCU\..\Run: [OneDrive] "C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [AirDroid 3] C:\Program Files (x86)\AirDroid\AirDroid.exe /start O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Thierry\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O10 - Broken Internet access because of LSP provider 'c:\program files (x86)\bonjour\mdnsnsp.dll' missing O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files (x86)\Bonjour\mDNSResponder.exe (file missing) O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @oem29.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty Chrome Cache ====================== No Chrome User Data found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=921 folders=393 1082320041 bytes) ==== EOF on vr 15/04/2016 at 17:35:22,62 ======================