Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by van la Parra on ma 18-04-2016 at 18:24:52,28.
Microsoft Windows 10 Pro 10.0.10586  x64
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\van la Parra\Downloads\zoek(2).exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2016-04-18-161756.log	111 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

64 Bit HP CIO Components Installer  
7-Zip 15.14 (x64 edition)  
Adblock Plus voor IE (32-bit en 64-bit)  
Adobe Acrobat Reader DC - Nederlands  
Adobe AIR  
Adobe Flash Player 21 NPAPI  
Adobe Refresh Manager  
Adobe Shockwave Player 12.2  
AIO_CDA_ProductContext  
AIO_CDA_Software  
AIO_Scan  
Avira Launcher  
BufferChm  
C4100  
c4100_Help  
CCleaner  
Comodo Dragon  
Compatibiliteitspakket voor het 2007 Microsoft Office system  
Copy  
Destinations  
DeviceDiscovery  
DocProc  
Fax  
G Data LNK-Checker  
G DATA TOTAL PROTECTION  
GoodSync  
Google Earth  
Google Photos Backup  
Google Update Helper  
GPBaseService2  
HP Customer Experience Enhancements  
HP Customer Participation Program 14.0  
HP Imaging Device Functions 14.0  
HP Photo Creations  
HP Photosmart All-In-One Driver Software  
HP Solution Center 14.0  
HP Support Assistant  
HP Support Solutions Framework  
HP Update  
HPDiagnosticAlert  
HPPhotoGadget  
HPProductAssistant  
HPSSupply  
Intel(R) Graphics Media Accelerator Driver  
Internet Explorer (Enable DEP)  
Java 8 Update 77  
Java 8 Update 77 (64-bit)  
Java Auto Updater  
Malwarebytes Anti-Malware versie 2.2.1.1043  
MarketResearch  
Microsoft .NET Framework 4.5.2  
Microsoft .NET Framework 4.5.2 (NLD)  
Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64)  
Microsoft Office File Validation Add-In  
Microsoft Office Professional Editie 2003  
Microsoft Silverlight  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319  
Mozilla Firefox 45.0.2 (x86 nl)  
MSXML 4.0 SP2 (KB954430)  
MSXML 4.0 SP2 (KB973688)  
NAVIGON Fresh 3.5.1  
Network64  
OCR Software by I.R.I.S. 14.0  
Picasa 3  
Pidgin  
Popcorn Time  
Rapport  
Realtek High Definition Audio Driver  
Samsung Kies  
Samsung Kies3  
Samsung USB Driver for Mobile Phones  
Shop for HP Supplies  
SkypeT 7.22  
Smart Switch  
SolutionCenter  
Status  
swMSM  
Toolbox  
TrayApp  
Trusteer Eindpuntbeveiliging  
Unchecky v0.4.3  
VLC media player  
WebReg  
Yahoo Messenger  

==== Running Processes ======================

C:\Users\van la Parra\Downloads\zoek(2).exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe

==== Deleting Services ======================


==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 3319 MB
CPU Info: Intel(R) Pentium(R) Dual  CPU  E2160  @ 1.80GHz
CPU Speed: 1841,7 MHz
Sound Card: Not detected
Display Adapters: Microsoft Basic Display Driver
Monitors: 1x; 
Screen Resolution: 1024 X 768 - 32 bit
Network: Network Present
Network Adapters: Intel(R) PRO/100 VE Network Connection
CD / DVD Drives: 1x (E: | ) E: TSSTcorpCD/DVDW TS-H653L
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C:  260,1GB | D:  205,1GB
Hard Disks - Free: C:  160,0GB | D:  201,1GB
Manufacturer *: Phoenix Technologies, LTD
BIOS Info: AT/AT COMPATIBLE | 05/25/07 | HPQOEM - 42302e31
Time Zone: West-Europa (standaardtijd)
Motherboard *: MSI 0A90
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Default Browser: Firefox	45.0.2
Internet Explorer Version: 11.212.10586.0 
Mozilla Firefox version: 45.0.2 (x86 nl)
Adobe Reader version: 15.10.20056.167417
Sun Java version: 1.8.0_77 (32-bit) 
Sun Java version: 1.8.0_77 (64-bit) 
Flash Player version: 21.0.0.213
Shockwave Player version: 12.2.4r194

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\VANLAP~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2016-04-16 05:25:05	B95C3BE37AE9B3AFB1CBB788C46AA798	110144	----a-w-	C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-04-16 05:25:04	446734E63D58CB28A6FA5ACC828F22B3	97856	----a-w-	C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-13 13:27:22	A82F594EE2471B4F304DA1DF068552EE	758	----a-w-	C:\WINDOWS\SysWOW64\license.rtf
2016-04-13 13:20:39	463DA1563BB9C1849527967BA80C1810	287712	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-04-13 13:20:38	EC21FC40C74206DAB19F1A8F9132EFAB	890368	----a-w-	C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-04-13 13:20:38	E3C2853C8F2EED113646F07D62D08C9E	503296	----a-w-	C:\WINDOWS\SysWOW64\SettingSync.dll
2016-04-13 13:20:38	C8F351BE29CEA63BC5EE5A175576B7F3	1105920	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-04-13 13:20:38	C86784A6F08E733BE19D62C82182FA7D	266752	----a-w-	C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-04-13 13:20:38	C117F577BB0CC6545EA181FBB3FACE99	980352	----a-w-	C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-04-13 13:20:38	B65549A1CDB2C827AD022A3F35994FCF	2180136	----a-w-	C:\WINDOWS\SysWOW64\mfcore.dll
2016-04-13 13:20:38	B073C14F8B76DF8652415488C22F10A1	670928	----a-w-	C:\WINDOWS\SysWOW64\mfds.dll
2016-04-13 13:20:38	AF209F751EB761084CEFE2CF10E1CE8D	895080	----a-w-	C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-04-13 13:20:38	A7583A49B0F4A91E5B2E154C3582DF82	420928	----a-w-	C:\WINDOWS\SysWOW64\msvproc.dll
2016-04-13 13:20:38	A34EDEA5F401143A0190642EABA28518	709688	----a-w-	C:\WINDOWS\SysWOW64\mfsvr.dll
2016-04-13 13:20:38	A19A2DDCC69FF16B5FB68AD4F02B564A	480256	----a-w-	C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-04-13 13:20:38	964DE3052B6A869EFBC86930DD51E8BD	379392	----a-w-	C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-04-13 13:20:38	92B98A16E41005D74CF7B2EF28AB1FCF	26112	----a-w-	C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-13 13:20:38	8C2E49ACD2A820A3FA7C598B811F3803	450912	----a-w-	C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-04-13 13:20:38	888D41F5EFD6995491326C0DEEA2124A	713824	----a-w-	C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-04-13 13:20:38	5D676C1C350EA4976B888804444932CE	2061312	----a-w-	C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-04-13 13:20:38	49CF99392314B7CAD65DE8A05ABFE30D	882720	----a-w-	C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-13 13:20:38	287FAD133D3E5F47DB367B86DC523631	2798080	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-13 13:20:38	05B15BD9C92BE52F35A2295B22C5D892	168448	----a-w-	C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-04-13 13:20:37	8D9CB9BB31AC17112D75456E928C3839	103936	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-13 13:20:36	550ECFF3C3808065169BFEA6C2B7837C	400896	----a-w-	C:\WINDOWS\SysWOW64\winspool.drv
2016-04-13 13:20:36	162CB5DE3BAB5A029E658180A2E0673A	2919320	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-13 13:20:24	F29EDA4FE119EBF4881C9BA9AE7B27E7	84832	----a-w-	C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-13 13:20:24	B315EB17077EF082A79922D4EA47DBF4	163328	----a-w-	C:\WINDOWS\SysWOW64\fwbase.dll
2016-04-13 13:20:24	9DEB4C56FAAB147839BF68B6C28A38FC	164864	----a-w-	C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-04-13 13:20:24	9A9CDAB4049BDB383C5CA8746F44E4CB	269824	----a-w-	C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 13:20:24	7734BD0E9C8ED7DC48F559A67D0A79F4	20480	----a-w-	C:\WINDOWS\SysWOW64\wfapigp.dll
2016-04-13 13:20:24	52A1E3042711C59E316936C9EDE560F8	502104	----a-w-	C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-13 13:20:24	160CC95D34D62B6A72F9E4E3EE52EBCC	369664	----a-w-	C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-04-13 13:20:20	AD1B282BDE4A19D7CE2D405409DBB8D0	1497088	----a-w-	C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-04-13 13:20:20	780795062541AF34415CCCE4072FBBB8	12586496	----a-w-	C:\WINDOWS\SysWOW64\wmp.dll
2016-04-13 13:20:18	529ADF562993ACA4B8AB43847F42F9B0	18673664	----a-w-	C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-13 13:20:18	22269B90E92BECDEB3D67EBE1DDB378E	3666432	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
2016-04-13 13:20:17	F172B5FDEACA0C57A4892208F617AB91	12125184	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 13:20:17	F0D9C0E953ACE5E5B8D3DD799B089B00	306176	----a-w-	C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-13 13:20:17	0822CB125008CFCA3DFB52C9DF118273	5662208	----a-w-	C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-13 13:20:16	17998B6098C06B8FAA32890D6E1F7A58	19340800	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 13:20:15	E83DA16178E4E97B572900803183419D	1542816	----a-w-	C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-13 13:20:14	2D0C2AB110A51895D9D1E875201013DE	1557768	----a-w-	C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-13 13:20:13	F40196C743D54C56C7C2CCDD6FDE262E	572272	----a-w-	C:\WINDOWS\SysWOW64\taskschd.dll
2016-04-13 13:20:13	F297B1F54D3FF42732C89C738AEC041F	141824	----a-w-	C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-13 13:20:13	E9B121C13C171C28E8AF4871B52AABA0	450560	----a-w-	C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-13 13:20:13	CA57FE09C1255009C9AC1462B7D7264D	957608	----a-w-	C:\WINDOWS\SysWOW64\ole32.dll
2016-04-13 13:20:13	C31BB8559C52E389B82A4B533C2FB39A	764928	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-13 13:20:13	BED401741C226F05FCD2C2678F9E9F14	350720	----a-w-	C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-13 13:20:13	B9378EA1892974391D15D54E57056130	151040	----a-w-	C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-13 13:20:13	B4643C990D071EE99D9713336052F97B	193024	----a-w-	C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-13 13:20:13	B1D8636E375413D57B50BDE20CA5E710	358400	----a-w-	C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-13 13:20:13	9DB69A637142A6C72DF22706CF2F6F7B	31744	----a-w-	C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-04-13 13:20:13	97E96ABEBCB6CF556406781C47C5282A	78848	----a-w-	C:\WINDOWS\SysWOW64\asycfilt.dll
2016-04-13 13:20:13	96BFB1E4B3F38D999E418D286BE45BFB	118272	----a-w-	C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 13:20:13	8CE4D365EF60DA0A098757371DD43752	88576	----a-w-	C:\WINDOWS\SysWOW64\olepro32.dll
2016-04-13 13:20:13	88E6A274B44C66EDBD26F2BA9E0ACE8F	253088	----a-w-	C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-13 13:20:13	7D276C5DF303462091092C3311027D30	129024	----a-w-	C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-13 13:20:13	65930B7D5917CB0D76CAA51A46F3850B	9918976	----a-w-	C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 13:20:13	64229C17CFE9262689EAE3E852D3975F	296488	----a-w-	C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-13 13:20:13	5A98CF000F5202776E4A58438AB2E070	4412928	----a-w-	C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-13 13:20:13	594D1C58958A1F980336964B643784F3	3671040	----a-w-	C:\WINDOWS\SysWOW64\msi.dll
2016-04-13 13:20:13	4591BC3EC5FD8336642F8B94EABD4D4F	187744	----a-w-	C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-13 13:20:13	2C313D0D6CAF3467664058F15742CC98	354304	----a-w-	C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-13 13:20:13	2BECAD7E55AB723F361254477270ED2F	1707520	----a-w-	C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-04-13 13:20:13	197948552BE23DACBEF10ECC8168FD11	29696	----a-w-	C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-04-13 13:20:13	100E983F59F3BF3A3F8BFA327CF9B438	157184	----a-w-	C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-04-13 13:20:13	0C60922D59461C8D1B0A2AA3CF493438	21124344	----a-w-	C:\WINDOWS\SysWOW64\shell32.dll
2016-04-13 13:20:13	0BF6FDE72035DDC32FAF24344853B80B	777728	----a-w-	C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-13 13:20:04	FEB304F6F577D923E390F5D6BE7DF870	800768	----a-w-	C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-13 13:20:04	EB5DBA11B7C79B28A759AF12F03A17BB	769536	----a-w-	C:\WINDOWS\SysWOW64\ContactApis.dll
2016-04-13 13:20:04	E46FCEC3EAC209AFCDB2825386E51423	415232	----a-w-	C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-13 13:20:04	E34395496B11CF5C8C5B6D2E438BFA43	18944	----a-w-	C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-04-13 13:20:04	DDD613E502D30A6E2E407F3280521311	87040	----a-w-	C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-13 13:20:04	C5F501F481234D821457CA3A270BFCE7	83968	----a-w-	C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-13 13:20:04	BC5D8155DBA7DC0E4F92430701C19901	161280	----a-w-	C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-13 13:20:04	B71A99EC3D8818A6662A6A9D26FE5807	346624	----a-w-	C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-13 13:20:04	AD1EC1102124182624F1224768FFAE96	564224	----a-w-	C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-13 13:20:04	979CCB709243FE7B0E75E9CDCCF8C9A8	784896	----a-w-	C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-13 13:20:04	93B7ED5F44D9C3FB0A74C059E1B9E68B	89088	----a-w-	C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-04-13 13:20:04	897906025BD3616BF9C30A3979A73DEE	712704	----a-w-	C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-13 13:20:04	806D3A66BBC91F7F2B4FCC337C13EFAE	239104	----a-w-	C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-13 13:20:04	7D51637A2E604113F1A4E96FF3F2727C	51128	----a-w-	C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-13 13:20:04	75B5C1588D3703F44004D3EB2BD358AD	129024	----a-w-	C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-04-13 13:20:04	6C2B2CA75F486449921ED10A39DB9799	69744	----a-w-	C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-13 13:20:04	6920DEFBFA38033B2438ED9760231C12	219648	----a-w-	C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-13 13:20:04	620737C11CD32E03299E0B60BC896230	552960	----a-w-	C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-04-13 13:20:04	5A212173FC0622865F409B16ED77C9DF	98304	----a-w-	C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-04-13 13:20:04	56315A6A6598E701BB0A5F506DA6143E	200704	----a-w-	C:\WINDOWS\SysWOW64\cemapi.dll
2016-04-13 13:20:04	4B9DE8EAA2E16C34E018749F325BAEFF	949248	----a-w-	C:\WINDOWS\SysWOW64\Unistore.dll
2016-04-13 13:20:04	43AE8C9F7D031AB3DBEADA4C17D8C682	150528	----a-w-	C:\WINDOWS\SysWOW64\VCardParser.dll
2016-04-13 13:20:04	3B1F2F6F89F3F4ED75C5FADDB2E7CFE1	56320	----a-w-	C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-04-13 13:20:04	39E7BAB659A6AB4419A908E578BE7029	56320	----a-w-	C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-13 13:20:04	395F9E50709FAE503C339047207E46CF	540160	----a-w-	C:\WINDOWS\SysWOW64\ChatApis.dll
2016-04-13 13:20:04	395AC69CCD9E2D590775AA6ADD2AE1D2	649728	----a-w-	C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 13:20:04	392434472351B2DA0499AEC962E988CE	37888	----a-w-	C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-04-13 13:20:04	3547D79A60007624BFEBAFCAE158E992	169984	----a-w-	C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-04-13 13:20:04	31657EDEEA6039E71C708BDA61AB62D5	37888	----a-w-	C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-13 13:20:04	2C84609F09FD003FA955567D395EEA8A	575488	----a-w-	C:\WINDOWS\SysWOW64\EmailApis.dll
2016-04-13 13:20:04	2BDB397DC5EC7D3186358F7F2388A009	59904	----a-w-	C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-13 13:20:04	2823A28AB08EE9DCE85436C700799D66	80384	----a-w-	C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-13 13:20:04	265DB46FE368D8F701A74976D3823ADC	986976	----a-w-	C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-13 13:20:04	259517866C369BCC5990292BCB57E709	223744	----a-w-	C:\WINDOWS\SysWOW64\ExSMime.dll
2016-04-13 13:20:04	242708810A22D373904539EDF39FFAD1	196608	----a-w-	C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-04-13 13:20:04	1AEBF2230422716D8CE1BEBCBAE961D3	48128	----a-w-	C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-13 13:20:04	15C9692077BA7E20D64E34AE6210B438	5202944	----a-w-	C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-13 13:20:04	144B4EDF56E0D48C501F4AAEE5E032B0	6297088	----a-w-	C:\WINDOWS\SysWOW64\mos.dll
2016-04-13 13:20:04	127D1DD4E7385AB56A32D72CF948DB9B	711680	----a-w-	C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-13 13:19:59	70128BC69D515F2D38577D2438861424	133632	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 13:19:59	6D062C6E2C47B3DCDE8F4C3FDB634DEE	83456	----a-w-	C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-13 13:19:59	408AF8141C4A44BC120F4204F8F79A75	1944576	----a-w-	C:\WINDOWS\SysWOW64\InputService.dll
2016-04-13 13:19:58	EAF904785CA7849C66F6DC2EF0A0E0E7	22528	----a-w-	C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-13 13:19:58	E793B893135F3B6942B6230D45E27610	61440	----a-w-	C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 13:19:58	E43400F37F8F0FA9281FEB64E3D7F72B	754176	----a-w-	C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-04-13 13:19:58	D57F7D9FB771CA0B434E975F76413430	1072128	----a-w-	C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-13 13:19:58	D28C3C4AAB51D00FD6EFA07F6DCC1CBA	1862008	----a-w-	C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-13 13:19:58	CA2EA5401563387162E61444AE15AF59	53248	----a-w-	C:\WINDOWS\SysWOW64\profext.dll
2016-04-13 13:19:58	C9B1E5A2FE0C7BF75B8B751311331EB4	2604032	----a-w-	C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-04-13 13:19:58	C97B5BEADC79FFC5DAF1C9011CAE796B	5242496	----a-w-	C:\WINDOWS\SysWOW64\windows.storage.dll
2016-04-13 13:19:58	C31E805C9AD3DBEA0A75337312967E77	792064	----a-w-	C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-13 13:19:58	C122D52ED9662F09EC2650B010544468	73872	----a-w-	C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-13 13:19:58	C012CE3AB0120D01C75EDBB869AC463E	523752	----a-w-	C:\WINDOWS\SysWOW64\dxgi.dll
2016-04-13 13:19:58	BF769A5BEA8E50F12264746D30D57C6F	52736	----a-w-	C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-13 13:19:58	B65D241B81A010B6A78CCEEA900CCFC0	56320	----a-w-	C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-13 13:19:58	AC42505CBCEE5825BB2695C34E43B1D0	184832	----a-w-	C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-04-13 13:19:58	7C7CC816CEEB07022EBCC6B779B16E1D	521728	----a-w-	C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-13 13:19:58	7C557ABB26C2B2D930AA005FF6A8C025	592384	----a-w-	C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-13 13:19:58	6DFDAD2B0EA3385069276DF547F4CAC8	2186864	----a-w-	C:\WINDOWS\SysWOW64\d3d11.dll
2016-04-13 13:19:58	6DA0B412C0DD9DDB5382527488A5AD2E	237056	----a-w-	C:\WINDOWS\SysWOW64\thumbcache.dll
2016-04-13 13:19:58	6A7ACABAE92C837F5C1330188EAE36AE	535080	----a-w-	C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-13 13:19:58	65D0043F608A12AF75ED37A65AFB906B	342528	----a-w-	C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-04-13 13:19:58	5E52C817BCF919CF11CD523A2EC4A456	638464	----a-w-	C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-13 13:19:58	402A33FCE08200518FB0012A6BF2E966	2722816	----a-w-	C:\WINDOWS\SysWOW64\esent.dll
2016-04-13 13:19:58	3EB91A44E6BCD05CA257E113FCA1DA0C	43520	----a-w-	C:\WINDOWS\SysWOW64\browcli.dll
2016-04-13 13:19:58	3ABE2040F4F9BDDD008EC5D4713D5ABE	294752	----a-w-	C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-13 13:19:58	3249EA75874EE3DD3FCBA141656DF210	713728	----a-w-	C:\WINDOWS\SysWOW64\netlogon.dll
2016-04-13 13:19:58	2E947792E9B1C738E33FD5794B1650F9	30208	----a-w-	C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-13 13:19:58	1F19665881A6167CC9E31A42C1F98AC3	638464	----a-w-	C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-13 13:19:58	15E75D27F0C67A7A21D5A514601F0E5A	135168	----a-w-	C:\WINDOWS\SysWOW64\AppxSip.dll
2016-04-13 13:19:58	05B81C404A34101E1DC17C0D9A67EA32	5321728	----a-w-	C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-04-13 13:19:58	053E2D136DB8A4743E4C40D5D979834B	200704	----a-w-	C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-04-13 13:19:57	FD639F1372389D7C5990663D6A100CFE	541304	----a-w-	C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-13 13:19:57	FC90756CB632C0E4AC0D6A60AF2DF9AD	585216	----a-w-	C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-04-13 13:19:57	EBD26D676238C0B3938AFF925043576F	394752	----a-w-	C:\WINDOWS\SysWOW64\werui.dll
2016-04-13 13:19:57	E07F85C08C025B08F25150E60CB69B44	37376	----a-w-	C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-13 13:19:57	DBC451C2509141BFA9F851004A5DF99B	2193408	----a-w-	C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-13 13:19:57	D5BF10F0C309C82820813A7190CE1F5F	65536	----a-w-	C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-13 13:19:57	D1600085065675F98F41A01DCD03AA6E	854528	----a-w-	C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 13:19:57	CC68ABFB0AA40F62E7BD740101A0C92B	1117184	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-13 13:19:57	CC2F923F02D8EB36D0C442CE709B6CD9	1139712	----a-w-	C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-13 13:19:57	CA3C908B5C24293F1F1FB89301D63F16	1588224	----a-w-	C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 13:19:57	C9D7861D1C984E1997A3778A97DD1AF9	162816	----a-w-	C:\WINDOWS\SysWOW64\MTF.dll
2016-04-13 13:19:57	C57E960CD2C7F64AE0295DF0423FE071	1444352	----a-w-	C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-13 13:19:57	C23A52581FEA6CD49A49160BFA794BF7	6952088	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-04-13 13:19:57	B8AC85F66A12455FB3F2FDB916B1C679	498176	----a-w-	C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-13 13:19:57	B74C5FA6221607F864C62090F74FDB80	799744	----a-w-	C:\WINDOWS\SysWOW64\SRH.dll
2016-04-13 13:19:57	B4102814D9B1D1FC6C39869D7F224E12	303104	----a-w-	C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-13 13:19:57	B014F98BEE810D5BF9F8C1C75F0EAD92	489984	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-04-13 13:19:57	ACE2B02BA07DF7F13F59D07F7A38AA18	161792	----a-w-	C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 13:19:57	A8EF9AEDACF24908E12E910BF3977DC9	703840	----a-w-	C:\WINDOWS\SysWOW64\WWAHost.exe
2016-04-13 13:19:57	9B60985A87BA2FED9F57DA30F191098E	315904	----a-w-	C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-04-13 13:19:57	91ED19257EAA98C1C95A7E5F0FF07FF0	10240	----a-w-	C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-13 13:19:57	856AD15FD2D187EA8435564A135C85C0	228352	----a-w-	C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-04-13 13:19:57	7F0A9630C78E3783680CC9620C4E09C0	6740992	----a-w-	C:\WINDOWS\SysWOW64\mstscax.dll
2016-04-13 13:19:57	7A2A3BAAA05C8124D95B2915E904F900	141664	----a-w-	C:\WINDOWS\SysWOW64\wermgr.exe
2016-04-13 13:19:57	51A5FD6E5EF1E9A2C63C615F238961F9	1500672	----a-w-	C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 13:19:57	4D2E3D6BC01E7A5E9C6F9AFDBFAF98BB	220064	----a-w-	C:\WINDOWS\SysWOW64\sqmapi.dll
2016-04-13 13:19:57	4B6F30BA21606440EC91852F15B296A9	1626624	----a-w-	C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-13 13:19:57	49A21B514FC10B2D55499D58DC78E862	45568	----a-w-	C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-13 13:19:57	4135F625D8F20D76FB29F86FE7A4CC48	93696	----a-w-	C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-13 13:19:57	3D74763FFF3EF03D8CC9233B5A0EBBB2	13018624	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-13 13:19:57	38EE252AD45EB7D6834F718B9487D3F9	538736	----a-w-	C:\WINDOWS\SysWOW64\wer.dll
2016-04-13 13:19:57	35B0826C3EF8A0E16DF4F4A8D30246C7	705536	----a-w-	C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-13 13:19:57	2C0BBF7FC5526D7285BEAD239895C473	682496	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-13 13:19:57	2BFF4D19D7FC686C150879A2FD5BAE77	2229760	----a-w-	C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 13:19:57	1A341701906986F1865766C6849269FC	323072	----a-w-	C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-13 13:07:09	F432E0E5B0958F4982D40EB622FBD7FC	35480	----a-w-	C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-04-13 13:07:08	BF9CAA33ADD4C21C118148B5CFC5494B	778936	----a-w-	C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-04-13 13:07:06	6F391E9286733CC6B34FC0FAB23B8DF3	103120	----a-w-	C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-04-13 12:33:47	63124FE6E5475B11FFC424DADF8FC462	2038392	----a-w-	C:\WINDOWS\SysWOW64\PerfStringBackup.INI
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2016-04-13 13:27:22	A82F594EE2471B4F304DA1DF068552EE	758	----a-w-	C:\WINDOWS\Sysnative\license.rtf
2016-04-13 13:20:39	C3F15E167CB84E2E6027AF17D49D5904	372224	----a-w-	C:\WINDOWS\Sysnative\MDEServer.exe
2016-04-13 13:20:38	D79FFE2219AE3BA3B871BA2D39B16519	1152328	----a-w-	C:\WINDOWS\Sysnative\mfasfsrcsnk.dll
2016-04-13 13:20:38	BC767AD01E4DAFD08C21D5D07CC290C9	567808	----a-w-	C:\WINDOWS\Sysnative\MCRecvSrc.dll
2016-04-13 13:20:38	9C4C3EB6A2371A2038E2BB3A9D54CDE0	498448	----a-w-	C:\WINDOWS\Sysnative\MFCaptureEngine.dll
2016-04-13 13:20:38	6E76BB89EED6C2BD7B1E7B5F9A1C41F0	320000	----a-w-	C:\WINDOWS\Sysnative\MSFlacDecoder.dll
2016-04-13 13:20:38	48E90F12346EE70764CEE435826ABD31	493568	----a-w-	C:\WINDOWS\Sysnative\mfmkvsrcsnk.dll
2016-04-13 13:20:37	FEBBA212353E4FA90C6164AA970B772F	536256	----a-w-	C:\WINDOWS\Sysnative\AudioSes.dll
2016-04-13 13:20:37	EB05F5368F8BBF75157B87FD1F689167	2581504	----a-w-	C:\WINDOWS\Sysnative\MFMediaEngine.dll
2016-04-13 13:20:37	D12D3DD397A35EF06CDF41C1A9E3EE45	613376	----a-w-	C:\WINDOWS\Sysnative\SettingSync.dll
2016-04-13 13:20:37	C9BFE1D6420BFADB249162039C321F63	1131520	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.Audio.dll
2016-04-13 13:20:37	BD70B866034C1366D74CCBB5CA97395E	2544264	----a-w-	C:\WINDOWS\Sysnative\mfcore.dll
2016-04-13 13:20:37	AF13258A6E8FD57CE0B9C6BEDCDF80CB	144896	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.Devices.dll
2016-04-13 13:20:37	92F74BF86088520654BD5636A69E37F1	848168	----a-w-	C:\WINDOWS\Sysnative\mfsvr.dll
2016-04-13 13:20:37	834D1648124F0F2729462BF79DB0C2CD	369912	----a-w-	C:\WINDOWS\Sysnative\audiodg.exe
2016-04-13 13:20:37	751F5B6AF16546162E06211AF1FC2979	794888	----a-w-	C:\WINDOWS\Sysnative\mfds.dll
2016-04-13 13:20:37	669F733F85FEBE6F7438C66CBF7FD3FD	1062480	----a-w-	C:\WINDOWS\Sysnative\mfmp4srcsnk.dll
2016-04-13 13:20:37	468D29ECE0AD7700B790A20FA2765313	408120	----a-w-	C:\WINDOWS\Sysnative\AUDIOKSE.dll
2016-04-13 13:20:37	42BF7FA295F453618104B5A50BEE105B	275456	----a-w-	C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll
2016-04-13 13:20:37	350CFCC870E30BEE151F3DFB83BD0178	1017032	----a-w-	C:\WINDOWS\Sysnative\mfsrcsnk.dll
2016-04-13 13:20:37	32F3BA2C4849ED727508C021F999E147	3428864	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.dll
2016-04-13 13:20:37	2A2C0983B6FE62F02E7183335B1F5C20	1054208	----a-w-	C:\WINDOWS\Sysnative\audiosrv.dll
2016-04-13 13:20:37	28343B7C30E6AF073B02288EB579D984	476728	----a-w-	C:\WINDOWS\Sysnative\msvproc.dll
2016-04-13 13:20:37	218CEC10714AF029BF4D8BCE600AD1DA	819648	----a-w-	C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll
2016-04-13 13:20:36	CA24B0764C9DFE243D15A8708580673B	107520	----a-w-	C:\WINDOWS\Sysnative\BdeHdCfgLib.dll
2016-04-13 13:20:36	C8B840675B83DC8A257B075BFE5F9357	261376	----a-w-	C:\WINDOWS\Sysnative\LsaIso.exe
2016-04-13 13:20:36	A15D9F32A84660FA62F9D27577B0F105	324608	----a-w-	C:\WINDOWS\Sysnative\fvecpl.dll
2016-04-13 13:20:36	712AE16ED8FC7F2363F7EA1D8F6D546A	821248	----a-w-	C:\WINDOWS\Sysnative\fvewiz.dll
2016-04-13 13:20:36	47323DE2A684895004CE63EC66FB4AB4	401408	----a-w-	C:\WINDOWS\Sysnative\sharemediacpl.dll
2016-04-13 13:20:26	FDBDA93BA9CD3B78060705B41BFCF92D	288256	----a-w-	C:\WINDOWS\Sysnative\fveui.dll
2016-04-13 13:20:26	F374C27099807E99A156953F8416D34A	361472	----a-w-	C:\WINDOWS\Sysnative\bdesvc.dll
2016-04-13 13:20:26	E34A89A196F45473D61CCDAB193293D1	119808	----a-w-	C:\WINDOWS\Sysnative\BitLockerDeviceEncryption.exe
2016-04-13 13:20:26	E083BE4900FCBB6BC42943438DCF2CAD	176128	----a-w-	C:\WINDOWS\Sysnative\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 13:20:26	258BCD1FE978849EDB02D131FD1F7893	989536	----a-w-	C:\WINDOWS\Sysnative\SecConfig.efi
2016-04-13 13:20:26	091D5AE5E663A66EE73B539AF7C32EC5	69632	----a-w-	C:\WINDOWS\Sysnative\fveskybackup.dll
2016-04-13 13:20:25	E9B10E704AD5B1BA5E531809C89A085B	93184	----a-w-	C:\WINDOWS\Sysnative\wpninprc.dll
2016-04-13 13:20:25	6A0745D04DFB6E37A6D0FEE339A0B742	556032	----a-w-	C:\WINDOWS\Sysnative\PsmServiceExtHost.dll
2016-04-13 13:20:24	F72F137EEFF89D0B5A2FB8867B4ACEED	402432	----a-w-	C:\WINDOWS\Sysnative\FWPUCLNT.DLL
2016-04-13 13:20:24	F6B9E6CB351D86A0C318B37E14B97656	196608	----a-w-	C:\WINDOWS\Sysnative\fwpolicyiomgr.dll
2016-04-13 13:20:24	DF0321E30FD7D00BC8178FC58550B8C0	115040	----a-w-	C:\WINDOWS\Sysnative\NetSetupApi.dll
2016-04-13 13:20:24	C5DEEC4F7ED591D1E322899ADC4EE45F	207360	----a-w-	C:\WINDOWS\Sysnative\NetSetupSvc.dll
2016-04-13 13:20:24	AA97AC06BFA15DA23C7C9C145A226C2D	25600	----a-w-	C:\WINDOWS\Sysnative\wfapigp.dll
2016-04-13 13:20:24	9AE80C03EA83537F17B286ECBBA13D43	184320	----a-w-	C:\WINDOWS\Sysnative\fwbase.dll
2016-04-13 13:20:24	95A03F67830FDCB950E70261128D540D	957952	----a-w-	C:\WINDOWS\Sysnative\IKEEXT.DLL
2016-04-13 13:20:24	9065EB3B7E982A5370790BF729EDBBA7	696664	----a-w-	C:\WINDOWS\Sysnative\NetSetupEngine.dll
2016-04-13 13:20:24	6A5290128257BC733107E7819648CA76	526336	----a-w-	C:\WINDOWS\Sysnative\FirewallAPI.dll
2016-04-13 13:20:24	553F19DC6F3F73545CB17FCD7A8AE37B	870912	----a-w-	C:\WINDOWS\Sysnative\MPSSVC.dll
2016-04-13 13:20:24	37F5E2385CB4D10AB42186974B9C241A	794112	----a-w-	C:\WINDOWS\Sysnative\BFE.DLL
2016-04-13 13:20:20	E0932D924DA7C363F40E5B90DC9D2669	129536	----a-w-	C:\WINDOWS\Sysnative\flvprophandler.dll
2016-04-13 13:20:20	C78D43083400B8FAE408FEB1E99F9DA8	1847808	----a-w-	C:\WINDOWS\Sysnative\WMPDMC.exe
2016-04-13 13:20:20	3E80E2B0C0010154CC504DC51BE21968	14252544	----a-w-	C:\WINDOWS\Sysnative\wmp.dll
2016-04-13 13:20:20	24146738C422814EEB2A98FF1FC5C6E1	338432	----a-w-	C:\WINDOWS\Sysnative\ncbservice.dll
2016-04-13 13:20:18	B21B08D436D2B9E7D280FCF9BCBB5DDE	22378496	----a-w-	C:\WINDOWS\Sysnative\edgehtml.dll
2016-04-13 13:20:18	40D666AEFB8775F25AA403EDB5D2414E	4894208	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
2016-04-13 13:20:18	3385A5D97C974EA03D6E17E97830F340	686592	----a-w-	C:\WINDOWS\Sysnative\ieproxy.dll
2016-04-13 13:20:17	775B118277B9A81BF9B23AA386A9196D	7836160	----a-w-	C:\WINDOWS\Sysnative\Chakra.dll
2016-04-13 13:20:17	446882966C68D7EF2783E6B327421493	764928	----a-w-	C:\WINDOWS\Sysnative\Chakradiag.dll
2016-04-13 13:20:16	A6A8B92FBADFA793794C0EEFA77941C3	13382656	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2016-04-13 13:20:15	DBADA23940BA56E3D96762C961145654	24602112	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2016-04-13 13:20:14	82E25186617BA6C15010F0D47C705705	65536	----a-w-	C:\WINDOWS\Sysnative\basesrv.dll
2016-04-13 13:20:14	2985697A74DE409D53C6ACD2CD30FDAA	1818696	----a-w-	C:\WINDOWS\Sysnative\ntdll.dll
2016-04-13 13:20:14	0088614FE67298E6996AD19B05AE90C7	1997328	----a-w-	C:\WINDOWS\Sysnative\KernelBase.dll
2016-04-13 13:20:13	186BAF9C9F422E6B784E4C990585E2E3	673792	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.dll
2016-04-13 13:20:12	F8FAB3E1281FB937DB1C8109842A9534	3994624	----a-w-	C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll
2016-04-13 13:20:12	F3FE9C939D684607118E306B98CEBBBC	22564328	----a-w-	C:\WINDOWS\Sysnative\shell32.dll
2016-04-13 13:20:12	F0D97E9816795E1AAA17396ABD2660C4	4827136	----a-w-	C:\WINDOWS\Sysnative\ExplorerFrame.dll
2016-04-13 13:20:12	EA30B6E587862DF15E35525C60CCAFA9	838144	----a-w-	C:\WINDOWS\Sysnative\uDWM.dll
2016-04-13 13:20:12	E2B2525EF375D716E0DE6FE8F3ADCEDB	365568	----a-w-	C:\WINDOWS\Sysnative\atmfd.dll
2016-04-13 13:20:12	D3406F98BD98633780820C5EDBA9A5B4	166400	----a-w-	C:\WINDOWS\Sysnative\AboveLockAppHost.dll
2016-04-13 13:20:12	CFF6A3799F83060D3FF538564E4264CA	374008	----a-w-	C:\WINDOWS\Sysnative\SystemSettingsAdminFlows.exe
2016-04-13 13:20:12	CFF415024C353DA284731CB72FE3F8FF	770640	----a-w-	C:\WINDOWS\Sysnative\iuilp.dll
2016-04-13 13:20:12	B471A4DA6F8DFF957B6F109FA182C366	3575296	----a-w-	C:\WINDOWS\Sysnative\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 13:20:12	A74CEC306AB99D74559F7075EDB60A9B	451584	----a-w-	C:\WINDOWS\Sysnative\werui.dll
2016-04-13 13:20:12	A4CA6FE3F02C6299EED8B7296DC902D6	12800	----a-w-	C:\WINDOWS\Sysnative\oleacchooks.dll
2016-04-13 13:20:12	7ECAE31725C1DC35CC448FA8D0EA09D9	324608	----a-w-	C:\WINDOWS\Sysnative\RDXTaskFactory.dll
2016-04-13 13:20:12	7185B16516478DF0061C2561C1B072CE	228352	----a-w-	C:\WINDOWS\Sysnative\wsqmcons.exe
2016-04-13 13:20:12	717FDDACE38C314CA5A517E12162CC6D	216576	----a-w-	C:\WINDOWS\Sysnative\QuickActionsDataModel.dll
2016-04-13 13:20:12	68B34C3558BEE0F6B822FA603E9AE441	258280	----a-w-	C:\WINDOWS\Sysnative\sqmapi.dll
2016-04-13 13:20:12	60C04811AC0BB0BFC5E00D293B8F4464	630632	----a-w-	C:\WINDOWS\Sysnative\fontdrvhost.exe
2016-04-13 13:20:12	518A992A6700A86A47F79388F91737C0	1090048	----a-w-	C:\WINDOWS\Sysnative\RDXService.dll
2016-04-13 13:20:12	42C6780C909074A1879F8BBA34920FE6	988160	----a-w-	C:\WINDOWS\Sysnative\SharedStartModel.dll
2016-04-13 13:20:12	335995302980B83CA6B1974A84AC6009	730344	----a-w-	C:\WINDOWS\Sysnative\Windows.Internal.Shell.Broker.dll
2016-04-13 13:20:12	2989A5B700D1C706ED496CCA75DCFA67	7533568	----a-w-	C:\WINDOWS\Sysnative\mstscax.dll
2016-04-13 13:20:12	2291CACFF9BE4252C2D39D1A6D27B4E4	11545600	----a-w-	C:\WINDOWS\Sysnative\twinui.dll
2016-04-13 13:20:12	1E1631970DDFD63EDD4483D33E18EC89	300104	----a-w-	C:\WINDOWS\Sysnative\LockAppHost.exe
2016-04-13 13:20:12	1BF000CFA56FD272B4ECAC167CDF6A8F	1211904	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Cred.dll
2016-04-13 13:20:12	14D75B31BA6A28F4A46D7432B48C26B3	45568	----a-w-	C:\WINDOWS\Sysnative\atmlib.dll
2016-04-13 13:20:12	0D7BB44BFFFA4E153F4EA1E05522D2C3	37376	----a-w-	C:\WINDOWS\Sysnative\LaunchWinApp.exe
2016-04-13 13:20:12	0C8955B4BB1E9D588B4B62D0BD2E5E78	411648	----a-w-	C:\WINDOWS\Sysnative\oleacc.dll
2016-04-13 13:20:12	0C015924C6DA5368E6B102CC597AC640	1390080	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Shell.dll
2016-04-13 13:20:12	04EDE78320552097AC7EB3CE69A4A0BD	118272	----a-w-	C:\WINDOWS\Sysnative\fontsub.dll
2016-04-13 13:20:05	FF07BE14ED82E218C3EEE7C986118A2E	307712	----a-w-	C:\WINDOWS\Sysnative\usbmon.dll
2016-04-13 13:20:05	F8083C536BEDE61AFB4069D8A8C16DA7	456704	----a-w-	C:\WINDOWS\Sysnative\ipnathlp.dll
2016-04-13 13:20:05	F4F6D943E788447DAE29DA217B6743E6	147456	----a-w-	C:\WINDOWS\Sysnative\mtxoci.dll
2016-04-13 13:20:05	F07301C282AA222C33F8C28B4F545275	591872	----a-w-	C:\WINDOWS\Sysnative\SmsRouterSvc.dll
2016-04-13 13:20:05	EF953237B34D1468B81A6AB260A3C524	1317640	----a-w-	C:\WINDOWS\Sysnative\winload.efi
2016-04-13 13:20:05	EBD07BD20B5E0E92A398566EF8720F79	31232	----a-w-	C:\WINDOWS\Sysnative\seclogon.dll
2016-04-13 13:20:05	E9A0D466F6D8EC349DB526146618BCB6	606720	----a-w-	C:\WINDOWS\Sysnative\wcmsvc.dll
2016-04-13 13:20:05	E95C204F9042223B355C4D04CE675D50	86528	----a-w-	C:\WINDOWS\Sysnative\AppCapture.dll
2016-04-13 13:20:05	E81A803BE3E7D49DE669FB8C30B18BA4	414720	----a-w-	C:\WINDOWS\Sysnative\bcastdvr.exe
2016-04-13 13:20:05	E7588419770BDDB510741F734D290E27	1318912	----a-w-	C:\WINDOWS\Sysnative\wifinetworkmanager.dll
2016-04-13 13:20:05	E5E09ABD5171EB8622821059D8757F43	239616	----a-w-	C:\WINDOWS\Sysnative\credprovhost.dll
2016-04-13 13:20:05	E5C3042B68D4EA89B3C52E150E553DA0	617984	----a-w-	C:\WINDOWS\Sysnative\StorSvc.dll
2016-04-13 13:20:05	E5421101B84007FBC3D11501A6887F42	471552	----a-w-	C:\WINDOWS\Sysnative\NetSetupShim.dll
2016-04-13 13:20:05	E15D10FA246ADC4DC59B93C13F417AA3	440320	----a-w-	C:\WINDOWS\Sysnative\CredProvDataModel.dll
2016-04-13 13:20:05	DAFECF80513C6E6892BBEBB48D555A31	115712	----a-w-	C:\WINDOWS\Sysnative\srpapi.dll
2016-04-13 13:20:05	DAB53783AD08864E873A6B7B874D1783	3671888	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2016-04-13 13:20:05	D842C2B65E77C13273B626317A5BC5C4	555520	----a-w-	C:\WINDOWS\Sysnative\SyncController.dll
2016-04-13 13:20:05	D20C52607024BD08A88CF1CA6B339C9B	517632	----a-w-	C:\WINDOWS\Sysnative\winspool.drv
2016-04-13 13:20:05	D1241DFC397FA8CCFB4BB4B63AAD31AC	755712	----a-w-	C:\WINDOWS\Sysnative\spoolsv.exe
2016-04-13 13:20:05	CD885F960066DDD538CD1BBD509A0EC0	69632	----a-w-	C:\WINDOWS\Sysnative\wininetlui.dll
2016-04-13 13:20:05	C6856D20BE1DB90407C9154B0EC319B9	77824	----a-w-	C:\WINDOWS\Sysnative\provpackageapidll.dll
2016-04-13 13:20:05	C3BB5D3E3DD24AC0BFA9223F2877F136	76800	----a-w-	C:\WINDOWS\Sysnative\NetCfgNotifyObjectHost.exe
2016-04-13 13:20:05	C1C169EFA8E5E30A0A521C0409CAC153	874968	----a-w-	C:\WINDOWS\Sysnative\winresume.exe
2016-04-13 13:20:05	BFE2669F7B0EB1EBAF587490E9E591AA	630272	----a-w-	C:\WINDOWS\Sysnative\PhoneProviders.dll
2016-04-13 13:20:05	BE8C62B0B7BBA8F1152A6A7FCF248404	915456	----a-w-	C:\WINDOWS\Sysnative\configurationclient.dll
2016-04-13 13:20:05	BE7D6EA3650F1C25076335A9C1F3D59B	1098240	----a-w-	C:\WINDOWS\Sysnative\dosvc.dll
2016-04-13 13:20:05	B37F21B4C25BF10605A196791F93E324	360448	----a-w-	C:\WINDOWS\Sysnative\vaultsvc.dll
2016-04-13 13:20:05	B0236F0FB7402381A50F2EBF031C49CF	1030416	----a-w-	C:\WINDOWS\Sysnative\winresume.efi
2016-04-13 13:20:05	AEBD5FCFBFF0294A2D87048D4F5417CB	74424	----a-w-	C:\WINDOWS\Sysnative\easinvoker.exe
2016-04-13 13:20:05	AE6A68A065D4C26AF4BEFAA53623B266	2755584	----a-w-	C:\WINDOWS\Sysnative\wininet.dll
2016-04-13 13:20:05	A78E76034D230AFE6B74B57BAF8C8BF2	27648	----a-w-	C:\WINDOWS\Sysnative\WiFiConfigSP.dll
2016-04-13 13:20:05	A2B2198B126C8BB489585994A453B064	7474016	----a-w-	C:\WINDOWS\Sysnative\ntoskrnl.exe
2016-04-13 13:20:05	A2902A998C3A8A049D26235A75DBE300	174592	----a-w-	C:\WINDOWS\Sysnative\easwrt.dll
2016-04-13 13:20:05	9BE5ECE2F17B3BEDE6FDE1175BD23266	376536	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.MediaControl.dll
2016-04-13 13:20:05	9822B613AEB1CF24E05EFEE748160637	25088	----a-w-	C:\WINDOWS\Sysnative\irmon.dll
2016-04-13 13:20:05	98112F9B965646D338896FD7B13BB32E	1173344	----a-w-	C:\WINDOWS\Sysnative\aeinv.dll
2016-04-13 13:20:05	96BAB1499995B85B91C312BA5114CA03	1322248	----a-w-	C:\WINDOWS\Sysnative\ole32.dll
2016-04-13 13:20:05	92840BF0817C457BB011220BA21BAE9B	1832448	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll
2016-04-13 13:20:05	92291BFE95AD37CF486BD3E4B31F746B	1141504	----a-w-	C:\WINDOWS\Sysnative\winload.exe
2016-04-13 13:20:05	8AF0CBE3FC6129C42D7A2A73B681F226	1118208	----a-w-	C:\WINDOWS\Sysnative\localspl.dll
2016-04-13 13:20:05	8790833B243AB6DD22A1F86FFB26B689	1052160	----a-w-	C:\WINDOWS\Sysnative\MsSpellCheckingFacility.dll
2016-04-13 13:20:05	84ADBF35DAF6404148AE85973BE26D59	48640	----a-w-	C:\WINDOWS\Sysnative\wfdprov.dll
2016-04-13 13:20:05	7F7591CCC146EC7D9EB77C1277D605F4	1213440	----a-w-	C:\WINDOWS\Sysnative\wwansvc.dll
2016-04-13 13:20:05	7A0E065E46156F9288AE32B1E0399247	52224	----a-w-	C:\WINDOWS\Sysnative\jsproxy.dll
2016-04-13 13:20:05	77B2F9C522467B1FC8770028D09534DB	91648	----a-w-	C:\WINDOWS\Sysnative\asycfilt.dll
2016-04-13 13:20:05	703430E9FFF072334B247B5E88428331	288768	----a-w-	C:\WINDOWS\Sysnative\vaultcli.dll
2016-04-13 13:20:05	6E04BBE242E2889B37300C4DF5CE1126	3449168	----a-w-	C:\WINDOWS\Sysnative\WSService.dll
2016-04-13 13:20:05	6CA51117CDDB89DB6AE9F196B01C3491	389992	----a-w-	C:\WINDOWS\Sysnative\wlanapi.dll
2016-04-13 13:20:05	69B6B69C95E1FBDC796F5B2019A8B24D	791744	----a-w-	C:\WINDOWS\Sysnative\generaltel.dll
2016-04-13 13:20:05	6870232D80480DA4FF1FBE3373FCA06E	965632	----a-w-	C:\WINDOWS\Sysnative\SRH.dll
2016-04-13 13:20:05	6855984AA46D2452A7C518787E1F2643	1996288	----a-w-	C:\WINDOWS\Sysnative\ActiveSyncProvider.dll
2016-04-13 13:20:05	6758ABE6A73AE709A6C74F121C666CC1	841216	----a-w-	C:\WINDOWS\Sysnative\win32spl.dll
2016-04-13 13:20:05	610D0502400BDAFD4BB8EA10713234C7	74240	----a-w-	C:\WINDOWS\Sysnative\SMSRouter.dll
2016-04-13 13:20:05	6072C7DB85FD3FE8D308EE44865C04DE	305664	----a-w-	C:\WINDOWS\Sysnative\wifiprofilessettinghandler.dll
2016-04-13 13:20:05	5D88798FC34BB61C74256CDD66BDD205	318976	----a-w-	C:\WINDOWS\Sysnative\domgmt.dll
2016-04-13 13:20:05	5CB565C1A0A30D76D7B099EEF9654297	256000	----a-w-	C:\WINDOWS\Sysnative\accountaccessor.dll
2016-04-13 13:20:05	5548D83C60E37CBB1B451A1108D4142C	513888	----a-w-	C:\WINDOWS\Sysnative\devinv.dll
2016-04-13 13:20:05	53AC4B2658807691D2A485EE0F8A50E9	463360	----a-w-	C:\WINDOWS\Sysnative\wlansec.dll
2016-04-13 13:20:05	45FDB4ACF680DF92D6510F77E7FF3E7F	713568	----a-w-	C:\WINDOWS\Sysnative\invagent.dll
2016-04-13 13:20:05	453740989239803FE363FF8B40EA2E08	2295808	----a-w-	C:\WINDOWS\Sysnative\wlansvc.dll
2016-04-13 13:20:05	3F8466CC13D1F614C8FAC24B1C030D59	214528	----a-w-	C:\WINDOWS\Sysnative\Windows.Devices.Scanners.dll
2016-04-13 13:20:05	2DDEA2BEDD3169F483C9BE610ADFE8B1	8705672	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.Protection.PlayReady.dll
2016-04-13 13:20:05	290D24F50396B379338790B8E8D1C503	1714688	----a-w-	C:\WINDOWS\Sysnative\SRHInproc.dll
2016-04-13 13:20:05	28CFFDB411375B2BBB0EBF295ABAEF29	382464	----a-w-	C:\WINDOWS\Sysnative\wuuhext.dll
2016-04-13 13:20:05	1F3D69B0AE210874DDC300C3EF1C9CCD	438784	----a-w-	C:\WINDOWS\Sysnative\AccountsRt.dll
2016-04-13 13:20:05	167176E3A8B095C2E807D27CBE6AB0D3	1902592	----a-w-	C:\WINDOWS\Sysnative\msxml3.dll
2016-04-13 13:20:05	12D83590FEF1C8C28DBF3323C61E831A	31232	----a-w-	C:\WINDOWS\Sysnative\wsdchngr.dll
2016-04-13 13:20:05	0F85790D9E32FA0B8798AECBBEF6F5F4	1731584	----a-w-	C:\WINDOWS\Sysnative\urlmon.dll
2016-04-13 13:20:05	0ED8556CB47EC7689D0046791F3427AE	26112	----a-w-	C:\WINDOWS\Sysnative\wlansvcpal.dll
2016-04-13 13:20:05	09918925526BC0B5B823CF1A2473D909	412672	----a-w-	C:\WINDOWS\Sysnative\wlanmsm.dll
2016-04-13 13:20:05	03416DA86664FF2141A5820868B0B9B1	88576	----a-w-	C:\WINDOWS\Sysnative\AppxSysprep.dll
2016-04-13 13:20:05	023338E1DA5B6E5C2EFC7E5ADA7929C5	685568	----a-w-	C:\WINDOWS\Sysnative\scapi.dll
2016-04-13 13:20:04	F99D8BF6ACA4728C9E285BD161C22BCB	938496	----a-w-	C:\WINDOWS\Sysnative\MapControlCore.dll
2016-04-13 13:20:04	F7391A45172C10D8B79A239CDD8BA88B	209408	----a-w-	C:\WINDOWS\Sysnative\storewuauth.dll
2016-04-13 13:20:04	F5B8CC586CE9D6187F412B5DFE932468	33280	----a-w-	C:\WINDOWS\Sysnative\wuautoappupdate.dll
2016-04-13 13:20:04	F432ACF44EABBE3EB98F613E1573DA6F	334736	----a-w-	C:\WINDOWS\Sysnative\policymanager.dll
2016-04-13 13:20:04	F40C5151476B066A4061E67DFA641657	128512	----a-w-	C:\WINDOWS\Sysnative\dmcsps.dll
2016-04-13 13:20:04	EFA3EFE172FDA2EE7C3F64F17277181C	7199232	----a-w-	C:\WINDOWS\Sysnative\BingMaps.dll
2016-04-13 13:20:04	EEA1E99FBC7D91A1A271012F2B4567BB	60416	----a-w-	C:\WINDOWS\Sysnative\PimIndexMaintenanceClient.dll
2016-04-13 13:20:04	EA195B8BC11C1CDB313CFD456EFFA0E9	997376	----a-w-	C:\WINDOWS\Sysnative\schedsvc.dll
2016-04-13 13:20:04	E432FCF8572682126C3362AA856DC4AE	221184	----a-w-	C:\WINDOWS\Sysnative\PhoneCallHistoryApis.dll
2016-04-13 13:20:04	E1D8055043DF089DB8ADB67C21DF2CC4	70656	----a-w-	C:\WINDOWS\Sysnative\POSyncServices.dll
2016-04-13 13:20:04	DEFF4C7B937F60923980D4BB7D1724B8	274944	----a-w-	C:\WINDOWS\Sysnative\ExSMime.dll
2016-04-13 13:20:04	DD877B48C28AB34197AD88902971B81D	45056	----a-w-	C:\WINDOWS\Sysnative\UserDataLanguageUtil.dll
2016-04-13 13:20:04	DD57E9F1482E1A9BD2514F6D017DF58A	258560	----a-w-	C:\WINDOWS\Sysnative\UserDataAccountApis.dll
2016-04-13 13:20:04	DA4F2FBA02ADB65797953219ABEF0C44	58400	----a-w-	C:\WINDOWS\Sysnative\SensorsNativeApi.dll
2016-04-13 13:20:04	D8F3E820C39808C00A687AED554D23C0	859136	----a-w-	C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll
2016-04-13 13:20:04	D169A4C1EDA2F63545628420014F2FE3	808800	----a-w-	C:\WINDOWS\Sysnative\WWAHost.exe
2016-04-13 13:20:04	D0CCDC8D0D00DA363F9D87C2E9A803EF	1297752	----a-w-	C:\WINDOWS\Sysnative\LicenseManager.dll
2016-04-13 13:20:04	CD8C4364BC6040C0226638EF37E13CBB	161280	----a-w-	C:\WINDOWS\Sysnative\CallHistoryClient.dll
2016-04-13 13:20:04	CB902A15DD21B363FECA5DCCF34F5C57	1224704	----a-w-	C:\WINDOWS\Sysnative\Unistore.dll
2016-04-13 13:20:04	C64B693DF26EB7BFF25F9BAD8B54D571	649216	----a-w-	C:\WINDOWS\Sysnative\ngcsvc.dll
2016-04-13 13:20:04	C59CF7385D070450643D61C8ADEFFE3C	958976	----a-w-	C:\WINDOWS\Sysnative\RemoteNaturalLanguage.dll
2016-04-13 13:20:04	C1FD242DB2679B7E8F9D54955131A603	1056256	----a-w-	C:\WINDOWS\Sysnative\JpMapControl.dll
2016-04-13 13:20:04	C10E0567A0C9541F839EC5B4758795DA	48128	----a-w-	C:\WINDOWS\Sysnative\wups.dll
2016-04-13 13:20:04	B82C04128A96A05139F9F58ED07D0DB2	3351040	----a-w-	C:\WINDOWS\Sysnative\msi.dll
2016-04-13 13:20:04	B8293D5BCBCE179870AAB09CCF21B120	151040	----a-w-	C:\WINDOWS\Sysnative\VEStoreEventHandlers.dll
2016-04-13 13:20:04	B6877446C93D3110E56C90CF13CBEC89	45568	----a-w-	C:\WINDOWS\Sysnative\UserDataTypeHelperUtil.dll
2016-04-13 13:20:04	B58CE40AC84F1B068A2004400E68245B	87040	----a-w-	C:\WINDOWS\Sysnative\MDMAppInstaller.exe
2016-04-13 13:20:04	B3B3BF36976D72C06C2D3524AC040643	81144	----a-w-	C:\WINDOWS\Sysnative\netapi32.dll
2016-04-13 13:20:04	B232CE503C6666873E7B9E4BA769C524	92160	----a-w-	C:\WINDOWS\Sysnative\policymanagerprecheck.dll
2016-04-13 13:20:04	AC71C0A77ED618382D5422C6AB1747E4	169472	----a-w-	C:\WINDOWS\Sysnative\mdmmigrator.dll
2016-04-13 13:20:04	AB416599057FFDC84E28BBB6DA69EADC	235008	----a-w-	C:\WINDOWS\Sysnative\MTF.dll
2016-04-13 13:20:04	AA5E227F977D03198227E09804394A24	127488	----a-w-	C:\WINDOWS\Sysnative\VEDataLayerHelpers.dll
2016-04-13 13:20:04	A617BE5E429A035A1CA8217C1B16F0BB	134656	----a-w-	C:\WINDOWS\Sysnative\browser.dll
2016-04-13 13:20:04	A34D9229F8D3A7164247213C9A283DB0	189952	----a-w-	C:\WINDOWS\Sysnative\WiFiDisplay.dll
2016-04-13 13:20:04	A249C98D869623F1AF0DB4BCFFF6D2A8	68096	----a-w-	C:\WINDOWS\Sysnative\UserDataPlatformHelperUtil.dll
2016-04-13 13:20:04	9FDAC1F65E074C1CF12C3E80BD5195E4	176640	----a-w-	C:\WINDOWS\Sysnative\mdmregistration.dll
2016-04-13 13:20:04	9BC40C5A140B5F380042E391CC95993F	66560	----a-w-	C:\WINDOWS\Sysnative\moshost.dll
2016-04-13 13:20:04	95D2BD6AC94FB337AF69F8AFE056BEBE	147808	----a-w-	C:\WINDOWS\Sysnative\wermgr.exe
2016-04-13 13:20:04	94612B9F7FC2B1A5C6D337C649B346F1	278528	----a-w-	C:\WINDOWS\Sysnative\NotificationObjFactory.dll
2016-04-13 13:20:04	93E597D2B5C653E94680E8B8E1C59B36	641536	----a-w-	C:\WINDOWS\Sysnative\enterprisecsps.dll
2016-04-13 13:20:04	91F08041D932816D0D9607F68578A87E	34816	----a-w-	C:\WINDOWS\Sysnative\dmenterprisediagnostics.dll
2016-04-13 13:20:04	907B65AD953EA159B573A0BCC82F6DB0	243712	----a-w-	C:\WINDOWS\Sysnative\cemapi.dll
2016-04-13 13:20:04	8EC4F381818F8A073DEC52C6D1ED9C76	86016	----a-w-	C:\WINDOWS\Sysnative\DeviceEnroller.exe
2016-04-13 13:20:04	85EE46E85C3E76809BC454A50564ECD6	418304	----a-w-	C:\WINDOWS\Sysnative\dmenrollengine.dll
2016-04-13 13:20:04	82A4EFF3567A00EAAA5929C64C42F22D	269824	----a-w-	C:\WINDOWS\Sysnative\moshostcore.dll
2016-04-13 13:20:04	81D0BDE09DA9D13C4A5A47A8ADCE0993	120320	----a-w-	C:\WINDOWS\Sysnative\MapsBtSvc.dll
2016-04-13 13:20:04	81B78E1782DB1BA758FDA7B993C9FEB5	91136	----a-w-	C:\WINDOWS\Sysnative\browserbroker.dll
2016-04-13 13:20:04	8024D7BDD26E9C1280B8B6D605488179	848896	----a-w-	C:\WINDOWS\Sysnative\wuapi.dll
2016-04-13 13:20:04	7ED9629564A44BF0ECAEDEDE7B1BC1FF	988160	----a-w-	C:\WINDOWS\Sysnative\NMAA.dll
2016-04-13 13:20:04	7E81E3E0D7F83BFE3C3975020B6C7F12	163840	----a-w-	C:\WINDOWS\Sysnative\TimeBrokerServer.dll
2016-04-13 13:20:04	7C20F3EC0BA5ACB8ED40CDEF41B0AC56	779384	----a-w-	C:\WINDOWS\Sysnative\taskschd.dll
2016-04-13 13:20:04	7BD715D15060E0B6E4AF222CA7120BD1	69632	----a-w-	C:\WINDOWS\Sysnative\EnterpriseDesktopAppMgmtCSP.dll
2016-04-13 13:20:04	727E03710FB2320AC0C114A9BF40AB40	7979008	----a-w-	C:\WINDOWS\Sysnative\mos.dll
2016-04-13 13:20:04	722A68A4CC2BC8BC3C0B776B0711A3C9	285696	----a-w-	C:\WINDOWS\Sysnative\VEEventDispatcher.dll
2016-04-13 13:20:04	70BA4CAAC5D621DCE88082DA0B1FF014	23552	----a-w-	C:\WINDOWS\Sysnative\ExtrasXmlParser.dll
2016-04-13 13:20:04	6B5963BC0C0074448A502FD19209D1BB	89088	----a-w-	C:\WINDOWS\Sysnative\MapsCSP.dll
2016-04-13 13:20:04	62300878366762EABAC7834543964A6E	498688	----a-w-	C:\WINDOWS\Sysnative\tileobjserver.dll
2016-04-13 13:20:04	61C99C1A4BB5EE14563ED321A859ACB6	726528	----a-w-	C:\WINDOWS\Sysnative\ChatApis.dll
2016-04-13 13:20:04	542C143FA639E4F488005E889C8A9CFD	74752	----a-w-	C:\WINDOWS\Sysnative\MosStorage.dll
2016-04-13 13:20:04	5300F190147040AECDA4F8D669B7D673	28672	----a-w-	C:\WINDOWS\Sysnative\mapsupdatetask.dll
2016-04-13 13:20:04	4C5D035670EB045123DCF87EE2FDB33B	162816	----a-w-	C:\WINDOWS\Sysnative\enrollmentapi.dll
2016-04-13 13:20:04	4C3A93515CA70A7017CBA3A6A95CF080	121856	----a-w-	C:\WINDOWS\Sysnative\AppointmentActivation.dll
2016-04-13 13:20:04	4BE54893EC2A3B26140DF44E7B6D4E99	230400	----a-w-	C:\WINDOWS\Sysnative\DAFWSD.dll
2016-04-13 13:20:04	49FDB6B2E192AD639F09EF90C32A0395	852480	----a-w-	C:\WINDOWS\Sysnative\MapsStore.dll
2016-04-13 13:20:04	492FB85E61768950CDD27C87AED6E8FA	587776	----a-w-	C:\WINDOWS\Sysnative\bisrv.dll
2016-04-13 13:20:04	45D26646E3AD737E5DE3DB91CCCE7DBA	339968	----a-w-	C:\WINDOWS\Sysnative\SensorService.dll
2016-04-13 13:20:04	3F4C879B631C77878B42F89990518F72	460288	----a-w-	C:\WINDOWS\Sysnative\MapConfiguration.dll
2016-04-13 13:20:04	3F4461644840A3C5572DDC726C36BDF7	92160	----a-w-	C:\WINDOWS\Sysnative\SensorsNativeApi.V2.dll
2016-04-13 13:20:04	3D0DE8170ECCEC20CBF205D79C535BA1	2275328	----a-w-	C:\WINDOWS\Sysnative\wuaueng.dll
2016-04-13 13:20:04	3932940E0DB7A31B00A415F6B3D3E242	700416	----a-w-	C:\WINDOWS\Sysnative\AppointmentApis.dll
2016-04-13 13:20:04	38C87ECB57CB973AA5DA633B91778670	676352	----a-w-	C:\WINDOWS\Sysnative\WSDApi.dll
2016-04-13 13:20:04	333F190DFAE2E1EE500234B78ADDA297	640472	----a-w-	C:\WINDOWS\Sysnative\wer.dll
2016-04-13 13:20:04	2E165E1CF278FC2B4959B825642A595B	558080	----a-w-	C:\WINDOWS\Sysnative\MBMediaManager.dll
2016-04-13 13:20:04	2BCCAEB08EAF8C5D6BD024B3F020D0EA	790528	----a-w-	C:\WINDOWS\Sysnative\EmailApis.dll
2016-04-13 13:20:04	2771EBB565F5C121E66060B173991D4D	1490432	----a-w-	C:\WINDOWS\Sysnative\UserDataService.dll
2016-04-13 13:20:04	2362BCA98EAF8CE0487664467F720861	178176	----a-w-	C:\WINDOWS\Sysnative\psmsrv.dll
2016-04-13 13:20:04	215C9C65601378F56BEECDECBD1EF4AE	216416	----a-w-	C:\WINDOWS\Sysnative\AppxAllUserStore.dll
2016-04-13 13:20:04	21098276051C6BEBBA7C8EB79AAF4E22	938496	----a-w-	C:\WINDOWS\Sysnative\ContactApis.dll
2016-04-13 13:20:04	1D00BBEEE33FA7F64A8CBFF471968CB0	195072	----a-w-	C:\WINDOWS\Sysnative\VCardParser.dll
2016-04-13 13:20:04	1AE232355968BBCA3787B5B35DCA0FD0	550912	----a-w-	C:\WINDOWS\Sysnative\StoreAgent.dll
2016-04-13 13:20:04	1A0945D67F0499600E7B43A69210EC5B	41984	----a-w-	C:\WINDOWS\Sysnative\TimeBrokerClient.dll
2016-04-13 13:20:04	11C782F631D915895E56FC1CD8214E51	100232	----a-w-	C:\WINDOWS\Sysnative\omadmapi.dll
2016-04-13 13:20:04	0F3C165B71F8140F50A1DB5DE3E6D695	2158592	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
2016-04-13 13:20:04	087FF4F0D29833949962F8EE60DA345E	199168	----a-w-	C:\WINDOWS\Sysnative\InstallAgent.exe
2016-04-13 13:20:04	04F7878E7017105AB782353231561749	252928	----a-w-	C:\WINDOWS\Sysnative\PimIndexMaintenance.dll
2016-04-13 13:20:04	04BB77409644685810DBD63D86F5720E	99328	----a-w-	C:\WINDOWS\Sysnative\ngckeyenum.dll
2016-04-13 13:20:04	0271B5C23A375E008C34024088D0F396	1575936	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.Speech.dll
2016-04-13 13:20:04	020AD2DA67F206DC160053F88454A0D4	111616	----a-w-	C:\WINDOWS\Sysnative\UserDataTimeUtil.dll
2016-04-13 13:19:59	99D5C132D5085DACBFF909C3AAF832AC	2624512	----a-w-	C:\WINDOWS\Sysnative\InputService.dll
2016-04-13 13:19:59	8FFFDB163436D790369E39700B8A7DC1	27648	----a-w-	C:\WINDOWS\Sysnative\LicenseManagerShellext.exe
2016-04-13 13:19:59	77981E6F98F4A8743D3AEB1A8AF4DE09	108544	----a-w-	C:\WINDOWS\Sysnative\InputLocaleManager.dll
2016-04-13 13:19:59	5417FA7098B9A1F5A6EECB198A7B4BFC	3592704	----a-w-	C:\WINDOWS\Sysnative\win32kfull.sys
2016-04-13 13:19:59	5066575F39AEECAA7A9E03C0FA007A90	881664	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Input.Inking.dll
2016-04-13 13:19:59	46E51F35566F8B73540D56EAA0A97E46	175616	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Core.TextInput.dll
2016-04-13 13:19:59	2F844EBBB6BAA883BDDC472C44B738AE	1388544	----a-w-	C:\WINDOWS\Sysnative\win32kbase.sys
2016-04-13 13:19:58	F66EEB5365413D4B968C5B51D25F88B8	141560	----a-w-	C:\WINDOWS\Sysnative\AuthHost.exe
2016-04-13 13:19:58	F0BBBF8807D5725102A9EB06AEB9C1C5	58368	----a-w-	C:\WINDOWS\Sysnative\browcli.dll
2016-04-13 13:19:58	E8A201E7ACF39359D99EEDD3D059E5AC	1395712	----a-w-	C:\WINDOWS\Sysnative\UIAutomationCore.dll
2016-04-13 13:19:58	DB2911201B4AAC79AF712C5551F0C41D	688640	----a-w-	C:\WINDOWS\Sysnative\Windows.Networking.Connectivity.dll
2016-04-13 13:19:58	DB0C2721BE0E21EAA0C4C70B07F481DE	3078144	----a-w-	C:\WINDOWS\Sysnative\esent.dll
2016-04-13 13:19:58	D9A795240A84C9E3DA78BC1B9E239FCF	95744	----a-w-	C:\WINDOWS\Sysnative\samlib.dll
2016-04-13 13:19:58	D22A2DEC01300ECEB41D22AB60B1E4B3	66048	----a-w-	C:\WINDOWS\Sysnative\OnDemandConnRouteHelper.dll
2016-04-13 13:19:58	BEF109D45139E2646C116DD9B6E53E3C	847360	----a-w-	C:\WINDOWS\Sysnative\netlogon.dll
2016-04-13 13:19:58	BAEFEFB04D7F9A554C029FBA52A02BB8	652392	----a-w-	C:\WINDOWS\Sysnative\dxgi.dll
2016-04-13 13:19:58	B7C13F4BE0263F3A8303404A96F4246D	358752	----a-w-	C:\WINDOWS\Sysnative\msv1_0.dll
2016-04-13 13:19:58	AFAF7063071A1124985A63382B2BC34C	161792	----a-w-	C:\WINDOWS\Sysnative\AppxSip.dll
2016-04-13 13:19:58	A6969BAD3166EDA1C79988DD782A87CF	888320	----a-w-	C:\WINDOWS\Sysnative\Windows.Networking.dll
2016-04-13 13:19:58	9A3E17CDB177913C2A111C80F3D0DBB4	686976	----a-w-	C:\WINDOWS\Sysnative\dnsapi.dll
2016-04-13 13:19:58	998015F786B2B9EE029FB556393CF848	78040	----a-w-	C:\WINDOWS\Sysnative\wkscli.dll
2016-04-13 13:19:58	92FB4032354D2074DA0DC9E70D8305B1	1388032	----a-w-	C:\WINDOWS\Sysnative\lsasrv.dll
2016-04-13 13:19:58	87F0EA669FB37C03207A8870C3B91174	1410560	----a-w-	C:\WINDOWS\Sysnative\Windows.Web.Http.dll
2016-04-13 13:19:58	7E0078F1EFEB6F8F47CF85C1D73C7EBC	328192	----a-w-	C:\WINDOWS\Sysnative\profsvc.dll
2016-04-13 13:19:58	797497201A406D6CFDB72FE0545F990C	6972416	----a-w-	C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll
2016-04-13 13:19:58	7890990143812A452858058BBD52149F	297472	----a-w-	C:\WINDOWS\Sysnative\thumbcache.dll
2016-04-13 13:19:58	7118498F6E48758A2EF5A7D1982E2B62	1139712	----a-w-	C:\WINDOWS\Sysnative\XblGameSave.dll
2016-04-13 13:19:58	703F15FBAEA94F88FD5E12EFA94A0F7E	2656952	----a-w-	C:\WINDOWS\Sysnative\CoreUIComponents.dll
2016-04-13 13:19:58	6D31FB3E4263749BD994B3895322D799	982016	----a-w-	C:\WINDOWS\Sysnative\AppxPackaging.dll
2016-04-13 13:19:58	597AA6F5B21B1B15C87982FAFD1555EE	6607080	----a-w-	C:\WINDOWS\Sysnative\windows.storage.dll
2016-04-13 13:19:58	594FDF2DB7568C73C282B282845E30CF	36352	----a-w-	C:\WINDOWS\Sysnative\tbauth.dll
2016-04-13 13:19:58	5839A317C25F70979433E0905DFABB1B	284672	----a-w-	C:\WINDOWS\Sysnative\dnsrslvr.dll
2016-04-13 13:19:58	51449675B00C62F970B497A2FBF1BC46	787456	----a-w-	C:\WINDOWS\Sysnative\Windows.Web.dll
2016-04-13 13:19:58	50007CDB0F9801A7186F3E81D3377D12	2773096	----a-w-	C:\WINDOWS\Sysnative\d3d11.dll
2016-04-13 13:19:58	497EB340D13433E8FE53625103E0C2D0	146432	----a-w-	C:\WINDOWS\Sysnative\AuthBroker.dll
2016-04-13 13:19:58	4025493B778984A65B1A310864C4F08C	970752	----a-w-	C:\WINDOWS\Sysnative\kerberos.dll
2016-04-13 13:19:58	3EEB5260D4321F7F124955E1D228FDF2	274944	----a-w-	C:\WINDOWS\Sysnative\DisplayManager.dll
2016-04-13 13:19:58	3CE8EBC0B1A74A7AC639C5FAFC549CCA	436736	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentClient.dll
2016-04-13 13:19:58	2F9B478546FC00827CB269BAD949D98B	16985600	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2016-04-13 13:19:58	2F0FA6F60BC9A971BFBF31D1D2C8AF08	167936	----a-w-	C:\WINDOWS\Sysnative\dafBth.dll
2016-04-13 13:19:58	2804ACDD73835F051CE71DA4DB25337D	110584	----a-w-	C:\WINDOWS\Sysnative\srvcli.dll
2016-04-13 13:19:58	21045DC8C67DA8600529FED2A6F90D6A	848896	----a-w-	C:\WINDOWS\Sysnative\samsrv.dll
2016-04-13 13:19:58	1C8474EF741ABA77E53BE94DE8E89D26	990720	----a-w-	C:\WINDOWS\Sysnative\SettingSyncCore.dll
2016-04-13 13:19:58	0D9E0BDCCCE10F07A7B66A61B27C1F71	116224	----a-w-	C:\WINDOWS\Sysnative\FontProvider.dll
2016-04-13 13:19:57	FBC8C56814642A7CA88ACBCA8DD1121F	145408	----a-w-	C:\WINDOWS\Sysnative\dssvc.dll
2016-04-13 13:19:57	F7526C133AC265F283012E9CD751F873	625000	----a-w-	C:\WINDOWS\Sysnative\ClipSVC.dll
2016-04-13 13:19:57	B8CBDF64077D764D26E6E0255270B7BF	224256	----a-w-	C:\WINDOWS\Sysnative\PackageStateRoaming.dll
2016-04-13 13:19:57	B174232356859EBB0CF8FA950119DA1E	159232	----a-w-	C:\WINDOWS\Sysnative\DeviceCensus.exe
2016-04-13 13:19:57	AB3F697651DDAE1C424C9B2412EFBB59	1239552	----a-w-	C:\WINDOWS\Sysnative\Windows.Devices.Bluetooth.dll
2016-04-13 13:19:57	A407435633C74CB1D6911DC05A90D939	2912256	----a-w-	C:\WINDOWS\Sysnative\CertEnroll.dll
2016-04-13 13:19:57	9CB84B6398F10BCF0CE357F2C7B6056D	286720	----a-w-	C:\WINDOWS\Sysnative\deviceaccess.dll
2016-04-13 13:19:57	728146F5877FD08DE65B21817ABB19A8	765952	----a-w-	C:\WINDOWS\Sysnative\fveapi.dll
2016-04-13 13:19:57	7119946D6A8D221C65514267D9F4D520	4774912	----a-w-	C:\WINDOWS\Sysnative\actxprxy.dll
2016-04-13 13:19:57	63939B50C5C103FA71A419BCEA5B1CF0	26112	----a-w-	C:\WINDOWS\Sysnative\TokenBrokerCookies.exe
2016-04-13 13:19:57	5DFAF8BE5A3CABAABF6795BC09EB7876	948736	----a-w-	C:\WINDOWS\Sysnative\XblAuthManager.dll
2016-04-13 13:19:57	5CBB046266CD7CD1593354C93BCDBE91	870400	----a-w-	C:\WINDOWS\Sysnative\modernexecserver.dll
2016-04-13 13:19:57	5B5F518D6487FDCC9C40A74D3C72B8EE	828928	----a-w-	C:\WINDOWS\Sysnative\Windows.AccountsControl.dll
2016-04-13 13:19:57	56C238ACFE4CB020D3E38508249039EA	87040	----a-w-	C:\WINDOWS\Sysnative\tzautoupdate.dll
2016-04-13 13:19:57	5276C6CCA158FD73D20642C6A7A507E7	1946112	----a-w-	C:\WINDOWS\Sysnative\dwmcore.dll
2016-04-13 13:19:57	5118193C56A2F8D07554395B78A6FDCC	223232	----a-w-	C:\WINDOWS\Sysnative\fveapibase.dll
2016-04-13 13:19:57	4098813724BDAC23A74DD6E75CA360CC	450560	----a-w-	C:\WINDOWS\Sysnative\Windows.Internal.Bluetooth.dll
2016-04-13 13:19:57	3C994D13A234D0E33D592CDF55F09B01	628736	----a-w-	C:\WINDOWS\Sysnative\MessagingDataModel2.dll
2016-04-13 13:19:57	281C61D772D6F267FEABDF71E38C621C	821760	----a-w-	C:\WINDOWS\Sysnative\TokenBroker.dll
2016-04-13 13:19:57	15D174719872A30F2FDD6B5B1B8BA5D9	1613664	----a-w-	C:\WINDOWS\Sysnative\diagtrack.dll
2016-04-13 13:19:57	0FEE16BB03B1A97A70121165E7414903	67584	----a-w-	C:\WINDOWS\Sysnative\profext.dll
2016-04-13 13:07:03	E91942A0D00C6AA014B2EA33EE0ED0A3	35480	----a-w-	C:\WINDOWS\Sysnative\TsWpfWrp.exe
2016-04-13 13:07:03	E2296A6174894682DF8F0FF29FDDCC82	1166520	----a-w-	C:\WINDOWS\Sysnative\PresentationNative_v0300.dll
2016-04-13 13:07:03	C5FEF4B4A7FB961ECDB0AB07DBCF379E	124624	----a-w-	C:\WINDOWS\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2016-04-13 13:06:33	48E7F01CD9246CAF86702F5CB9100C9F	1087488	----a-w-	C:\WINDOWS\Sysnative\reseteng.dll
2016-04-13 13:06:33	20B48DC4AF4492B31A756528444BDA8C	304752	----a-w-	C:\WINDOWS\Sysnative\systemreset.exe
2016-04-13 12:33:56	480C384423A2ACA6F2FBFC68F27F4AE7	2134982	----a-w-	C:\WINDOWS\Sysnative\PerfStringBackup.INI
====== C:\WINDOWS\Sysnative\drivers =====
2016-04-16 06:50:14	912CAA7E08A94A7C25CB315104AF42CD	18160	----a-w-	C:\WINDOWS\Sysnative\drivers\GdPhyMem.sys
2016-04-16 06:50:13	65BF29515C25819C18CA426EAEDF0B14	106272	----a-w-	C:\WINDOWS\Sysnative\drivers\GRD.sys
2016-04-16 06:32:06	DD7D5196EB9C4321EA57B668AF873840	37400	----a-w-	C:\WINDOWS\Sysnative\drivers\GDKBB64.sys
2016-04-16 06:32:02	AC43FC300024DBB0CC02C61785ECB5A9	29720	----a-w-	C:\WINDOWS\Sysnative\drivers\GDKBFlt64.sys
2016-04-16 06:31:59	CA3B8AD1A520FD002200F3E5F97ADD79	100352	----a-w-	C:\WINDOWS\Sysnative\drivers\TS4nt.sys
2016-04-16 06:31:23	8BA7DF1F47C14CBD45182157318A8A39	77848	----a-w-	C:\WINDOWS\Sysnative\drivers\gdwfpcd64.sys
2016-04-16 06:30:47	B4355AF2D50AFF399B8121CE83CE4356	92160	----a-w-	C:\WINDOWS\Sysnative\drivers\PktIcpt.sys
2016-04-16 06:30:33	DD5B2516CC42B3F80EF987AF6D466461	160768	----a-w-	C:\WINDOWS\Sysnative\drivers\GDBehave.sys
2016-04-16 06:30:33	62F354B96AB176B8AC98DE8568FA236A	246272	----a-w-	C:\WINDOWS\Sysnative\drivers\MiniIcpt.sys
2016-04-16 06:30:33	47A65424A8C2B60F32B202EA74FB8978	134656	----a-w-	C:\WINDOWS\Sysnative\drivers\HookCentre.sys
2016-04-13 13:20:37	1A490555FD330CA2764D89191177C867	285696	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys
2016-04-13 13:20:24	083A727D784009F9CCFB120C7841B7AF	2403680	----a-w-	C:\WINDOWS\Sysnative\drivers\tcpip.sys
2016-04-13 13:20:14	E582DA849A58524E645545FB68B6625D	1152864	----a-w-	C:\WINDOWS\Sysnative\drivers\ndis.sys
2016-04-13 13:20:14	19BD8A88AAC580592668B070AC0727D9	2152280	----a-w-	C:\WINDOWS\Sysnative\drivers\ntfs.sys
2016-04-13 13:20:13	935823F79CBEDB91637B63D37E3A5A36	148480	----a-w-	C:\WINDOWS\Sysnative\drivers\dfsc.sys
2016-04-13 13:20:13	0B3B0C1D86050355676640488FA897D3	430944	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb.sys
2016-04-13 13:20:05	EDDB0D726DBECDFC1DBCC6DB464E5A13	146272	----a-w-	C:\WINDOWS\Sysnative\drivers\appid.sys
2016-04-13 13:20:05	E3C82823B22463BC38AA4F8ADA852624	104960	----a-w-	C:\WINDOWS\Sysnative\drivers\rasl2tp.sys
2016-04-13 13:20:05	AA4CD20708B7E0412A5316D7E2875103	530432	----a-w-	C:\WINDOWS\Sysnative\drivers\nwifi.sys
2016-04-13 13:20:05	A4411C522D41707D5BCA817A5BB9E30B	114688	----a-w-	C:\WINDOWS\Sysnative\drivers\bridge.sys
2016-04-13 13:20:05	2BC2E99623119521EEF7910A11D0FDE0	694784	----a-w-	C:\WINDOWS\Sysnative\drivers\WdiWiFi.sys
2016-04-13 13:20:04	63C3F74DC398A1C1A77E39DFB9C312CA	1089888	----a-w-	C:\WINDOWS\Sysnative\drivers\http.sys
2016-04-13 13:19:59	F45665E77D11F3C1552EDBEAD1559DC8	1997152	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2016-04-13 13:19:59	64D4F5DE44B64B8284BADE5819B5195A	394080	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2016-04-13 13:19:59	33190E86460C4FF7382848187463DC28	576864	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2016-04-13 13:19:58	3B866F8CB10719A5AF9E410B1B149714	605440	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2016-04-13 13:19:58	28B8E1C6CBCF9FFE2FABFF3160C26ADF	258912	----a-w-	C:\WINDOWS\Sysnative\drivers\ufx01000.sys
2016-04-13 13:19:57	F279536122B83FD0D8E158AA753E1B7C	238592	----a-w-	C:\WINDOWS\Sysnative\drivers\xboxgip.sys
2016-04-13 13:19:57	DA0807D87A62D076C29C4E30F1E84F46	26112	----a-w-	C:\WINDOWS\Sysnative\drivers\xinputhid.sys
2016-04-13 13:19:57	B7E1CAA9429E4C3E7E01CB35B97E1536	534368	----a-w-	C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2016-04-13 13:19:57	B24408471C1BCB17FC44F5B47EA8DEA3	277856	----a-w-	C:\WINDOWS\Sysnative\drivers\sdbus.sys
2016-04-13 13:19:57	9E9D58F5E1702955B2F4D62996F80E8E	378208	----a-w-	C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS
2016-04-13 13:19:57	8949F77132A4F8F3BA17C6727099F002	127840	----a-w-	C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS
2016-04-13 13:19:57	8359F776CA899E761852F2293B724EAE	185184	----a-w-	C:\WINDOWS\Sysnative\drivers\dumpsd.sys
2016-04-13 13:19:57	469441BAE3FF8A16826FC62C51EF5E18	563552	----a-w-	C:\WINDOWS\Sysnative\drivers\acpi.sys
2016-04-13 13:19:57	249A563C48DFD9E42A37587653E003BB	83968	----a-w-	C:\WINDOWS\Sysnative\drivers\serial.sys
2016-04-13 13:19:57	0731E8F4D8D3B8D3FD98A46A8ABFE0A0	333824	----a-w-	C:\WINDOWS\Sysnative\drivers\portcls.sys
2016-04-13 12:30:06	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-03-21 17:14:51	78488AF2AB2111D67B3C4044707A519B	192216	----a-w-	C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
2016-03-21 17:14:01	898415AC0B5F1D2A9A48ABCB68A6DC4B	65408	----a-w-	C:\WINDOWS\Sysnative\drivers\mwac.sys
2016-03-21 17:14:01	78BFF5425E044086E74E78650A359FBB	27008	----a-w-	C:\WINDOWS\Sysnative\drivers\mbam.sys
2016-03-21 17:14:01	1239597BAB7EED2BB16D035AF87E65D9	140672	----a-w-	C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys
====== C:\WINDOWS\Tasks ======
2016-04-18 12:42:10	8EF8BB12D8C8D9431583533BC94C6538	214	----a-w-	C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-04-16 04:57:08	FB269B277130C5A1162DCD122065F7D7	3394	----a-w-	C:\WINDOWS\Sysnative\Tasks\{1D4B1910-1D6C-4EE0-B826-761204C12280}
2016-04-11 19:54:20	C64F4DA7B12FF2CBC30C1A8FF2BB9201	2840	----a-w-	C:\WINDOWS\Sysnative\Tasks\HPCeeScheduleForvan la Parra
2016-04-11 19:54:00	1B4002AB00BDD6B536D3FCDF7620CA9C	388	----a-w-	C:\WINDOWS\Tasks\HPCeeScheduleForvan la Parra.job
2016-04-05 14:15:35	9948A6DBAF486E400A9630E1A35A2C49	4210	----a-w-	C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{A677905A-95B0-4987-8910-C67E15EE9D58}
2016-03-21 18:18:12	--------	d-----w-	C:\WINDOWS\Sysnative\Tasks\Safer-Networking
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-04-16 19:20:54	--------	d-----w-	C:\Program Files\trend micro
2016-04-13 13:08:41	--------	d-----w-	C:\Program Files\Reference Assemblies
2016-04-13 13:08:41	--------	d-----w-	C:\Program Files\MSBuild
2016-04-13 12:37:50	--------	d-----w-	C:\Program Files\Common Files\SpeechEngines
2016-04-13 12:30:38	--------	d-----w-	C:\Program Files\Realtek
2016-03-21 18:21:14	--------	d-----w-	C:\Program Files\Common Files\AV
======= C:\PROGRA~2 =====
2016-04-16 12:48:21	--------	d-----w-	C:\PROGRA~2\Kaspersky Lab
2016-04-16 05:48:35	--------	d-----w-	C:\PROGRA~2\COMMON~1\Adobe AIR
2016-04-16 05:13:05	--------	d-----w-	C:\PROGRA~2\Pidgin
2016-04-16 04:04:40	--------	d-----w-	C:\PROGRA~2\COMMON~1\Steganos
2016-04-14 17:23:47	--------	d-----w-	C:\PROGRA~2\Avira
2016-04-13 19:25:36	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
2016-04-13 19:25:34	--------	d-----r-	C:\PROGRA~2\Skype
2016-04-13 13:08:41	--------	d-----w-	C:\PROGRA~2\Reference Assemblies
2016-04-13 13:08:41	--------	d-----w-	C:\PROGRA~2\MSBuild
2016-04-13 12:37:55	--------	d-----w-	C:\PROGRA~2\COMMON~1\SpeechEngines
2016-03-27 07:46:26	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
2016-04-11 21:11:04	75BF03559B9D8F4C9A7C4C2F1CF7AA6A	1880	----a-w-	C:\AdwCleaner[R4].txt
====== C:\Users\van la Parra\AppData\Roaming ======
2016-04-16 10:28:09	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\CrashDumps
2016-04-16 06:34:46	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CrashDumps
2016-04-16 06:09:39	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\PeerDistRepub
2016-04-16 05:48:26	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Adobe
2016-04-15 04:37:23	--------	d-----w-	C:\Users\van la Parra\AppData\Local\Avira
2016-04-14 17:35:41	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avira_Operations_GmbH_&_C
2016-04-13 14:26:24	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing
2016-04-13 13:02:07	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages
2016-04-13 12:51:35	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2016-04-13 12:50:32	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Trusteer
2016-04-13 12:45:09	--------	d-----w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
2016-04-13 12:45:09	--------	d-----w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
2016-04-13 12:45:09	--------	d-----w-	C:\Users\Default\AppData\Local\Trusteer
2016-04-13 12:45:09	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
2016-04-13 12:45:09	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
2016-04-13 12:45:09	--------	d-----w-	C:\Users\Default User\AppData\Local\Trusteer
2016-04-13 12:34:58	--------	d-s---r-	C:\Users\van la Parra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-04-13 12:34:58	--------	d-----w-	C:\Users\van la Parra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-04-13 12:34:58	--------	d-----w-	C:\Users\van la Parra\AppData\Roaming
2016-04-13 12:34:58	--------	d-----w-	C:\Users\van la Parra\AppData\Local\Temp
2016-04-13 12:34:58	--------	d-----w-	C:\Users\van la Parra\AppData\Local\Microsoft
2016-04-13 12:34:58	--------	d-----w-	C:\Users\van la Parra\AppData\Local
2016-04-13 12:34:58	--------	d-----r-	C:\Users\van la Parra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-04-13 12:34:58	--------	d-----r-	C:\Users\van la Parra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-04-13 12:34:58	--------	d-----r-	C:\Users\van la Parra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-04-13 12:34:58	--------	d-----r-	C:\Users\van la Parra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-04-13 12:34:56	--------	d-s---r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-04-13 12:34:56	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-04-13 12:34:56	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-04-13 12:34:56	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming
2016-04-13 12:34:56	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local\Temp
2016-04-13 12:34:56	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local\Microsoft
2016-04-13 12:34:56	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local
2016-04-13 12:34:56	--------	d-----r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-04-13 12:34:56	--------	d-----r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-04-13 12:34:56	--------	d-----r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
====== C:\Users\van la Parra ======
2016-04-17 11:12:05	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\winhttp
2016-04-17 10:15:04	B780662DB8C0633088ED89BBDF37084E	3677760	----a-w-	C:\Users\van la Parra\Downloads\adwcleaner_5.111.exe
2016-04-17 09:53:33	620C0F892E79D61EB245CB3E60142D13	3030608	----a-w-	C:\Users\van la Parra\Downloads\TeamViewerQS_nl (3).exe
2016-04-17 09:53:33	620C0F892E79D61EB245CB3E60142D13	3030608	----a-w-	C:\Users\van la Parra\Downloads\TeamViewerQS_nl (2).exe
2016-04-16 19:19:20	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\van la Parra\Downloads\RSITx64.exe
2016-04-16 15:03:09	35D60FD322B1A61AAE7ADF909B6C0B26	7635472	----a-w-	C:\Users\van la Parra\Downloads\GetWindows10-sds_____________ (3).exe
2016-04-16 14:57:49	35D60FD322B1A61AAE7ADF909B6C0B26	7635472	----a-w-	C:\Users\van la Parra\Downloads\GetWindows10-sds_____________ (2).exe
2016-04-16 14:55:14	35D60FD322B1A61AAE7ADF909B6C0B26	7635472	----a-w-	C:\Users\van la Parra\Downloads\GetWindows10-sds_____________ (1).exe
2016-04-16 12:41:44	302A5EBE689F88A032AFEF5AB163D03D	94284776	----a-w-	C:\Users\van la Parra\Downloads\KVRT.exe
2016-04-16 12:41:12	28088763EBE9D9715ADB5AF1CF62E3C6	515992	----a-w-	C:\Users\van la Parra\Downloads\CleanerSetup.exe
2016-04-16 12:29:11	CA41DBA55A727F01104871B160CD5B1D	1118920	----a-w-	C:\Users\van la Parra\Downloads\NDP452-KB2901954-Web.exe
2016-04-16 12:24:37	4D1BB86D0EEE168E1DA91A36350C1C21	1424328	----a-w-	C:\Users\van la Parra\Downloads\NDP461-KB3102438-Web.exe
2016-04-16 12:15:04	79F7CEE2AD44F1FDE6377D9A4298C6C5	1274216	----a-w-	C:\Users\van la Parra\Downloads\NetFxRepairTool.exe
2016-04-16 12:08:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-04-16 11:57:37	EE24512E5F1FC5388999919B04CBABEB	4734128	----a-w-	C:\Users\van la Parra\Downloads\avira_en_avpn0_57121c85074cc__ws.exe
2016-04-16 06:32:32	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL PROTECTION
2016-04-16 06:28:44	--------	d-----w-	C:\ProgramData\G DATA Software
2016-04-16 06:23:41	7A515671ECE9CA674CA094A1777A6E85	273974176	----a-w-	C:\Users\van la Parra\Downloads\INT_R_BASE_TP (1).exe
2016-04-16 06:18:01	7A515671ECE9CA674CA094A1777A6E85	273974176	----a-w-	C:\Users\van la Parra\Downloads\INT_R_BASE_TP.exe
2016-04-16 06:11:10	47206A06E67041DA3FA227F96F1CC78B	872352	----a-w-	C:\Users\van la Parra\Downloads\AVCleaner (3).exe
2016-04-16 06:10:22	5A855B0B120B4AE5C7C3E5F8D0A11989	555424	----a-w-	C:\Users\van la Parra\Downloads\svchost.exe
2016-04-16 05:30:12	--------	d-----w-	C:\ProgramData\Apple Computer
2016-04-16 05:29:39	371FBA7A9FF13230422BE48143BED89C	782912	----a-w-	C:\Users\van la Parra\Downloads\change_files.exe
2016-04-16 05:26:00	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\.oracle_jre_usage
2016-04-16 05:18:43	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-04-16 05:11:28	--------	d-----w-	C:\Users\Public\Foxit Software
2016-04-16 05:11:09	--------	d-----w-	C:\ProgramData\Foxit ContentPlatform
2016-04-16 05:05:46	--------	d-----r-	C:\WINDOWS\sysWoW64\config\systemprofile\Desktop
2016-04-16 04:03:13	23A32EDF83184E32734620BC7C5423B1	39812256	----a-w-	C:\Users\van la Parra\Downloads\sosintwr(1).exe
2016-04-16 04:02:37	23A32EDF83184E32734620BC7C5423B1	39812256	----a-w-	C:\Users\van la Parra\Downloads\sosintwr.exe
2016-04-16 03:47:09	--------	d-----w-	C:\ProgramData\HitmanPro.Alert
2016-04-16 03:46:35	993FF339360D36B66963C3F8F1CA03F3	4093696	----a-w-	C:\Users\van la Parra\Downloads\hmpalert(1).exe
2016-04-16 03:42:07	993FF339360D36B66963C3F8F1CA03F3	4093696	----a-w-	C:\Users\van la Parra\Downloads\hmpalert.exe
2016-04-15 15:02:29	2367559CD113A3404E00AE74F553180D	47116504	----a-w-	C:\Users\van la Parra\Downloads\Windows-KB890830-x64-V5.35(1).exe
2016-04-15 04:43:24	5756F720B0D4B84521C6494EDEA23908	2405664	----a-w-	C:\Users\van la Parra\Downloads\HousecallLauncher64.exe
2016-04-14 21:41:13	7123A226818ADDA42539611DC004E501	2314488	----a-w-	C:\Users\van la Parra\Downloads\avira_pc_cleaner_de.exe
2016-04-14 21:34:05	E5F94A882F851044354B70ABA84C9A5E	11441744	----a-w-	C:\Users\van la Parra\Downloads\hitmanpro_x64.exe
2016-04-14 17:23:41	--------	d-----w-	C:\ProgramData\Avira
2016-04-14 17:22:38	EE24512E5F1FC5388999919B04CBABEB	4734128	----a-w-	C:\Users\van la Parra\Downloads\avira_nl_av_570fd1bd72aa6__ws.exe
2016-04-14 16:56:01	77A7519F29E8A4B06FA02F54DE9FE556	3088296	----a-w-	C:\Users\van la Parra\Downloads\NPE(5).exe
2016-04-14 16:36:30	620C0F892E79D61EB245CB3E60142D13	3030608	----a-w-	C:\Users\van la Parra\Downloads\TeamViewerQS_nl (1).exe
2016-04-13 19:25:38	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-04-13 19:23:52	3A362B61D11D7399047473BA586D25ED	1503872	----a-w-	C:\Users\van la Parra\Downloads\SkypeSetup(1).exe
2016-04-13 18:24:14	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\van la Parra\ntuser.ini
2016-04-13 12:34:58	--------	d--h--w-	C:\Users\van la Parra\AppData
2016-04-13 12:34:56	--------	d--h--w-	C:\Users\DefaultAppPool\AppData
2016-04-13 12:34:07	7BDB41430854B050C681DF66D471E7A5	196608	----a-w-	C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bin
2016-04-13 12:34:07	1653EE4B81FD59F2839355F03C675FF3	196608	----a-w-	C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bak
2016-04-13 08:37:12	35D60FD322B1A61AAE7ADF909B6C0B26	7635472	----a-w-	C:\Users\van la Parra\Downloads\GetWindows10-sds_____________.exe
2016-04-13 07:49:49	2367559CD113A3404E00AE74F553180D	47116504	----a-w-	C:\Users\van la Parra\Downloads\Windows-KB890830-x64-V5.35.exe
2016-04-13 07:02:17	77A7519F29E8A4B06FA02F54DE9FE556	3088296	----a-w-	C:\Users\van la Parra\Downloads\NPE(4).exe
2016-04-13 06:33:33	77A7519F29E8A4B06FA02F54DE9FE556	3088296	----a-w-	C:\Users\van la Parra\Downloads\NPE(1).exe
2016-04-13 06:13:58	E91D834A4B986A8B665BF1AE78B7F4A7	1610352	----a-w-	C:\Users\van la Parra\Downloads\JRT(1).exe
2016-04-13 05:59:32	D63333E92F3093E20B741539E0B09F4D	17560376	----a-w-	C:\Users\van la Parra\Downloads\GDCleanUp.exe
2016-04-12 16:19:01	5A855B0B120B4AE5C7C3E5F8D0A11989	555424	----a-w-	C:\Users\van la Parra\Downloads\svchost (1).exe
2016-04-12 16:13:48	9C11E01897711A6EAB9583F1A7518A44	800160	----a-w-	C:\Users\van la Parra\Downloads\Quarantine.exe
2016-04-12 16:13:02	39E34055745818D78E15712028BBEF27	946592	----a-w-	C:\Users\van la Parra\Downloads\MonActivityCS.exe
2016-04-12 15:19:34	7A515671ECE9CA674CA094A1777A6E85	273974176	----a-w-	C:\Users\van la Parra\Downloads\INT_R_BASE_TP (9).exe
2016-04-12 15:16:54	47206A06E67041DA3FA227F96F1CC78B	872352	----a-w-	C:\Users\van la Parra\Downloads\AVCleaner (2).exe
2016-04-12 15:15:04	47206A06E67041DA3FA227F96F1CC78B	872352	----a-w-	C:\Users\van la Parra\Downloads\AVCleaner (1).exe
2016-04-12 14:17:33	47206A06E67041DA3FA227F96F1CC78B	872352	----a-w-	C:\Users\van la Parra\Downloads\AVCleaner.exe
2016-04-11 21:37:57	F9DEDBE5072215B252D709BCACCAD595	1032912	----a-w-	C:\Users\van la Parra\Downloads\toolbarcleaner_setup (1).exe
2016-04-11 21:10:41	EA755D083C9E2539394ECBE4F039C817	533705	----a-w-	C:\Users\van la Parra\Downloads\adwcleaner (1).exe
2016-04-11 18:48:10	77A7519F29E8A4B06FA02F54DE9FE556	3088296	----a-w-	C:\Users\van la Parra\Downloads\NPE.exe
2016-04-11 18:28:01	77A7519F29E8A4B06FA02F54DE9FE556	3088296	----a-w-	C:\Users\van la Parra\Downloads\NPE(2).exe

====== C: exe-files ==
2016-04-18 12:02:53	87D8DAFF16C1226B2F26E17076FD78BD	5144256	----a-w-	C:\Users\van la Parra\AppData\Local\Temp\FoxitUpdater.exe
2016-04-17 13:48:09	4E95AB8BEB2C8FD53B348EF4AD5121C5	149184	----a-w-	C:\Users\van la Parra\AppData\Local\Temp\9E48F9E3-36DF-41DE-BF44-5CF44CF69203\DismHost.exe
2016-04-17 13:34:19	4E95AB8BEB2C8FD53B348EF4AD5121C5	149184	----a-w-	C:\Users\van la Parra\AppData\Local\Temp\56BD6883-A934-4D5D-A1FB-F5400FC5A56F\DismHost.exe
2016-04-17 10:15:04	B780662DB8C0633088ED89BBDF37084E	3677760	----a-w-	C:\Users\van la Parra\Downloads\adwcleaner_5.111.exe
2016-04-17 09:54:21	4DE0A31125C06C21F8948C06B7CA7BA8	129408	----a-w-	C:\Users\van la Parra\AppData\Local\Temp\TeamViewer\Version7\tv_x64.exe
2016-04-17 09:54:20	FB7236A8CA75AF47F43EAA31690FC0CC	2673024	----a-w-	C:\Users\van la Parra\AppData\Local\Temp\TeamViewer\Version7\TeamViewer_Service.exe
2016-04-17 09:54:20	26ED0791F84F49571AB88CF7A8217F5C	106368	----a-w-	C:\Users\van la Parra\AppData\Local\Temp\TeamViewer\Version7\tv_w32.exe
2016-04-17 09:54:20	03B9F2E1623AEA488420EDDEFCE6BCD8	2284416	----a-w-	C:\Users\van la Parra\AppData\Local\Temp\TeamViewer\Version7\TeamViewer_Desktop.exe
2016-04-17 09:54:19	ED51D984BC14EBB3B65825155EFE2BFF	6463872	----a-w-	C:\Users\van la Parra\AppData\Local\Temp\TeamViewer\Version7\TeamViewer.exe
2016-04-16 19:21:25	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\van la Parra.exe
2016-04-16 15:03:09	35D60FD322B1A61AAE7ADF909B6C0B26	7635472	----a-w-	C:\Users\van la Parra\Downloads\GetWindows10-sds_____________ (3).exe
2016-04-16 14:57:49	35D60FD322B1A61AAE7ADF909B6C0B26	7635472	----a-w-	C:\Users\van la Parra\Downloads\GetWindows10-sds_____________ (2).exe
2016-04-16 14:55:14	35D60FD322B1A61AAE7ADF909B6C0B26	7635472	----a-w-	C:\Users\van la Parra\Downloads\GetWindows10-sds_____________ (1).exe
2016-04-16 12:41:44	302A5EBE689F88A032AFEF5AB163D03D	94284776	----a-w-	C:\Users\van la Parra\Downloads\KVRT.exe
2016-04-16 12:41:12	28088763EBE9D9715ADB5AF1CF62E3C6	515992	----a-w-	C:\Users\van la Parra\Downloads\CleanerSetup.exe
2016-04-16 12:29:11	CA41DBA55A727F01104871B160CD5B1D	1118920	----a-w-	C:\Users\van la Parra\Downloads\NDP452-KB2901954-Web.exe
2016-04-16 12:24:37	4D1BB86D0EEE168E1DA91A36350C1C21	1424328	----a-w-	C:\Users\van la Parra\Downloads\NDP461-KB3102438-Web.exe
2016-04-16 12:15:04	79F7CEE2AD44F1FDE6377D9A4298C6C5	1274216	----a-w-	C:\Users\van la Parra\Downloads\NetFxRepairTool.exe
2016-04-16 11:57:37	EE24512E5F1FC5388999919B04CBABEB	4734128	----a-w-	C:\Users\van la Parra\Downloads\avira_en_avpn0_57121c85074cc__ws.exe
2016-04-16 06:23:41	7A515671ECE9CA674CA094A1777A6E85	273974176	----a-w-	C:\Users\van la Parra\Downloads\INT_R_BASE_TP (1).exe
2016-04-16 06:18:01	7A515671ECE9CA674CA094A1777A6E85	273974176	----a-w-	C:\Users\van la Parra\Downloads\INT_R_BASE_TP.exe
2016-04-16 06:11:10	47206A06E67041DA3FA227F96F1CC78B	872352	----a-w-	C:\Users\van la Parra\Downloads\AVCleaner (3).exe
2016-04-16 05:48:20	ABDB9D35071C3DD66E04C8E9449D5F30	62464	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe
2016-04-16 05:48:20	81FDA615FB56889C3F870F8DF997C314	362672	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
2016-04-16 05:48:20	7BCA1072B332C5C421651125CD765C0D	389808	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
2016-04-16 05:48:20	11ED409F462FBF3C755A282CE41EB5DE	310960	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe
2016-04-16 05:48:20	11ED409F462FBF3C755A282CE41EB5DE	310960	----a-w-	C:\Program Files (x86)\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe
2016-04-16 05:29:39	371FBA7A9FF13230422BE48143BED89C	782912	----a-w-	C:\Users\van la Parra\Downloads\change_files.exe
2016-04-16 05:24:44	F4E94CBB9DEF622171D8943F2160B214	51776	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssvagent.exe
2016-04-16 05:24:44	D709404CB67D09946628987244B98A60	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\servertool.exe
2016-04-16 05:24:44	C1F46A7656D1DED6326D8E28B1CF1862	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\rmiregistry.exe
2016-04-16 05:24:44	AC4F3A4F853070419C9E8479B3868103	16448	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\tnameserv.exe
2016-04-16 05:24:44	A48BDE309534612FBA41D58E754A38BE	159296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\unpack200.exe
2016-04-16 05:24:44	8DF0EA1993F98096557A4AFA6235DE4E	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\rmid.exe
2016-04-16 05:24:43	F85C40988E94C2F463508FBEE94025BF	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\kinit.exe
2016-04-16 05:24:43	E2AF676759086BAE2F16D6B5033E7F46	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\policytool.exe
2016-04-16 05:24:43	D62B10425DC16A177CB64D6B0356F915	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\jjs.exe
2016-04-16 05:24:43	C558C87F624CF96F812028165190EEDE	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\pack200.exe
2016-04-16 05:24:43	A756D5633F6596B0E4711E60D3F61BCA	16448	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\orbd.exe
2016-04-16 05:24:43	724998551979EB4E0DF53CA3994AF035	77888	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2launcher.exe
2016-04-16 05:24:43	5192C3656176D1D21D21372E1061D1A4	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\ktab.exe
2016-04-16 05:24:43	4CC7AA4DCC143BB06999A62B8763EA6C	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\keytool.exe
2016-04-16 05:24:43	26E779D9D96192E312E5DC042E993DED	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\klist.exe
2016-04-16 05:24:42	D763E321831C859D9195ADF15A951E95	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\java-rmi.exe
2016-04-16 05:24:42	C31F1BDBB1902458FA15515BD0D8340B	191040	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\java.exe
2016-04-16 05:24:42	AAADCD8DA5BCE8986D6FEC09FAB7B70D	68672	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\javacpl.exe
2016-04-16 05:24:42	A5AECC1529B64CB123B1880D3AD0F1AE	268352	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\javaws.exe
2016-04-16 05:24:42	6101EC702C56D5F688AA578AC457A440	30784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\jabswitch.exe
2016-04-16 05:24:42	2AD9EFBB015490AA315707BAC2BFD816	191552	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\bin\javaw.exe
2016-04-16 05:22:08	4A3DB06145DC1EDC790E003649B7889E	270726	----a-w-	C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
2016-04-16 05:18:49	4FA49D9910621915F6C88309C1E71500	269644	----a-w-	C:\Program Files\VideoLAN\VLC\uninstall.exe
2016-04-16 05:13:40	94A225BAC6853EBF472F18A567374ACF	105829	----a-w-	C:\Program Files (x86)\Pidgin\pidgin-uninst.exe
2016-04-16 05:13:07	D6458447F3EBEBAADB38600B74152A74	33745	----a-w-	C:\Program Files (x86)\Pidgin\Gtk\bin\pango-querymodules.exe
2016-04-16 05:13:05	E63DC83EFA0E9BE229CC0863A0AEDC79	30678	----a-w-	C:\Program Files (x86)\Pidgin\Gtk\bin\gspawn-win32-helper.exe
2016-04-16 05:13:05	C5C42BBEFFA3B2777953504CAE2F0E1F	25294	----a-w-	C:\Program Files (x86)\Pidgin\Gtk\bin\gdk-pixbuf-query-loaders.exe
2016-04-16 05:13:05	8D3EF80B0684C7D42CE3DC20C083CD48	30100	----a-w-	C:\Program Files (x86)\Pidgin\Gtk\bin\gspawn-win32-helper-console.exe
2016-04-16 05:13:05	003F406772F394035A3CAF6417197CA7	26251	----a-w-	C:\Program Files (x86)\Pidgin\Gtk\bin\gtk-query-immodules-2.0.exe
2016-04-16 04:08:21	D8F7D414673BA722F048A8CBF16C8B84	10990464	----a-w-	C:\Users\van la Parra\AppData\Roaming\Steganos\OnlineShield\Proxy\node.exe
2016-04-16 03:46:35	993FF339360D36B66963C3F8F1CA03F3	4093696	----a-w-	C:\Users\van la Parra\Downloads\hmpalert(1).exe
2016-04-16 03:42:07	993FF339360D36B66963C3F8F1CA03F3	4093696	----a-w-	C:\Users\van la Parra\Downloads\hmpalert.exe
2016-04-15 04:43:24	5756F720B0D4B84521C6494EDEA23908	2405664	----a-w-	C:\Users\van la Parra\Downloads\HousecallLauncher64.exe
2016-04-14 21:41:13	7123A226818ADDA42539611DC004E501	2314488	----a-w-	C:\Users\van la Parra\Downloads\avira_pc_cleaner_de.exe
2016-04-14 21:34:05	E5F94A882F851044354B70ABA84C9A5E	11441744	----a-w-	C:\Users\van la Parra\Downloads\hitmanpro_x64.exe
2016-04-14 17:22:38	EE24512E5F1FC5388999919B04CBABEB	4734128	----a-w-	C:\Users\van la Parra\Downloads\avira_nl_av_570fd1bd72aa6__ws.exe
2016-04-14 17:16:11	BAB8C4A4A5936BB5B7B38A9469025DD4	51973024	----atw-	C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\50.0.2661.75\chrome_installer.exe
2016-04-13 18:31:11	E4D26B91BBDC51ADF460F371323AECD1	8076992	----a-w-	C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\OneDriveSetup.exe
2016-04-13 18:31:10	E4D26B91BBDC51ADF460F371323AECD1	8076992	----a-w-	C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\OneDriveSetup.exe
2016-04-13 18:30:34	092405FB2D6BC20668BEA02647FE2393	164040	----a-w-	C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\FileSyncConfig.exe
2016-04-13 18:30:24	1E9D2587344160BB2AF16C503F062868	171712	----a-w-	C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\FileCoAuth.exe
2016-04-13 13:20:37	09D8EBC01776C2D117918993EDDC19B2	1474560	----a-w-	C:\Program Files\Windows Media Player\wmpnetwk.exe
2016-04-13 09:08:19	FB2D29DDC97E5A936CD24D7EE027927F	10378432	----a-w-	C:\$WINDOWS.~BT\Sources\setupprep.exe
2016-04-13 09:08:19	8D12AF03602E57C32E6655DD0CA2DB35	95424	----a-w-	C:\$WINDOWS.~BT\Sources\setuperror.exe
2016-04-13 09:08:18	EB4F769491FAE57AA057CDBE80C32632	271040	----a-w-	C:\$WINDOWS.~BT\Sources\setup.exe
2016-04-13 09:08:18	0628856023487CD98E066D3DD1BE6317	127168	----a-w-	C:\$WINDOWS.~BT\Sources\rollback.exe
2016-04-13 09:07:50	3BB92CF41D6ABBA32674C8176C859BD0	279232	----a-w-	C:\$WINDOWS.~BT\Sources\mighost.exe
2016-04-13 09:07:32	86E7E2E5285F47D96A7237A0314DA893	494080	----a-w-	C:\$WINDOWS.~BT\Sources\dlmanifests\microsoft-windows-iasserver-migplugin\iasmigreader.exe
2016-04-13 09:07:26	061462DE99D630A0A1264B2ADE68C4D1	310624	----a-w-	C:\$WINDOWS.~BT\Sources\dism.exe
2016-04-13 09:07:20	A06997C01F8CBA4C3410BDEDB11FCFDC	797024	----a-w-	C:\$WINDOWS.~BT\Boot\memtest.exe
2016-04-13 09:07:18	FEC74F125B7E2214322F776B8F5E562F	111968	----a-w-	C:\$WINDOWS.~BT\Boot\bootsect.exe
2016-04-13 09:07:10	F7D073EB7D3127C9BC762FC56FB1EF67	759488	----a-w-	C:\$WINDOWS.~BT\Sources\SetupHost.exe
2016-04-13 09:07:10	03AAE2338A14CC3DD25597D0FC9AEEEC	173760	----a-w-	C:\$WINDOWS.~BT\Sources\setupplatform.exe
2016-04-13 09:07:09	307B78B19E5DC4AD634F3F57E9F30E93	1025616	----a-w-	C:\$WINDOWS.~BT\Sources\gatherosstate.exe
2016-04-13 09:07:08	86C095AF49B6EB83523F819ACA414823	88256	----a-w-	C:\$WINDOWS.~BT\Sources\diagtrackrunner.exe
2016-04-13 08:37:12	35D60FD322B1A61AAE7ADF909B6C0B26	7635472	----a-w-	C:\Users\van la Parra\Downloads\GetWindows10-sds_____________.exe
2016-04-13 07:02:17	77A7519F29E8A4B06FA02F54DE9FE556	3088296	----a-w-	C:\Users\van la Parra\Downloads\NPE(4).exe
2016-04-13 06:33:33	77A7519F29E8A4B06FA02F54DE9FE556	3088296	----a-w-	C:\Users\van la Parra\Downloads\NPE(1).exe
2016-04-13 06:13:58	E91D834A4B986A8B665BF1AE78B7F4A7	1610352	----a-w-	C:\Users\van la Parra\Downloads\JRT(1).exe
2016-04-13 05:59:32	D63333E92F3093E20B741539E0B09F4D	17560376	----a-w-	C:\Users\van la Parra\Downloads\GDCleanUp.exe
2016-04-12 22:58:29	72C4C2AFEDB71D5CB29E490EBCDC256E	2662800	----a-w-	C:\Users\van la Parra\AppData\Local\Google\Update\Download\{191B666E-DE99-4C18-993A-35F394473116}\1.1.2.13\gpbackup_1.1.2.13_yvl7awwt6qaqrrrmlg-bz-h2oyw.exe
2016-04-12 16:13:02	39E34055745818D78E15712028BBEF27	946592	----a-w-	C:\Users\van la Parra\Downloads\MonActivityCS.exe
2016-04-12 15:19:34	7A515671ECE9CA674CA094A1777A6E85	273974176	----a-w-	C:\Users\van la Parra\Downloads\INT_R_BASE_TP (9).exe
2016-04-12 15:16:54	47206A06E67041DA3FA227F96F1CC78B	872352	----a-w-	C:\Users\van la Parra\Downloads\AVCleaner (2).exe
2016-04-12 15:15:04	47206A06E67041DA3FA227F96F1CC78B	872352	----a-w-	C:\Users\van la Parra\Downloads\AVCleaner (1).exe
2016-04-12 14:17:33	47206A06E67041DA3FA227F96F1CC78B	872352	----a-w-	C:\Users\van la Parra\Downloads\AVCleaner.exe
2016-04-11 21:10:41	EA755D083C9E2539394ECBE4F039C817	533705	----a-w-	C:\Users\van la Parra\Downloads\adwcleaner (1).exe
2016-04-11 19:46:30	A6FFF61F0A9CBB8F8A19C1DE945F7CB4	36928	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\ActiveCheck\product_line\Detect_InWarrantyCarePack_AU.exe
2016-04-11 19:46:29	833C72B62DCEFAFF2B35E4E00D636A7D	35904	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\ActiveCheck\product_line\Detect_HPSmartFriend_v2.exe
2016-04-11 19:46:29	1482E36623D37EAB7007668142D75876	37768	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\ActiveCheck\product_line\Detect_InstantInk.exe
2016-04-11 18:28:01	77A7519F29E8A4B06FA02F54DE9FE556	3088296	----a-w-	C:\Users\van la Parra\Downloads\NPE(2).exe
=== C: other files ==
2016-04-18 13:30:34	C04379738E3FF06EA16A458584926CF6	4869	----a-w-	C:\Users\van la Parra\AppData\Local\Temp\xpi\tmp.zip
2016-04-17 09:54:23	111A023266532C621EE69AE96E47081E	13304	----a-w-	C:\Users\van la Parra\AppData\Local\Temp\TeamViewer\Version7\x86\TVMonitor.sys
2016-04-17 09:54:22	95314C3A08589471983C2C8173F23CDA	16376	----a-w-	C:\Users\van la Parra\AppData\Local\Temp\TeamViewer\Version7\x64\TVMonitor.sys
2016-04-16 12:11:01	8DFBA8DAB78F8CC3B3098A6542022D05	656944	----a-w-	C:\Users\van la Parra\AppData\Roaming\Mozilla\Firefox\Profiles\K4lJpN0q.default\extensions\safesearchplus2@avira.com.xpi
2016-04-16 06:50:14	912CAA7E08A94A7C25CB315104AF42CD	18160	----a-w-	C:\Windows\System32\drivers\GdPhyMem.sys
2016-04-16 06:50:13	65BF29515C25819C18CA426EAEDF0B14	106272	----a-w-	C:\Windows\System32\drivers\GRD.sys
2016-04-16 06:32:06	DD7D5196EB9C4321EA57B668AF873840	37400	----a-w-	C:\Windows\System32\drivers\GDKBB64.sys
2016-04-16 06:32:02	AC43FC300024DBB0CC02C61785ECB5A9	29720	----a-w-	C:\Windows\System32\drivers\GDKBFlt64.sys
2016-04-16 06:31:59	CA3B8AD1A520FD002200F3E5F97ADD79	100352	----a-w-	C:\Windows\System32\drivers\TS4nt.sys
2016-04-16 06:31:23	8BA7DF1F47C14CBD45182157318A8A39	77848	----a-w-	C:\Windows\System32\drivers\gdwfpcd64.sys
2016-04-16 06:30:47	B4355AF2D50AFF399B8121CE83CE4356	92160	----a-w-	C:\Windows\System32\drivers\PktIcpt.sys
2016-04-16 06:30:33	DD5B2516CC42B3F80EF987AF6D466461	160768	----a-w-	C:\Windows\System32\drivers\GDBehave.sys
2016-04-16 06:30:33	62F354B96AB176B8AC98DE8568FA236A	246272	----a-w-	C:\Windows\System32\drivers\MiniIcpt.sys
2016-04-16 06:30:33	47A65424A8C2B60F32B202EA74FB8978	134656	----a-w-	C:\Windows\System32\drivers\HookCentre.sys
2016-04-16 05:24:44	4EDC09D3151E434741F50E8F7210D162	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_77\lib\deploy\ffjcext.zip
2016-04-14 17:34:56	7A1B51F9C67ABE52E8EEA4397E7CA9B9	988271	----a-w-	C:\Users\van la Parra\AppData\Roaming\Mozilla\Firefox\Profiles\K4lJpN0q.default\extensions\abs@avira.com.xpi
2016-04-13 18:30:21	8CF4163521FDB8E53482003C7EFA7121	5850	----a-w-	C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\CollectOneDriveLogs.bat
2016-04-13 13:20:37	1A490555FD330CA2764D89191177C867	285696	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2016-04-13 13:20:24	083A727D784009F9CCFB120C7841B7AF	2403680	----a-w-	C:\Windows\System32\drivers\tcpip.sys
2016-04-13 13:20:14	E582DA849A58524E645545FB68B6625D	1152864	----a-w-	C:\Windows\System32\drivers\ndis.sys
2016-04-13 13:20:14	19BD8A88AAC580592668B070AC0727D9	2152280	----a-w-	C:\Windows\System32\drivers\ntfs.sys
2016-04-13 13:20:13	935823F79CBEDB91637B63D37E3A5A36	148480	----a-w-	C:\Windows\System32\drivers\dfsc.sys
2016-04-13 13:20:13	0B3B0C1D86050355676640488FA897D3	430944	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2016-04-13 13:20:05	EDDB0D726DBECDFC1DBCC6DB464E5A13	146272	----a-w-	C:\Windows\System32\drivers\appid.sys
2016-04-13 13:20:05	E3C82823B22463BC38AA4F8ADA852624	104960	----a-w-	C:\Windows\System32\drivers\rasl2tp.sys
2016-04-13 13:20:05	AA4CD20708B7E0412A5316D7E2875103	530432	----a-w-	C:\Windows\System32\drivers\nwifi.sys
2016-04-13 13:20:05	A4411C522D41707D5BCA817A5BB9E30B	114688	----a-w-	C:\Windows\System32\drivers\bridge.sys
2016-04-13 13:20:05	2BC2E99623119521EEF7910A11D0FDE0	694784	----a-w-	C:\Windows\System32\drivers\WdiWiFi.sys
2016-04-13 13:20:04	63C3F74DC398A1C1A77E39DFB9C312CA	1089888	----a-w-	C:\Windows\System32\drivers\http.sys
2016-04-13 13:19:59	F45665E77D11F3C1552EDBEAD1559DC8	1997152	----a-w-	C:\Windows\System32\drivers\dxgkrnl.sys
2016-04-13 13:19:59	64D4F5DE44B64B8284BADE5819B5195A	394080	----a-w-	C:\Windows\System32\drivers\dxgmms1.sys
2016-04-13 13:19:59	5417FA7098B9A1F5A6EECB198A7B4BFC	3592704	----a-w-	C:\Windows\System32\win32kfull.sys
2016-04-13 13:19:59	33190E86460C4FF7382848187463DC28	576864	----a-w-	C:\Windows\System32\drivers\dxgmms2.sys
2016-04-13 13:19:59	2F844EBBB6BAA883BDDC472C44B738AE	1388544	----a-w-	C:\Windows\System32\win32kbase.sys
2016-04-13 13:19:58	3B866F8CB10719A5AF9E410B1B149714	605440	----a-w-	C:\Windows\System32\drivers\cng.sys
2016-04-13 13:19:58	28B8E1C6CBCF9FFE2FABFF3160C26ADF	258912	----a-w-	C:\Windows\System32\drivers\ufx01000.sys
2016-04-13 13:19:57	F279536122B83FD0D8E158AA753E1B7C	238592	----a-w-	C:\Windows\System32\drivers\xboxgip.sys
2016-04-13 13:19:57	DA0807D87A62D076C29C4E30F1E84F46	26112	----a-w-	C:\Windows\System32\drivers\xinputhid.sys
2016-04-13 13:19:57	B7E1CAA9429E4C3E7E01CB35B97E1536	534368	----a-w-	C:\Windows\System32\drivers\USBHUB3.SYS
2016-04-13 13:19:57	B24408471C1BCB17FC44F5B47EA8DEA3	277856	----a-w-	C:\Windows\System32\drivers\sdbus.sys
2016-04-13 13:19:57	9E9D58F5E1702955B2F4D62996F80E8E	378208	----a-w-	C:\Windows\System32\drivers\USBXHCI.SYS
2016-04-13 13:19:57	8949F77132A4F8F3BA17C6727099F002	127840	----a-w-	C:\Windows\System32\drivers\USBSTOR.SYS
2016-04-13 13:19:57	8359F776CA899E761852F2293B724EAE	185184	----a-w-	C:\Windows\System32\drivers\dumpsd.sys
2016-04-13 13:19:57	469441BAE3FF8A16826FC62C51EF5E18	563552	----a-w-	C:\Windows\System32\drivers\acpi.sys
2016-04-13 13:19:57	249A563C48DFD9E42A37587653E003BB	83968	----a-w-	C:\Windows\System32\drivers\serial.sys
2016-04-13 13:19:57	0731E8F4D8D3B8D3FD98A46A8ABFE0A0	333824	----a-w-	C:\Windows\System32\drivers\portcls.sys
2016-04-13 09:08:01	1ED38834BD4EDFAE593B5D64EDED3355	22720	----a-w-	C:\$WINDOWS.~BT\Sources\nxquery.sys
2016-04-13 09:07:45	46E876C55F0B4A5EAC1DD6F36B10156D	6868	----a-w-	C:\$WINDOWS.~BT\Sources\etwproviders\etwproviderinstall.vbs
2016-04-13 09:07:19	D4BEFEBF3CEF129AC087422B9E912788	4096	----a-w-	C:\$WINDOWS.~BT\Boot\etfsboot.com
2016-04-13 06:28:04	19BD8A88AAC580592668B070AC0727D9	2152280	----a-w-	C:\Windows.old\WINDOWS\System32\drivers\ntfs.sys
2016-04-13 06:27:57	5417FA7098B9A1F5A6EECB198A7B4BFC	3592704	----a-w-	C:\Windows.old\WINDOWS\System32\win32kfull.sys
2016-04-13 06:27:01	3B866F8CB10719A5AF9E410B1B149714	605440	----a-w-	C:\Windows.old\WINDOWS\System32\drivers\cng.sys
2016-04-13 06:26:53	2F844EBBB6BAA883BDDC472C44B738AE	1388544	----a-w-	C:\Windows.old\WINDOWS\System32\win32kbase.sys
2016-04-13 06:26:14	63C3F74DC398A1C1A77E39DFB9C312CA	1089888	----a-w-	C:\Windows.old\WINDOWS\System32\drivers\http.sys
2016-04-13 06:25:33	083A727D784009F9CCFB120C7841B7AF	2403680	----a-w-	C:\Windows.old\WINDOWS\System32\drivers\tcpip.sys
2016-04-13 06:25:27	28B8E1C6CBCF9FFE2FABFF3160C26ADF	258912	----a-w-	C:\Windows.old\WINDOWS\System32\drivers\ufx01000.sys
2016-04-13 06:25:22	9E9D58F5E1702955B2F4D62996F80E8E	378208	----a-w-	C:\Windows.old\WINDOWS\System32\drivers\USBXHCI.SYS
2016-04-13 06:25:18	E582DA849A58524E645545FB68B6625D	1152864	----a-w-	C:\Windows.old\WINDOWS\System32\drivers\ndis.sys
2016-04-13 06:25:10	DA0807D87A62D076C29C4E30F1E84F46	26112	----a-w-	C:\Windows.old\WINDOWS\System32\drivers\xinputhid.sys
2016-04-13 06:25:08	935823F79CBEDB91637B63D37E3A5A36	148480	----a-w-	C:\Windows.old\WINDOWS\System32\drivers\dfsc.sys
2016-04-13 06:24:41	B24408471C1BCB17FC44F5B47EA8DEA3	277856	----a-w-	C:\Windows.old\WINDOWS\System32\drivers\sdbus.sys
2016-04-13 06:24:39	AA4CD20708B7E0412A5316D7E2875103	530432	----a-w-	C:\Windows.old\WINDOWS\System32\drivers\nwifi.sys
2016-04-13 06:24:38	2BC2E99623119521EEF7910A11D0FDE0	694784	----a-w-	C:\Windows.old\WINDOWS\System32\drivers\WdiWiFi.sys
2016-04-13 06:24:35	8359F776CA899E761852F2293B724EAE	185184	----a-w-	C:\Windows.old\WINDOWS\System32\drivers\dumpsd.sys
2016-04-13 06:23:08	249A563C48DFD9E42A37587653E003BB	83968	----a-w-	C:\Windows.old\WINDOWS\System32\drivers\serial.sys
2016-04-13 06:23:01	0731E8F4D8D3B8D3FD98A46A8ABFE0A0	333824	----a-w-	C:\Windows.old\WINDOWS\System32\drivers\portcls.sys
2016-04-12 15:28:40	4C5DE61D172FFF48E5E67016BCAB37A1	65560	----a-w-	C:\Windows.old\Users\van la Parra\AppData\Local\Temp\gdwfpcd32.sys
2016-04-11 21:13:59	577C37FBEB973390E61B654D0AC1BEBD	100864	----a-w-	C:\Windows.old\Users\van la Parra\AppData\Local\Temp\axliykod.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"G Data ASM"="C:\Program Files (x86)\G Data\TotalProtection\DelayLoader\AutorunDelayLoader.exe /autostart"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Monitor"="C:\WINDOWS\PixArt\PAC207\Monitor.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KSS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KSS"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Security Scan 2.0\\kss.exe\" /autorun"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DragonUpdater]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\KSS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMService]


==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08-04-2016 17:43]
C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job --a-------- C:\WINDOWS\explorer.exe [13-02-2016 14:56]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 17:57]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 17:57]
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3654615766-1524511065-2618837555-1000Core.job --a-------- C:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe [28-08-2015 08:30]
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3654615766-1524511065-2618837555-1000UA.job --a-------- C:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe [28-08-2015 08:30]
C:\WINDOWS\tasks\HP Photo Creations Communicator.job --a-------- C:\Users\van la Parra\AppData\Roaming\HP Photo Creations\Communicator.exe [19-08-2011 11:11]
C:\WINDOWS\tasks\HPCeeScheduleForvan la Parra.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [16-06-2015 09:51]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3654615766-1524511065-2618837555-1000Core" [C:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3654615766-1524511065-2618837555-1000UA" [C:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\HP Photo Creations Communicator" [C:\Users\van la Parra\AppData\Roaming\HP Photo Creations\Communicator.exe]
"C:\WINDOWS\SysNative\tasks\HPCeeScheduleForvan la Parra" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\WINDOWS\SysNative\tasks\Patch My PC" [C:\Users\van la Parra\Desktop\PatchMyPC.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{A677905A-95B0-4987-8910-C67E15EE9D58}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\{4B88419E-3885-461F-B1FA-A524B8055955}" [C:\Users\van la Parra\Downloads\IE11-Windows6.1-x64-nl-nl.exe]
"C:\WINDOWS\SysNative\tasks\{6E328748-C718-494C-BCED-F954F01918B9}" ["c:\windows\system32\launchwinapp.exe"]
"C:\WINDOWS\SysNative\tasks\{F3894ECA-7C98-42AD-9171-C76F6F5A5522}" [C:\Users\van la Parra\Downloads\IE11-Windows6.1-x64-nl-nl.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

==== Firefox Extensions ======================

ProfilePath: C:\Users\VANLAP~1\AppData\Roaming\Mozilla\Firefox\Profiles\d84ozzgd.default-1449068176930
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\VANLAP~1\AppData\Roaming\Mozilla\Firefox\Profiles\K4lJpN0q.default
- Segurana do navegador Avira - %ProfilePath%\extensions\abs@avira.com.xpi
- Avira SafeSearch Plus - %ProfilePath%\extensions\safesearchplus2@avira.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\van la Parra\AppData\Roaming\Mozilla\Firefox\Profiles\d84ozzgd.default-1449068176930
8CE35D76726DFC8C3848BB26B3C79A54	- C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll -	Shockwave for Director / Shockwave for Director
57C7E359ED8D049132EED23EFA444C63	- C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll -	Shockwave Flash
AF8A94BCB98C299C49B28CC12EBC0ED2	- C:\Users\van la Parra\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll -	Google Update
77B6DD23DCA19A217D5A4C4CAF962895	- C:\Users\van la Parra\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll -	RocketLife Secure Plug-In Layer


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
ipmkfpcnmccejididiaagpgchgjfajgp - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bbjllphbppobebmjpjcijfbakobcheof - No path found[]
fkkcgfbgohboipdhliafmacjnhjbhmim - No path found[]

Comodo Drag&Drop Service - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo
Rapport - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof
Comodo Web Inspector - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
selector is not a valid CSS selector - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Comodo Media Downloader - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo
MSN Homepage - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim
Google Analytics Opt-out Add-on by Google - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh
Avira Browser Safety - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
IBA Opt-out (by Google) - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
Avira SafeSearch Plus - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp
Google Analytics Debugger - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jnkmfdileelhofjcijamephohjechhna
Comodo Dragon Browser Light Theme - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kglppafajjeikfgmjjegogphhkjnnmgc
Ad Sanitizer - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbklemiimcpdblemkogjenikmcfhpnib
Comodo Share Page Service - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf
Chrome Web Store Payments - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Fixer for Java - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ocoiokalhgfiblapcgelblmeakhidmle
Bitdefender QuickScan - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie
Rapport - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof
selector is not a valid CSS selector - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Analytics Opt-out Add-on by Google - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh
IBA Opt-out (by Google) - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
Google Analytics Debugger - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkmfdileelhofjcijamephohjechhna
Chrome Web Store Payments - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Fixer for Java - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocoiokalhgfiblapcgelblmeakhidmle
Bitdefender QuickScan - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"=""
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"=""
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KSS deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [G Data ASM] "C:\Program Files (x86)\G Data\TotalProtection\DelayLoader\AutorunDelayLoader.exe" /autostart
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: G DATA ANTIVIRUS Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G DATA Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe
O23 - Service: G DATA Bestandssysteemmonitor (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: G DATA Backup Service (GDBackupSvc) - G Data Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe
O23 - Service: G DATA Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe
O23 - Service: G DATA Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: G DATA Tuner-service (GDTunerSvc) - G Data Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe
O23 - Service: GoodSync Server (GsServer) - Unknown owner - C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: G DATA Datasafeservice (TSNxGService) - G DATA Software - C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Unchecky - RaMMicHaeL - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\van la Parra\AppData\Local\Mozilla\Firefox\Profiles\d84ozzgd.default-1449068176930\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully
C:\Users\van la Parra\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=143 folders=40 67050088 bytes)

==== Empty Temp Folders ======================

C:\Users\van la Parra\AppData\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\VANLAP~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 18-04-2016 at 19:02:51,76 ======================