Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Gebruiker on za 23-07-2016 at 12:44:49,47. Microsoft Windows 10 Home 10.0.10586 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Desktop\zoek (1).exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 23-7-2016 12:47:10 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Comms deleted successfully C:\PROGRA~2\SoftwareDistribution deleted successfully C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully C:\Users\Gebruiker\AppData\Local\ActiveSync deleted successfully C:\Users\Gebruiker\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Gebruiker\AppData\Local\EmieSiteList deleted successfully C:\Users\Gebruiker\AppData\Local\EmieUserList deleted successfully C:\Users\Gebruiker\AppData\Local\NetworkTiles deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3384140332-3288011908-1842690505-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C85A1C9-0F93-4B46-BE67-D409D64C7E67} deleted successfully HKEY_USERS\S-1-5-21-3384140332-3288011908-1842690505-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C85A1C9-0F93-4B46-BE67-D409D64C7E67} deleted successfully HKEY_CLASSES_ROOT\CLSID\{6C85A1C9-0F93-4B46-BE67-D409D64C7E67} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C85A1C9-0F93-4B46-BE67-D409D64C7E67} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== D3DX10 eMindMaps Google Chrome Google Toolbar for Internet Explorer Google Update Helper HP Quick Launch Buttons Intel(R) Graphics Media Accelerator Driver Intel(R) TV Wizard LSI HDA Modem Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.1 (NLD) Microsoft Application Error Reporting Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x86) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Security Client Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Movie Maker MSVCRT MSVCRT110 Photo Common Photo Gallery Popcorn Time QLBCASL Security Update for CAPICOM (KB931906) Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2956110) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2984938) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2984943) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085620) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114542) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114742) 32-Bit Edition Security Update for Microsoft Office Access 2007 (KB2596614) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3115308) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3115309) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB3115306) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB3114426) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2889915) 32-Bit Edition Security Update for Microsoft Office Outlook 2007 (KB2880510) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB3114429) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2880506) 32-Bit Edition Security Update for Microsoft Office Visio Viewer 2007 (KB2596915) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB3115311) 32-Bit Edition Surf Safely Synaptics Pointing Device Driver Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3115307) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack ==== Running Processes ====================== C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\dwm.exe C:\WINDOWS\system32\Hpservice.exe C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\AEADISRV.EXE C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\dashost.exe C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe C:\WINDOWS\system32\taskeng.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\sihost.exe C:\WINDOWS\system32\taskhostw.exe C:\Windows\System32\RuntimeBroker.exe C:\WINDOWS\Explorer.EXE C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files\Windows Defender\MpCmdRun.exe C:\Users\Gebruiker\Desktop\zoek (1).exe C:\WINDOWS\system32\conhost.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\conhost.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k apphost C:\WINDOWS\System32\svchost.exe -k utcsvc C:\WINDOWS\system32\svchost.exe -k iissvcs C:\WINDOWS\system32\svchost.exe -k appmodel C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup C:\WINDOWS\System32\svchost.exe -k smphost ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\WINDOWS\tasks\AmiUpdXp.job" not found C:\Program Files\Surf Safely deleted C:\Users\Gebruiker\AppData\Local\Surf Safely deleted C:\Users\Gebruiker\AppData\Local\5067 deleted C:\Program Files\Common Files\Config deleted C:\awhB66D.tmp deleted C:\awhFAC2.tmp deleted C:\PROGRA~2\Package Cache deleted C:\Users\Gebruiker\AppData\Local\proxy.log deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Gebruiker\AppData\LocalLow\Protect deleted C:\Users\Gebruiker\AppData\LocalLow\{6C85A1C9-0F93-4B46-BE67-D409D64C7E67} deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3064 MB CPU Info: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz CPU Speed: 1064,6 MHz Sound Card: Luidsprekers (SoundMAX Integrat | Display Adapters: Mobile Intel(R) 965 Express Chipset Family (Microsoft Corporation - WDDM 1.1) | Mobile Intel(R) 965 Express Chipset Family (Microsoft Corporation - WDDM 1.1) Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: Broadcom NetLink (TM) Gigabit Ethernet | Intel(R) Wireless WiFi Link 4965AGN CD / DVD Drives: 1x (D: | ) D: Optiarc DVD RW AD-7560A Ports: COM3 LPT1 Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 232,3GB Hard Disks - Free: C: 199,0GB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 12/01/11 | HPQOEM - 1 Time Zone: Romance (standaardtijd) Motherboard *: Hewlett-Packard 30C0 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Default Browser: Google Chrome 51.0.2704.103 Internet Explorer Version: 11.494.10586.0 Google Chrome version: 51.0.2704.103 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-07-15 13:56:19 57FC18732C2B6A90B8DF6337A9029D26 898048 ----a-w- C:\WINDOWS\HelpPane.exe 2016-07-15 13:56:17 B6113983ED77D6FE99BDEE461E7BE004 4074160 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== 2016-07-15 13:58:50 A233DD6D55CDBC80890E6D0702F727B5 2771968 ----a-w- C:\WINDOWS\System32\tquery.dll 2016-07-15 13:58:50 4C629B1F6E54578C7875057FD5C53E5F 282624 ----a-w- C:\WINDOWS\System32\SearchProtocolHost.exe 2016-07-15 13:58:49 F3C7017623E0F1F04016E5041A106FC8 119296 ----a-w- C:\WINDOWS\System32\mssph.dll 2016-07-15 13:58:49 F370A686221023EC003D96BB1FBA57A0 760320 ----a-w- C:\WINDOWS\System32\SearchIndexer.exe 2016-07-15 13:58:49 C2230C9A5F4DA4FE5EF9462047429082 32768 ----a-w- C:\WINDOWS\System32\msscntrs.dll 2016-07-15 13:58:49 8DBFE13F50BE7578913003EE5256AEBE 282624 ----a-w- C:\WINDOWS\System32\Search.ProtocolHandler.MAPI2.dll 2016-07-15 13:58:49 6500AB640E37FBFBE0D57B24F8BC6F30 1984000 ----a-w- C:\WINDOWS\System32\mssrch.dll 2016-07-15 13:58:49 4BC42306D03B539D0EDDD81CC0AE0CD3 244736 ----a-w- C:\WINDOWS\System32\mssphtb.dll 2016-07-15 13:58:49 492C152E65A4F59D0FDDE2F2E0C34DE8 48128 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryBroker.dll 2016-07-15 13:58:49 10882529EF2A92C7E5ACCC0E6EDF8390 48640 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryClient.dll 2016-07-15 13:58:48 CF034E3697C5CA79777F94116D57C6A6 2179584 ----a-w- C:\WINDOWS\System32\Windows.StateRepository.dll 2016-07-15 13:58:48 76B34D04F94D7A8D47763C4E8285F88B 1117184 ----a-w- C:\WINDOWS\System32\Windows.Media.Speech.dll 2016-07-15 13:58:41 4F79496B51E1A67B496FF6A407D22D30 1467392 ----a-w- C:\WINDOWS\System32\GdiPlus.dll 2016-07-15 13:58:38 64B619A6CE464E494651950794CE8264 541184 ----a-w- C:\WINDOWS\System32\GamePanel.exe 2016-07-15 13:58:37 FC26697351E186D415E53BF83D37DAAD 3555840 ----a-w- C:\WINDOWS\System32\xpsrchvw.exe 2016-07-15 13:58:37 C34CC619C1F747F81D2C2C47D5C1B095 2604032 ----a-w- C:\WINDOWS\System32\CertEnroll.dll 2016-07-15 13:58:37 A0FEBE2531D36DC1B264670845FB5D40 6529024 ----a-w- C:\WINDOWS\System32\wwanmm.dll 2016-07-15 13:58:36 968DD3AA844E40932950709FD9CB9556 1976832 ----a-w- C:\WINDOWS\System32\wpdshext.dll 2016-07-15 13:58:36 8E4EF6589ADC681CEB20CFEBC588AEC9 385024 ----a-w- C:\WINDOWS\System32\wwanconn.dll 2016-07-15 13:58:36 75869FD635879D9B0DCED6B6E4FEFDCD 57344 ----a-w- C:\WINDOWS\System32\WPDShServiceObj.dll 2016-07-15 13:58:35 6B50CF0D71F727CEDF49216FD4AC0FB9 290304 ----a-w- C:\WINDOWS\System32\WmpDui.dll 2016-07-15 13:58:35 5A69A6CB031970F5E0BBD4E967D32924 1497088 ----a-w- C:\WINDOWS\System32\WMPDMC.exe 2016-07-15 13:58:34 92E095238890F0AA0A783C23AC83D426 272384 ----a-w- C:\WINDOWS\System32\wmicmiplugin.dll 2016-07-15 13:58:34 5A0B501B638941EAF2BEABCE3C645769 413696 ----a-w- C:\WINDOWS\System32\WLanConn.dll 2016-07-15 13:58:33 EACDCB7EA7696B10EF5CC65040A44923 1349640 ----a-w- C:\WINDOWS\System32\winmde.dll 2016-07-15 13:58:33 8DB2C4EACA33C85586192D5F509ADA45 164352 ----a-w- C:\WINDOWS\System32\winsrv.dll 2016-07-15 13:58:32 8F81BC95794B0C17812988D44D000170 1582080 ----a-w- C:\WINDOWS\System32\Windows.UI.Immersive.dll 2016-07-15 13:58:32 236B3202BBB1FCD6C3319A994056E108 1522160 ----a-w- C:\WINDOWS\System32\WindowsCodecs.dll 2016-07-15 13:58:31 FFA3300F8C8542A92015C7FF48A16AF9 28083144 ----a-w- C:\WINDOWS\System32\WindowsCodecsRaw.dll 2016-07-15 13:58:31 E4C9CBFBCF45A8432CED1F30EAE9BF40 2973696 ----a-w- C:\WINDOWS\System32\win32kfull.sys 2016-07-15 13:58:31 DFA5B5265D65E635A0BAE3ED0AD1E9E6 1152000 ----a-w- C:\WINDOWS\System32\win32kbase.sys 2016-07-15 13:58:31 702A77C8EB30026CF6C16F9B1439F166 238592 ----a-w- C:\WINDOWS\System32\WindowsCodecsExt.dll 2016-07-15 13:58:30 D6D84F133DC05DB51FE689BB2066D43E 405504 ----a-w- C:\WINDOWS\System32\webio.dll 2016-07-15 13:58:30 D0A2BA04B1E3F6C1F0E52F65D97EF39D 703840 ----a-w- C:\WINDOWS\System32\WWAHost.exe 2016-07-15 13:58:30 A3E1888B827AD9132A35657C48C9762B 578048 ----a-w- C:\WINDOWS\System32\wiaaut.dll 2016-07-15 13:58:30 94B32AFBC8D832B3CC39C87DACCF4CEE 879616 ----a-w- C:\WINDOWS\System32\WebcamUi.dll 2016-07-15 13:58:29 71ACD991985937A797809DC460C66223 1900032 ----a-w- C:\WINDOWS\System32\wuaueng.dll 2016-07-15 13:58:29 705C5657D8D373BE6EBA17210DB39F2B 1334680 ----a-w- C:\WINDOWS\System32\wmpmde.dll 2016-07-15 13:58:29 5A4D29E49813430AD5C946482345F7AE 291840 ----a-w- C:\WINDOWS\System32\wuuhext.dll 2016-07-15 13:58:29 2321ED202AD6C4EF2BA3D11ED770AC36 23776 ----a-w- C:\WINDOWS\System32\wuauclt.exe 2016-07-15 13:58:28 C41C3339364B262957110B2C6C32FF3D 573440 ----a-w- C:\WINDOWS\System32\UserLanguagesCpl.dll 2016-07-15 13:58:28 B6A9C98BFE60CB8DC992033108F3C4F0 1226752 ----a-w- C:\WINDOWS\System32\wcnwiz.dll 2016-07-15 13:58:27 FC4E7D3027D748E2D131C9DED39D4976 584704 ----a-w- C:\WINDOWS\System32\UIRibbonRes.dll 2016-07-15 13:58:27 D613DBA2E2D43264B6D5C1933F3A71FC 3459584 ----a-w- C:\WINDOWS\System32\UIRibbon.dll 2016-07-15 13:58:27 BFDF93B18EE43C568E5ED4392FA37A30 1075200 ----a-w- C:\WINDOWS\System32\Windows.UI.Shell.dll 2016-07-15 13:58:27 32E42A131A187BCAD87EA3A2A09498B9 1249280 ----a-w- C:\WINDOWS\System32\usercpl.dll 2016-07-15 13:58:26 80BD175A8820F5D1C0913DE1BA2A0400 40960 ----a-w- C:\WINDOWS\System32\Windows.Shell.Search.UriHandler.dll 2016-07-15 13:58:26 7EA97C328FB2BF7D6F137AC02C862AA3 326144 ----a-w- C:\WINDOWS\System32\MusUpdateHandlers.dll 2016-07-15 13:58:26 541C337FA4551C852FA4371AD3BF9C5B 764928 ----a-w- C:\WINDOWS\System32\Windows.UI.Cred.dll 2016-07-15 13:58:26 25D3ECA267A457219757D7F5BF5C04E0 49152 ----a-w- C:\WINDOWS\System32\MusNotificationUx.exe 2016-07-15 13:58:26 23F74037E71A1D1D827A3F0DDCB8A697 4404736 ----a-w- C:\WINDOWS\System32\Windows.UI.Search.dll 2016-07-15 13:58:23 A2F1083A19153E3FF9399065A68D65E0 145920 ----a-w- C:\WINDOWS\System32\MusNotification.exe 2016-07-15 13:58:23 7715F2B3D002A3C5AF975495E7EA7E7E 231936 ----a-w- C:\WINDOWS\System32\updatehandlers.dll 2016-07-15 13:58:23 70BE5D31CD548715F88398D7B56E99B5 315904 ----a-w- C:\WINDOWS\System32\Windows.UI.BlockedShutdown.dll 2016-07-15 13:58:23 05133B33670DBEBB8FCE962633D24105 267776 ----a-w- C:\WINDOWS\System32\usocore.dll 2016-07-15 13:58:22 4823E34C6FF40AEC1F4514E10E64FE20 36352 ----a-w- C:\WINDOWS\System32\musdialoghandlers.dll 2016-07-15 13:58:18 A5B6DDDF137C8118B93D00404510741D 836760 ----a-w- C:\WINDOWS\System32\twinapi.appcore.dll 2016-07-15 13:58:18 A582CC5D97DA29AFE99024BBE96673F3 9919488 ----a-w- C:\WINDOWS\System32\twinui.dll 2016-07-15 13:58:18 643BBA6FB3DA30DC0294F14D72EEFAAB 581632 ----a-w- C:\WINDOWS\System32\twinapi.dll 2016-07-15 13:58:18 409D5D7EB68EDC5E5751A1F437F8C58E 2000896 ----a-w- C:\WINDOWS\System32\twinui.appcore.dll 2016-07-15 13:58:18 212B595D06DB8A90B540E970E493CD6F 2519552 ----a-w- C:\WINDOWS\System32\themecpl.dll 2016-07-15 13:58:18 187D966A14D7F9CB4D3B4996B53CDE73 39424 ----a-w- C:\WINDOWS\System32\TpmTasks.dll 2016-07-15 13:58:17 FBA0E803ED70D649630DCA8EEC625414 240640 ----a-w- C:\WINDOWS\System32\taskeng.exe 2016-07-15 13:58:17 A9B3BF6FE0D98B868BC489C869EEE906 814080 ----a-w- C:\WINDOWS\System32\schedsvc.dll 2016-07-15 13:58:16 EF539679E1F6FA5DFDCE4D013A3D37CF 6740992 ----a-w- C:\WINDOWS\System32\mstscax.dll 2016-07-15 13:58:15 7757D5D2DC5A4DE6DE273792246D546E 942592 ----a-w- C:\WINDOWS\System32\reseteng.dll 2016-07-15 13:58:12 B61C9BA4E125BC5FFF338D7B11BAC6EC 805888 ----a-w- C:\WINDOWS\System32\WSShared.dll 2016-07-15 13:58:12 9A6B1DB1667CDD276A208F5AE5646948 151552 ----a-w- C:\WINDOWS\System32\WSClient.dll 2016-07-15 13:58:12 8E370B335238A592882E99266134335E 2885680 ----a-w- C:\WINDOWS\System32\WSService.dll 2016-07-15 13:58:12 836FF4B7A3AC93E7D659F4FCCF7E0309 779264 ----a-w- C:\WINDOWS\System32\sbe.dll 2016-07-15 13:58:10 44E757E3ED213ECDF25DBB65F8ED3609 401920 ----a-w- C:\WINDOWS\System32\StikyNot.exe 2016-07-15 13:58:08 937208F90E70A7A415F05932ABD72DFB 34304 ----a-w- C:\WINDOWS\System32\Windows.Speech.Pal.dll 2016-07-15 13:58:08 6951A9D7DD8EBDA12A83B046FC315A8B 1106944 ----a-w- C:\WINDOWS\System32\SpeechPal.dll 2016-07-15 13:58:07 E71CB29D5B7F76DD58677381CBFE6847 129024 ----a-w- C:\WINDOWS\System32\SimAuth.dll 2016-07-15 13:58:07 AB6B502F8A7DA09AD9CDE0BB988568C2 140800 ----a-w- C:\WINDOWS\System32\shutdownux.dll 2016-07-15 13:58:07 42D425CA43C93CC578D1AEA96D1E39F0 157696 ----a-w- C:\WINDOWS\System32\SimCfg.dll 2016-07-15 13:58:05 3EEAC377D273ABB2B6FB02DBFE8E307E 21123320 ----a-w- C:\WINDOWS\System32\shell32.dll 2016-07-15 13:58:02 BDD024D6683027B841552B43863E8447 740352 ----a-w- C:\WINDOWS\System32\SharedStartModel.dll 2016-07-15 13:58:02 B726B6583C0E880B59BE3C4463C27BAB 569752 ----a-w- C:\WINDOWS\System32\SHCore.dll 2016-07-15 13:58:01 D69DDC0073FA31032D7F9379D054679F 503296 ----a-w- C:\WINDOWS\System32\SettingSync.dll 2016-07-15 13:58:01 D00ACFADE7EE80F0C45CC0B94EB5D21A 465760 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe 2016-07-15 13:58:01 61D86AEAE520B20FD3AE5C68327239EB 400896 ----a-w- C:\WINDOWS\System32\OneDriveSettingSyncProvider.dll 2016-07-15 13:58:01 56BBCFD02C4C5248CAF8EAF8236A4674 667648 ----a-w- C:\WINDOWS\System32\AzureSettingSyncProvider.dll 2016-07-15 13:58:01 4C5CD8F1A3B88B8B7B9F57F2E256FAFC 639488 ----a-w- C:\WINDOWS\System32\TokenBroker.dll 2016-07-15 13:58:01 0162996989471778328E929D58B1041E 754176 ----a-w- C:\WINDOWS\System32\SettingSyncCore.dll 2016-07-15 13:58:00 94C9FEB399F8077E01CF7EA32C826DF8 5598832 ----a-w- C:\WINDOWS\System32\sppsvc.exe 2016-07-15 13:57:59 692D5D0DB97C91EED689E4CE8A9A2A2D 673280 ----a-w- C:\WINDOWS\System32\aadtb.dll 2016-07-15 13:57:58 D0B4D167CB9BA37A62BA8E7B7934F517 460800 ----a-w- C:\WINDOWS\System32\SearchFolder.dll 2016-07-15 13:57:58 88A5A640F1C46936CEA62B7B42969E8E 502784 ----a-w- C:\WINDOWS\System32\vbscript.dll 2016-07-15 13:57:58 79C50C86572AF5891D1196569C9D2EB1 3663360 ----a-w- C:\WINDOWS\System32\jscript9.dll 2016-07-15 13:57:58 4A8E1182ECF552141C2C165B0A137E50 186880 ----a-w- C:\WINDOWS\System32\schtasks.exe 2016-07-15 13:57:58 31AC81040FBFB538619282F47C3ED884 5660672 ----a-w- C:\WINDOWS\System32\Chakra.dll 2016-07-15 13:57:57 C52454047290A0D2D7E57D6EA4B65E0E 246784 ----a-w- C:\WINDOWS\System32\aadcloudap.dll 2016-07-15 13:57:57 885314A6538EBC45846551900B0D4519 1800704 ----a-w- C:\WINDOWS\System32\NetworkMobileSettings.dll 2016-07-15 13:57:57 446341875596024C4AA262B1709BB017 1337680 ----a-w- C:\WINDOWS\System32\sppobjs.dll 2016-07-15 13:57:56 B27FEB21C56278185E7B7A77722C6819 777728 ----a-w- C:\WINDOWS\System32\MsSpellCheckingFacility.dll 2016-07-15 13:57:56 6C9486A072CC08F929C67CB5113A35C1 1746944 ----a-w- C:\WINDOWS\System32\SettingsHandlers_Bluetooth.dll 2016-07-15 13:57:56 1822067468771C92A50D1C768CE3A915 183808 ----a-w- C:\WINDOWS\System32\SettingsHandlers_Maps.dll 2016-07-15 13:57:56 0B709D13B267158668E5D208566D1796 373248 ----a-w- C:\WINDOWS\System32\SystemSettings.UserAccountsHandlers.dll 2016-07-15 13:57:56 0118EEDA12F408373E1592B202FDE947 3196928 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll 2016-07-15 13:57:55 5C2B14556CAD597D1EE36F4F1E5AA61B 253440 ----a-w- C:\WINDOWS\System32\OneBackupHandler.dll 2016-07-15 13:57:50 9A4C8179AF42586466DE792D15423F9D 1035776 ----a-w- C:\WINDOWS\System32\ApplicationFrame.dll 2016-07-15 13:57:47 9AFADED6C803568EC78309DBC6A0C6E8 2880512 ----a-w- C:\WINDOWS\System32\SystemSettingsThresholdAdminFlowUI.dll 2016-07-15 13:57:39 3E97CC7E938C4D15FCC27EC33C898606 153088 ----a-w- C:\WINDOWS\System32\WSSync.dll 2016-07-15 13:57:36 BD869430C7B7CCD5FE0C3D9D6D344953 2798080 ----a-w- C:\WINDOWS\System32\Windows.Media.dll 2016-07-15 13:57:36 AD5D16BA745652816BE494BC6467F51B 633192 ----a-w- C:\WINDOWS\System32\sppwinob.dll 2016-07-15 13:57:36 76CBB93D895992C774D116BC7106E48A 792328 ----a-w- C:\WINDOWS\System32\rpcrt4.dll 2016-07-15 13:57:36 4DEFC3A4DF8506E6824CBE183B54DDC7 542720 ----a-w- C:\WINDOWS\System32\msra.exe 2016-07-15 13:57:36 2255BD9E263298D817C4B885A6F82505 230912 ----a-w- C:\WINDOWS\System32\RDXTaskFactory.dll 2016-07-15 13:57:35 B34DE2B803625C572C664C495FC3F720 846336 ----a-w- C:\WINDOWS\System32\rasgcw.dll 2016-07-15 13:57:33 C48A377F4AD5F1D28895EED21640D195 72192 ----a-w- C:\WINDOWS\System32\rdpudd.dll 2016-07-15 13:57:33 BEC15702CE3242133B95F0E2C69FFC88 980480 ----a-w- C:\WINDOWS\System32\winipcsecproc.dll 2016-07-15 13:57:33 B6A697A95DA81E6B63F7E2AD53886180 3483648 ----a-w- C:\WINDOWS\System32\rdpcorets.dll 2016-07-15 13:57:33 734026191E38F421D62D0067D89B0E35 1063936 ----a-w- C:\WINDOWS\System32\Windows.Media.Editing.dll 2016-07-15 13:57:33 2086CC9E5A8C75F246A75EE606988B77 1508352 ----a-w- C:\WINDOWS\System32\winmsipc.dll 2016-07-15 13:57:32 DE90E4D4F432DA6BD49956E2F81220D0 66560 ----a-w- C:\WINDOWS\System32\NFCProvisioningPlugin.dll 2016-07-15 13:57:32 CEEA8FA78E1652BB7219FC118E9F67EE 330752 ----a-w- C:\WINDOWS\System32\winipcfile.dll 2016-07-15 13:57:32 C6067AA23C45976EAFD557C4F07FB78C 783872 ----a-w- C:\WINDOWS\System32\RDXService.dll 2016-07-15 13:57:32 BFFE89784505F66497C8D0230CDD8DE5 207872 ----a-w- C:\WINDOWS\System32\provengine.dll 2016-07-15 13:57:32 BF2166843DEAB6A7D2DBD5A4010A802B 199680 ----a-w- C:\WINDOWS\System32\provhandlers.dll 2016-07-15 13:57:32 AF3369020E352540743E7664F7CAA189 1355336 ----a-w- C:\WINDOWS\System32\propsys.dll 2016-07-15 13:57:32 404EA5D1E9451EAB6D37403B7CFAD736 123392 ----a-w- C:\WINDOWS\System32\ProximityCommon.dll 2016-07-15 13:57:32 3B66EF163DE1118255FC2360C4093812 120832 ----a-w- C:\WINDOWS\System32\provops.dll 2016-07-15 13:57:31 F86B36A83D1BAD61283E25704D3F6EF9 1484800 ----a-w- C:\WINDOWS\System32\PrintDialogs3D.dll 2016-07-15 13:57:31 B99334A08D3E9CE2D4A4BFB8BBC4CB76 1448960 ----a-w- C:\WINDOWS\System32\Windows.Graphics.Printing.3D.dll 2016-07-15 13:57:31 50B851ADFFAC3B2EFD1B5DE4D8A94277 468992 ----a-w- C:\WINDOWS\System32\Windows.Graphics.Printing.dll 2016-07-15 13:57:30 ED3335C188873DD766C73C98F06A3BEA 216576 ----a-w- C:\WINDOWS\System32\PlayToReceiver.dll 2016-07-15 13:57:30 B9D078DCBA77C86348937DAC1C308B52 1764864 ----a-w- C:\WINDOWS\System32\pnidui.dll 2016-07-15 13:57:30 A7CD30176029F60B56F5590E37310103 339968 ----a-w- C:\WINDOWS\System32\WMPhoto.dll 2016-07-15 13:57:30 53903FCDBE698C8804D0B479F4F5E29B 517632 ----a-w- C:\WINDOWS\System32\PlayToManager.dll 2016-07-15 13:57:29 FC42E59329315A30F397490033055D28 2217984 ----a-w- C:\WINDOWS\System32\Wpc.dll 2016-07-15 13:57:29 580A963F680D63AEE87D6F7DF6EDB6B4 138240 ----a-w- C:\WINDOWS\System32\inetpp.dll 2016-07-15 13:57:29 43482C0BCD27FFC1E351DAAA2BA2AB09 1635840 ----a-w- C:\WINDOWS\System32\WpcWebSync.dll 2016-07-15 13:57:28 ABFB6150CA07482BCF3D3FDE3B62152A 309760 ----a-w- C:\WINDOWS\System32\ntprint.dll 2016-07-15 13:57:28 80BBA3ACFB994EE71EE44DB6D25925B9 601600 ----a-w- C:\WINDOWS\System32\win32spl.dll 2016-07-15 13:57:28 60BDF3616BE5000C01D0CDAF767372E1 925184 ----a-w- C:\WINDOWS\System32\localspl.dll 2016-07-15 13:57:25 B33928C3DED11908104A38E0C3090F7F 572928 ----a-w- C:\WINDOWS\System32\WpcWebFilter.dll 2016-07-15 13:57:25 8964282B584D2A72AB003676C850BCB6 748032 ----a-w- C:\WINDOWS\System32\wpncore.dll 2016-07-15 13:57:25 4658DC0CC3D348B92FA2F947C2D04567 1300016 ----a-w- C:\WINDOWS\System32\WpcMon.exe 2016-07-15 13:57:19 84265A0795371B9B4CF6E2030029E3FA 5793632 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe 2016-07-15 13:57:18 FC03376F464F07369BC07A6D9BE8CA8D 88576 ----a-w- C:\WINDOWS\System32\olepro32.dll 2016-07-15 13:57:15 CEFD0ACBA7B6D982286FE752F6F55BAC 159232 ----a-w- C:\WINDOWS\System32\LegacyNetUXHost.exe 2016-07-15 13:57:15 34B1DD62B3F090A0466241F84F1E9AE0 802816 ----a-w- C:\WINDOWS\System32\ntshrui.dll 2016-07-15 13:57:15 348454261C1304A1FF98627E41B35789 56832 ----a-w- C:\WINDOWS\System32\LegacyNetUX.dll 2016-07-15 13:57:14 F964FA5FA4FAB1B2D9E6638A0CF0D7E7 2679808 ----a-w- C:\WINDOWS\System32\netshell.dll 2016-07-15 13:57:14 3C95603CFF6A2F1DB0C531095D3B1ECF 742400 ----a-w- C:\WINDOWS\System32\IKEEXT.DLL 2016-07-15 13:57:11 3F11F65E9CF4BB42B27CCAA1895B660F 439296 ----a-w- C:\WINDOWS\System32\Windows.Networking.UX.EapRequestHandler.dll 2016-07-15 13:57:11 3F0CBFF06988DA85E283E79461AABD3F 395776 ----a-w- C:\WINDOWS\System32\WlanMediaManager.dll 2016-07-15 13:57:10 B39E043BCB704FF6F0D0DEADBCBA754D 683008 ----a-w- C:\WINDOWS\System32\Windows.Networking.BackgroundTransfer.dll 2016-07-15 13:57:10 2FE56BAE736FE2AD20950ECED0FFD6D1 1588224 ----a-w- C:\WINDOWS\System32\msxml3.dll 2016-07-15 13:57:09 E5DD7B8A4023B9277C434405849BB43A 2680320 ----a-w- C:\WINDOWS\System32\msftedit.dll 2016-07-15 13:57:09 D4DE4F98D350823BACCA6D7F753D74D4 6471168 ----a-w- C:\WINDOWS\System32\mspaint.exe 2016-07-15 13:57:09 B436CC0B1D4DB5A6C94A56516C386A3C 689152 ----a-w- C:\WINDOWS\System32\modernexecserver.dll 2016-07-15 13:57:09 1EEC0939B2B99EF1F53B14D9205041AD 282624 ----a-w- C:\WINDOWS\System32\msieftp.dll 2016-07-15 13:57:06 A489CECF560EA0421C04277904210395 925576 ----a-w- C:\WINDOWS\System32\mfplat.dll 2016-07-15 13:57:06 57D00F9D60519705D37BAFB852771443 1118208 ----a-w- C:\WINDOWS\System32\mfnetsrc.dll 2016-07-15 13:57:04 87755FF83726D908224C08C180D42C72 12586496 ----a-w- C:\WINDOWS\System32\wmp.dll 2016-07-15 13:57:02 734C17FFE65F9E0436BDAD566A613D8C 32040 ----a-w- C:\WINDOWS\System32\mfpmp.exe 2016-07-15 13:56:59 F3B12C931650835388F43DB2DF606657 511320 ----a-w- C:\WINDOWS\System32\mf.dll 2016-07-15 13:56:59 A4879DCB9CBE6F67661F0EF4D5A59092 835072 ----a-w- C:\WINDOWS\System32\Windows.Media.Streaming.dll 2016-07-15 13:56:59 3B5A60CFD5EA636133A0A9F8CD4EDC45 709176 ----a-w- C:\WINDOWS\System32\mfsvr.dll 2016-07-15 13:56:55 631450FBA9C8677C00F5A577905ECE36 784896 ----a-w- C:\WINDOWS\System32\NMAA.dll 2016-07-15 13:56:54 E4873BE74A0BE6F30A6948F882E6E7FC 50176 ----a-w- C:\WINDOWS\System32\MosHostClient.dll 2016-07-15 13:56:54 D5ACEA2845E642A7ABF383C316CABDA6 6295552 ----a-w- C:\WINDOWS\System32\mos.dll 2016-07-15 13:56:54 D5543D8C9168DBE558C93438F08CE7DB 203776 ----a-w- C:\WINDOWS\System32\moshostcore.dll 2016-07-15 13:56:54 3A847DC60430E6B788D3986CA2EFDE5B 54784 ----a-w- C:\WINDOWS\System32\moshost.dll 2016-07-15 13:56:54 0BBEA534AB25CEBFE72BD191FF84F593 59904 ----a-w- C:\WINDOWS\System32\MosStorage.dll 2016-07-15 13:56:53 F5DE16C4E48D0D44D10948D42FC1E241 23552 ----a-w- C:\WINDOWS\System32\mapsupdatetask.dll 2016-07-15 13:56:53 F51050F1C1AC01ABB2FFE27D11F13775 612352 ----a-w- C:\WINDOWS\System32\MapsStore.dll 2016-07-15 13:56:53 E1070F3504C85D60C5866B6775E6589A 74752 ----a-w- C:\WINDOWS\System32\MapsCSP.dll 2016-07-15 13:56:53 CB84B6382E21D875D0EC9665CD6908B8 711680 ----a-w- C:\WINDOWS\System32\MapControlCore.dll 2016-07-15 13:56:53 B7299EF9D5D4C7D480AC5A8ACEA402E1 87040 ----a-w- C:\WINDOWS\System32\MapsBtSvc.dll 2016-07-15 13:56:53 3F695F3A23A019E6DF7BAC57276B1E77 349696 ----a-w- C:\WINDOWS\System32\MapConfiguration.dll 2016-07-15 13:56:52 3BFBC5158CC4CA508FEC8284DB6727FD 5205504 ----a-w- C:\WINDOWS\System32\BingMaps.dll 2016-07-15 13:56:52 0B6A790F69FC2D67EEFF6F015EF24C5B 800768 ----a-w- C:\WINDOWS\System32\JpMapControl.dll 2016-07-15 13:56:42 59976482DB1C9F2F41DF62AA9A1B01C5 2062336 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll 2016-07-15 13:56:42 414967EA08650001DD671FEFE37633E7 645632 ----a-w- C:\WINDOWS\System32\Windows.Storage.Search.dll 2016-07-15 13:56:42 394B995CB6ADFEED1A37DD15FADE5068 5240960 ----a-w- C:\WINDOWS\System32\windows.storage.dll 2016-07-15 13:56:42 1CDEF66CFD26AF241D8546896F77B8A5 489984 ----a-w- C:\WINDOWS\System32\mbsmsapi.dll 2016-07-15 13:56:41 D7BDD6C833746E64F1652D6CDE47701F 372224 ----a-w- C:\WINDOWS\System32\LockAppBroker.dll 2016-07-15 13:56:41 AE25638F69C8DB0F22C5B86992C0BD39 180736 ----a-w- C:\WINDOWS\System32\cdd.dll 2016-07-15 13:56:40 AFF040FE80E49EEAF85D87FA481B2C4A 1561392 ----a-w- C:\WINDOWS\System32\KernelBase.dll 2016-07-15 13:56:40 ACE55293E4764AEEB994D5837B43E5C4 613120 ----a-w- C:\WINDOWS\System32\Windows.Internal.Shell.Broker.dll 2016-07-15 13:56:40 644CE64AB3ED902711CB0B86CF4ECA22 434688 ----a-w- C:\WINDOWS\System32\LogonController.dll 2016-07-15 13:56:39 7CF445915FC12FA890EFE5D43AD8B2F9 4078080 ----a-w- C:\WINDOWS\System32\dbgeng.dll 2016-07-15 13:56:38 350ED2186E2C0E80ABCE270C9A52647E 12128256 ----a-w- C:\WINDOWS\System32\ieframe.dll 2016-07-15 13:56:35 86FBB78A2D77D9BDD58F0D72A2E4D934 230400 ----a-w- C:\WINDOWS\System32\webcheck.dll 2016-07-15 13:56:35 608F7830161D98DBDD6324F74E9165C4 2921880 ----a-w- C:\WINDOWS\System32\iertutil.dll 2016-07-15 13:56:34 BEF902286DC49188F8435B1C2474AE96 687616 ----a-w- C:\WINDOWS\System32\msfeeds.dll 2016-07-15 13:56:34 973057A6623492B1620B0167D320BD4D 1526272 ----a-w- C:\WINDOWS\System32\ieapfltr.dll 2016-07-15 13:56:34 9459503897809956B533141003277298 92160 ----a-w- C:\WINDOWS\System32\IdCtrls.dll 2016-07-15 13:56:34 8A62CEED5A0DD6C76C921F8B47187CA3 477184 ----a-w- C:\WINDOWS\System32\ieui.dll 2016-07-15 13:56:34 6AA3C6E88196938932ADE02296C33458 268800 ----a-w- C:\WINDOWS\System32\dxtrans.dll 2016-07-15 13:56:34 21CB86D69B268182994F981471FCBB82 18674176 ----a-w- C:\WINDOWS\System32\edgehtml.dll 2016-07-15 13:56:34 21BE44272CAC55D1B6C88C1E0BA78F8E 2501632 ----a-w- C:\WINDOWS\System32\wininet.dll 2016-07-15 13:56:33 01ECA12A5BF2D571FCE11C05419C3E50 19347968 ----a-w- C:\WINDOWS\System32\mshtml.dll 2016-07-15 13:56:26 447D69BB274546D00C8DBF23C2DBDBCE 2050048 ----a-w- C:\WINDOWS\System32\inetcpl.cpl 2016-07-15 13:56:23 7D5E17FC31FA563A94A8251AF8ADDEE4 1498624 ----a-w- C:\WINDOWS\System32\urlmon.dll 2016-07-15 13:56:19 C0D3B98EB0C657DDEB0C033D01C6D9E7 574976 ----a-w- C:\WINDOWS\System32\hgcpl.dll 2016-07-15 13:56:19 7BB466A82CD38CCBEE666D475BB2F3D2 199680 ----a-w- C:\WINDOWS\System32\GlobCollationHost.dll 2016-07-15 13:56:19 5AF1EAB54122BA45CA59C10FAF3CC558 1228800 ----a-w- C:\WINDOWS\System32\Windows.Globalization.dll 2016-07-15 13:56:18 9DE1CA4A77B05084FDFF9C415E968D1E 190976 ----a-w- C:\WINDOWS\System32\fhengine.dll 2016-07-15 13:56:18 6D5F0E1D058B906CFA803954C2F573E4 320000 ----a-w- C:\WINDOWS\System32\fhcfg.dll 2016-07-15 13:56:18 67BA16BD6265C9E401A3814137ECF8F4 2578432 ----a-w- C:\WINDOWS\System32\gameux.dll 2016-07-15 13:56:18 64AC1BD9453DBEF453999ED0796B909C 334848 ----a-w- C:\WINDOWS\System32\fhsettingsprovider.dll 2016-07-15 13:56:17 23D61B1CFA38F287D8C31A4816315454 4413440 ----a-w- C:\WINDOWS\System32\ExplorerFrame.dll 2016-07-15 13:56:17 0185537B188E0D77E2861628221B1A04 1166848 ----a-w- C:\WINDOWS\System32\werconcpl.dll 2016-07-15 13:56:16 D59495AC726686A6719398A1389F60E6 1401856 ----a-w- C:\WINDOWS\System32\workfolderssvc.dll 2016-07-15 13:56:16 9160F82BF248F5CD2A5CA4C109369D41 55808 ----a-w- C:\WINDOWS\System32\eappprxy.dll 2016-07-15 13:56:16 737FC213AB9B3494E8677D12F08B8703 482816 ----a-w- C:\WINDOWS\System32\duser.dll 2016-07-15 13:56:16 733B5C5DCFEB74A288F69272A79FCBF7 248320 ----a-w- C:\WINDOWS\System32\eapp3hst.dll 2016-07-15 13:56:16 5642D8C9041FF6F1EE88E42C90639CA8 96256 ----a-w- C:\WINDOWS\System32\eappgnui.dll 2016-07-15 13:56:16 4FAB17214FC37489C59B19CED55D4B7F 238592 ----a-w- C:\WINDOWS\System32\eapphost.dll 2016-07-15 13:56:16 3007C3B32336A5DB00035B91CBC084DD 261632 ----a-w- C:\WINDOWS\System32\EnterpriseAppMgmtSvc.dll 2016-07-15 13:56:16 19D8F7D29B8B94071DAC6453690BB5CA 284160 ----a-w- C:\WINDOWS\System32\eappcfg.dll 2016-07-15 13:56:15 CD2B8FE81EDB0AAD150428AE19701020 403920 ----a-w- C:\WINDOWS\System32\DMRServer.dll 2016-07-15 13:56:15 332384C9BF8D46044F3A5189A2E7C6FE 1448960 ----a-w- C:\WINDOWS\System32\dui70.dll 2016-07-15 13:56:15 29C26A25041DC901A01A021D31B0FDD8 292864 ----a-w- C:\WINDOWS\System32\dot3ui.dll 2016-07-15 13:56:14 7CDA291CF22B91DDBB88B5089EBE25CE 521152 ----a-w- C:\WINDOWS\System32\dxgi.dll 2016-07-15 13:56:14 4102898869C3F72FBD50E7A7D003F530 1866104 ----a-w- C:\WINDOWS\System32\d3d9.dll 2016-07-15 13:56:13 DE4C532C704002ED07B523208327629C 1987072 ----a-w- C:\WINDOWS\System32\DWrite.dll 2016-07-15 13:56:13 9FFEF91F0BEE39FAE2305ACE3C11B4A8 3695104 ----a-w- C:\WINDOWS\System32\D3DCompiler_47.dll 2016-07-15 13:56:13 4963662B1CBB0035FD5D6832824DC7B6 2186864 ----a-w- C:\WINDOWS\System32\d3d11.dll 2016-07-15 13:56:12 D8F75D59301833722BFB4893A47F57F2 13018112 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll 2016-07-15 13:56:11 9484654938AE332E2BD2EFEA8F596376 569856 ----a-w- C:\WINDOWS\System32\qdvd.dll 2016-07-15 13:56:10 4BA59CBF527499CF2A65BD444C5D7320 705024 ----a-w- C:\WINDOWS\System32\samsrv.dll 2016-07-15 13:56:09 4718A99B5829ACE7BA5A9D73D42F548D 727752 ----a-w- C:\WINDOWS\System32\dcomp.dll 2016-07-15 13:56:09 1E00F1B16E727B3D23F6516988F2E7EA 502272 ----a-w- C:\WINDOWS\System32\DevicePairing.dll 2016-07-15 13:56:08 AB142B88BF5DE8CD6CE30A4309179570 813056 ----a-w- C:\WINDOWS\System32\dosvc.dll 2016-07-15 13:56:08 A6D37F7970C1F60FE1A35BE1866A5325 227008 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe 2016-07-15 13:56:08 40C2D19E230CDCBA7707DB5C5A9C6419 5323776 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll 2016-07-15 13:56:08 0313658DF0E7A0F28F9580AF15B37531 1626112 ----a-w- C:\WINDOWS\System32\dwmcore.dll 2016-07-15 13:56:08 00C8B201BE1C9705906A484DBE5D6332 4759040 ----a-w- C:\WINDOWS\System32\d2d1.dll 2016-07-15 13:56:06 A3F164387FAF9C571959C73361317F04 442368 ----a-w- C:\WINDOWS\System32\dlnashext.dll 2016-07-15 13:56:06 1BCBA180697CF7D3A876B7962008664F 173056 ----a-w- C:\WINDOWS\System32\WUDFPlatform.dll 2016-07-15 13:56:06 1A708192281C03919D933FD8DC7E7AD8 465408 ----a-w- C:\WINDOWS\System32\enterprisecsps.dll 2016-07-15 13:56:05 E2332EFA0C57231D5CD0F78AF1AEC06A 105472 ----a-w- C:\WINDOWS\System32\dmcsps.dll 2016-07-15 13:56:03 E247EAA09FE6397200205FA90BF87C1D 1536600 ----a-w- C:\WINDOWS\System32\crypt32.dll 2016-07-15 13:56:00 DA53EBECEC5D582AD239621A5F363611 1303744 ----a-w- C:\WINDOWS\System32\appraiser.dll 2016-07-15 13:56:00 80313197B2A3E0CD74F035CF1B2C493C 81088 ----a-w- C:\WINDOWS\System32\acmigration.dll 2016-07-15 13:56:00 766F809BC576BC57FF3B7C343D1E8881 1862008 ----a-w- C:\WINDOWS\System32\CoreUIComponents.dll 2016-07-15 13:56:00 203502B642408451465795C046981F12 484544 ----a-w- C:\WINDOWS\System32\generaltel.dll 2016-07-15 13:56:00 1F26E5DF1A48EE0443194DD99AE8C7D2 45760 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe 2016-07-15 13:55:59 F0781A46DFE3A6C48FCA23FCDDA69B4B 957608 ----a-w- C:\WINDOWS\System32\ole32.dll 2016-07-15 13:55:59 BF370250794A9405AD153A4C1A4F5BBD 32552 ----a-w- C:\WINDOWS\System32\wldp.dll 2016-07-15 13:55:59 73F3892DF71699E7136CAB8DF4084E8C 199680 ----a-w- C:\WINDOWS\System32\cdpsvc.dll 2016-07-15 13:55:59 4A12540CAA7A983ECA02B8A87F10F287 49152 ----a-w- C:\WINDOWS\System32\cdpreference.exe 2016-07-15 13:55:59 4907E0A9216A6DCEAB351F534A97FAFC 339456 ----a-w- C:\WINDOWS\System32\certcli.dll 2016-07-15 13:55:50 3395E8357AD6922923D67815D47305EC 417280 ----a-w- C:\WINDOWS\System32\Windows.Cortana.Desktop.dll 2016-07-15 13:55:50 015A5BB42F54AB325B36AF49905AC8E6 248320 ----a-w- C:\WINDOWS\System32\Windows.Cortana.OneCore.dll 2016-07-15 13:55:46 3CB5565F8D66C3E505990BEA1ACA476F 74240 ----a-w- C:\WINDOWS\System32\browserbroker.dll 2016-07-15 13:55:45 AF2A50A1B7ACB64A368ABEEEF6A8AB4A 771120 ----a-w- C:\WINDOWS\System32\winresume.exe 2016-07-15 13:55:44 72DD03ABD39DFC82EE87F099F8C41D4B 1051584 ----a-w- C:\WINDOWS\System32\winload.efi 2016-07-15 13:55:44 53997DE4B242341CA2F1DCCD6B2B0430 875992 ----a-w- C:\WINDOWS\System32\winresume.efi 2016-07-15 13:55:44 407E2B474D12B2FF0C7229DF562F94AD 927080 ----a-w- C:\WINDOWS\System32\winload.exe 2016-07-15 13:55:17 C9D05CF1D20B213BF15CB7C3694453C6 826368 ----a-w- C:\WINDOWS\System32\audiosrv.dll 2016-07-15 13:55:16 E5E4601DFC477E92C2DEFBC50569AA2B 1896960 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll 2016-07-15 13:55:16 E48A7C15B395A8F1537CE249183D508F 190464 ----a-w- C:\WINDOWS\System32\apprepapi.dll 2016-07-15 13:55:16 AE3444858CB88D033427C1E9D6FE749E 738816 ----a-w- C:\WINDOWS\System32\appwiz.cpl 2016-07-15 13:55:16 8686191CF27D6707FC890A6CD4CB552A 260096 ----a-w- C:\WINDOWS\System32\apprepsync.dll 2016-07-15 13:55:16 3011BF9500EE0A70CAEB8641E5311840 1733632 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll 2016-07-15 13:55:15 38F874DC40AED7FE90ABED3006FF20B9 1083656 ----a-w- C:\WINDOWS\System32\Taskmgr.exe 2016-07-15 13:55:14 F6D85D3698712AC221B979BB8C45DA77 179712 ----a-w- C:\WINDOWS\System32\aepic.dll 2016-07-15 13:55:14 EFEBEC06C2D547D2A04B2960E4905285 1020096 ----a-w- C:\WINDOWS\System32\aeinv.dll 2016-07-15 13:55:14 E78E204A005D6DDEBBFA453380D6E847 585216 ----a-w- C:\WINDOWS\System32\Windows.AccountsControl.dll 2016-07-15 13:55:14 7EB97AE01AD5DE8CB1B732923D98BDD7 266944 ----a-w- C:\WINDOWS\System32\invagent.dll 2016-07-15 13:55:14 0A67719E934B3681F933458C62E4C3BC 476864 ----a-w- C:\WINDOWS\System32\devinv.dll 2016-07-15 13:55:13 96E0F50ABD43C92B4B66154113C701DE 2155008 ----a-w- C:\WINDOWS\System32\authui.dll 2016-07-15 13:55:13 041FC126ED1BFC252BDD624F72E3E3BD 66560 ----a-w- C:\WINDOWS\System32\tzautoupdate.dll 2016-07-15 13:55:04 B2EBC6118CF0926B3FEC54976C61A8D9 413184 ----a-w- C:\WINDOWS\System32\NotificationController.dll 2016-07-15 13:55:04 245BCE64F9396340F4E84FB140DD6CA6 489984 ----a-w- C:\WINDOWS\System32\ShareHost.dll 2016-07-15 13:55:03 EF92A4868458485B144B04AED319681D 995296 ----a-w- C:\WINDOWS\System32\ClipUp.exe 2016-07-15 13:55:03 EEB99F0E02F9243F18691C75CD16AEE4 207872 ----a-w- C:\WINDOWS\System32\licensingdiag.exe 2016-07-15 13:55:03 DFB970BC93678AFA2F95A51BF1506049 64584 ----a-w- C:\WINDOWS\System32\Clipc.dll 2016-07-15 13:55:03 BBB9376A3D8764A6763183340625FCEA 70656 ----a-w- C:\WINDOWS\System32\AppCapture.dll 2016-07-15 13:55:03 77D3FB612C75A70CDA55889616DF3969 205312 ----a-w- C:\WINDOWS\System32\oemlicense.dll 2016-07-15 13:55:03 312472050BECE16F51493C95CCE91B57 334336 ----a-w- C:\WINDOWS\System32\bcastdvr.exe 2016-07-15 13:55:03 04055E69A26246AF9050BFC7C3A4B44B 510880 ----a-w- C:\WINDOWS\System32\ClipSVC.dll ====== C:\WINDOWS\system32\drivers ===== 2016-07-19 10:39:57 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\System32\drivers\Msft_Kernel_avchv_01009.Wdf 2016-07-15 13:58:46 A65BBA24AB7BD8133B8E0DE1072462BA 260448 ----a-w- C:\WINDOWS\System32\drivers\pci.sys 2016-07-15 13:58:46 2677CB0AF2FD572F0CB64D972C13DC1A 228704 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys 2016-07-15 13:58:17 F23C630B5B76F7A51F25364C470830C5 1861984 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys 2016-07-15 13:57:11 A8CC656C4BF3EFB2F01F728AB35834CD 424448 ----a-w- C:\WINDOWS\System32\drivers\nwifi.sys 2016-07-15 13:56:42 F4B2E265344195CF15DABA85BB0713F0 139616 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys 2016-07-15 13:56:42 6DBE436CB55E48AA9F6345FCC60064FF 505136 ----a-w- C:\WINDOWS\System32\drivers\cng.sys 2016-07-15 13:56:41 8BF35C6A6E2675AF6054711D19366DA1 1712480 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys 2016-07-15 13:56:41 6D83C0E6F3686336A18E3EA04946AED4 336224 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys 2016-07-15 13:56:41 3D2E5FDB0C41E062994FAA8AEEFB3060 484192 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys 2016-07-06 16:06:36 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2016-07-05 08:06:43 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\System32\drivers\Msft_User_WpdFs_01_11_00.Wdf ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-07-20 08:35:54 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== 2016-07-20 07:20:09 -------- d-s---r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-07-20 07:20:09 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-07-20 07:20:09 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools 2016-07-20 07:20:09 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility 2016-07-20 07:20:09 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-07-20 07:20:09 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming 2016-07-20 07:20:09 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\Temp 2016-07-20 07:20:09 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\Microsoft Help 2016-07-20 07:20:09 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\Microsoft 2016-07-20 07:20:09 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local 2016-07-20 07:20:09 -------- d-----r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-07-20 07:20:09 -------- d-----r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-07-20 07:20:09 -------- d-----r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility ====== C:\Users\Gebruiker ====== 2016-07-20 09:39:28 5096826AAA1181F8607244E37FA0BABF 3712064 ----a-w- C:\Users\Gebruiker\Downloads\adwcleaner_5.201.exe 2016-07-20 08:35:29 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Gebruiker\Downloads\RSIT.exe 2016-07-20 08:35:00 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64 (1).exe 2016-07-20 08:32:20 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2016-07-20 08:05:53 B2249D823B48531AE452B58A294A0D7E 4002104 ----a-w- C:\Users\Gebruiker\Downloads\PSISetup.exe 2016-07-20 07:20:15 6FC234AD3752E1267B34FB12BCD6718B 20 --sha-w- C:\Users\DefaultAppPool\ntuser.ini 2016-07-20 07:20:09 -------- d--h--w- C:\Users\DefaultAppPool\AppData 2016-07-20 07:20:09 -------- d-----w- C:\Users\DefaultAppPool\Saved Games 2016-07-20 07:20:09 -------- d-----w- C:\Users\DefaultAppPool\Cookies 2016-07-20 07:20:09 -------- d-----r- C:\Users\DefaultAppPool\Videos 2016-07-20 07:20:09 -------- d-----r- C:\Users\DefaultAppPool\Pictures 2016-07-20 07:20:09 -------- d-----r- C:\Users\DefaultAppPool\Music 2016-07-20 07:20:09 -------- d-----r- C:\Users\DefaultAppPool\Links 2016-07-20 07:20:09 -------- d-----r- C:\Users\DefaultAppPool\Favorites 2016-07-20 07:20:09 -------- d-----r- C:\Users\DefaultAppPool\Downloads 2016-07-20 07:20:09 -------- d-----r- C:\Users\DefaultAppPool\Documents 2016-07-20 07:20:09 -------- d-----r- C:\Users\DefaultAppPool\Desktop 2016-07-19 10:38:12 0400B927FF7C11F43CA833D6754D551F 2135856 ----a-w- C:\Users\Gebruiker\Downloads\Adaware_Installer.exe ====== C: exe-files == 2016-07-23 10:43:10 47587BF1E05157BD711F878442B86787 1262408 ----a-w- C:\Windows\Temp\CR_15115.tmp\setup.exe 2016-07-23 10:43:08 B37F9072709A70A54E401964C52F3266 7312984 ----a-w- C:\Program Files\Google\Update\Install\{AD60663F-238D-45CF-89F1-B79D510E6B85}\52.0.2743.82_51.0.2704.103_chrome_updater.exe 2016-07-23 10:43:08 B37F9072709A70A54E401964C52F3266 7312984 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\52.0.2743.82\52.0.2743.82_51.0.2704.103_chrome_updater.exe 2016-07-20 09:39:28 5096826AAA1181F8607244E37FA0BABF 3712064 ----a-w- C:\Users\Gebruiker\Downloads\adwcleaner_5.201.exe 2016-07-20 08:35:55 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2016-07-20 08:35:29 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Gebruiker\Downloads\RSIT.exe 2016-07-20 08:35:00 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64 (1).exe 2016-07-20 08:32:20 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2016-07-20 08:05:53 B2249D823B48531AE452B58A294A0D7E 4002104 ----a-w- C:\Users\Gebruiker\Downloads\PSISetup.exe 2016-07-20 07:43:36 58E08D1BFE49158D1D87980687F6A7AB 120000 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\AA372877-834B-477A-8691-753D65DB5828\DismHost.exe 2016-07-19 10:38:12 0400B927FF7C11F43CA833D6754D551F 2135856 ----a-w- C:\Users\Gebruiker\Downloads\Adaware_Installer.exe 2016-07-19 10:10:36 58E08D1BFE49158D1D87980687F6A7AB 120000 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\0008807A-71F6-49C4-A429-B0EFC2DD5ACA\DismHost.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\System32\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\System32\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3384140332-3288011908-1842690505-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GrooveMonitor" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QlbCtrl.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QlbCtrl.exe" "hkey"="HKLM" "command"="C:\\Program Files\\Hewlett-Packard\\HP Quick Launch Buttons\\QlbCtrl.exe /Start" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoundMAXPnP] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SoundMAXPnP" "hkey"="HKLM" "command"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [15-05-2016 17:19] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files\Google\Update\GoogleUpdate.exe [31-08-2015 11:13] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files\Google\Update\GoogleUpdate.exe [31-08-2015 11:13] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{8548C877-AAF3-4ABD-944E-A6DB2ED41648}" [C:\Windows\system32\msfeedssync.exe] ==== Chromium Look ====================== Google Docs - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Rainbow Forest (SHERIFFF) - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfdjilcpogpekcjghekpjffcoaaimjid Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Docs Offline - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TVWiz deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\38986_Surf Safely deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKCU\..\Run: [OneDrive] "C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files\Microsoft Office\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @oem8.inf,%AEADISRV.SvcDesc%;Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\WINDOWS\system32\AEADISRV.EXE O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @oem5.inf,%hpservice_desc%;HP Service (hpsrv) - Hewlett-Packard Company - C:\WINDOWS\system32\Hpservice.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=182 folders=29 11365351 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 23-07-2016 at 13:10:08,13 ======================