
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by jolanda on ma 16-05-2016 at 14:03:32,90.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\jolanda\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

16-5-2016 14:06:49 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\DropboxCopyHook {FBC9D74C-AF55-4309-9FB2-C426E071637F} C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\PROGRA~2\Brother deleted successfully
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Zylom Games deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\VMware deleted successfully
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully
C:\PROGRA~3\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\jolanda\AppData\Local\ActiveSync deleted successfully
C:\Users\jolanda\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\jolanda\AppData\Local\EmieSiteList deleted successfully
C:\Users\jolanda\AppData\Local\EmieUserList deleted successfully
C:\Users\jolanda\AppData\Local\MediaShow deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1680522920-2772101981-26944563-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D677109C-9D46-4C9C-8857-BF7EE8391F56} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Batch Command(s) Run By Tool======================

C:\WINDOWS\system32\appdata deleted

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Brother not found
C:\PROGRA~2\Zylom Games not found
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found
C:\PROGRA~3\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} not found
C:\WINDOWS\syswow64\appdata deleted
C:\windows\SysNative\Tasks\0116avUpdateInfo deleted
C:\GhostObjGAFix.xml deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\WINDOWS\Syswow64\RENBE66.tmp deleted
C:\Users\jolanda\gosetup.exe deleted
C:\Users\jolanda\gotomypc_540.exe deleted
"C:\Users\jolanda\AppData\Roaming\Baqay\erbaf.tmp" deleted
"C:\Users\jolanda\AppData\Roaming\Ubqee\kimyo.lya" deleted
"C:\Users\jolanda\AppData\Roaming\Qaoz" deleted
"C:\Users\jolanda\AppData\Roaming\Baqay" deleted
"C:\Users\jolanda\AppData\Roaming\Ubqee" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2016-05-14 14:13:53	2617877C5761B8A696FD0368861EE6E4	4515256	----a-w-	C:\WINDOWS\explorer.exe
====== C:\Users\jolanda\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2016-05-14 14:15:53	40591C3BEBAEA638423B10863315D93F	87040	----a-w-	C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-14 14:15:53	1159023FAA938BF54C7C033D2BC643BE	59904	----a-w-	C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-14 14:15:52	DFB54165665C7E369A59B273C91B90B0	800768	----a-w-	C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-14 14:15:51	52FEDEA32F2BBFCD3AAA83FD39852C1A	2061824	----a-w-	C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-14 14:15:51	3A1BD59AF5A0D20438D1E44FCF5EA4E8	349696	----a-w-	C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-14 14:15:50	3AEDE16F62921F443DDE37440C84B6F1	5205504	----a-w-	C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-14 14:15:28	0561104CC8619EC5A53848F642434235	13018112	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-14 14:15:21	6BC0E961EA78AFD90348C8E05896A7DC	784896	----a-w-	C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-14 14:15:21	0188F4F7264EE585DE518FD02DDD9F79	711680	----a-w-	C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-14 14:15:20	98DA2DE9A1AC739DF3750F7DABECC9CF	6295552	----a-w-	C:\WINDOWS\SysWOW64\mos.dll
2016-05-14 14:15:16	15F732C297CE4B169D85214A96A16559	792064	----a-w-	C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-14 14:15:13	22120EE8EC8AC405618FEA768071E267	19344384	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-14 14:14:48	3A5C07D5517087143701DBEB749F0EF1	18676224	----a-w-	C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-14 14:14:24	B6506139C8A4CE3BDD3B4EFDF63A87B5	348672	----a-w-	C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-14 14:14:22	9CD20753821A4F28AA797B5C9A24050F	9918976	----a-w-	C:\WINDOWS\SysWOW64\twinui.dll
2016-05-14 14:14:14	5D9BB3289D25FDEA1B2DD491C9771778	21123320	----a-w-	C:\WINDOWS\SysWOW64\shell32.dll
2016-05-14 14:14:12	468AA89AF32BEE9D6B0ABBDF7C88CF20	5240960	----a-w-	C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-14 14:14:11	5A77C7C30E117F60ACCEF43E2EA6841D	12125696	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-14 14:14:10	A404EA688829EF2657431CB34D0C72DF	5660160	----a-w-	C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-14 14:14:09	85ED26DB17B3270944C344E0E5B7C34A	1542816	----a-w-	C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-14 14:14:07	9F6F693FD7738B8DA4B420E46E973F35	2919832	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-14 14:14:03	FB01CB67364FF3AA677F0CFD8C958E50	5324288	----a-w-	C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-14 14:13:51	FA6CCFE5305E3D276F06A104EAA83029	4759040	----a-w-	C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-14 14:13:49	692E62EA6039478321AE5D24A68E1FE2	4074160	----a-w-	C:\WINDOWS\SysWOW64\explorer.exe
2016-05-14 14:13:48	80785EA474D952CC0CB2CF936E36DDE0	3666432	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-14 14:13:47	717DDEC1ABA5678EDC9F2AF1044BAA69	2000896	----a-w-	C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-14 14:13:33	1D04327817511268754ED6F177DAD3E8	754176	----a-w-	C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-14 14:13:32	4B71644224F39A390B6DCC482B3D582A	639488	----a-w-	C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-14 14:13:32	2942FB92C23B77D3BD9D38117AF3663B	1557768	----a-w-	C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-14 14:13:28	362C9AA8696C74CD38F1416FF866C25C	522176	----a-w-	C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-14 14:13:28	1F90253211F8E102D814F4DE4D550B85	1626624	----a-w-	C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-14 14:13:26	35E635469515D564CE418DDCC7B7BC96	1500160	----a-w-	C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-14 14:13:26	32A696B0A48CCCCE5FC8E8E572FD4E90	434688	----a-w-	C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-14 14:13:26	2CE163D00A7DA251D77F7B39E267382B	925064	----a-w-	C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-14 14:13:24	E48F0A089D9BAE356BF14FE3A16B1147	489984	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-14 14:13:24	03B7C4D05DB7FF060E49FA900FCE627E	451928	----a-w-	C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-14 14:13:23	25E42F5C3FDE0E96BF3C16814DC7A688	1372304	----a-w-	C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-14 14:13:22	B91176A909798C7EAC28AB4FE786CA53	705536	----a-w-	C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-14 14:13:21	30E3DC9ED2C6641709AC961CB7CE72BB	647680	----a-w-	C:\WINDOWS\SysWOW64\jscript.dll
2016-05-14 14:13:20	4AE45F3077E79A3E3B22996F80DA9E7A	354304	----a-w-	C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-14 14:13:19	D408D20295BA135DC1B9B181FADF78DD	255168	----a-w-	C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-14 14:13:17	4ECC2FAF9F29066636E06253C0D7FA06	503296	----a-w-	C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-14 14:13:15	CD36155EE56E94B4E8830FA90822511F	503296	----a-w-	C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-14 14:13:15	318E2A6EC26C9703A5B273B015672660	388608	----a-w-	C:\WINDOWS\SysWOW64\schannel.dll
2016-05-14 14:13:14	1B26C71109A2EA27DD6684719BF493EC	188256	----a-w-	C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-14 14:13:13	89C74675E6DE7888153B1F6644772774	1536088	----a-w-	C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-14 14:13:12	9CAC58EBAFB3E32711920568810CDCD7	307200	----a-w-	C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-14 14:13:12	122F8F0FAF690B88FBDE2DB097740AB6	569744	----a-w-	C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-14 14:13:11	10564E7A7EE807FF580E34A94ACF5590	1522152	----a-w-	C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-14 14:13:10	1587235261E629DFFAA0C39A72CAD1A6	667648	----a-w-	C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-14 14:13:09	A825405D442EB9A2526468E16296DD58	513368	----a-w-	C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-14 14:13:09	8E8FBA400CD678AB46D46BB24921A051	342528	----a-w-	C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-14 14:13:08	9E6DBA611E99BE75589D6A358F54364F	137728	----a-w-	C:\WINDOWS\SysWOW64\shacct.dll
2016-05-14 14:13:07	E7BD4D15CDC5A1E162256CFADCA92344	1337240	----a-w-	C:\WINDOWS\SysWOW64\user32.dll
2016-05-14 14:13:06	525FC35182F9660E2A7DCC75607535DC	707608	----a-w-	C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-14 14:13:04	30F680D95B0CCABE46C775672C912C0A	306832	----a-w-	C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-14 14:13:03	A1A9DDD5C6A335C0B97423A2F75C9299	453472	----a-w-	C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-14 14:13:03	9F8A026A9643F89B4E451539A7AAC0C9	50176	----a-w-	C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-14 14:13:03	460CDD92C5283DCB9E35AF2B8DB7F200	461824	----a-w-	C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-14 14:13:02	5AEDC6D333BC8D8B1DE5928FCE2150DB	400896	----a-w-	C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-14 14:13:01	FAD56D0A789345614220D9B770DF400A	465760	----a-w-	C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-14 14:12:59	25B0BAA64D6D62873FAA7719DB64015C	183904	----a-w-	C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-14 14:12:57	AB48B90C4DB88D2F31D1A6F460F76D29	241664	----a-w-	C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-14 14:12:55	E9E7FA1FC796ADC16A1169736EFC7AF3	84480	----a-w-	C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-14 14:12:54	DA97C8A8C517210E4ACA90E45C836E80	80896	----a-w-	C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-14 14:12:54	96101F3B90BDE894A862CDF1B808A03F	84832	----a-w-	C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-14 14:12:54	0D19695F93813C63B4656E42536892FA	47104	----a-w-	C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-14 14:12:53	AA7CBB3B7A7BFC41E9EC4EF645797DFA	502104	----a-w-	C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-14 14:12:53	98DA8D97E83C73E7AD7A142A801E1898	2193408	----a-w-	C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-14 14:12:52	359765C7C700F7CED909A69C5DBBD943	140800	----a-w-	C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-14 14:12:51	89C06DA6E3B3C06F69E2CAFB3431CAF5	31232	----a-w-	C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-14 14:12:51	3166A46AA132AACD035C7163108F2DA1	103936	----a-w-	C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-14 14:12:50	F5814ED9E8B83F872FBDCB139B001C8A	23552	----a-w-	C:\WINDOWS\SysWOW64\wups.dll
2016-05-14 14:12:42	CD94405BB0A90B179E94BE23F4D2B79D	39424	----a-w-	C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-14 14:12:41	486919689633D1C0DADA718DF1A3E7FB	219648	----a-w-	C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-14 14:12:41	3D3BBD2DA5660B0B6C9F6A8B9401648C	337920	----a-w-	C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-14 14:12:40	8450005F7BA8662A64E3FB7B0C3EE836	51712	----a-w-	C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-14 14:12:40	51DF6FC12B5EF8CA87414D79C98CBC7A	395264	----a-w-	C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-14 14:12:33	9B034D049D1C6EC9BED55D2F27D86ED9	2186	----a-w-	C:\WINDOWS\SysWOW64\AppxProvisioning.xml
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2016-05-14 14:15:51	FD60606E2E7F74D7104A5DA1210D38E6	460800	----a-w-	C:\WINDOWS\Sysnative\MapConfiguration.dll
2016-05-14 14:15:49	78A9EBBAC348ACD9AF5B72ECF90944A7	853504	----a-w-	C:\WINDOWS\Sysnative\MapsStore.dll
2016-05-14 14:15:48	F1CC271FBAD94FBD3D69BC6BE443C33B	1056256	----a-w-	C:\WINDOWS\Sysnative\JpMapControl.dll
2016-05-14 14:15:47	E4B5C9FEF4C8978CF75B584188868AF8	2582016	----a-w-	C:\WINDOWS\Sysnative\MFMediaEngine.dll
2016-05-14 14:15:45	1B8A57EC632457E909A06957CB216806	7200256	----a-w-	C:\WINDOWS\Sysnative\BingMaps.dll
2016-05-14 14:15:43	D2EF3FDF915BBA7C9832FA890DD4D85A	16984576	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2016-05-14 14:15:23	FA05A804701A1BF900577A0F7C14B59E	24604672	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2016-05-14 14:15:20	99DDB4A100F6013E6B6B269880F0C936	988160	----a-w-	C:\WINDOWS\Sysnative\NMAA.dll
2016-05-14 14:15:19	5FD7FDCE260C2ADE6CFFBC141657E8C0	939520	----a-w-	C:\WINDOWS\Sysnative\MapControlCore.dll
2016-05-14 14:15:18	614EF7EFFE6896791CC8E4D045F37579	7977472	----a-w-	C:\WINDOWS\Sysnative\mos.dll
2016-05-14 14:15:16	A1144CA95D4C30449331D3DF39F295F9	970752	----a-w-	C:\WINDOWS\Sysnative\kerberos.dll
2016-05-14 14:15:14	3602BE2186C15362DF2B5C489AC1B1D1	22379008	----a-w-	C:\WINDOWS\Sysnative\edgehtml.dll
2016-05-14 14:14:37	79BF53E386256057C30EF606DC3CFDFB	870400	----a-w-	C:\WINDOWS\Sysnative\modernexecserver.dll
2016-05-14 14:14:34	0BECECA1B6DA7B022FC9502D22B9E9B3	22561256	----a-w-	C:\WINDOWS\Sysnative\shell32.dll
2016-05-14 14:14:30	DBD087566420D945303C278A4FD90E60	440320	----a-w-	C:\WINDOWS\Sysnative\CredProvDataModel.dll
2016-05-14 14:14:29	75A22EF6AC813D4FE63E30C3C292F871	11545088	----a-w-	C:\WINDOWS\Sysnative\twinui.dll
2016-05-14 14:14:26	24F2141493C1A2F6FDEC8C3FA5A95CDE	6605504	----a-w-	C:\WINDOWS\Sysnative\windows.storage.dll
2016-05-14 14:14:25	8F225A78F60DB08D4691C1C27CF644F2	6974464	----a-w-	C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll
2016-05-14 14:14:21	5EED294E19B8293E4F0845CED31489BA	13383168	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2016-05-14 14:14:19	62D33462C8781DA354519488A571A9AD	7832576	----a-w-	C:\WINDOWS\Sysnative\Chakra.dll
2016-05-14 14:14:08	03DE6DE0019FFC0DE60759A893BD8B3F	1819208	----a-w-	C:\WINDOWS\Sysnative\ntdll.dll
2016-05-14 14:14:05	89FE1A65D15DE2AA9CBF86AA6A731557	7474528	----a-w-	C:\WINDOWS\Sysnative\ntoskrnl.exe
2016-05-14 14:13:58	F6718A9F2B5BFA1A42618F63BC890713	5502976	----a-w-	C:\WINDOWS\Sysnative\d2d1.dll
2016-05-14 14:13:56	7E500CCA3EC66C419F2E4BBDE8617647	4894208	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
2016-05-14 14:13:53	7539A3BF1DC12C53D6DDE078BE888951	190144	----a-w-	C:\WINDOWS\Sysnative\DeviceCensus.exe
2016-05-14 14:13:52	F83E3BAEF5931399978A31753B22D0BE	713920	----a-w-	C:\WINDOWS\Sysnative\generaltel.dll
2016-05-14 14:13:52	3F943A9A21814C6A394FBB8F1D4E622D	1401024	----a-w-	C:\WINDOWS\Sysnative\appraiser.dll
2016-05-14 14:13:50	2A643E48326E427C6A43005EC29F314D	2444288	----a-w-	C:\WINDOWS\Sysnative\twinui.appcore.dll
2016-05-14 14:13:46	8A88DBA247BFF23BD284C2189F41FDA5	2280960	----a-w-	C:\WINDOWS\Sysnative\wuaueng.dll
2016-05-14 14:13:43	0BF8D8C7EC9FB15D6480A12101E88B71	606720	----a-w-	C:\WINDOWS\Sysnative\wcmsvc.dll
2016-05-14 14:13:42	087FBBC026DCC0F693E91079B9901B7E	2166784	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
2016-05-14 14:13:41	1A944DC7982279E73C4181DD5D50E021	3591168	----a-w-	C:\WINDOWS\Sysnative\win32kfull.sys
2016-05-14 14:13:40	DE1C434F0F89C37687D34FB8A8E77B46	120320	----a-w-	C:\WINDOWS\Sysnative\MapsBtSvc.dll
2016-05-14 14:13:40	B28EA19205448B34303D006D50E9E65A	74752	----a-w-	C:\WINDOWS\Sysnative\MosStorage.dll
2016-05-14 14:13:40	7DDC2D8133CC1CA646134CC450C02C15	28672	----a-w-	C:\WINDOWS\Sysnative\mapsupdatetask.dll
2016-05-14 14:13:40	77DE2FC672F423C2DFCF2A12DB74197C	89088	----a-w-	C:\WINDOWS\Sysnative\MapsCSP.dll
2016-05-14 14:13:40	56B24B359838BE86B013C2CFD38BDFC4	72704	----a-w-	C:\WINDOWS\Sysnative\moshost.dll
2016-05-14 14:13:40	19D88BF131158F4286294C372B4410B3	1946112	----a-w-	C:\WINDOWS\Sysnative\dwmcore.dll
2016-05-14 14:13:39	489EDA0C433F5B0AA54033F523F2C80E	269824	----a-w-	C:\WINDOWS\Sysnative\moshostcore.dll
2016-05-14 14:13:37	C57CBD3D0A4B832F3DC18250FC02C3DE	46784	----a-w-	C:\WINDOWS\Sysnative\CompatTelRunner.exe
2016-05-14 14:13:37	AB17E08B47FECDAF0E1349797A6C41A4	1184960	----a-w-	C:\WINDOWS\Sysnative\aeinv.dll
2016-05-14 14:13:37	5BDA53E18911DEAB35F03AA1C3213A78	3673424	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2016-05-14 14:13:36	F172E5709824756634091047826E7A9F	1319424	----a-w-	C:\WINDOWS\Sysnative\wifinetworkmanager.dll
2016-05-14 14:13:36	A8ECAFE7C58ABABA7CB1C377B7A7E309	984576	----a-w-	C:\WINDOWS\Sysnative\SettingSyncCore.dll
2016-05-14 14:13:36	082DC7D3704A17FF022D70C577785254	2066432	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll
2016-05-14 14:13:35	191A50C760243B5B8E08E0A1CA0B1F7C	821760	----a-w-	C:\WINDOWS\Sysnative\TokenBroker.dll
2016-05-14 14:13:33	0C8655AAC4EA262F62B00DCDA4639819	2598912	----a-w-	C:\WINDOWS\Sysnative\NetworkMobileSettings.dll
2016-05-14 14:13:31	DA5108028A00B865BBECB1980EB05EB8	1997328	----a-w-	C:\WINDOWS\Sysnative\KernelBase.dll
2016-05-14 14:13:31	A5C14F8FE076B41778C56F2414F5D246	650304	----a-w-	C:\WINDOWS\Sysnative\dxgi.dll
2016-05-14 14:13:31	6D8365722FBB3E58FC2B10FEA00BE840	514752	----a-w-	C:\WINDOWS\Sysnative\devinv.dll
2016-05-14 14:13:30	C1D51970E74AB5FFE46FE624BFE900C6	1731072	----a-w-	C:\WINDOWS\Sysnative\urlmon.dll
2016-05-14 14:13:29	54D6AEA7933377556BBBEC5F45539922	673280	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.dll
2016-05-14 14:13:29	090AAD83736B45769D2688E3BC1AB80A	1092464	----a-w-	C:\WINDOWS\Sysnative\mfplat.dll
2016-05-14 14:13:28	F75A1710366B5C6B02D3C061DAA4C578	529920	----a-w-	C:\WINDOWS\Sysnative\LogonController.dll
2016-05-14 14:13:27	5C156EC4E44E30331BCC865A3B61D839	585728	----a-w-	C:\WINDOWS\Sysnative\winlogon.exe
2016-05-14 14:13:27	0B28F2ACE5103586D322AD98FAA01309	870912	----a-w-	C:\WINDOWS\Sysnative\MPSSVC.dll
2016-05-14 14:13:27	00A8CD22CCF7FA34501038C3C35186BD	498960	----a-w-	C:\WINDOWS\Sysnative\MFCaptureEngine.dll
2016-05-14 14:13:25	EBE067467C144B097CEF5F609F6ABF43	865792	----a-w-	C:\WINDOWS\Sysnative\AzureSettingSyncProvider.dll
2016-05-14 14:13:25	D5D0D1345DEAC9D08A6A5B146A29ADBE	1390080	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Shell.dll
2016-05-14 14:13:24	2453622FF2CCB1BA1DFA588207E9C7A4	294592	----a-w-	C:\WINDOWS\Sysnative\invagent.dll
2016-05-14 14:13:24	0676A6C9A6EECA48E14B9AE13B0E3508	1387520	----a-w-	C:\WINDOWS\Sysnative\win32kbase.sys
2016-05-14 14:13:23	ECF260CA5837CE3174AAAE450C1888C6	605184	----a-w-	C:\WINDOWS\Sysnative\vbscript.dll
2016-05-14 14:13:23	8B4111E094EDDBED23EFA1FF8B5F314A	613376	----a-w-	C:\WINDOWS\Sysnative\SettingSync.dll
2016-05-14 14:13:23	86BE19C6A177AEB93302EA5C4FBE2D11	754664	----a-w-	C:\WINDOWS\Sysnative\CoreMessaging.dll
2016-05-14 14:13:23	70C5D325E1BBD9C771542375F9DE5711	303216	----a-w-	C:\WINDOWS\Sysnative\LockAppHost.exe
2016-05-14 14:13:22	ACC6B16066D073AA0E20B044BFEF9CD1	471552	----a-w-	C:\WINDOWS\Sysnative\NetSetupShim.dll
2016-05-14 14:13:22	85A676350B7A349B1DFB47654FBF8C71	804352	----a-w-	C:\WINDOWS\Sysnative\jscript.dll
2016-05-14 14:13:22	1D7F891D7ADCE1A6824FCB57D6768E14	689152	----a-w-	C:\WINDOWS\Sysnative\ieproxy.dll
2016-05-14 14:13:21	CFF943806EBAD5CFAC26FD3DF304E79F	1073152	----a-w-	C:\WINDOWS\Sysnative\RDXService.dll
2016-05-14 14:13:21	5DA95027DF2317174E8C39B4A8D1FCD8	1213440	----a-w-	C:\WINDOWS\Sysnative\wwansvc.dll
2016-05-14 14:13:20	6EA247B3631FE0181583566B9D828B22	413536	----a-w-	C:\WINDOWS\Sysnative\wifitask.exe
2016-05-14 14:13:19	F1DF87BCF5429D48484E78FB1933326B	848896	----a-w-	C:\WINDOWS\Sysnative\wuapi.dll
2016-05-14 14:13:18	A2953084546B1F46B5CCC7FC57A72C1B	314880	----a-w-	C:\WINDOWS\Sysnative\RDXTaskFactory.dll
2016-05-14 14:13:17	93C28A95FC5CA7F420343AC9693E05E6	1594920	----a-w-	C:\WINDOWS\Sysnative\gdi32.dll
2016-05-14 14:13:17	82BC3D304654F8EBEFABDDC2AD70AFE3	497152	----a-w-	C:\WINDOWS\Sysnative\tileobjserver.dll
2016-05-14 14:13:16	F5F7CE3E32536F1A37FB3972F27A814F	1399224	----a-w-	C:\WINDOWS\Sysnative\user32.dll
2016-05-14 14:13:16	52C95CFC459242ECBD8A557A197F6FF6	725776	----a-w-	C:\WINDOWS\Sysnative\SHCore.dll
2016-05-14 14:13:16	3CFA0EA6ABC10436D998F7958912387C	1848072	----a-w-	C:\WINDOWS\Sysnative\crypt32.dll
2016-05-14 14:13:15	A29004CC4FE3A06B5C71969F6411FD41	287232	----a-w-	C:\WINDOWS\Sysnative\provhandlers.dll
2016-05-14 14:13:15	810B7BA7636930BD6A21A93296FBCA51	292864	----a-w-	C:\WINDOWS\Sysnative\provengine.dll
2016-05-14 14:13:15	453EEF8F903DE266D9CB16313B5FA796	215040	----a-w-	C:\WINDOWS\Sysnative\aepic.dll
2016-05-14 14:13:14	F7DD01F464ED3ADB8477CD5FD1DE6CF4	356864	----a-w-	C:\WINDOWS\Sysnative\ActivationManager.dll
2016-05-14 14:13:14	ABF13620065E258771320165E0759761	1776768	----a-w-	C:\WINDOWS\Sysnative\WindowsCodecs.dll
2016-05-14 14:13:14	82C4028BABC9BADCD89600F5084E4543	479232	----a-w-	C:\WINDOWS\Sysnative\schannel.dll
2016-05-14 14:13:13	F00A2E895B61858DBB3FE870495E37FA	210432	----a-w-	C:\WINDOWS\Sysnative\wcmcsp.dll
2016-05-14 14:13:13	37E893F5A0BB0DCF89D8464F4D5E0C3D	217440	----a-w-	C:\WINDOWS\Sysnative\AppxAllUserStore.dll
2016-05-14 14:13:12	7F0318ECC1E6E566D02F218DD59CEA84	484352	----a-w-	C:\WINDOWS\Sysnative\DataSenseHandlers.dll
2016-05-14 14:13:11	C49BB15138D9A7AE2901692CA30E11D1	181248	----a-w-	C:\WINDOWS\Sysnative\shacct.dll
2016-05-14 14:13:11	50E41D3203DA334DBBD2B3B6C7EA64CD	988672	----a-w-	C:\WINDOWS\Sysnative\SharedStartModel.dll
2016-05-14 14:13:11	1997A751EF0FB9889E6642428DC4CAB2	1161120	----a-w-	C:\WINDOWS\Sysnative\rpcrt4.dll
2016-05-14 14:13:10	FE42F8A07885E518ED1E846C93E4B78C	617984	----a-w-	C:\WINDOWS\Sysnative\StorSvc.dll
2016-05-14 14:13:10	5470B002C5E5D4DC8C4C330EAE8A685D	619296	----a-w-	C:\WINDOWS\Sysnative\d3d10level9.dll
2016-05-14 14:13:09	A55AB67676D0E90C279E36AF78EECCFA	515072	----a-w-	C:\WINDOWS\Sysnative\OneDriveSettingSyncProvider.dll
2016-05-14 14:13:09	734B3E9E4DA94DD093C6759CA0C2AA1E	4775424	----a-w-	C:\WINDOWS\Sysnative\actxprxy.dll
2016-05-14 14:13:08	E650C69B5CA9B786AD91E3E7F962A0EE	848896	----a-w-	C:\WINDOWS\Sysnative\samsrv.dll
2016-05-14 14:13:08	3655A59A1E16307F2F6475AC037C1EE4	87040	----a-w-	C:\WINDOWS\Sysnative\MDMAppInstaller.exe
2016-05-14 14:13:08	33C215D1F36A184FB0C0F83ECBE12B5B	351232	----a-w-	C:\WINDOWS\Sysnative\NgcCtnr.dll
2016-05-14 14:13:07	C991F0E48492D1550279F901AB2332B0	390496	----a-w-	C:\WINDOWS\Sysnative\wlanapi.dll
2016-05-14 14:13:07	C1C81AAF533552B3C4D9F11A5FF97700	291360	----a-w-	C:\WINDOWS\Sysnative\wininit.exe
2016-05-14 14:13:06	EED30CDEAB6E4B45CBF1BD5298952049	550656	----a-w-	C:\WINDOWS\Sysnative\directmanipulation.dll
2016-05-14 14:13:06	981F6C7FB2338CC7889BA4D37C1A9DCE	69632	----a-w-	C:\WINDOWS\Sysnative\EnterpriseDesktopAppMgmtCSP.dll
2016-05-14 14:13:06	3C52661045548D78EC0EB76495CB978F	66560	----a-w-	C:\WINDOWS\Sysnative\MosHostClient.dll
2016-05-14 14:13:06	242DA5F2A6D9C5DFE2F99127BD2077A4	92352	----a-w-	C:\WINDOWS\Sysnative\acmigration.dll
2016-05-14 14:13:06	0CFE0F27EC828D9659FD8BF3A529F7B1	166400	----a-w-	C:\WINDOWS\Sysnative\SubscriptionMgr.dll
2016-05-14 14:13:05	7AAA9916AA10F4B0E9743798A5BA6549	649216	----a-w-	C:\WINDOWS\Sysnative\ngcsvc.dll
2016-05-14 14:13:05	679DD4763AA8028B2F26651D3D02A2E1	582656	----a-w-	C:\WINDOWS\Sysnative\ngccredprov.dll
2016-05-14 14:13:05	0FB83658FBB2C5A18AB98C5C94DB9FAF	289792	----a-w-	C:\WINDOWS\Sysnative\NgcCtnrSvc.dll
2016-05-14 14:13:03	B9B902C12D6872DE9135B0A7C1ACA5A8	565600	----a-w-	C:\WINDOWS\Sysnative\SettingSyncHost.exe
2016-05-14 14:13:03	B985F4CC9D63594D8D3DCADAC07F257E	130560	----a-w-	C:\WINDOWS\Sysnative\CloudDomainJoinDataModelServer.dll
2016-05-14 14:13:03	5907323899BCEFA32BF6B002F2493C09	76288	----a-w-	C:\WINDOWS\Sysnative\ngcpopkeysrv.dll
2016-05-14 14:13:02	A1BFD44C6343BDF582828EAB6B4CBDE5	630784	----a-w-	C:\WINDOWS\Sysnative\PhoneProviders.dll
2016-05-14 14:13:00	E706406D61508D207F6B41CA4AD30891	127488	----a-w-	C:\WINDOWS\Sysnative\VEDataLayerHelpers.dll
2016-05-14 14:13:00	72229D3836EA9697F5E13AAEA85F8688	204048	----a-w-	C:\WINDOWS\Sysnative\rsaenh.dll
2016-05-14 14:12:58	EDF39F56DDF4116DCC8779A65EF8D6C5	58208	----a-w-	C:\WINDOWS\Sysnative\dwminit.dll
2016-05-14 14:12:58	7CEC266216126BC9A0E1072E1A7E5702	279040	----a-w-	C:\WINDOWS\Sysnative\ListSvc.dll
2016-05-14 14:12:57	C1FCA0AED814F1E814700833EF8E0616	179712	----a-w-	C:\WINDOWS\Sysnative\BrowserSettingSync.dll
2016-05-14 14:12:57	90A52EBAC043CFCA92E5F3DEAD4BBB4C	48128	----a-w-	C:\WINDOWS\Sysnative\wups.dll
2016-05-14 14:12:57	45FA01F8B7971ACB65202038E34D04A3	86528	----a-w-	C:\WINDOWS\Sysnative\wpdbusenum.dll
2016-05-14 14:12:56	D906EFF6ADB6704071C903E62867AC23	696672	----a-w-	C:\WINDOWS\Sysnative\NetSetupEngine.dll
2016-05-14 14:12:56	5E903356FCDC2C7011E5341A1C2D48E9	192000	----a-w-	C:\WINDOWS\Sysnative\provisioningcsp.dll
2016-05-14 14:12:56	4766A523BD8265F3082662A49C382680	26408	----a-w-	C:\WINDOWS\Sysnative\wuauclt.exe
2016-05-14 14:12:54	DCC42EF91745E4AB13602B9A4D86DDC4	115040	----a-w-	C:\WINDOWS\Sysnative\NetSetupApi.dll
2016-05-14 14:12:54	C417C35D0B714320708A1C18673ACE6C	104448	----a-w-	C:\WINDOWS\Sysnative\BluetoothApis.dll
2016-05-14 14:12:54	5DBA65D48CB7B17E241BB7430745C2E0	59392	----a-w-	C:\WINDOWS\Sysnative\hmkd.dll
2016-05-14 14:12:53	D0F9C288251907FD44B96837DBDF0A50	320000	----a-w-	C:\WINDOWS\Sysnative\cryptngc.dll
2016-05-14 14:12:52	0BFEB4862FC2422DAC67EE95C278ECE0	111616	----a-w-	C:\WINDOWS\Sysnative\updatepolicy.dll
2016-05-14 14:12:51	33931A5F8E8B4446C547B020409D66C4	436736	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentClient.dll
2016-05-14 14:12:44	AB1738C51C1C1F41A885467E7BB0D37B	285696	----a-w-	C:\WINDOWS\Sysnative\VEEventDispatcher.dll
2016-05-14 14:12:43	ED309332DA910BE791F40F09F6FC50B5	38400	----a-w-	C:\WINDOWS\Sysnative\ByteCodeGenerator.exe
2016-05-14 14:12:42	315CFB6974B5111E3E62E9A512C92B25	151040	----a-w-	C:\WINDOWS\Sysnative\VEStoreEventHandlers.dll
2016-05-14 14:12:42	09098FB07B47765865492C53B66E29E5	764928	----a-w-	C:\WINDOWS\Sysnative\Chakradiag.dll
2016-05-14 14:12:40	FE3A72E9BC5515509517D9BF41144252	414720	----a-w-	C:\WINDOWS\Sysnative\bcastdvr.exe
2016-05-14 14:12:40	C3534256AF526A16AADBA335AA99D58F	63488	----a-w-	C:\WINDOWS\Sysnative\wshbth.dll
2016-05-14 14:12:39	1AF7E0BA5D1AEA3DEF1CF05B070803FA	89600	----a-w-	C:\WINDOWS\Sysnative\NFCProvisioningPlugin.dll
2016-05-14 14:12:38	BD3F339FE542C30BB4A88F34A597728C	134656	----a-w-	C:\WINDOWS\Sysnative\wificonnapi.dll
2016-05-14 14:12:37	F70CB98E5669D44CBFA6F3EBF534977F	86528	----a-w-	C:\WINDOWS\Sysnative\AppCapture.dll
2016-05-14 14:12:37	9C6EE1DE9CF7B77FF550A737816EB6DB	207360	----a-w-	C:\WINDOWS\Sysnative\NetSetupSvc.dll
2016-05-14 14:12:33	9B034D049D1C6EC9BED55D2F27D86ED9	2186	----a-w-	C:\WINDOWS\Sysnative\AppxProvisioning.xml
====== C:\WINDOWS\Sysnative\drivers =====
2016-05-14 14:13:45	48D8729FACC784900B831212AE56F824	1996640	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2016-05-14 14:13:25	01C01ED15ED56B98088CE1D5A0965E6A	577368	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2016-05-14 14:13:17	E7463CE8579A0418A98BE9BE42C647D7	534872	----a-w-	C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2016-05-14 14:13:11	CFFE69B6C276A3418687109EA8AC9E7D	330072	----a-w-	C:\WINDOWS\Sysnative\drivers\pci.sys
2016-05-14 14:13:11	B880BE37452AB1D4AA93845F58EF7960	95072	----a-w-	C:\WINDOWS\Sysnative\drivers\sdport.sys
2016-05-14 14:13:05	357910142E9285B978689B1DB4EFA00A	393568	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2016-05-14 14:13:00	C330883C06E2D4CE4F6982F048265D37	335712	----a-w-	C:\WINDOWS\Sysnative\drivers\fastfat.sys
2016-05-14 14:12:59	50DFE05C698E9B0A63D95E3D669A105C	638816	----a-w-	C:\WINDOWS\Sysnative\drivers\fvevol.sys
2016-05-14 14:12:57	C0752D58193603B6ED762B4027C65E1B	155136	----a-w-	C:\WINDOWS\Sysnative\drivers\hidclass.sys
2016-05-14 14:12:57	2A87EA182EA333D79AA0B03833EA67F2	131424	----a-w-	C:\WINDOWS\Sysnative\drivers\ufxsynopsys.sys
2016-05-14 14:12:56	8F2523C9D8F1448FF2156452AF60FA00	87552	----a-w-	C:\WINDOWS\Sysnative\drivers\filecrypt.sys
2016-05-14 14:12:56	82D3B1F4D80057826AA649D78147DE36	63488	----a-w-	C:\WINDOWS\Sysnative\drivers\UcmCx.sys
2016-05-14 14:12:55	67B9684B8272D5EBD1CCBB1DBD425EC8	99680	----a-w-	C:\WINDOWS\Sysnative\drivers\pdc.sys
2016-05-14 14:12:53	4AAD6547953D373A1EB5B2DF583D868B	67072	----a-w-	C:\WINDOWS\Sysnative\drivers\usbser.sys
2016-05-01 06:53:30	78488AF2AB2111D67B3C4044707A519B	192216	----a-w-	C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
2016-05-01 06:14:09	898415AC0B5F1D2A9A48ABCB68A6DC4B	65408	----a-w-	C:\WINDOWS\Sysnative\drivers\mwac.sys
2016-05-01 06:14:09	1239597BAB7EED2BB16D035AF87E65D9	140672	----a-w-	C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\jolanda\AppData\Roaming ======
====== C:\Users\jolanda ======
2016-05-14 20:24:43	1FC6C8EA2D1C41D87884F9D76DF3862D	4621304	----a-w-	C:\Users\jolanda\Downloads\chrome_cleanup_tool.exe
2016-05-14 11:43:55	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

====== C: exe-files ==
2016-05-14 14:12:55	E004E3D268827C6F2E500411D95DF85E	493056	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
=== C: other files ==
2016-05-16 08:30:53	962B68884DB23DEA39EBE58BDD803400	10709314	----a-w-	C:\Users\jolanda\AppData\Local\Microsoft\Windows\INetCache\Low\IE\N7GTYBCZ\game_common_hi[1].zip
2016-05-16 08:30:53	822BE0E1A81268630915A451DFC81D57	342472	----a-w-	C:\Users\jolanda\AppData\Local\Microsoft\Windows\INetCache\Low\IE\N7GTYBCZ\game11[1].zip
2016-05-16 08:30:47	93DDA27A62728B2BACE81C2FA58AC580	2120819	----a-w-	C:\Users\jolanda\AppData\Local\Microsoft\Windows\INetCache\Low\IE\VK4TQGV5\bootstrap[1].zip
2016-05-16 08:30:47	7DEEDDBB0E7B2210D142AB599DC0D725	1050048	----a-w-	C:\Users\jolanda\AppData\Local\Microsoft\Windows\INetCache\Low\IE\VK4TQGV5\diorama11[1].zip
2016-05-16 08:30:47	396A9BDC22570F6BB5E92701EB9CA519	5929437	----a-w-	C:\Users\jolanda\AppData\Local\Microsoft\Windows\INetCache\Low\IE\VK4TQGV5\diorama_common[1].zip
2016-05-16 08:30:46	AA0E49675093195794D7A50C9BFB2A0B	321791	----a-w-	C:\Users\jolanda\AppData\Local\Microsoft\Windows\INetCache\Low\IE\NAO852A0\localization[1].zip
2016-05-16 08:30:46	16F92C84F58872E048355317191D1CB2	317427	----a-w-	C:\Users\jolanda\AppData\Local\Microsoft\Windows\INetCache\Low\IE\NAO852A0\preloader[1].zip
2016-05-16 08:30:43	18769B2812E7A582DD5FF214058A4D8C	223406	----a-w-	C:\Users\jolanda\AppData\Local\Microsoft\Windows\INetCache\Low\IE\NAO852A0\init[1].zip
2016-05-14 14:13:45	48D8729FACC784900B831212AE56F824	1996640	----a-w-	C:\Windows\System32\drivers\dxgkrnl.sys
2016-05-14 14:13:41	1A944DC7982279E73C4181DD5D50E021	3591168	----a-w-	C:\Windows\System32\win32kfull.sys
2016-05-14 14:13:25	01C01ED15ED56B98088CE1D5A0965E6A	577368	----a-w-	C:\Windows\System32\drivers\dxgmms2.sys
2016-05-14 14:13:24	0676A6C9A6EECA48E14B9AE13B0E3508	1387520	----a-w-	C:\Windows\System32\win32kbase.sys
2016-05-14 14:13:17	E7463CE8579A0418A98BE9BE42C647D7	534872	----a-w-	C:\Windows\System32\drivers\USBHUB3.SYS
2016-05-14 14:13:11	CFFE69B6C276A3418687109EA8AC9E7D	330072	----a-w-	C:\Windows\System32\drivers\pci.sys
2016-05-14 14:13:11	B880BE37452AB1D4AA93845F58EF7960	95072	----a-w-	C:\Windows\System32\drivers\sdport.sys
2016-05-14 14:13:05	357910142E9285B978689B1DB4EFA00A	393568	----a-w-	C:\Windows\System32\drivers\dxgmms1.sys
2016-05-14 14:13:00	C330883C06E2D4CE4F6982F048265D37	335712	----a-w-	C:\Windows\System32\drivers\fastfat.sys
2016-05-14 14:12:59	50DFE05C698E9B0A63D95E3D669A105C	638816	----a-w-	C:\Windows\System32\drivers\fvevol.sys
2016-05-14 14:12:57	C0752D58193603B6ED762B4027C65E1B	155136	----a-w-	C:\Windows\System32\drivers\hidclass.sys
2016-05-14 14:12:57	2A87EA182EA333D79AA0B03833EA67F2	131424	----a-w-	C:\Windows\System32\drivers\ufxsynopsys.sys
2016-05-14 14:12:56	8F2523C9D8F1448FF2156452AF60FA00	87552	----a-w-	C:\Windows\System32\drivers\filecrypt.sys
2016-05-14 14:12:56	82D3B1F4D80057826AA649D78147DE36	63488	----a-w-	C:\Windows\System32\drivers\UcmCx.sys
2016-05-14 14:12:55	67B9684B8272D5EBD1CCBB1DBD425EC8	99680	----a-w-	C:\Windows\System32\drivers\pdc.sys
2016-05-14 14:12:53	4AAD6547953D373A1EB5B2DF583D868B	67072	----a-w-	C:\Windows\System32\drivers\usbser.sys
2016-05-14 11:42:16	CD0B329D17316316E236BC16F5CF09D3	51824	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_x86\dbx-stable.sys
2016-05-14 11:42:16	602534C6AF65E07ACD260AFA55D89D0F	52848	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_x86\dbx-dev.sys
2016-05-14 11:42:16	602534C6AF65E07ACD260AFA55D89D0F	52848	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_x86\dbx-canary.sys
2016-05-14 11:42:15	5A83DA46A3C55A0756230C8A02CA8696	63088	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbx-dev.sys
2016-05-14 11:42:15	5A83DA46A3C55A0756230C8A02CA8696	63088	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbx-canary.sys
2016-05-14 11:42:15	584EC6F441240F575753BCF270891059	61552	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbx-stable.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-1680522920-2772101981-26944563-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"HPADVISOR"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW"
"Bix"="C:\Users\jolanda\AppData\Roaming\Bix\Dlls\BixLauncher.exe /background"
"appnhost"="C:\Users\jolanda\AppData\Local\Mixesoft\AppNHost\appnhost.exe"
"Spotify Web Helper"="C:\Users\jolanda\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"Spotify"="C:\Users\jolanda\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"
"OneDrive"="C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_USERS\S-1-5-21-1680522920-2772101981-26944563-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
"Uninstall C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
"Uninstall C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
"Uninstall C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start"
"WirelessAssistant"="C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"PaperPort PTD"="C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
"IndexSearch"="C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\Av\avuirunnerx.exe C:\Program Files (x86)\AVG\Av\avgui.exe"
"PWRISOVM.EXE"="C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup"
"AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe /lps=fmw"
"ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"Magic Desktop for HP notification"="C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
"Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"HPADVISOR"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW"
"Bix"="C:\Users\jolanda\AppData\Roaming\Bix\Dlls\BixLauncher.exe /background"
"appnhost"="C:\Users\jolanda\AppData\Local\Mixesoft\AppNHost\appnhost.exe"
"Spotify Web Helper"="C:\Users\jolanda\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"Spotify"="C:\Users\jolanda\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"
"OneDrive"="C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
"Uninstall C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
"Uninstall C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
"Uninstall C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\jolanda\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"
"Persistence"="C:\WINDOWS\system32\igfxpers.exe"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"RtkOSD"="C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"CanonSolutionMenu"="C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaPCInternetAccess]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NokiaPCInternetAccess"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Nokia\\PC Internet Access\\NPCIA.exe\" /b"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\\\Phone\\Skype.exe\" /nosplash /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="swg"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""


==== Startup Folders ======================

2010-06-10 06:39:45	1654	--sha-w-	C:\Users\jolanda\AppData\Roaming\Microsoft\LastFlashConfig.wfc

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [19-01-2016 21:51]
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job --a-------- C:\8C:\ProgramC:FilesC:x86\Dropbox\Update\DropboxUpdate.exe []
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [02-12-2015 22:02]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe []
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-08-2015 17:12]
C:\WINDOWS\tasks\HPCeeScheduleForDEVALK$.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [07-10-2009 05:22]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\WINDOWS\SysNative\tasks\easyConnect" [C:\easyConnect\EasyConnect.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe]
"C:\WINDOWS\SysNative\tasks\HPCeeScheduleForDEVALK$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\WINDOWS\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\WINDOWS\SysNative\tasks\ScanSoft Background Update" [C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe]
"C:\WINDOWS\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2016-01-21 12:15:03	--------	d-----w-	C:\PROGRA~3\Samsung
2016-01-21 12:21:52	--------	d-sh--we	C:\PROGRA~3\Application Data
2016-01-21 14:24:02	--------	d-----w-	C:\PROGRA~3\Microsoft OneDrive
2016-01-21 14:43:51	--------	d-----w-	C:\PROGRA~3\USOShared

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86


CookiesOK - jolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmkbjoakcacgljcdccofbffloabfbni

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{5D5082B0-A5E4-4D89-82CB-33F2A5ADD0C0} - http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{5D5082B0-A5E4-4D89-82CB-33F2A5ADD0C0} - http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
HKCU\SearchScopes\{5D5082B0-A5E4-4D89-82CB-33F2A5ADD0C0} - No_Url_Value
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKCU\SearchScopes\{A4B5F126-288C-4BE5-BE3D-DD133D9FBD88} - http://www.google.nl/search?hl=nl&q={searchTerms}&rlz=1I7ADFA_nlNL442

==== Reset Google Chrome ======================

C:\Users\jolanda\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\jolanda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\jolanda\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\jolanda\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaPCInternetAccess deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\jolanda\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\jolanda\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\jolanda\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\jolanda\AppData\Local\Microsoft\Windows\INetCache\IE\004ZKYPH will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\jolanda\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=26 folders=17 8405710 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\jolanda\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Users\jolanda\AppData\Local\Microsoft\Windows\INetCache\IE\004ZKYPH" not found