Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Ilona on zo 03-07-2016 at 9:44:50,10. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Ilona\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 3-7-2016 09:46:42 Zoek.exe System Restore Point Created Successfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\Program Files\McAfee deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\Ilona\AppData\Local\ActiveSync deleted successfully C:\Users\Ilona\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Ilona\AppData\Local\EmieSiteList deleted successfully C:\Users\Ilona\AppData\Local\EmieUserList deleted successfully C:\Users\Ilona\AppData\Local\NetworkTiles deleted successfully C:\Users\Ilona\AppData\Local\Skype deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2556200484-1780206598-2822088272-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_USERS\S-1-5-21-2556200484-1780206598-2822088272-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_USERS\S-1-5-21-2556200484-1780206598-2822088272-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully HKEY_USERS\S-1-5-21-2556200484-1780206598-2822088272-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-2556200484-1780206598-2822088272-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CEE0C491-64FB-48D1-A782-6522182FD842} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_CLASSES_ROOT\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully HKEY_CLASSES_ROOT\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\Users\Ilona\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] @=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\AGEIA Technologies not found C:\PROGRA~3\HPs deleted C:\PROGRA~3\HP deleted C:\Users\Ilona\Documents\PC Speed Maximizer deleted C:\PROGRA~3\SetStretch.VBS deleted C:\Users\Ilona\AppData\Local\Binkiland deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Ilona\AppData\LocalLow\Microsoft\Internet Explorer\Services\FavIcon.icoWSE_Binkiland deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 6028 MB CPU Info: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz CPU Speed: 2668,0 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | Intel(R) HD Graphics Family Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1536 X 864 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Broadcom 802.11n-netwerkadapter | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SU-228FB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 372,6GB | D: 537,8GB Hard Disks - Free: C: 299,4GB | D: 482,1GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | _ASUS_ - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. X555LD Country: Nederland Language: NLD ==== System Specs (Software) ====================== Default Browser: Google Chrome 51.0.2704.103 Internet Explorer Version: 11.420.10586.0 Google Chrome version: 51.0.2704.103 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-07-02 10:35:32 485055033BCDDFDE56325C0D2FEEA4F2 151552 ----a-w- C:\WINDOWS\KMSEmulator.exe 2016-07-02 10:35:30 189068FB82DED7FFF066EE115CB5B209 737 ----a-w- C:\WINDOWS\Settings.ini 2016-07-02 10:35:28 068D6E7A5E47B4C39B3B3ECA06955D20 52 ----a-w- C:\WINDOWS\install.cmd 2016-07-02 10:35:27 155CB4A56FBE38D17F4C803005E7214E 32497152 ----a-w- C:\WINDOWS\Office 2010 Toolkit.exe 2016-07-01 14:14:50 E15BEB03592BA12C5C99E2BA46146BDD 4515264 ----a-w- C:\WINDOWS\explorer.exe 2016-07-01 13:56:35 7EFB1577EFBD72521E670188AA546C7D 53208 ----a-w- C:\WINDOWS\avastSS.scr ====== C:\Users\Ilona\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-07-01 14:15:29 F58B6B20BB45E99C99D0F2B73B9EE373 1372312 ----a-w- C:\WINDOWS\SysWOW64\gdi32.dll 2016-07-01 14:15:26 B981A07C0A0CCE68BD90DF3E3EC520DE 1707520 ----a-w- C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-07-01 14:15:26 388077FF1642D94BF81F9D814F22BBA2 499712 ----a-w- C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-07-01 14:15:20 21D80595A8427CB6F1DDC134E948AECE 6295552 ----a-w- C:\WINDOWS\SysWOW64\mos.dll 2016-07-01 14:15:16 105DE7AF1C9763E56D5322CECF3465EB 5205504 ----a-w- C:\WINDOWS\SysWOW64\BingMaps.dll 2016-07-01 14:15:14 E391DD57E6965C8D2DB05A4A52F80EC8 546456 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-07-01 14:15:14 5922C03A67F868265E5AB176DB6D641D 316256 ----a-w- C:\WINDOWS\SysWOW64\atmfd.dll 2016-07-01 14:15:08 92347FC58A8BD2A45F440239EA9A4F04 12128256 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-07-01 14:15:07 6D879552B32CCD2536F66F4F88F54800 19344384 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-07-01 14:15:05 FB68B81CBD3F79D09E3EA1D0DFB424B6 37376 ----a-w- C:\WINDOWS\SysWOW64\atmlib.dll 2016-07-01 14:15:05 DDE33C05D644CC57429340ACB2DA53C5 18674176 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-07-01 14:15:04 6762E4ACE8D11FCD80EA4011DD22B857 5660160 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-07-01 14:15:02 DCAC3EE469A3B0C0EC5660D730DF6BDF 9918976 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-07-01 14:15:01 B09DFF7CD8E40EA77559C87F3BF310DE 703840 ----a-w- C:\WINDOWS\SysWOW64\WWAHost.exe 2016-07-01 14:15:00 CA90D72C7249D79017057F1F48FD1958 711680 ----a-w- C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-07-01 14:15:00 9BD17D372080234722C1139DAC039C9D 93696 ----a-w- C:\WINDOWS\SysWOW64\fontsub.dll 2016-07-01 14:15:00 02ABF6A6775B745CCCEAEB4594AA6354 5323776 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-07-01 14:14:59 7823862FA05558EB61C72D8A5A163ADA 3664896 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2016-07-01 14:14:58 D8C44C34BC206902947E55E2C94E8D38 2921880 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2016-07-01 14:14:56 B004992A381FCE04934893BB7D9BDD19 504320 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2016-07-01 14:14:54 73A58788F32A98E446220B5E48843967 349696 ----a-w- C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-07-01 14:14:53 C3BB1475ABDFBC0BB5A37D8BAF3DE733 687616 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2016-07-01 14:14:53 20D8DBFB40E025C2E99F7146E48116CD 800768 ----a-w- C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-07-01 14:14:52 92A252E7DAF67D36BC81758A0F8596EB 2195632 ----a-w- C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-07-01 14:14:52 71DF6482300C802BB104514F34B460F0 91648 ----a-w- C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-07-01 14:14:51 B9AD8E15F6641E328C1543688B5EE2E8 2061824 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-07-01 14:14:50 7FFD756E7DD8BA83B4B4EF41F51B7DF5 1582080 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-07-01 14:14:49 836DF245362A9E09CC050EB107E85D74 467456 ----a-w- C:\WINDOWS\SysWOW64\AppContracts.dll 2016-07-01 14:14:49 56339962C1448BA2CF4C4D25C89938D2 521664 ----a-w- C:\WINDOWS\SysWOW64\dxgi.dll 2016-07-01 14:14:48 8162BC2EC9E529AA90F196A12D887308 4268880 ----a-w- C:\WINDOWS\SysWOW64\setupapi.dll 2016-07-01 14:14:48 1E497317417C1C68B5453DD04721B16D 614400 ----a-w- C:\WINDOWS\SysWOW64\winhttp.dll 2016-07-01 14:14:47 A142F1D0FF07C172FA90075B7848CCD0 521728 ----a-w- C:\WINDOWS\SysWOW64\StructuredQuery.dll 2016-07-01 14:14:46 E724CB02012CEBF773DC9FE304DCD946 501600 ----a-w- C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-07-01 14:14:46 B011360F95F911F025BC91CB17449798 1500160 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-07-01 14:14:44 FBBE8B9147474379F54F8A1BACBF9748 388384 ----a-w- C:\WINDOWS\SysWOW64\ws2_32.dll 2016-07-01 14:14:44 FB8900191867C5B4AA61AF85B8DD1869 4074160 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2016-07-01 14:14:43 1B4F03A9F11169672067ED4FD7504AD6 1445888 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-07-01 14:14:42 0B2EB30A9E987E8F85C9B28BDE04F028 254656 ----a-w- C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-07-01 14:14:39 A495EA4706387D12C00641D8C48BA527 890368 ----a-w- C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-07-01 14:14:39 9BBE7D1B5B0FC534CBA0B2444BD05204 957608 ----a-w- C:\WINDOWS\SysWOW64\ole32.dll 2016-07-01 14:14:38 688687C8D860657E6BFDD77B0FFE1DE4 59904 ----a-w- C:\WINDOWS\SysWOW64\MosStorage.dll 2016-07-01 14:14:38 1C09B75EF1869E7790444928F89E3D3C 50176 ----a-w- C:\WINDOWS\SysWOW64\MosHostClient.dll 2016-07-01 14:14:37 B503CB64CC62265B914DA10A5CF87B05 2230272 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-07-01 14:14:37 1F5B5642253FC9760EEACD81900C38DC 312160 ----a-w- C:\WINDOWS\SysWOW64\mswsock.dll 2016-07-01 14:14:36 110EE87B0F4E38609AD73E9075EF82A4 97096 ----a-w- C:\WINDOWS\SysWOW64\ncryptsslp.dll 2016-07-01 14:14:31 D93D6F9BC1EE3329A9DCF3B9591EB156 219136 ----a-w- C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-07-01 14:14:30 551624F398703A90CAFCC5777CEA99E8 450560 ----a-w- C:\WINDOWS\SysWOW64\SyncController.dll 2016-07-01 14:14:29 F07AE86B2CD1C2CF6AE7812C60299032 535040 ----a-w- C:\WINDOWS\SysWOW64\rastls.dll 2016-07-01 14:14:29 2FDF5001427D457AC43942FADC742404 360480 ----a-w- C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-07-01 14:14:28 CD12A269274F2916A3661198E13CBBC4 799744 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll 2016-07-01 14:14:28 A3B6AED415AEEA114597E5043F45FF18 415232 ----a-w- C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-07-01 14:14:28 8000FB1D40149AC05F6BDE9248A6B956 230400 ----a-w- C:\WINDOWS\SysWOW64\dhcpcore6.dll 2016-07-01 14:14:27 861D71E2284DCEA5E9309CDE8D920252 485888 ----a-w- C:\WINDOWS\SysWOW64\newdev.dll 2016-07-01 14:14:27 53BD5A0B7D0B027984D99BEDB945CEE6 84832 ----a-w- C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-07-01 14:14:27 4DED20A327D15D69FB85310D14D67711 291328 ----a-w- C:\WINDOWS\SysWOW64\polstore.dll 2016-07-01 14:14:25 56DEB6F17F290B8C4AF8B2AA10097B55 88576 ----a-w- C:\WINDOWS\SysWOW64\olepro32.dll 2016-07-01 14:14:25 4243F729D260C0D6C6A3B605F51FD518 103424 ----a-w- C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-07-01 14:14:23 88A3958213B43EED8402D4496149924A 64000 ----a-w- C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2016-07-01 14:14:23 4F34CCC76E60CCE8BA12663A747EC05B 57344 ----a-w- C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2016-07-01 14:14:22 5DC9ED2C89D94C47892DF237D604BDC8 200192 ----a-w- C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2016-07-01 14:14:21 CEF14DB231B344BBDBF7C04A12D8336B 293888 ----a-w- C:\WINDOWS\SysWOW64\dhcpcore.dll 2016-07-01 14:14:21 4C6145BBEFDD7092ABFA5F7614BA2E66 53760 ----a-w- C:\WINDOWS\SysWOW64\FwRemoteSvr.dll 2016-07-01 14:14:21 3C563003AFDD2E6CDC199C2EBDB07886 784896 ----a-w- C:\WINDOWS\SysWOW64\NMAA.dll 2016-07-01 14:14:20 F62430C1C9A23E5BAD5C4A43A66F662B 87040 ----a-w- C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-07-01 14:14:20 A9E193BE154B7145EF06FD0FD10232A0 151040 ----a-w- C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-07-01 14:14:18 69E1CFC67F4A4043F01AD3513A73ED02 161280 ----a-w- C:\WINDOWS\SysWOW64\InstallAgent.exe ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-07-01 14:15:29 7A654D6E586FDE14C8B805BED03D74B7 45568 ----a-w- C:\WINDOWS\Sysnative\atmlib.dll 2016-07-01 14:15:28 E7522EFA8A09808046F88BCF3F1B8827 1594416 ----a-w- C:\WINDOWS\Sysnative\gdi32.dll 2016-07-01 14:15:28 C1B13204994572C941C14A7FF410C4D6 24605696 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-07-01 14:15:28 6521E1FB66B3E1897C4EFDECC7C95D4C 606208 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2016-07-01 14:15:27 E91AB87F7E533BA1566FDEC651347E07 988160 ----a-w- C:\WINDOWS\Sysnative\NMAA.dll 2016-07-01 14:15:27 4799A06F0BC0694E8D6FBF38110B7F65 939520 ----a-w- C:\WINDOWS\Sysnative\MapControlCore.dll 2016-07-01 14:15:26 EBE69568E527FD4EF37EDD0C62608B28 7977472 ----a-w- C:\WINDOWS\Sysnative\mos.dll 2016-07-01 14:15:25 CAB0FCF4F680E552329366614C83A808 630784 ----a-w- C:\WINDOWS\Sysnative\MessagingDataModel2.dll 2016-07-01 14:15:25 C49E5A83F5454A06A1306A8B1589B928 1996288 ----a-w- C:\WINDOWS\Sysnative\ActiveSyncProvider.dll 2016-07-01 14:15:25 2FEEF51C4A1DB9D1334D5B77DEC92865 22379008 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-07-01 14:15:24 730D45D8008EECC0BAD2CBEB48A5EA6F 853504 ----a-w- C:\WINDOWS\Sysnative\MapsStore.dll 2016-07-01 14:15:24 669A63116B94E259A6D583C099A6B48C 460800 ----a-w- C:\WINDOWS\Sysnative\MapConfiguration.dll 2016-07-01 14:15:23 8E49ED08328FB7446228617B129DD377 7200256 ----a-w- C:\WINDOWS\Sysnative\BingMaps.dll 2016-07-01 14:15:23 3CF4B1B09166346F5CA6C3BFBEF2EB8C 1056256 ----a-w- C:\WINDOWS\Sysnative\JpMapControl.dll 2016-07-01 14:15:20 FA2CDF42B3E9F53B12E506BA48BE16AA 72704 ----a-w- C:\WINDOWS\Sysnative\moshost.dll 2016-07-01 14:15:20 985F15F4F0922BD34BDD42AD2F5EC86A 89088 ----a-w- C:\WINDOWS\Sysnative\MapsCSP.dll 2016-07-01 14:15:20 76A304EBFC5FF61C5F5B35259AA64EAE 269824 ----a-w- C:\WINDOWS\Sysnative\moshostcore.dll 2016-07-01 14:15:20 0DA05DFF1CFF34D421475DCEEB4F42A8 74752 ----a-w- C:\WINDOWS\Sysnative\MosStorage.dll 2016-07-01 14:15:20 0C1F4E23E2E834C7EE795D23EC383205 28672 ----a-w- C:\WINDOWS\Sysnative\mapsupdatetask.dll 2016-07-01 14:15:20 0272C6FF9DB6902D9958AC108EB7F7C2 120320 ----a-w- C:\WINDOWS\Sysnative\MapsBtSvc.dll 2016-07-01 14:15:19 3704397D35001B56B371B3395BD8B876 123392 ----a-w- C:\WINDOWS\Sysnative\tdlrecover.exe 2016-07-01 14:15:19 224DC52AE777A1B23A6774B6C4C04853 2609664 ----a-w- C:\WINDOWS\Sysnative\NetworkMobileSettings.dll 2016-07-01 14:15:16 F7A0927CE6772BD2B809DAB4C18F52F2 46784 ----a-w- C:\WINDOWS\Sysnative\CompatTelRunner.exe 2016-07-01 14:15:16 CE8A06FE15854BAEE15E5E87D1CB6EBA 1401024 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll 2016-07-01 14:15:14 AA2D40D4C045D014FD481BC17308A09A 118272 ----a-w- C:\WINDOWS\Sysnative\fontsub.dll 2016-07-01 14:15:14 5CE34C981833706A0B6051572AC5B6CE 379232 ----a-w- C:\WINDOWS\Sysnative\atmfd.dll 2016-07-01 14:15:14 05E07AE24F3BE69DEF01145C9BF99B8C 6973952 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll 2016-07-01 14:15:13 F0DF375130CF8A135D9BF5459BD7691D 636304 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe 2016-07-01 14:15:13 E53E383F2C47424BD793210CC3A17FE5 808288 ----a-w- C:\WINDOWS\Sysnative\WWAHost.exe 2016-07-01 14:15:12 9EDE32C8BEAF4E95CBCE3CA158984D2A 3585536 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsThresholdAdminFlowUI.dll 2016-07-01 14:15:12 26E32337D1525AE114645A53EBA9ECDE 13385728 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-07-01 14:15:11 80851FD6C1795071602244DDAC856C78 11545088 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-07-01 14:15:10 A68F4601A79556A0E912458703D30A1D 7832576 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-07-01 14:15:07 C9CF27CF340A5909B1C1953776957C87 567808 ----a-w- C:\WINDOWS\Sysnative\MBMediaManager.dll 2016-07-01 14:15:06 1CF69EF4E2844F9D297F309CF80122CB 2168320 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2016-07-01 14:15:04 D2A63D882C5A702C0E3081D4CC6855B0 3994624 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll 2016-07-01 14:15:02 5370350A591EC5A55801AA8378DFADCE 4896256 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2016-07-01 14:15:01 B89C353AFC8F56D961D07FF1FE7B4BCD 1339904 ----a-w- C:\WINDOWS\Sysnative\gpsvc.dll 2016-07-01 14:15:00 D4B30E23A3B373648F61290DAF432CB2 794624 ----a-w- C:\WINDOWS\Sysnative\winhttp.dll 2016-07-01 14:14:59 C3417E8791096AA0E211B201ACA66757 2582016 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2016-07-01 14:14:58 2C3C82F85556F91EC1621268DDCC7554 3675512 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2016-07-01 14:14:57 C39B97A8B3C193303D09A3C95AF46531 1322248 ----a-w- C:\WINDOWS\Sysnative\ole32.dll 2016-07-01 14:14:56 4B4439FE941574FDF7A757DF6E100705 3590144 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-07-01 14:14:56 131547B1C1D2ABD355C5DFE945BCB9A4 693600 ----a-w- C:\WINDOWS\Sysnative\NetSetupEngine.dll 2016-07-01 14:14:55 BDF4623C41C0782EE640C2466510FDD7 784384 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2016-07-01 14:14:55 2BB3FACF2648595E14FAD596DC68DB65 7474528 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-07-01 14:14:55 186F9035AEF7E15C4D3F15C3536AB24C 2548944 ----a-w- C:\WINDOWS\Sysnative\d3d10warp.dll 2016-07-01 14:14:54 DDA0A83CA083DC6CBFAB7015B10F5377 1716736 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll 2016-07-01 14:14:54 D56E06BE971D9AE99400D435D28D56ED 592896 ----a-w- C:\WINDOWS\Sysnative\AppContracts.dll 2016-07-01 14:14:54 A8AFB8AD3E24134382BFA0EBE534F95C 290496 ----a-w- C:\WINDOWS\Sysnative\invagent.dll 2016-07-01 14:14:54 7ECACE6D0B4C2D323408EB00FD93C682 503808 ----a-w- C:\WINDOWS\Sysnative\tileobjserver.dll 2016-07-01 14:14:53 CA2F55C653DEEEC99802103AD6C9E810 1797120 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Immersive.dll 2016-07-01 14:14:53 8D3AC00C88BC2A63D1D3CC320E0EAA19 2281472 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-07-01 14:14:53 729B7FF96EC3C2EC13EEBD12BBF15322 649792 ----a-w- C:\WINDOWS\Sysnative\dxgi.dll 2016-07-01 14:14:52 5AAB28A6AC2AAC9F66D4EAB6695D0474 963072 ----a-w- C:\WINDOWS\Sysnative\iphlpsvc.dll 2016-07-01 14:14:52 1A7C3451A5BD863F9FC4D7421D353374 982016 ----a-w- C:\WINDOWS\Sysnative\AppxPackaging.dll 2016-07-01 14:14:51 FA8E0A9C648035CA1B47C9DA77EDB7EA 380416 ----a-w- C:\WINDOWS\Sysnative\SystemEventsBrokerServer.dll 2016-07-01 14:14:51 A63889B4BCFDF67306AC239374F823B0 2066432 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2016-07-01 14:14:50 5B813FADEA5BE9195F01C83287F823F7 190464 ----a-w- C:\WINDOWS\Sysnative\wscsvc.dll 2016-07-01 14:14:50 248EE89220C4B1156EDA5F295C9133D3 1730560 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-07-01 14:14:49 CD9F1B2F8D6FDDEB0501666542E31D96 990208 ----a-w- C:\WINDOWS\Sysnative\SharedStartModel.dll 2016-07-01 14:14:48 57C88C15CEC97318F580D7F4327AAA46 163328 ----a-w- C:\WINDOWS\Sysnative\tetheringservice.dll 2016-07-01 14:14:47 F68AD4ACC7535D811F94A52233AE0457 430312 ----a-w- C:\WINDOWS\Sysnative\ws2_32.dll 2016-07-01 14:14:47 E3B8996D970DB8926A817A4BFC3DA5FD 285184 ----a-w- C:\WINDOWS\Sysnative\VEEventDispatcher.dll 2016-07-01 14:14:47 3EAE04B6CBACAB9CF850A5009F02065E 730344 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Shell.Broker.dll 2016-07-01 14:14:46 F69610C2C741B025CE28BBAA7DA8A9EA 684544 ----a-w- C:\WINDOWS\Sysnative\StructuredQuery.dll 2016-07-01 14:14:46 8DB6AE22A974739EB53C7FA3DBD7EAAA 1390080 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll 2016-07-01 14:14:46 4973B94DE96E78AF1128A557846E8411 4387680 ----a-w- C:\WINDOWS\Sysnative\setupapi.dll 2016-07-01 14:14:45 F818A7A8BA20F9E20087248FFF1717C8 90624 ----a-w- C:\WINDOWS\Sysnative\DeviceEnroller.exe 2016-07-01 14:14:45 DD285F10B3AB2588FED953E559ABEADD 610816 ----a-w- C:\WINDOWS\Sysnative\rastls.dll 2016-07-01 14:14:45 BD5DD35352A6DEDBBF1472C06A123E27 965632 ----a-w- C:\WINDOWS\Sysnative\SRH.dll 2016-07-01 14:14:45 56622DFB0F03B7697B054F256C900A8E 303216 ----a-w- C:\WINDOWS\Sysnative\LockAppHost.exe 2016-07-01 14:14:45 0D33D06EF42E3BC6A7BBC4F7F7517C25 368640 ----a-w- C:\WINDOWS\Sysnative\usocore.dll 2016-07-01 14:14:44 87F0A5CDFF9DE712B1F009EDBF8D9779 641536 ----a-w- C:\WINDOWS\Sysnative\enterprisecsps.dll 2016-07-01 14:14:44 861DE49C2ACE112CE1A83DF5E6A7AB97 239104 ----a-w- C:\WINDOWS\Sysnative\BrokerLib.dll 2016-07-01 14:14:43 F3E636B2A747493206336114208918FB 173056 ----a-w- C:\WINDOWS\Sysnative\mdmmigrator.dll 2016-07-01 14:14:43 77C9887E5E4A99F3A6F717DF24874E00 66560 ----a-w- C:\WINDOWS\Sysnative\MosHostClient.dll 2016-07-01 14:14:43 2885631DD8DDB06C091310E6C837AFB0 92352 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll 2016-07-01 14:14:42 FFFDA814EE04E06DA9F0BADAA22ABBFD 145920 ----a-w- C:\WINDOWS\Sysnative\omadmclient.exe 2016-07-01 14:14:42 DF7A59E70F398EEB9FDCDD310987D8AE 1073152 ----a-w- C:\WINDOWS\Sysnative\RDXService.dll 2016-07-01 14:14:42 4F2621E187382D22045D0BC65B23858E 587776 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll 2016-07-01 14:14:41 6DC05FFA78B5E1D34AFDBA08D00B1A8B 22561256 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2016-07-01 14:14:40 BEE99FBB55E3BFFCF85D0C0A8D26261F 431296 ----a-w- C:\WINDOWS\Sysnative\bcryptprimitives.dll 2016-07-01 14:14:40 9547F6675FB25D558BB0F10F1EC9DDD8 591360 ----a-w- C:\WINDOWS\Sysnative\vpnike.dll 2016-07-01 14:14:38 75CC21C976BFF286E706AA2D133EB9D4 2755584 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-07-01 14:14:38 39231A451D553196A909D02C05945CED 428896 ----a-w- C:\WINDOWS\Sysnative\hal.dll 2016-07-01 14:14:37 2E6EBC6F331900D943EB5F58C1835AFB 417792 ----a-w- C:\WINDOWS\Sysnative\dmenrollengine.dll 2016-07-01 14:14:37 199298181CB86E5056D82BD1F86C8A97 357216 ----a-w- C:\WINDOWS\Sysnative\mswsock.dll 2016-07-01 14:14:36 4F99255A964A4009D434338D87A3610D 332288 ----a-w- C:\WINDOWS\Sysnative\polstore.dll 2016-07-01 14:14:32 6655228B16A6371BE3B45E7913B52250 111064 ----a-w- C:\WINDOWS\Sysnative\ncryptsslp.dll 2016-07-01 14:14:31 FEAFB991662BF0AD233CC090E83E4FD3 131248 ----a-w- C:\WINDOWS\Sysnative\gpapi.dll 2016-07-01 14:14:31 D67052BD0DA9C17BCBBF8AB5B6D354EE 392192 ----a-w- C:\WINDOWS\Sysnative\IPSECSVC.DLL 2016-07-01 14:14:31 579BA42B70965456C170E98BD481E8F6 315392 ----a-w- C:\WINDOWS\Sysnative\RDXTaskFactory.dll 2016-07-01 14:14:30 9E79A2208A9ED205A7383CBC92C28053 79872 ----a-w- C:\WINDOWS\Sysnative\cryptsvc.dll 2016-07-01 14:14:30 9A293A4EE7C2283AD9689AB268B6CBA5 555520 ----a-w- C:\WINDOWS\Sysnative\SyncController.dll 2016-07-01 14:14:30 537CC506D45C691CD1FFF2D918E8C27C 174080 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_Privacy.dll 2016-07-01 14:14:29 D5F1729225B3D3B69F76A191320952C7 514752 ----a-w- C:\WINDOWS\Sysnative\devinv.dll 2016-07-01 14:14:29 6B585B45402B04EF80CB81969682DBE6 693760 ----a-w- C:\WINDOWS\Sysnative\internetmail.dll 2016-07-01 14:14:29 672694F7708B6531F7B3219D9FAE2845 199168 ----a-w- C:\WINDOWS\Sysnative\GnssAdapter.dll 2016-07-01 14:14:28 D7C68ADAF1DA79072A44620CD3042E44 170848 ----a-w- C:\WINDOWS\Sysnative\NetworkUXBroker.exe 2016-07-01 14:14:28 D07172DFA6BD46545A7708DD78F02D14 1184960 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2016-07-01 14:14:28 26E9FC9FFDEF863021D3C18A30B4373F 267264 ----a-w- C:\WINDOWS\Sysnative\dhcpcore6.dll 2016-07-01 14:14:27 C91D271837F2A7DE9875CF50068BF503 511488 ----a-w- C:\WINDOWS\Sysnative\newdev.dll 2016-07-01 14:14:27 A83B4BBA591A3243C61DB825201BA024 115040 ----a-w- C:\WINDOWS\Sysnative\NetSetupApi.dll 2016-07-01 14:14:27 83BF0EE2DB8AB8059B8979E7DF143AF1 26408 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2016-07-01 14:14:26 EFE15754302A2188C933164CFF9AEFD1 111104 ----a-w- C:\WINDOWS\Sysnative\updatepolicy.dll 2016-07-01 14:14:26 D461D2BECEFA661291EB1B748A8D2CCB 355840 ----a-w- C:\WINDOWS\Sysnative\dhcpcore.dll 2016-07-01 14:14:26 38A4CE75D9E6FDC28393971ADFD6F9FB 218624 ----a-w- C:\WINDOWS\Sysnative\cdd.dll 2016-07-01 14:14:25 8561E653AEB0EFCAD88DE082C282E831 76800 ----a-w- C:\WINDOWS\Sysnative\ngcpopkeysrv.dll 2016-07-01 14:14:25 58BC9F0C8D92AD7E45F03596BE2E68B4 550912 ----a-w- C:\WINDOWS\Sysnative\StoreAgent.dll 2016-07-01 14:14:25 519E5DB2F227B7293EF94D18D5753738 157184 ----a-w- C:\WINDOWS\Sysnative\dmcertinst.exe 2016-07-01 14:14:24 201A90736B86C3478DD03FD238691944 1387520 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2016-07-01 14:14:23 FA0CCA622E2046BC47A81D9A2630F5E9 67072 ----a-w- C:\WINDOWS\Sysnative\dhcpcsvc6.dll 2016-07-01 14:14:23 163A6E3A267DBE416679A76D1FA57C4B 86016 ----a-w- C:\WINDOWS\Sysnative\dhcpcsvc.dll 2016-07-01 14:14:22 E32F15E26724F3BB6423FB29FF3E2A8F 278016 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Management.dll 2016-07-01 14:14:22 47C395DAD8900E2E054FE3AE0FE7C345 406528 ----a-w- C:\WINDOWS\Sysnative\MusUpdateHandlers.dll 2016-07-01 14:14:22 3CFDA42F5C7914509CD660D1062A8E55 19456 ----a-w- C:\WINDOWS\Sysnative\httpprxp.dll 2016-07-01 14:14:22 003A0EA097767462F3417B7857DCE1CC 79360 ----a-w- C:\WINDOWS\Sysnative\adhsvc.dll 2016-07-01 14:14:21 F605380B537201BD3BC0CDFB5AD53530 162816 ----a-w- C:\WINDOWS\Sysnative\enrollmentapi.dll 2016-07-01 14:14:21 E37D5E1BB9F53BD499125B3F0F27E94E 128512 ----a-w- C:\WINDOWS\Sysnative\httpprxm.dll 2016-07-01 14:14:21 265CCC1C1FEF749DC82458D114C2BE34 166400 ----a-w- C:\WINDOWS\Sysnative\MusNotification.exe 2016-07-01 14:14:21 0F98F18445707A9141F74B3C48F919A6 90112 ----a-w- C:\WINDOWS\Sysnative\FwRemoteSvr.dll 2016-07-01 14:14:20 D6DAEA66B2A9349DD38BFE528BBFAFA6 91136 ----a-w- C:\WINDOWS\Sysnative\browserbroker.dll 2016-07-01 14:14:20 1F933CB5AECF7484A0589633A75132A2 176640 ----a-w- C:\WINDOWS\Sysnative\mdmregistration.dll 2016-07-01 14:14:19 A3AA03C0C5002F3D89397637B770A1BA 207360 ----a-w- C:\WINDOWS\Sysnative\NetSetupSvc.dll 2016-07-01 14:14:19 3E10999029D3D2C13F8AAA204E7D5B5F 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2016-07-01 14:14:18 E527156DDC1367CD795AD231C5C439C4 414720 ----a-w- C:\WINDOWS\Sysnative\bcastdvr.exe 2016-07-01 14:14:18 A1E25DFE54E3D41CB528ACA5CE9480F7 199168 ----a-w- C:\WINDOWS\Sysnative\InstallAgent.exe 2016-07-01 14:14:18 6B7F0785FF5AA23B7005D969BED95DB2 86528 ----a-w- C:\WINDOWS\Sysnative\AppCapture.dll 2016-07-01 13:56:51 4E118AC95A15BD14B8C1E49C5B4CD79B 390984 ----a-w- C:\WINDOWS\Sysnative\aswBoot.exe ====== C:\WINDOWS\Sysnative\drivers ===== 2016-07-01 14:14:55 3996DF4D52FD6273750C7033D1447C0A 31744 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsdport.sys 2016-07-01 14:14:47 8B83335B6A86F39785FC7C9DE5F5B29F 1996640 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-07-01 14:14:44 425CFD45BDF5B9F8B790BEB20E0A8721 161632 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2016-07-01 14:14:43 2568B86F6A50D254324CB89022CA9EFC 690176 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2016-07-01 14:14:42 C03E926B0E7D66D68994067231DC3246 278528 ----a-w- C:\WINDOWS\Sysnative\drivers\netbt.sys 2016-07-01 14:14:41 CF78AF126B00C1B0A6FF45BD838E8EFE 331616 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2016-07-01 14:14:40 BE88248427A6AA548A904FD867667F70 406528 ----a-w- C:\WINDOWS\Sysnative\drivers\srv.sys 2016-07-01 14:14:40 3F7C80D9F16B94367646CBF8B8C052F4 604928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-07-01 14:14:37 8E9E48E4BC6EACB811FE6066ADACC7A5 577376 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-07-01 14:14:36 87B9ABB965F7AF987D52791F0DD1663D 211296 ----a-w- C:\WINDOWS\Sysnative\drivers\tpm.sys 2016-07-01 14:14:31 6E520D6B16EA8AE23D1F81C1194F00C8 237056 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2016-07-01 14:14:30 D330D74B5F99309B5CCA30AE41C57CDE 118624 ----a-w- C:\WINDOWS\Sysnative\drivers\partmgr.sys 2016-07-01 14:14:28 05DD22294A4F3F89E52351C7721E6D2C 258912 ----a-w- C:\WINDOWS\Sysnative\drivers\ufx01000.sys 2016-07-01 14:14:25 883A36E2FF7FA3E1281CB575579FE3AF 124928 ----a-w- C:\WINDOWS\Sysnative\drivers\Ndu.sys 2016-07-01 14:14:24 FFB773E4AA55E4F5FBBB084B41D7A86F 954368 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2016-07-01 14:14:24 020F3FD207AFEDAC8E05E4C567547A78 155136 ----a-w- C:\WINDOWS\Sysnative\drivers\hidclass.sys 2016-07-01 14:14:19 BE265ABFB467BBAC8C73A55AD94F4216 84992 ----a-w- C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS 2016-07-01 14:14:19 3C7DE7B7CAD633CD2DA07710BC17361C 112640 ----a-w- C:\WINDOWS\Sysnative\drivers\bthenum.sys 2016-07-01 13:58:42 97F952A9050CAD88681F5F0F46B8D5A5 37144 ----a-w- C:\WINDOWS\Sysnative\drivers\aswKbd.sys 2016-07-01 13:57:12 F6B5E463A0BB934C26FB319EDC726F65 162904 ----a-w- C:\WINDOWS\Sysnative\drivers\aswStm.sys 2016-07-01 13:57:12 DA7B392FB478EB42BE925433D27940F8 290088 ----a-w- C:\WINDOWS\Sysnative\drivers\aswVmm.sys 2016-07-01 13:57:12 CC98A75D1E39C018CD061697B144B90F 473592 ----a-w- C:\WINDOWS\Sysnative\drivers\aswsp.sys 2016-07-01 13:57:12 A629E4799D4CD6361D1B5D573EA5C2CD 37656 ----a-w- C:\WINDOWS\Sysnative\drivers\aswHwid.sys 2016-07-01 13:57:12 9C6C17C495E960E52EDE5D038EE92AE1 108304 ----a-w- C:\WINDOWS\Sysnative\drivers\aswMonFlt.sys 2016-07-01 13:57:12 8F492911129B1B32818BF894DC0C2C73 103064 ----a-w- C:\WINDOWS\Sysnative\drivers\aswRdr2.sys 2016-07-01 13:57:12 4ABDD84A67378E866BC15DDC9916BA71 74544 ----a-w- C:\WINDOWS\Sysnative\drivers\aswRvrt.sys 2016-07-01 13:57:09 409CDD1400B404F655EEC1B5850FD3BE 1070904 ----a-w- C:\WINDOWS\Sysnative\drivers\aswSnx.sys ====== C:\WINDOWS\Tasks ====== 2016-07-02 10:35:46 F66A5782AE0F38C1F2E6F8906BB6243C 3040 ----a-w- C:\WINDOWS\Sysnative\Tasks\AutoKMS 2016-07-02 10:35:46 35C1460FE883F965B8DEAD7F498B0A32 320 ----a-w- C:\WINDOWS\Tasks\AutoKMS.job 2016-07-01 15:12:21 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\OfficeSoftwareProtectionPlatform 2016-07-01 14:09:14 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Apple 2016-07-01 13:59:02 441245DF4CF076304EC738BEDFAD2FA4 4008 ----a-w- C:\WINDOWS\Sysnative\Tasks\SafeZone scheduled Autoupdate 1467381540 2016-07-01 13:57:19 E96193D64E68D6458DBA86A5081A4693 4004 ----a-w- C:\WINDOWS\Sysnative\Tasks\avast! Emergency Update ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-07-02 15:12:56 -------- d-----w- C:\Program Files\trend micro 2016-07-02 12:26:51 -------- d---a-w- C:\Program Files\Defraggler 2016-07-02 10:29:53 -------- d---a-w- C:\Program Files\Common Files\DESIGNER 2016-07-02 10:29:19 -------- d-----w- C:\Program Files\Microsoft Synchronization Services 2016-07-02 10:29:04 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition 2016-07-02 10:27:31 -------- d-----w- C:\Program Files\Microsoft Analysis Services 2016-07-02 10:27:22 -------- d---a-w- C:\Program Files\Microsoft Office 2016-07-01 14:12:10 -------- d-----w- C:\Program Files\iPod 2016-07-01 14:12:07 -------- d---a-w- C:\Program Files\iTunes ======= C:\PROGRA~2 ===== 2016-07-02 10:54:27 -------- d-----w- C:\PROGRA~2\Microsoft Office 2016-07-02 10:27:58 -------- d---a-w- C:\PROGRA~2\Microsoft Visual Studio 8 2016-07-02 10:27:31 -------- d-----w- C:\PROGRA~2\Microsoft Analysis Services 2016-07-01 14:12:10 -------- d-----w- C:\PROGRA~2\iTunes 2016-07-01 14:09:14 -------- d---a-w- C:\PROGRA~2\Apple Software Update ======= C: ===== ====== C:\Users\Ilona\AppData\Roaming ====== 2016-07-01 13:59:06 -------- d-----w- C:\Users\Ilona\AppData\Local\CEF ====== C:\Users\Ilona ====== 2016-07-02 15:12:28 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Ilona\Downloads\RSITx64.exe 2016-07-02 12:26:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler 2016-07-02 12:19:57 CA2C52D0A9F9E213884CFFFF9109C6D9 4529456 ----a-w- C:\Users\Ilona\Downloads\dfsetup221.exe 2016-07-02 12:06:43 1C1BDD99753C3951CE1BDB64ECF20314 6995720 ----a-w- C:\Users\Ilona\Downloads\ccsetup519 (1).exe 2016-07-02 12:06:40 1C1BDD99753C3951CE1BDB64ECF20314 6995720 ----a-w- C:\Users\Ilona\Downloads\ccsetup519.exe 2016-07-02 12:05:58 E38F964D09275CAB0DA2383F5BBC0868 6828320 ----a-w- C:\Users\Ilona\Downloads\ccsetup514.exe 2016-07-02 10:30:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2016-07-02 10:30:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-07-01 15:11:43 -------- d-----w- C:\ProgramData\Microsoft Help 2016-07-01 14:12:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-07-01 13:54:30 5220867053FD15364A3DA5D73514E9CE 6253800 ----a-w- C:\Users\Ilona\Downloads\avast_free_antivirus_setup_online.exe ====== C: exe-files == 2016-07-02 15:12:57 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Ilona.exe 2016-07-02 15:12:28 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Ilona\Downloads\RSITx64.exe 2016-07-02 13:01:10 3C4B9FA7A17E52B8009DDDAE2CB03940 701312 ----a-w- C:\Users\Ilona\AppData\Local\NVIDIA\NvBackend\Packages\00008e82\CoProc update.20904016.exe 2016-07-02 12:19:57 CA2C52D0A9F9E213884CFFFF9109C6D9 4529456 ----a-w- C:\Users\Ilona\Downloads\dfsetup221.exe 2016-07-02 12:06:43 1C1BDD99753C3951CE1BDB64ECF20314 6995720 ----a-w- C:\Users\Ilona\Downloads\ccsetup519 (1).exe 2016-07-02 12:06:40 1C1BDD99753C3951CE1BDB64ECF20314 6995720 ----a-w- C:\Users\Ilona\Downloads\ccsetup519.exe 2016-07-02 12:05:58 E38F964D09275CAB0DA2383F5BBC0868 6828320 ----a-w- C:\Users\Ilona\Downloads\ccsetup514.exe 2016-07-02 11:11:22 535800AD1D619B4F105736D44608DAA3 45780896 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\51.0.2704.103\51.0.2704.103_chrome_installer.exe 2016-07-02 10:35:46 3CB03C134F7307866B3C52735CDFAE76 734208 ----a-w- C:\Windows\AutoKMS\AutoKMS.exe 2016-07-02 10:35:32 485055033BCDDFDE56325C0D2FEEA4F2 151552 ----a-w- C:\Windows\KMSEmulator.exe 2016-07-02 10:35:27 155CB4A56FBE38D17F4C803005E7214E 32497152 ----a-w- C:\Windows\Office 2010 Toolkit.exe 2016-07-02 10:24:32 F6AB7387545CCCA0431DCF89BB0DE8CB 1377656 ----a-w- C:\MSOCache\All Users\{90140000-0011-0000-1000-0000000FF1CE}-C\setup.exe 2016-07-02 10:24:32 4965B005492CBA7719E82B71E3245495 174440 ----a-w- C:\MSOCache\All Users\{90140000-0011-0000-1000-0000000FF1CE}-C\ose.exe 2016-07-02 10:24:30 C87E561258F2F8650CEF999BF643A731 519584 ----a-w- C:\MSOCache\All Users\{90140000-006E-0413-1000-0000000FF1CE}-C\dwtrig20.exe 2016-07-02 10:24:30 A41E524F8D45F0074FD07805FF0C9B12 838536 ----a-w- C:\MSOCache\All Users\{90140000-006E-0413-1000-0000000FF1CE}-C\DW20.EXE 2016-07-02 07:51:58 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Ilona\AppData\Local\Temp\602DFAA3-B7BD-4F86-AD82-5071E8279523\DismHost.exe 2016-07-02 07:37:21 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Ilona\AppData\Local\Temp\832A4CED-A651-46AA-A3C7-AEE904D61A79\DismHost.exe 2016-07-01 15:01:03 F6AB7387545CCCA0431DCF89BB0DE8CB 1377656 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\visiox64\setup.exe 2016-07-01 15:01:03 F6AB7387545CCCA0431DCF89BB0DE8CB 1377656 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\proplusx64\setup.exe 2016-07-01 15:01:03 F6AB7387545CCCA0431DCF89BB0DE8CB 1377656 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\Projectx64\setup.exe 2016-07-01 15:01:03 9D10F99A6712E28F8ACD5641E3A7EA6B 149352 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\visiox86\Visio.WW\ose.exe 2016-07-01 15:01:03 9D10F99A6712E28F8ACD5641E3A7EA6B 149352 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\proplusx86\ProPlus.WW\ose.exe 2016-07-01 15:01:03 9D10F99A6712E28F8ACD5641E3A7EA6B 149352 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\Projectx86\PrjPro.WW\ose.exe 2016-07-01 15:01:03 4D92F518527353C0DB88A70FDDCFD390 1100664 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\visiox86\setup.exe 2016-07-01 15:01:03 4D92F518527353C0DB88A70FDDCFD390 1100664 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\proplusx86\setup.exe 2016-07-01 15:01:03 4D92F518527353C0DB88A70FDDCFD390 1100664 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\Projectx86\setup.exe 2016-07-01 15:01:03 4965B005492CBA7719E82B71E3245495 174440 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\visiox64\Visio.WW\ose.exe 2016-07-01 15:01:03 4965B005492CBA7719E82B71E3245495 174440 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\proplusx64\ProPlusr.WW\ose.exe 2016-07-01 15:01:03 4965B005492CBA7719E82B71E3245495 174440 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\Projectx64\PrjPro.WW\ose.exe 2016-07-01 15:01:03 460C69FFA5A1A285E8CAC498444B2EFD 485079 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\proplusx86\OGA.exe 2016-07-01 15:01:03 460C69FFA5A1A285E8CAC498444B2EFD 485079 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\proplusx64\OGA.exe 2016-07-01 15:01:03 39C8ABF1652AE917EDCEE759339CF9B5 229376 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\DEZEBESTANDENVEROOKZAKENVIRUSMELDING\OfficeResetAuto\StartX.exe 2016-07-01 15:01:01 C87E561258F2F8650CEF999BF643A731 519584 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\visiox86\Office.nl-nl\dwtrig20.exe 2016-07-01 15:01:01 C87E561258F2F8650CEF999BF643A731 519584 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\visiox64\Office.nl-nl\dwtrig20.exe 2016-07-01 15:01:01 C87E561258F2F8650CEF999BF643A731 519584 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\proplusx86\Office.nl-nl\dwtrig20.exe 2016-07-01 15:01:01 C87E561258F2F8650CEF999BF643A731 519584 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\proplusx64\Office.nl-nl\dwtrig20.exe 2016-07-01 15:01:01 C87E561258F2F8650CEF999BF643A731 519584 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\Projectx86\Office.nl-nl\dwtrig20.exe 2016-07-01 15:01:01 C87E561258F2F8650CEF999BF643A731 519584 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\Projectx64\Office.nl-nl\dwtrig20.exe 2016-07-01 15:01:01 B2DADAB18C318443301D0087CD7200BA 2048 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\hidcon.exe 2016-07-01 15:01:01 A41E524F8D45F0074FD07805FF0C9B12 838536 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\visiox86\Office.nl-nl\DW20.EXE 2016-07-01 15:01:01 A41E524F8D45F0074FD07805FF0C9B12 838536 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\visiox64\Office.nl-nl\DW20.EXE 2016-07-01 15:01:01 A41E524F8D45F0074FD07805FF0C9B12 838536 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\proplusx86\Office.nl-nl\DW20.EXE 2016-07-01 15:01:01 A41E524F8D45F0074FD07805FF0C9B12 838536 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\proplusx64\Office.nl-nl\DW20.EXE 2016-07-01 15:01:01 A41E524F8D45F0074FD07805FF0C9B12 838536 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\Projectx86\Office.nl-nl\DW20.EXE 2016-07-01 15:01:01 A41E524F8D45F0074FD07805FF0C9B12 838536 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\Projectx64\Office.nl-nl\DW20.EXE 2016-07-01 15:01:01 82865FF17BC664C711EFA674759F9991 77824 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\DEZEBESTANDENVEROOKZAKENVIRUSMELDING\OfficeResetAuto\Keygen.exe 2016-07-01 15:01:00 79FE220F443C474DE14B5CE772ECA763 1287680 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\autorun.exe 2016-07-01 15:01:00 0ED398A4D031B9CFB10E3FEDF97AD836 614400 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\DEZEBESTANDENVEROOKZAKENVIRUSMELDING\OfficeResetAuto\AutoKMS.exe 2016-07-01 14:15:19 8B42614E97AA27347B3AD72C18FDDEDA 9371488 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 2016-07-01 14:15:19 3704397D35001B56B371B3395BD8B876 123392 ----a-w- C:\Windows\System32\tdlrecover.exe 2016-07-01 14:15:17 FBD4813F17F954DDEE0822B47DC980F1 7344496 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 2016-07-01 14:15:16 F7A0927CE6772BD2B809DAB4C18F52F2 46784 ----a-w- C:\Windows\System32\CompatTelRunner.exe 2016-07-01 14:15:14 E391DD57E6965C8D2DB05A4A52F80EC8 546456 ----a-w- C:\Windows\SysWOW64\fontdrvhost.exe 2016-07-01 14:15:13 F0DF375130CF8A135D9BF5459BD7691D 636304 ----a-w- C:\Windows\System32\fontdrvhost.exe 2016-07-01 14:15:13 E53E383F2C47424BD793210CC3A17FE5 808288 ----a-w- C:\Windows\System32\WWAHost.exe 2016-07-01 14:15:10 A643BD18E1DAEB72F8AF22B3E3454EF0 578048 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe 2016-07-01 14:15:10 3B2D567D35BF74C4B19B64628784F7BD 219136 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe 2016-07-01 14:15:01 B09DFF7CD8E40EA77559C87F3BF310DE 703840 ----a-w- C:\Windows\SysWOW64\WWAHost.exe 2016-07-01 14:15:01 68C5D0769C4A00B4EE8E6EC7323AF175 104448 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe 2016-07-01 14:14:55 2BB3FACF2648595E14FAD596DC68DB65 7474528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-07-01 14:14:52 71DF6482300C802BB104514F34B460F0 91648 ----a-w- C:\Windows\SysWOW64\tdlrecover.exe 2016-07-01 14:14:50 E15BEB03592BA12C5C99E2BA46146BDD 4515264 ----a-w- C:\Windows\explorer.exe 2016-07-01 14:14:45 F818A7A8BA20F9E20087248FFF1717C8 90624 ----a-w- C:\Windows\System32\DeviceEnroller.exe 2016-07-01 14:14:45 56622DFB0F03B7697B054F256C900A8E 303216 ----a-w- C:\Windows\System32\LockAppHost.exe 2016-07-01 14:14:44 FB8900191867C5B4AA61AF85B8DD1869 4074160 ----a-w- C:\Windows\SysWOW64\explorer.exe 2016-07-01 14:14:42 FFFDA814EE04E06DA9F0BADAA22ABBFD 145920 ----a-w- C:\Windows\System32\omadmclient.exe 2016-07-01 14:14:42 0B2EB30A9E987E8F85C9B28BDE04F028 254656 ----a-w- C:\Windows\SysWOW64\LockAppHost.exe 2016-07-01 14:14:38 257E403813627CF4BDBC9D936C151336 820416 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2016-07-01 14:14:37 4180512B8E8E1F0CE1F8C546C090DB97 816320 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2016-07-01 14:14:32 3911E629284D79F9F73E9E1D6EF4A128 136704 ----a-w- C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe 2016-07-01 14:14:28 D7C68ADAF1DA79072A44620CD3042E44 170848 ----a-w- C:\Windows\System32\NetworkUXBroker.exe 2016-07-01 14:14:27 83BF0EE2DB8AB8059B8979E7DF143AF1 26408 ----a-w- C:\Windows\System32\wuauclt.exe 2016-07-01 14:14:25 519E5DB2F227B7293EF94D18D5753738 157184 ----a-w- C:\Windows\System32\dmcertinst.exe 2016-07-01 14:14:21 265CCC1C1FEF749DC82458D114C2BE34 166400 ----a-w- C:\Windows\System32\MusNotification.exe 2016-07-01 14:14:18 E527156DDC1367CD795AD231C5C439C4 414720 ----a-w- C:\Windows\System32\bcastdvr.exe 2016-07-01 14:14:18 A1E25DFE54E3D41CB528ACA5CE9480F7 199168 ----a-w- C:\Windows\System32\InstallAgent.exe 2016-07-01 14:14:18 69E1CFC67F4A4043F01AD3513A73ED02 161280 ----a-w- C:\Windows\SysWOW64\InstallAgent.exe 2016-07-01 14:05:55 C6F06B3B3E10037408A5202170132154 170473288 ----a-w- C:\Windows\Temp\avast_ash2\iTunes (64 Bit)\iTunes6464Setup.exe 2016-07-01 13:56:51 4E118AC95A15BD14B8C1E49C5B4CD79B 390984 ----a-w- C:\Windows\System32\aswBoot.exe 2016-07-01 13:54:30 5220867053FD15364A3DA5D73514E9CE 6253800 ----a-w- C:\Users\Ilona\Downloads\avast_free_antivirus_setup_online.exe 2016-07-01 13:40:54 B45BFFE35B3B1C286B07CAB4271EBCEF 169184 ----a-w- C:\Users\Ilona\AppData\Local\Temp\mccspuninstall.exe 2016-07-01 13:37:49 04C897A5FE1129C7780524DE9D3556AA 27093992 ----a-w- C:\Users\Ilona\AppData\Local\Temp\lptmp1802845905\safekey.exe 2016-07-01 13:11:04 72AD409B45C61BA25E5648CDA2644D4B 14572632 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\51.0.2704.103\51.0.2704.103_50.0.2661.102_chrome_updater.exe 2016-07-01 13:00:03 2E640573B9D4A8F3AFC11574C2825BDB 701256 ----a-w- C:\Users\Ilona\AppData\Local\NVIDIA\NvBackend\Packages\00008e7d\CoProc update.20903444.exe === C: other files == 2016-07-01 14:58:24 572E9A87757AC96C7677FD1B1B113C55 49433 ----a-w- C:\Users\Ilona\AppData\Local\Temp\7ZipSfx.000\data\visiox86\ospp.vbs 2016-07-01 14:14:56 4B4439FE941574FDF7A757DF6E100705 3590144 ----a-w- C:\Windows\System32\win32kfull.sys 2016-07-01 14:14:55 3996DF4D52FD6273750C7033D1447C0A 31744 ----a-w- C:\Windows\System32\drivers\dumpsdport.sys 2016-07-01 14:14:47 8B83335B6A86F39785FC7C9DE5F5B29F 1996640 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2016-07-01 14:14:44 425CFD45BDF5B9F8B790BEB20E0A8721 161632 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2016-07-01 14:14:43 2568B86F6A50D254324CB89022CA9EFC 690176 ----a-w- C:\Windows\System32\drivers\srv2.sys 2016-07-01 14:14:42 C03E926B0E7D66D68994067231DC3246 278528 ----a-w- C:\Windows\System32\drivers\netbt.sys 2016-07-01 14:14:41 CF78AF126B00C1B0A6FF45BD838E8EFE 331616 ----a-w- C:\Windows\System32\drivers\pci.sys 2016-07-01 14:14:40 BE88248427A6AA548A904FD867667F70 406528 ----a-w- C:\Windows\System32\drivers\srv.sys 2016-07-01 14:14:40 3F7C80D9F16B94367646CBF8B8C052F4 604928 ----a-w- C:\Windows\System32\drivers\cng.sys 2016-07-01 14:14:37 8E9E48E4BC6EACB811FE6066ADACC7A5 577376 ----a-w- C:\Windows\System32\drivers\dxgmms2.sys 2016-07-01 14:14:36 87B9ABB965F7AF987D52791F0DD1663D 211296 ----a-w- C:\Windows\System32\drivers\tpm.sys 2016-07-01 14:14:31 6E520D6B16EA8AE23D1F81C1194F00C8 237056 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2016-07-01 14:14:30 D330D74B5F99309B5CCA30AE41C57CDE 118624 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2016-07-01 14:14:28 05DD22294A4F3F89E52351C7721E6D2C 258912 ----a-w- C:\Windows\System32\drivers\ufx01000.sys 2016-07-01 14:14:25 883A36E2FF7FA3E1281CB575579FE3AF 124928 ----a-w- C:\Windows\System32\drivers\Ndu.sys 2016-07-01 14:14:24 FFB773E4AA55E4F5FBBB084B41D7A86F 954368 ----a-w- C:\Windows\System32\drivers\bthport.sys 2016-07-01 14:14:24 201A90736B86C3478DD03FD238691944 1387520 ----a-w- C:\Windows\System32\win32kbase.sys 2016-07-01 14:14:24 020F3FD207AFEDAC8E05E4C567547A78 155136 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2016-07-01 14:14:19 BE265ABFB467BBAC8C73A55AD94F4216 84992 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS 2016-07-01 14:14:19 3C7DE7B7CAD633CD2DA07710BC17361C 112640 ----a-w- C:\Windows\System32\drivers\bthenum.sys 2016-07-01 13:58:42 97F952A9050CAD88681F5F0F46B8D5A5 37144 ----a-w- C:\Windows\System32\drivers\aswKbd.sys 2016-07-01 13:57:12 F6B5E463A0BB934C26FB319EDC726F65 162904 ----a-w- C:\Windows\System32\drivers\aswStm.sys 2016-07-01 13:57:12 DA7B392FB478EB42BE925433D27940F8 290088 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2016-07-01 13:57:12 CC98A75D1E39C018CD061697B144B90F 473592 ----a-w- C:\Windows\System32\drivers\aswsp.sys 2016-07-01 13:57:12 A629E4799D4CD6361D1B5D573EA5C2CD 37656 ----a-w- C:\Windows\System32\drivers\aswHwid.sys 2016-07-01 13:57:12 9C6C17C495E960E52EDE5D038EE92AE1 108304 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2016-07-01 13:57:12 8F492911129B1B32818BF894DC0C2C73 103064 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2016-07-01 13:57:12 4ABDD84A67378E866BC15DDC9916BA71 74544 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2016-07-01 13:57:09 409CDD1400B404F655EEC1B5850FD3BE 1070904 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2016-07-01 13:37:47 1114A3DAD3C38DDFAA1B801C787DF77A 2504044 ----a-w- C:\Users\Ilona\AppData\Local\Temp\lptmp1802845905\lp_languages.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-2556200484-1780206598-2822088272-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP ENVY 4500 series (NET)"="C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe -deviceID CN561322BP060F:NW -scfn HP ENVY 4500 series (NET) -AutoStart 1" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "WebStorage"="C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\ASUSWSLoader.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP ENVY 4500 series (NET)"="C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe -deviceID CN561322BP060F:NW -scfn HP ENVY 4500 series (NET) -AutoStart 1" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DptfPolicyLpmServiceHelper"="C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\AutoKMS.job --a-------- C:\WINDOWS\AutoKMS\AutoKMS.exe [02-07-2016 12:35] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10-09-2015 06:56] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10-09-2015 06:56] C:\WINDOWS\tasks\HP Photo Creations Communicator.job --a-------- C:\Users\Ilona\AppData\Roaming\HP Photo Creations\Communicator.exe [28-10-2015 07:32] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\ASUS Live Update1" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\WINDOWS\SysNative\tasks\ASUS Live Update2" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\WINDOWS\SysNative\tasks\ASUS Smart Gesture Launcher" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe] "C:\WINDOWS\SysNative\tasks\ASUS Splendid ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\WINDOWS\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"] "C:\WINDOWS\SysNative\tasks\ATK Package 36D18D69AFC3" ["C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe"] "C:\WINDOWS\SysNative\tasks\AutoKMS" [C:\WINDOWS\AutoKMS\AutoKMS.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HP Photo Creations Communicator" [C:\Users\Ilona\AppData\Roaming\HP Photo Creations\Communicator.exe] "C:\WINDOWS\SysNative\tasks\HPCustParticipation HP ENVY 4500 series" ["C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe"] "C:\WINDOWS\SysNative\tasks\RtHDVBg" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"] "C:\WINDOWS\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"] "C:\WINDOWS\SysNative\tasks\SafeZone scheduled Autoupdate 1467381540" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe] "C:\WINDOWS\SysNative\tasks\Update Checker" [C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{665A86BA-A76A-4017-82B1-35049A53FD6B}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2016-03-08 21:54:21 -------- d-----w- C:\PROGRA~3\ASUS Smart Gesture 2016-07-01 13:55:21 -------- d-----w- C:\PROGRA~3\AVAST Software 2016-07-01 15:11:43 -------- d-----w- C:\PROGRA~3\Microsoft Help ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [01-07-2016 15:56] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [01-07-2016 15:56] ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions eofcbnmajmjmplflapaojjnihcjkigck - No path found[] gomekmidlodglbbmalcneegieacbdmki - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[25-05-2016 10:31] Avast SafePrice - Ilona\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck Avast Online Security - Ilona\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Skype - Ilona\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Chrome Web Store Payments - Ilona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKLM\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} - No_Url_Value HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7JENT_nlNL657 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\ASUSWSLoader.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [HP ENVY 4500 series (NET)] "C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN561322BP060F:NW" -scfn "HP ENVY 4500 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: SafeKey Fill Forms - file://C:\Users\Ilona\AppData\LocalLow\SafeKey\context.html?cmd=fillforms O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @oem12.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing) O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @oem14.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing) O23 - Service: @oem14.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing) O23 - Service: @oem14.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyCriticalService.exe (file missing) O23 - Service: @oem14.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyLpmService.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ilona\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Ilona\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Ilona\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Ilona\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Ilona\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=899 folders=270 29596187 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Ilona\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 03-07-2016 at 10:12:39,77 ======================