
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by paulv on ma 27-06-2016 at 22:28:26,42.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\paulv\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

27-6-2016 22:30:49 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\laura\AppData\Local\ActiveSync deleted successfully
C:\Users\laura\AppData\Local\NetworkTiles deleted successfully
C:\Users\laura\AppData\Local\VirtualStore deleted successfully
C:\Users\paulv\AppData\Local\ActiveSync deleted successfully
C:\Users\paulv\AppData\Local\NetworkTiles deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

Apple Application Support (32-bit)  
Apple Application Support (64-bit)  
Apple Mobile Device Support  
Apple Software Update  
Bonjour  
Canon MG4200 series On-screen Manual  
D3DX10  
Dropbox  
Dropbox Update Helper  
Garmin BaseCamp  
iTunes  
Microsoft Application Error Reporting  
Microsoft Audio Enhancement Troubleshooter installer  
Microsoft Office 365 ProPlus - nl-nl  
Microsoft SQL Server 2005 Compact Edition [ENU]  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Movie Maker  
MSVCRT  
MSVCRT110  
MSVCRT110_amd64  
Nikon Message Center 2  
Nikon Movie Editor  
Office 16 Click-to-Run Extensibility Component  
Office 16 Click-to-Run Licensing Component  
Office 16 Click-to-Run Localization Component  
Photo Common  
Photo Gallery  
Picture Control Utility 2  
Revo Uninstaller Pro 3.1.6  
Speccy  
Synology Cloud Station Drive  
ViewNX 2  
Windows Live Communications Platform  
Windows Live Essentials  
Windows Live Installer  
Windows Live Photo Common  
Windows Live PIMT Platform  
Windows Live SOXE  
Windows Live SOXE Definitions  
Windows Live UX Platform  
Windows Live UX Platform Language Pack  

==== Running Processes ======================

C:\Windows\SysWow64\IntelCpHeciSvc.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
C:\Users\paulv\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
C:\Users\paulv\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe
C:\Users\paulv\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe
C:\Users\paulv\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
C:\Users\paulv\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
"C:\Users\paulv\AppData\Roaming\Helper Scripts" deleted
"C:\Users\paulv\AppData\Roaming\Hip Hop" deleted
"C:\Users\paulv\AppData\Roaming\Home" deleted
"C:\ProgramData\Horn Section" deleted
"C:\ProgramData\Horns" deleted
"C:\ProgramData\Hybrid Basic" deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 8067 MB
CPU Info: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
CPU Speed: 2994,4 MHz
Sound Card: Luidsprekers (High Definition A | 
Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | Intel(R) HD Graphics
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1280 X 1024 - 32 bit
Network: Network Present
Network Adapters: Dell Wireless 1506 802.11b|g|n (2.4GHz) | Realtek PCIe GBE Family Controller | Microsoft Wi-Fi Direct Virtual Adapter
CD / DVD Drives: 1x (F: | ) F: MATSHITADVD+-RW SW830
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  915,5GB | D:  465,8GB
Hard Disks - Free: C:  490,2GB | D:  115,6GB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE |  | DELL   - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: Dell Inc. 084J0R
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Internet Explorer Version: 11.420.10586.0 

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2016-06-14 20:10:37	E15BEB03592BA12C5C99E2BA46146BDD	4515264	----a-w-	C:\Windows\explorer.exe
====== C:\Users\paulv\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2016-06-14 20:11:15	F58B6B20BB45E99C99D0F2B73B9EE373	1372312	----a-w-	C:\Windows\SysWOW64\gdi32.dll
2016-06-14 20:11:15	B004992A381FCE04934893BB7D9BDD19	504320	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2016-06-14 20:11:13	F62430C1C9A23E5BAD5C4A43A66F662B	87040	----a-w-	C:\Windows\SysWOW64\MapsBtSvc.dll
2016-06-14 20:11:13	688687C8D860657E6BFDD77B0FFE1DE4	59904	----a-w-	C:\Windows\SysWOW64\MosStorage.dll
2016-06-14 20:11:13	1C09B75EF1869E7790444928F89E3D3C	50176	----a-w-	C:\Windows\SysWOW64\MosHostClient.dll
2016-06-14 20:11:12	73A58788F32A98E446220B5E48843967	349696	----a-w-	C:\Windows\SysWOW64\MapConfiguration.dll
2016-06-14 20:11:12	3C563003AFDD2E6CDC199C2EBDB07886	784896	----a-w-	C:\Windows\SysWOW64\NMAA.dll
2016-06-14 20:11:12	20D8DBFB40E025C2E99F7146E48116CD	800768	----a-w-	C:\Windows\SysWOW64\JpMapControl.dll
2016-06-14 20:11:11	CA90D72C7249D79017057F1F48FD1958	711680	----a-w-	C:\Windows\SysWOW64\MapControlCore.dll
2016-06-14 20:11:11	21D80595A8427CB6F1DDC134E948AECE	6295552	----a-w-	C:\Windows\SysWOW64\mos.dll
2016-06-14 20:11:11	105DE7AF1C9763E56D5322CECF3465EB	5205504	----a-w-	C:\Windows\SysWOW64\BingMaps.dll
2016-06-14 20:11:10	B981A07C0A0CCE68BD90DF3E3EC520DE	1707520	----a-w-	C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-06-14 20:11:10	388077FF1642D94BF81F9D814F22BBA2	499712	----a-w-	C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-06-14 20:10:59	5922C03A67F868265E5AB176DB6D641D	316256	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2016-06-14 20:10:58	E391DD57E6965C8D2DB05A4A52F80EC8	546456	----a-w-	C:\Windows\SysWOW64\fontdrvhost.exe
2016-06-14 20:10:58	B09DFF7CD8E40EA77559C87F3BF310DE	703840	----a-w-	C:\Windows\SysWOW64\WWAHost.exe
2016-06-14 20:10:52	92347FC58A8BD2A45F440239EA9A4F04	12128256	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2016-06-14 20:10:51	6D879552B32CCD2536F66F4F88F54800	19344384	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2016-06-14 20:10:50	FB68B81CBD3F79D09E3EA1D0DFB424B6	37376	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2016-06-14 20:10:49	DDE33C05D644CC57429340ACB2DA53C5	18674176	----a-w-	C:\Windows\SysWOW64\edgehtml.dll
2016-06-14 20:10:48	6762E4ACE8D11FCD80EA4011DD22B857	5660160	----a-w-	C:\Windows\SysWOW64\Chakra.dll
2016-06-14 20:10:47	DCAC3EE469A3B0C0EC5660D730DF6BDF	9918976	----a-w-	C:\Windows\SysWOW64\twinui.dll
2016-06-14 20:10:46	9BD17D372080234722C1139DAC039C9D	93696	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2016-06-14 20:10:45	7823862FA05558EB61C72D8A5A163ADA	3664896	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2016-06-14 20:10:45	02ABF6A6775B745CCCEAEB4594AA6354	5323776	----a-w-	C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 20:10:44	1E497317417C1C68B5453DD04721B16D	614400	----a-w-	C:\Windows\SysWOW64\winhttp.dll
2016-06-14 20:10:43	D8C44C34BC206902947E55E2C94E8D38	2921880	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2016-06-14 20:10:41	A495EA4706387D12C00641D8C48BA527	890368	----a-w-	C:\Windows\SysWOW64\AppxPackaging.dll
2016-06-14 20:10:40	C3BB1475ABDFBC0BB5A37D8BAF3DE733	687616	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2016-06-14 20:10:39	71DF6482300C802BB104514F34B460F0	91648	----a-w-	C:\Windows\SysWOW64\tdlrecover.exe
2016-06-14 20:10:38	B9AD8E15F6641E328C1543688B5EE2E8	2061824	----a-w-	C:\Windows\SysWOW64\MFMediaEngine.dll
2016-06-14 20:10:38	92A252E7DAF67D36BC81758A0F8596EB	2195632	----a-w-	C:\Windows\SysWOW64\d3d10warp.dll
2016-06-14 20:10:37	7FFD756E7DD8BA83B4B4EF41F51B7DF5	1582080	----a-w-	C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-14 20:10:36	836DF245362A9E09CC050EB107E85D74	467456	----a-w-	C:\Windows\SysWOW64\AppContracts.dll
2016-06-14 20:10:36	56339962C1448BA2CF4C4D25C89938D2	521664	----a-w-	C:\Windows\SysWOW64\dxgi.dll
2016-06-14 20:10:35	8162BC2EC9E529AA90F196A12D887308	4268880	----a-w-	C:\Windows\SysWOW64\setupapi.dll
2016-06-14 20:10:34	A142F1D0FF07C172FA90075B7848CCD0	521728	----a-w-	C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-14 20:10:33	E724CB02012CEBF773DC9FE304DCD946	501600	----a-w-	C:\Windows\SysWOW64\NetSetupEngine.dll
2016-06-14 20:10:33	B011360F95F911F025BC91CB17449798	1500160	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2016-06-14 20:10:32	FBBE8B9147474379F54F8A1BACBF9748	388384	----a-w-	C:\Windows\SysWOW64\ws2_32.dll
2016-06-14 20:10:32	FB8900191867C5B4AA61AF85B8DD1869	4074160	----a-w-	C:\Windows\SysWOW64\explorer.exe
2016-06-14 20:10:31	F07AE86B2CD1C2CF6AE7812C60299032	535040	----a-w-	C:\Windows\SysWOW64\rastls.dll
2016-06-14 20:10:31	1B4F03A9F11169672067ED4FD7504AD6	1445888	----a-w-	C:\Windows\SysWOW64\SRHInproc.dll
2016-06-14 20:10:30	0B2EB30A9E987E8F85C9B28BDE04F028	254656	----a-w-	C:\Windows\SysWOW64\LockAppHost.exe
2016-06-14 20:10:28	9BBE7D1B5B0FC534CBA0B2444BD05204	957608	----a-w-	C:\Windows\SysWOW64\ole32.dll
2016-06-14 20:10:26	B503CB64CC62265B914DA10A5CF87B05	2230272	----a-w-	C:\Windows\SysWOW64\wininet.dll
2016-06-14 20:10:26	1F5B5642253FC9760EEACD81900C38DC	312160	----a-w-	C:\Windows\SysWOW64\mswsock.dll
2016-06-14 20:10:26	110EE87B0F4E38609AD73E9075EF82A4	97096	----a-w-	C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-14 20:10:22	D93D6F9BC1EE3329A9DCF3B9591EB156	219136	----a-w-	C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-06-14 20:10:22	56DEB6F17F290B8C4AF8B2AA10097B55	88576	----a-w-	C:\Windows\SysWOW64\olepro32.dll
2016-06-14 20:10:21	551624F398703A90CAFCC5777CEA99E8	450560	----a-w-	C:\Windows\SysWOW64\SyncController.dll
2016-06-14 20:10:20	2FDF5001427D457AC43942FADC742404	360480	----a-w-	C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-14 20:10:19	CD12A269274F2916A3661198E13CBBC4	799744	----a-w-	C:\Windows\SysWOW64\SRH.dll
2016-06-14 20:10:19	A3B6AED415AEEA114597E5043F45FF18	415232	----a-w-	C:\Windows\SysWOW64\StoreAgent.dll
2016-06-14 20:10:19	8000FB1D40149AC05F6BDE9248A6B956	230400	----a-w-	C:\Windows\SysWOW64\dhcpcore6.dll
2016-06-14 20:10:18	861D71E2284DCEA5E9309CDE8D920252	485888	----a-w-	C:\Windows\SysWOW64\newdev.dll
2016-06-14 20:10:18	53BD5A0B7D0B027984D99BEDB945CEE6	84832	----a-w-	C:\Windows\SysWOW64\NetSetupApi.dll
2016-06-14 20:10:18	4DED20A327D15D69FB85310D14D67711	291328	----a-w-	C:\Windows\SysWOW64\polstore.dll
2016-06-14 20:10:14	4243F729D260C0D6C6A3B605F51FD518	103424	----a-w-	C:\Windows\SysWOW64\updatepolicy.dll
2016-06-14 20:10:13	4F34CCC76E60CCE8BA12663A747EC05B	57344	----a-w-	C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-06-14 20:10:12	88A3958213B43EED8402D4496149924A	64000	----a-w-	C:\Windows\SysWOW64\dhcpcsvc.dll
2016-06-14 20:10:10	CEF14DB231B344BBDBF7C04A12D8336B	293888	----a-w-	C:\Windows\SysWOW64\dhcpcore.dll
2016-06-14 20:10:10	5DC9ED2C89D94C47892DF237D604BDC8	200192	----a-w-	C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-06-14 20:10:10	4C6145BBEFDD7092ABFA5F7614BA2E66	53760	----a-w-	C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-14 20:10:09	A9E193BE154B7145EF06FD0FD10232A0	151040	----a-w-	C:\Windows\SysWOW64\mdmregistration.dll
2016-06-14 20:10:08	69E1CFC67F4A4043F01AD3513A73ED02	161280	----a-w-	C:\Windows\SysWOW64\InstallAgent.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2016-06-14 20:11:15	7A654D6E586FDE14C8B805BED03D74B7	45568	----a-w-	C:\Windows\Sysnative\atmlib.dll
2016-06-14 20:11:14	E7522EFA8A09808046F88BCF3F1B8827	1594416	----a-w-	C:\Windows\Sysnative\gdi32.dll
2016-06-14 20:11:14	C1B13204994572C941C14A7FF410C4D6	24605696	----a-w-	C:\Windows\Sysnative\mshtml.dll
2016-06-14 20:11:14	6521E1FB66B3E1897C4EFDECC7C95D4C	606208	----a-w-	C:\Windows\Sysnative\vbscript.dll
2016-06-14 20:11:13	730D45D8008EECC0BAD2CBEB48A5EA6F	853504	----a-w-	C:\Windows\Sysnative\MapsStore.dll
2016-06-14 20:11:13	669A63116B94E259A6D583C099A6B48C	460800	----a-w-	C:\Windows\Sysnative\MapConfiguration.dll
2016-06-14 20:11:12	8E49ED08328FB7446228617B129DD377	7200256	----a-w-	C:\Windows\Sysnative\BingMaps.dll
2016-06-14 20:11:12	3CF4B1B09166346F5CA6C3BFBEF2EB8C	1056256	----a-w-	C:\Windows\Sysnative\JpMapControl.dll
2016-06-14 20:11:11	E91AB87F7E533BA1566FDEC651347E07	988160	----a-w-	C:\Windows\Sysnative\NMAA.dll
2016-06-14 20:11:10	EBE69568E527FD4EF37EDD0C62608B28	7977472	----a-w-	C:\Windows\Sysnative\mos.dll
2016-06-14 20:11:10	4799A06F0BC0694E8D6FBF38110B7F65	939520	----a-w-	C:\Windows\Sysnative\MapControlCore.dll
2016-06-14 20:11:09	CAB0FCF4F680E552329366614C83A808	630784	----a-w-	C:\Windows\Sysnative\MessagingDataModel2.dll
2016-06-14 20:11:09	C49E5A83F5454A06A1306A8B1589B928	1996288	----a-w-	C:\Windows\Sysnative\ActiveSyncProvider.dll
2016-06-14 20:11:09	2FEEF51C4A1DB9D1334D5B77DEC92865	22379008	----a-w-	C:\Windows\Sysnative\edgehtml.dll
2016-06-14 20:11:03	985F15F4F0922BD34BDD42AD2F5EC86A	89088	----a-w-	C:\Windows\Sysnative\MapsCSP.dll
2016-06-14 20:11:03	77C9887E5E4A99F3A6F717DF24874E00	66560	----a-w-	C:\Windows\Sysnative\MosHostClient.dll
2016-06-14 20:11:03	0C1F4E23E2E834C7EE795D23EC383205	28672	----a-w-	C:\Windows\Sysnative\mapsupdatetask.dll
2016-06-14 20:11:03	0272C6FF9DB6902D9958AC108EB7F7C2	120320	----a-w-	C:\Windows\Sysnative\MapsBtSvc.dll
2016-06-14 20:11:02	FA2CDF42B3E9F53B12E506BA48BE16AA	72704	----a-w-	C:\Windows\Sysnative\moshost.dll
2016-06-14 20:11:02	76A304EBFC5FF61C5F5B35259AA64EAE	269824	----a-w-	C:\Windows\Sysnative\moshostcore.dll
2016-06-14 20:11:02	3704397D35001B56B371B3395BD8B876	123392	----a-w-	C:\Windows\Sysnative\tdlrecover.exe
2016-06-14 20:11:02	224DC52AE777A1B23A6774B6C4C04853	2609664	----a-w-	C:\Windows\Sysnative\NetworkMobileSettings.dll
2016-06-14 20:11:02	0DA05DFF1CFF34D421475DCEEB4F42A8	74752	----a-w-	C:\Windows\Sysnative\MosStorage.dll
2016-06-14 20:11:01	F7A0927CE6772BD2B809DAB4C18F52F2	46784	----a-w-	C:\Windows\Sysnative\CompatTelRunner.exe
2016-06-14 20:11:01	CE8A06FE15854BAEE15E5E87D1CB6EBA	1401024	----a-w-	C:\Windows\Sysnative\appraiser.dll
2016-06-14 20:11:00	AA2D40D4C045D014FD481BC17308A09A	118272	----a-w-	C:\Windows\Sysnative\fontsub.dll
2016-06-14 20:11:00	05E07AE24F3BE69DEF01145C9BF99B8C	6973952	----a-w-	C:\Windows\Sysnative\Windows.Data.Pdf.dll
2016-06-14 20:10:59	5CE34C981833706A0B6051572AC5B6CE	379232	----a-w-	C:\Windows\Sysnative\atmfd.dll
2016-06-14 20:10:58	F0DF375130CF8A135D9BF5459BD7691D	636304	----a-w-	C:\Windows\Sysnative\fontdrvhost.exe
2016-06-14 20:10:58	E53E383F2C47424BD793210CC3A17FE5	808288	----a-w-	C:\Windows\Sysnative\WWAHost.exe
2016-06-14 20:10:56	9EDE32C8BEAF4E95CBCE3CA158984D2A	3585536	----a-w-	C:\Windows\Sysnative\SystemSettingsThresholdAdminFlowUI.dll
2016-06-14 20:10:56	26E32337D1525AE114645A53EBA9ECDE	13385728	----a-w-	C:\Windows\Sysnative\ieframe.dll
2016-06-14 20:10:55	80851FD6C1795071602244DDAC856C78	11545088	----a-w-	C:\Windows\Sysnative\twinui.dll
2016-06-14 20:10:53	A68F4601A79556A0E912458703D30A1D	7832576	----a-w-	C:\Windows\Sysnative\Chakra.dll
2016-06-14 20:10:52	C9CF27CF340A5909B1C1953776957C87	567808	----a-w-	C:\Windows\Sysnative\MBMediaManager.dll
2016-06-14 20:10:50	1CF69EF4E2844F9D297F309CF80122CB	2168320	----a-w-	C:\Windows\Sysnative\AppXDeploymentServer.dll
2016-06-14 20:10:49	D2A63D882C5A702C0E3081D4CC6855B0	3994624	----a-w-	C:\Windows\Sysnative\SettingsHandlers_nt.dll
2016-06-14 20:10:47	5370350A591EC5A55801AA8378DFADCE	4896256	----a-w-	C:\Windows\Sysnative\jscript9.dll
2016-06-14 20:10:46	B89C353AFC8F56D961D07FF1FE7B4BCD	1339904	----a-w-	C:\Windows\Sysnative\gpsvc.dll
2016-06-14 20:10:45	D4B30E23A3B373648F61290DAF432CB2	794624	----a-w-	C:\Windows\Sysnative\winhttp.dll
2016-06-14 20:10:44	C3417E8791096AA0E211B201ACA66757	2582016	----a-w-	C:\Windows\Sysnative\MFMediaEngine.dll
2016-06-14 20:10:44	2C3C82F85556F91EC1621268DDCC7554	3675512	----a-w-	C:\Windows\Sysnative\iertutil.dll
2016-06-14 20:10:43	C39B97A8B3C193303D09A3C95AF46531	1322248	----a-w-	C:\Windows\Sysnative\ole32.dll
2016-06-14 20:10:43	131547B1C1D2ABD355C5DFE945BCB9A4	693600	----a-w-	C:\Windows\Sysnative\NetSetupEngine.dll
2016-06-14 20:10:42	4B4439FE941574FDF7A757DF6E100705	3590144	----a-w-	C:\Windows\Sysnative\win32kfull.sys
2016-06-14 20:10:42	2BB3FACF2648595E14FAD596DC68DB65	7474528	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2016-06-14 20:10:41	DDA0A83CA083DC6CBFAB7015B10F5377	1716736	----a-w-	C:\Windows\Sysnative\SRHInproc.dll
2016-06-14 20:10:41	BDF4623C41C0782EE640C2466510FDD7	784384	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2016-06-14 20:10:41	7ECACE6D0B4C2D323408EB00FD93C682	503808	----a-w-	C:\Windows\Sysnative\tileobjserver.dll
2016-06-14 20:10:41	186F9035AEF7E15C4D3F15C3536AB24C	2548944	----a-w-	C:\Windows\Sysnative\d3d10warp.dll
2016-06-14 20:10:40	D56E06BE971D9AE99400D435D28D56ED	592896	----a-w-	C:\Windows\Sysnative\AppContracts.dll
2016-06-14 20:10:40	CA2F55C653DEEEC99802103AD6C9E810	1797120	----a-w-	C:\Windows\Sysnative\Windows.UI.Immersive.dll
2016-06-14 20:10:40	A8AFB8AD3E24134382BFA0EBE534F95C	290496	----a-w-	C:\Windows\Sysnative\invagent.dll
2016-06-14 20:10:40	8D3AC00C88BC2A63D1D3CC320E0EAA19	2281472	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2016-06-14 20:10:39	729B7FF96EC3C2EC13EEBD12BBF15322	649792	----a-w-	C:\Windows\Sysnative\dxgi.dll
2016-06-14 20:10:39	5AAB28A6AC2AAC9F66D4EAB6695D0474	963072	----a-w-	C:\Windows\Sysnative\iphlpsvc.dll
2016-06-14 20:10:39	1A7C3451A5BD863F9FC4D7421D353374	982016	----a-w-	C:\Windows\Sysnative\AppxPackaging.dll
2016-06-14 20:10:38	FA8E0A9C648035CA1B47C9DA77EDB7EA	380416	----a-w-	C:\Windows\Sysnative\SystemEventsBrokerServer.dll
2016-06-14 20:10:38	A63889B4BCFDF67306AC239374F823B0	2066432	----a-w-	C:\Windows\Sysnative\AppXDeploymentExtensions.dll
2016-06-14 20:10:37	5B813FADEA5BE9195F01C83287F823F7	190464	----a-w-	C:\Windows\Sysnative\wscsvc.dll
2016-06-14 20:10:37	248EE89220C4B1156EDA5F295C9133D3	1730560	----a-w-	C:\Windows\Sysnative\urlmon.dll
2016-06-14 20:10:36	CD9F1B2F8D6FDDEB0501666542E31D96	990208	----a-w-	C:\Windows\Sysnative\SharedStartModel.dll
2016-06-14 20:10:35	57C88C15CEC97318F580D7F4327AAA46	163328	----a-w-	C:\Windows\Sysnative\tetheringservice.dll
2016-06-14 20:10:34	F69610C2C741B025CE28BBAA7DA8A9EA	684544	----a-w-	C:\Windows\Sysnative\StructuredQuery.dll
2016-06-14 20:10:34	F68AD4ACC7535D811F94A52233AE0457	430312	----a-w-	C:\Windows\Sysnative\ws2_32.dll
2016-06-14 20:10:34	E3B8996D970DB8926A817A4BFC3DA5FD	285184	----a-w-	C:\Windows\Sysnative\VEEventDispatcher.dll
2016-06-14 20:10:34	3EAE04B6CBACAB9CF850A5009F02065E	730344	----a-w-	C:\Windows\Sysnative\Windows.Internal.Shell.Broker.dll
2016-06-14 20:10:33	DD285F10B3AB2588FED953E559ABEADD	610816	----a-w-	C:\Windows\Sysnative\rastls.dll
2016-06-14 20:10:33	8DB6AE22A974739EB53C7FA3DBD7EAAA	1390080	----a-w-	C:\Windows\Sysnative\Windows.UI.Shell.dll
2016-06-14 20:10:33	4973B94DE96E78AF1128A557846E8411	4387680	----a-w-	C:\Windows\Sysnative\setupapi.dll
2016-06-14 20:10:32	F818A7A8BA20F9E20087248FFF1717C8	90624	----a-w-	C:\Windows\Sysnative\DeviceEnroller.exe
2016-06-14 20:10:32	BD5DD35352A6DEDBBF1472C06A123E27	965632	----a-w-	C:\Windows\Sysnative\SRH.dll
2016-06-14 20:10:32	87F0A5CDFF9DE712B1F009EDBF8D9779	641536	----a-w-	C:\Windows\Sysnative\enterprisecsps.dll
2016-06-14 20:10:32	56622DFB0F03B7697B054F256C900A8E	303216	----a-w-	C:\Windows\Sysnative\LockAppHost.exe
2016-06-14 20:10:32	0D33D06EF42E3BC6A7BBC4F7F7517C25	368640	----a-w-	C:\Windows\Sysnative\usocore.dll
2016-06-14 20:10:31	F3E636B2A747493206336114208918FB	173056	----a-w-	C:\Windows\Sysnative\mdmmigrator.dll
2016-06-14 20:10:31	861DE49C2ACE112CE1A83DF5E6A7AB97	239104	----a-w-	C:\Windows\Sysnative\BrokerLib.dll
2016-06-14 20:10:31	2885631DD8DDB06C091310E6C837AFB0	92352	----a-w-	C:\Windows\Sysnative\acmigration.dll
2016-06-14 20:10:30	FFFDA814EE04E06DA9F0BADAA22ABBFD	145920	----a-w-	C:\Windows\Sysnative\omadmclient.exe
2016-06-14 20:10:30	DF7A59E70F398EEB9FDCDD310987D8AE	1073152	----a-w-	C:\Windows\Sysnative\RDXService.dll
2016-06-14 20:10:30	4F2621E187382D22045D0BC65B23858E	587776	----a-w-	C:\Windows\Sysnative\bisrv.dll
2016-06-14 20:10:29	6DC05FFA78B5E1D34AFDBA08D00B1A8B	22561256	----a-w-	C:\Windows\Sysnative\shell32.dll
2016-06-14 20:10:28	BEE99FBB55E3BFFCF85D0C0A8D26261F	431296	----a-w-	C:\Windows\Sysnative\bcryptprimitives.dll
2016-06-14 20:10:28	9547F6675FB25D558BB0F10F1EC9DDD8	591360	----a-w-	C:\Windows\Sysnative\vpnike.dll
2016-06-14 20:10:27	75CC21C976BFF286E706AA2D133EB9D4	2755584	----a-w-	C:\Windows\Sysnative\wininet.dll
2016-06-14 20:10:27	39231A451D553196A909D02C05945CED	428896	----a-w-	C:\Windows\Sysnative\hal.dll
2016-06-14 20:10:26	2E6EBC6F331900D943EB5F58C1835AFB	417792	----a-w-	C:\Windows\Sysnative\dmenrollengine.dll
2016-06-14 20:10:26	199298181CB86E5056D82BD1F86C8A97	357216	----a-w-	C:\Windows\Sysnative\mswsock.dll
2016-06-14 20:10:25	4F99255A964A4009D434338D87A3610D	332288	----a-w-	C:\Windows\Sysnative\polstore.dll
2016-06-14 20:10:23	6655228B16A6371BE3B45E7913B52250	111064	----a-w-	C:\Windows\Sysnative\ncryptsslp.dll
2016-06-14 20:10:22	FEAFB991662BF0AD233CC090E83E4FD3	131248	----a-w-	C:\Windows\Sysnative\gpapi.dll
2016-06-14 20:10:22	D67052BD0DA9C17BCBBF8AB5B6D354EE	392192	----a-w-	C:\Windows\Sysnative\IPSECSVC.DLL
2016-06-14 20:10:21	9E79A2208A9ED205A7383CBC92C28053	79872	----a-w-	C:\Windows\Sysnative\cryptsvc.dll
2016-06-14 20:10:21	9A293A4EE7C2283AD9689AB268B6CBA5	555520	----a-w-	C:\Windows\Sysnative\SyncController.dll
2016-06-14 20:10:21	579BA42B70965456C170E98BD481E8F6	315392	----a-w-	C:\Windows\Sysnative\RDXTaskFactory.dll
2016-06-14 20:10:21	537CC506D45C691CD1FFF2D918E8C27C	174080	----a-w-	C:\Windows\Sysnative\SettingsHandlers_Privacy.dll
2016-06-14 20:10:20	D5F1729225B3D3B69F76A191320952C7	514752	----a-w-	C:\Windows\Sysnative\devinv.dll
2016-06-14 20:10:20	6B585B45402B04EF80CB81969682DBE6	693760	----a-w-	C:\Windows\Sysnative\internetmail.dll
2016-06-14 20:10:20	672694F7708B6531F7B3219D9FAE2845	199168	----a-w-	C:\Windows\Sysnative\GnssAdapter.dll
2016-06-14 20:10:19	D7C68ADAF1DA79072A44620CD3042E44	170848	----a-w-	C:\Windows\Sysnative\NetworkUXBroker.exe
2016-06-14 20:10:19	D07172DFA6BD46545A7708DD78F02D14	1184960	----a-w-	C:\Windows\Sysnative\aeinv.dll
2016-06-14 20:10:19	26E9FC9FFDEF863021D3C18A30B4373F	267264	----a-w-	C:\Windows\Sysnative\dhcpcore6.dll
2016-06-14 20:10:18	C91D271837F2A7DE9875CF50068BF503	511488	----a-w-	C:\Windows\Sysnative\newdev.dll
2016-06-14 20:10:18	A83B4BBA591A3243C61DB825201BA024	115040	----a-w-	C:\Windows\Sysnative\NetSetupApi.dll
2016-06-14 20:10:18	83BF0EE2DB8AB8059B8979E7DF143AF1	26408	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2016-06-14 20:10:18	38A4CE75D9E6FDC28393971ADFD6F9FB	218624	----a-w-	C:\Windows\Sysnative\cdd.dll
2016-06-14 20:10:17	EFE15754302A2188C933164CFF9AEFD1	111104	----a-w-	C:\Windows\Sysnative\updatepolicy.dll
2016-06-14 20:10:15	D461D2BECEFA661291EB1B748A8D2CCB	355840	----a-w-	C:\Windows\Sysnative\dhcpcore.dll
2016-06-14 20:10:15	8561E653AEB0EFCAD88DE082C282E831	76800	----a-w-	C:\Windows\Sysnative\ngcpopkeysrv.dll
2016-06-14 20:10:14	58BC9F0C8D92AD7E45F03596BE2E68B4	550912	----a-w-	C:\Windows\Sysnative\StoreAgent.dll
2016-06-14 20:10:14	519E5DB2F227B7293EF94D18D5753738	157184	----a-w-	C:\Windows\Sysnative\dmcertinst.exe
2016-06-14 20:10:13	FA0CCA622E2046BC47A81D9A2630F5E9	67072	----a-w-	C:\Windows\Sysnative\dhcpcsvc6.dll
2016-06-14 20:10:13	201A90736B86C3478DD03FD238691944	1387520	----a-w-	C:\Windows\Sysnative\win32kbase.sys
2016-06-14 20:10:13	163A6E3A267DBE416679A76D1FA57C4B	86016	----a-w-	C:\Windows\Sysnative\dhcpcsvc.dll
2016-06-14 20:10:11	E32F15E26724F3BB6423FB29FF3E2A8F	278016	----a-w-	C:\Windows\Sysnative\Windows.Internal.Management.dll
2016-06-14 20:10:11	47C395DAD8900E2E054FE3AE0FE7C345	406528	----a-w-	C:\Windows\Sysnative\MusUpdateHandlers.dll
2016-06-14 20:10:11	3CFDA42F5C7914509CD660D1062A8E55	19456	----a-w-	C:\Windows\Sysnative\httpprxp.dll
2016-06-14 20:10:10	F605380B537201BD3BC0CDFB5AD53530	162816	----a-w-	C:\Windows\Sysnative\enrollmentapi.dll
2016-06-14 20:10:10	E37D5E1BB9F53BD499125B3F0F27E94E	128512	----a-w-	C:\Windows\Sysnative\httpprxm.dll
2016-06-14 20:10:10	265CCC1C1FEF749DC82458D114C2BE34	166400	----a-w-	C:\Windows\Sysnative\MusNotification.exe
2016-06-14 20:10:10	0F98F18445707A9141F74B3C48F919A6	90112	----a-w-	C:\Windows\Sysnative\FwRemoteSvr.dll
2016-06-14 20:10:10	003A0EA097767462F3417B7857DCE1CC	79360	----a-w-	C:\Windows\Sysnative\adhsvc.dll
2016-06-14 20:10:09	D6DAEA66B2A9349DD38BFE528BBFAFA6	91136	----a-w-	C:\Windows\Sysnative\browserbroker.dll
2016-06-14 20:10:09	3E10999029D3D2C13F8AAA204E7D5B5F	764928	----a-w-	C:\Windows\Sysnative\Chakradiag.dll
2016-06-14 20:10:09	1F933CB5AECF7484A0589633A75132A2	176640	----a-w-	C:\Windows\Sysnative\mdmregistration.dll
2016-06-14 20:10:08	A3AA03C0C5002F3D89397637B770A1BA	207360	----a-w-	C:\Windows\Sysnative\NetSetupSvc.dll
2016-06-14 20:10:08	A1E25DFE54E3D41CB528ACA5CE9480F7	199168	----a-w-	C:\Windows\Sysnative\InstallAgent.exe
2016-06-14 20:10:07	E527156DDC1367CD795AD231C5C439C4	414720	----a-w-	C:\Windows\Sysnative\bcastdvr.exe
2016-06-14 20:10:07	6B7F0785FF5AA23B7005D969BED95DB2	86528	----a-w-	C:\Windows\Sysnative\AppCapture.dll
====== C:\Windows\Sysnative\drivers =====
2016-06-15 06:14:13	9C3AC71A9934B884FAC567A8807E9C4D	31800	----a-w-	C:\Windows\Sysnative\drivers\revoflt.sys
2016-06-14 20:10:42	3996DF4D52FD6273750C7033D1447C0A	31744	----a-w-	C:\Windows\Sysnative\drivers\dumpsdport.sys
2016-06-14 20:10:35	8B83335B6A86F39785FC7C9DE5F5B29F	1996640	----a-w-	C:\Windows\Sysnative\drivers\dxgkrnl.sys
2016-06-14 20:10:32	425CFD45BDF5B9F8B790BEB20E0A8721	161632	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2016-06-14 20:10:31	2568B86F6A50D254324CB89022CA9EFC	690176	----a-w-	C:\Windows\Sysnative\drivers\srv2.sys
2016-06-14 20:10:30	CF78AF126B00C1B0A6FF45BD838E8EFE	331616	----a-w-	C:\Windows\Sysnative\drivers\pci.sys
2016-06-14 20:10:30	C03E926B0E7D66D68994067231DC3246	278528	----a-w-	C:\Windows\Sysnative\drivers\netbt.sys
2016-06-14 20:10:29	BE88248427A6AA548A904FD867667F70	406528	----a-w-	C:\Windows\Sysnative\drivers\srv.sys
2016-06-14 20:10:29	3F7C80D9F16B94367646CBF8B8C052F4	604928	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2016-06-14 20:10:27	8E9E48E4BC6EACB811FE6066ADACC7A5	577376	----a-w-	C:\Windows\Sysnative\drivers\dxgmms2.sys
2016-06-14 20:10:26	87B9ABB965F7AF987D52791F0DD1663D	211296	----a-w-	C:\Windows\Sysnative\drivers\tpm.sys
2016-06-14 20:10:22	6E520D6B16EA8AE23D1F81C1194F00C8	237056	----a-w-	C:\Windows\Sysnative\drivers\srvnet.sys
2016-06-14 20:10:21	D330D74B5F99309B5CCA30AE41C57CDE	118624	----a-w-	C:\Windows\Sysnative\drivers\partmgr.sys
2016-06-14 20:10:19	05DD22294A4F3F89E52351C7721E6D2C	258912	----a-w-	C:\Windows\Sysnative\drivers\ufx01000.sys
2016-06-14 20:10:14	883A36E2FF7FA3E1281CB575579FE3AF	124928	----a-w-	C:\Windows\Sysnative\drivers\Ndu.sys
2016-06-14 20:10:13	020F3FD207AFEDAC8E05E4C567547A78	155136	----a-w-	C:\Windows\Sysnative\drivers\hidclass.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2016-06-22 20:01:39	--------	d-----w-	C:\Program Files\trend micro
2016-06-15 19:32:05	--------	d---a-w-	C:\Program Files\Speccy
2016-06-15 06:14:12	--------	d-----w-	C:\Program Files\VS Revo Group
======= C:\PROGRA~2 =====
2016-06-22 16:03:58	--------	d---a-w-	C:\PROGRA~2\COMMON~1\DESIGNER
2016-06-13 19:49:33	--------	d-----w-	C:\PROGRA~2\Canon
2016-05-29 08:16:15	--------	d---a-w-	C:\PROGRA~2\Garmin
======= C: =====
====== C:\Users\paulv\AppData\Roaming ======
2016-06-15 06:14:16	--------	d-----w-	C:\Users\paulv\AppData\Local\VS Revo Group
2016-06-15 06:13:55	--------	d-----w-	C:\Users\paulv\AppData\Local\Programs
2016-06-13 18:50:44	--------	d-----w-	C:\Users\paulv\AppData\Local\Diagnostics
2016-05-29 08:16:39	--------	d-----w-	C:\Users\paulv\AppData\Local\GARMIN_Corp
2016-05-29 08:16:37	--------	d-----w-	C:\Users\paulv\AppData\Local\Garmin
====== C:\Users\paulv ======
2016-06-27 19:30:36	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-27 19:29:45	EB7380AD4CDA3413C4D4695A94090D58	42	---ha-w-	C:\Users\paulv\.uuid
2016-06-22 20:01:08	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\paulv\Desktop\RSITx64.exe
2016-06-15 19:32:06	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-06-15 19:30:59	FF70EB133BE86B9F9EB18E274DAA6B6C	5111240	----a-w-	C:\Users\paulv\Downloads\spsetup129.exe
2016-06-15 06:14:14	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2016-06-15 06:14:13	--------	d-----w-	C:\ProgramData\VS Revo Group
2016-06-15 06:13:23	63B148154570D8BC763C77575FD856A5	11374528	----a-w-	C:\Users\paulv\Downloads\RevoUninProSetup.exe
2016-06-13 19:50:10	--------	d--h--w-	C:\ProgramData\CanonIJEGV
2016-06-13 19:49:49	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG4200 series Manual
2016-05-29 08:16:19	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

====== C: exe-files ==
2016-06-27 19:30:23	BB242E830280CD96ED8177C5103FE739	25200	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_x86\dbxsvc.exe
2016-06-27 19:30:23	839DE4A51FC7B9B3C0DF4891296B2F7B	173288	----a-w-	C:\Program Files (x86)\Dropbox\Client\DropboxUninstaller.exe
2016-06-27 19:30:23	67F3885B1545B5558C431B0E0E2A97BB	24105936	----a-w-	C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
2016-06-27 19:30:23	3F05A4777AD9C8994BD1BD972408A803	25712	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbxsvc.exe
2016-06-27 19:29:36	BD2F13CBEEC7B91AEDA6DFFDF3F4FD47	1132056	----a-w-	C:\Users\paulv\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-auto-updater.exe
2016-06-27 19:29:36	99DA6528EC97D379F72AC768D999DAD1	3699544	----a-w-	C:\Users\paulv\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe
2016-06-27 19:29:36	37CA731015D36978DE5AC4262B5B6E7D	6215192	----a-w-	C:\Users\paulv\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe
2016-06-27 19:29:36	27FF0F83124E8FC3254B76A1A3BF69E7	32691296	----a-w-	C:\Users\paulv\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe
2016-06-27 19:29:36	20088CADBE79DB80751504EBD9CDD815	1794104	----a-w-	C:\Users\paulv\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-cleaner.exe
2016-06-27 19:29:09	5968F9CA0C51FF2C673A59083E2CBB98	69215400	----a-w-	C:\Program Files (x86)\Dropbox\Update\Download\{CC46080E-4C33-4981-859A-BBA2F780F31E}\5.4.24\DropboxClient_5.4.24.exe
2016-06-22 20:01:40	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\paulv.exe
2016-06-22 20:01:08	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\paulv\Desktop\RSITx64.exe
2016-06-21 15:19:08	4E95AB8BEB2C8FD53B348EF4AD5121C5	149184	----a-w-	C:\Users\paulv\AppData\Local\Temp\95D3B468-6058-4CC5-BD17-6E755B4CF3AB\DismHost.exe
2016-06-21 14:57:30	4E95AB8BEB2C8FD53B348EF4AD5121C5	149184	----a-w-	C:\Users\paulv\AppData\Local\Temp\2FB7B184-889D-43B8-A40C-EA185C81C4F7\DismHost.exe
=== C: other files ==
2016-06-27 19:30:45	18B5E5280558259057891054462757AB	33800245	----a-w-	C:\Semitechnology\Customer\Tetreon\2016\Quotes\Srisa Joint\pictures\Archive.zip
2016-06-27 19:30:23	D54A14EF632698CEB089654B5394F929	63600	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbx-dev.sys
2016-06-27 19:30:23	602534C6AF65E07ACD260AFA55D89D0F	52848	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_x86\dbx-stable.sys
2016-06-27 19:30:23	602534C6AF65E07ACD260AFA55D89D0F	52848	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_x86\dbx-canary.sys
2016-06-27 19:30:23	5A83DA46A3C55A0756230C8A02CA8696	63088	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbx-stable.sys
2016-06-27 19:30:23	5A83DA46A3C55A0756230C8A02CA8696	63088	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbx-canary.sys
2016-06-27 19:30:23	006F32093B0FF58A3839FF84288A2DE1	53360	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_x86\dbx-dev.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-1134270439-3244105731-1244397284-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\paulv\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup"
"Nikon Message Center 2"="C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\paulv\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [07-04-2016 21:15]
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a-------- [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{1117BF97-712B-489F-B9BB-FF3C3C3685A2}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{2989574C-1DDF-4F80-8AA5-8C5AAA94EC8B}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/?gws_rd=ssl"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/?gws_rd=ssl"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{99E4B61B-BB6B-41E2-B0F1-448B8B827C38} - http://www.google.com/search?q={searchTerms}

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKCU\..\Run: [OneDrive] "C:\Users\paulv\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Synology Cloud Station Drive.lnk = C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cloud Station Drive VSS Service x64 - Unknown owner - C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox-update-service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox-update-service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\laura\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\laura\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\paulv\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\paulv\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\laura\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\laura\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Users\paulv\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\paulv\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1 folders=0 615 bytes)

==== Empty Temp Folders ======================

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\paulv\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 27-06-2016 at 22:47:54,71 ======================