Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Sarah on zo 21/08/2016 at 10:19:51,04. Microsoft Windows 10 Pro 10.0.14393 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Sarah\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 21/08/2016 10:20:58 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\log deleted successfully C:\PROGRA~3\AMD deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\Sarah\AppData\Local\ActiveSync deleted successfully C:\Users\Sarah\AppData\Local\Adobe deleted successfully C:\Users\Sarah\AppData\Local\NetworkTiles deleted successfully C:\Users\Sarah\AppData\Local\PeerDistRepub deleted successfully C:\Users\Sarah\AppData\Local\VirtualStore deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 21 NPAPI Aeria Ignite AMD Catalyst Control Center AMD Fuel AMD Install Manager AMD Settings - Branding Asmedia USB Host Controller Driver Battle.net Belgium e-ID middleware 4.1.14 (build 1721) BullGuard Internet Security Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Dell Display Manager Dell System Detect Diablo II Digimon Masters f.lux HP Officejet Pro 8620 Basissoftware van het apparaat HP Officejet Pro 8620 Help HP Update I.R.I.S. OCR Java 8 Update 101 Java Auto Updater Malwarebytes Anti-Malware versie 2.2.1.1043 Microsoft Office 365 ProPlus - nl-nl Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Mozilla Firefox 44.0.2 (x86 nl) Mozilla Maintenance Service MSI Command Center MSI Fast Boot MSI Live Update 6 MSI Super Charger Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Portal 2 Productverbeteringsonderzoek voor HP Officejet Pro 8620 Raptr Realtek Ethernet Controller Driver Realtek High Definition Audio Driver SkypeT 7.26 Speccy Steam Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD VLC media player ==== Running Processes ====================== C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe C:\Users\Sarah\AppData\Local\FluxSoftware\Flux\flux.exe C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\MSI\Live Update\Live Update.exe C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe C:\Users\Sarah\Desktop\zoek.exe C:\WINDOWS\SysWoW64\cmd.exe C:\WINDOWS\SysWoW64\cmd.exe C:\WINDOWS\SysWoW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\Package Cache deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted C:\WINDOWS\Syswow64\SET5AA4.tmp deleted C:\WINDOWS\Syswow64\SET5B62.tmp deleted C:\WINDOWS\Syswow64\SET672E.tmp deleted C:\WINDOWS\Syswow64\SET725A.tmp deleted C:\WINDOWS\SysWow64\AI_RecycleBin deleted C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\t2kig4ik.default\jetpack deleted ==== System Specs ====================== Operating System: Microsoft Windows 10 Pro 10.0.14393 64 bits Manufacturer: MSI - Model: MS-7693 Install Date: 11/08/2016 11:09:12 Last Boot: 20/08/2016 22:16:05 Processor: AMD Phenom(tm) II X6 1090T Processor Number of Processors: 6 Work Station Bootmode: Normal boot Total RAM: 16343 MB (free 13756 MB - 84) Computername: SARAH-DESKTOP Domain: WORKGROUP User: Sarah (Administrator account) Local Disk: C:\ - NTFS - 111 GB (free 25 GB) Local Disk: D:\ - NTFS - 931 GB (free 423 GB) CD \ DVD Drive: E:\ Bootdevice: \Device\HarddiskVolume2 Windows update: Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Internet Explorer Version: 11.51.14393.0 Mozilla Firefox version: 44.0.2 (x86 nl) Sun Java version: 1.8.0_101 (32-bit) Sun Java version: 1.8.0_101 (64-bit) Flash Player version: 21.0.0.213 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-08-11 09:07:51 99F5D5BBD351694638DF3C0CC4A919A3 7623 ----a-w- C:\WINDOWS\diagwrn.xml 2016-08-11 09:07:51 99F5D5BBD351694638DF3C0CC4A919A3 7623 ----a-w- C:\WINDOWS\diagerr.xml 2016-08-11 08:55:39 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\ativpsrm.bin 2016-08-11 08:55:34 4392F2E46160EF41CBDF385EAA3BCDA8 67584 --s-a-w- C:\WINDOWS\bootstat.dat ====== C:\Users\Sarah\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-08-18 10:05:25 D5AC828D58E26220C228CE9D91E230CE 83632 ----a-w- C:\WINDOWS\SysWOW64\SFCOM.dll 2016-08-18 10:05:25 9FC4F82597DC38F3E7FBAA8184B0BCFB 589080 ----a-w- C:\WINDOWS\SysWOW64\SECOMN32.DLL 2016-08-18 10:05:25 1F04B2712670EF2144CDA4A1B7CB8F3F 341160 ----a-w- C:\WINDOWS\SysWOW64\SRCOM.dll 2016-08-18 10:05:24 F42C905B5F6C40B427D161571D1FE020 2731064 ----a-w- C:\WINDOWS\SysWOW64\RltkAPO.dll 2016-08-11 14:51:19 EEDCAB9ABD75871943644940A4BC4FC4 5398016 ----a-w- C:\WINDOWS\SysWOW64\aclui.dll 2016-08-11 14:51:18 5CFD7174DFD5F9E9E19E40D110B17F20 20965240 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2016-08-11 14:51:09 EFAB481C53AB0065A7E12BC75E845E4D 6474752 ----a-w- C:\WINDOWS\SysWOW64\mspaint.exe 2016-08-11 14:51:09 B30EF73AC4993A1B2D540B0B9E5D3978 47104 ----a-w- C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-08-11 14:51:09 98CB7EC07B8B9EE4CF0D3A2643600CED 712192 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-08-11 14:51:09 11ADC4B688C3A7C50CAAB2E9F6D57848 34304 ----a-w- C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-08-11 14:51:08 E947212A96C9A4140E12AC5C292EBF5C 102912 ----a-w- C:\WINDOWS\SysWOW64\offlinelsa.dll 2016-08-11 14:51:08 4B00AB5A03EB19F582E900ED8447A6CB 7623168 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-08-11 14:51:07 C59193A613F8CFFC9BFF5B6DA08D43F0 1456640 ----a-w- C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-11 14:51:02 5750D828D956B7B0247C291540746497 121344 ----a-w- C:\WINDOWS\SysWOW64\Chakrathunk.dll 2016-08-11 14:51:01 9D8F7BD41657B515DD46C7BF90A26CDB 79536 ----a-w- C:\WINDOWS\SysWOW64\win32u.dll 2016-08-11 14:51:01 8D1849FAB3C99819CDBACDA369D73A04 19423232 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-08-11 14:51:01 68154F8F0BFE0986CBC8279EA652C24B 2755584 ----a-w- C:\WINDOWS\SysWOW64\mshtml.tlb 2016-08-11 14:51:01 55336C6F59AD2162F9DBF877395B85B6 150528 ----a-w- C:\WINDOWS\SysWOW64\win32k.sys 2016-08-11 14:50:59 7C5D5F5932C8DAA001A901E6F9B276BA 198656 ----a-w- C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-08-11 14:50:59 4526A4CD4396DB72CCA1CB25D4EC66E9 2999296 ----a-w- C:\WINDOWS\SysWOW64\win32kfull.sys 2016-08-11 14:50:59 1375FA26B9483F8C2D607E1741F3A440 822784 ----a-w- C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-08-11 14:50:58 8B942FFF76086CEDE06DDEDC19F53FE2 19417600 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-08-11 14:50:57 1786D5DD0985C776E818204ACA7DE20D 1600512 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-11 14:50:57 02B891B9B443C2C9406F70C3B7F153AC 6044672 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-08-11 14:50:54 AA6831AB1012776693B9D416664D7433 2251440 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-11 09:53:14 293B6F39B58FB266F808A86750D579D1 44653 ----a-w- C:\WINDOWS\SysWOW64\license.rtf 2016-08-11 09:50:54 DE1FBFD74FCCA57FB99145A23A3D4C5B 843104 ----a-w- C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-08-11 09:50:54 4E7F889EC171866CDAE9C1AD06F8FCF3 1265424 ----a-w- C:\WINDOWS\SysWOW64\msctf.dll 2016-08-11 09:50:54 0D76DAA261682157606F740C96FA6E33 297552 ----a-w- C:\WINDOWS\SysWOW64\wevtapi.dll 2016-08-11 09:50:54 039C8465C730E7E9713819AB859505E9 1435896 ----a-w- C:\WINDOWS\SysWOW64\user32.dll 2016-08-11 09:48:33 EBB019782606C198813D621DF161B5F0 35480 ----a-w- C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2016-08-11 09:48:33 989CF65E711803AEF6163FFC66D6C530 103120 ----a-w- C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-08-11 09:48:33 01B89BD21BE07010F812F9610B94D63C 778936 ----a-w- C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2016-08-11 08:55:00 D0818657648366B03C7CB4AA2DCED253 2716672 ----a-w- C:\WINDOWS\SysWOW64\PrintConfig.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-08-21 08:21:04 8D1765328902CE63392055F5451C3480 504488 ----a-w- C:\WINDOWS\Sysnative\MpSigStub.exe 2016-08-18 10:05:25 F3BD141C3AFF781DF4EC2F1A19C41368 1382240 ----a-w- C:\WINDOWS\Sysnative\tosade.dll 2016-08-18 10:05:25 EE24157FBF772A77ECFA81F60FFF4C0F 1336544 ----a-w- C:\WINDOWS\Sysnative\tossaeapo64.dll 2016-08-18 10:05:25 EDE4EE6AEC831D99C9DD056E2FA79A88 873472 ----a-w- C:\WINDOWS\Sysnative\tadefxapo264.dll 2016-08-18 10:05:25 EBCBD28B1DF3A736F9B9E9088A85AAEA 209544 ----a-w- C:\WINDOWS\Sysnative\SRSHP64.dll 2016-08-18 10:05:25 E9EDF39D5F827907A46FCF0E34CB9EAF 2706872 ----a-w- C:\WINDOWS\Sysnative\sltech64.dll 2016-08-18 10:05:25 E89B12B6A66A9F59124753F7304F0032 2895104 ----a-w- C:\WINDOWS\Sysnative\RTSnMg64.cpl 2016-08-18 10:05:25 D99605684F4D1B766F5591FF5F3F7061 90920 ----a-w- C:\WINDOWS\Sysnative\SFCOM64.dll 2016-08-18 10:05:25 D6B7285B658ABED0F5FDD7D882A59F7A 965032 ----a-w- C:\WINDOWS\Sysnative\SFSS_APO.dll 2016-08-18 10:05:25 C9A95E5EFA111847471E3BEA5A379D0A 3299832 ----a-w- C:\WINDOWS\Sysnative\YamahaAE2.dll 2016-08-18 10:05:25 BF354B81E614FFF933FC2FAEEF2FC820 2203752 ----a-w- C:\WINDOWS\Sysnative\slcnt64.dll 2016-08-18 10:05:25 B81944DCEFF43BBC84CB80D3D35D5B45 532384 ----a-w- C:\WINDOWS\Sysnative\SRSTSX64.dll 2016-08-18 10:05:25 B799D577558DBB6E2D05F97DDDB132D5 343712 ----a-w- C:\WINDOWS\Sysnative\RtlCPAPI64.dll 2016-08-18 10:05:25 B7779E17D5F5732BDB5D97B7E65EB0E4 467168 ----a-w- C:\WINDOWS\Sysnative\SRAPO64.dll 2016-08-18 10:05:25 B067C2952A7CFBBB74FA4218A1E606EE 1435152 ----a-w- C:\WINDOWS\Sysnative\SRRPTR64.dll 2016-08-18 10:05:25 A9F50EAD4DF827BC24E98B0E15C9BF01 166208 ----a-w- C:\WINDOWS\Sysnative\SRSWOW64.dll 2016-08-18 10:05:25 A86D7CBA26E98D78885DDC9CACCB1952 582016 ----a-w- C:\WINDOWS\Sysnative\tossaemaxapo64.dll 2016-08-18 10:05:25 A85883C567C7785C003A2B3A626476E9 231920 ----a-w- C:\WINDOWS\Sysnative\SFNHK64.dll 2016-08-18 10:05:25 A0E36A9285C4E7FFED2DF91A2E167C1C 570096 ----a-w- C:\WINDOWS\Sysnative\tbb_waves.dll 2016-08-18 10:05:25 98A0CF3CA73290CC124F30CA5136E779 962056 ----a-w- C:\WINDOWS\Sysnative\tosasfapo64.dll 2016-08-18 10:05:25 9853F5580A38AF52C9BEE916FCB693D6 447104 ----a-w- C:\WINDOWS\Sysnative\toseaeapo64.dll 2016-08-18 10:05:25 8E325120CF226AE4D5B8222A7C858820 75544 ----a-w- C:\WINDOWS\Sysnative\tepeqapo64.dll 2016-08-18 10:05:25 899F417ECB41AA999C92C4F126911672 15202040 ----a-w- C:\WINDOWS\Sysnative\YamahaAE3.dll 2016-08-18 10:05:25 86731C9F3E0A3ABF96F5C8626B44C34E 1041744 ----a-w- C:\WINDOWS\Sysnative\sl3apo64.dll 2016-08-18 10:05:25 76565393789D928EF2AAF1996069ED94 2110600 ----a-w- C:\WINDOWS\Sysnative\WavesGUILib64.dll 2016-08-18 10:05:25 70FD6CF20781F5E1B2BF716B478E233D 927424 ----a-w- C:\WINDOWS\Sysnative\SEHDRA64.dll 2016-08-18 10:05:25 5D01F5B2D0FC42B8E2C181131BF1C114 88328 ----a-w- C:\WINDOWS\Sysnative\SFAPO64.dll 2016-08-18 10:05:25 4F37607A17BEF5486DB6468ADC2A304C 3199744 ----a-w- C:\WINDOWS\Sysnative\RtPgEx64.dll 2016-08-18 10:05:25 3EC001F9F3112872C8128A26894CB5F1 381416 ----a-w- C:\WINDOWS\Sysnative\SRCOM64.dll 2016-08-18 10:05:25 35B5859DCBF0341DD3ED1D71B40313F2 221976 ----a-w- C:\WINDOWS\Sysnative\SRSTSH64.dll 2016-08-18 10:05:25 3372A8140ED672DAAF3E19780133D239 716112 ----a-w- C:\WINDOWS\Sysnative\SECOMN64.dll 2016-08-18 10:05:25 29737590783D3A98A6FD54C8B89D22F6 158704 ----a-w- C:\WINDOWS\Sysnative\tadefxapo.dll 2016-08-18 10:05:25 2276DBA7B29E70CD1C5952599F0B901C 2190992 ----a-w- C:\WINDOWS\Sysnative\YamahaAE.dll 2016-08-18 10:05:25 1F04B2712670EF2144CDA4A1B7CB8F3F 341160 ----a-w- C:\WINDOWS\Sysnative\SRCOM.dll 2016-08-18 10:05:25 06D04B4945B7F932D311578558F681C0 258872 ----a-w- C:\WINDOWS\Sysnative\slprp64.dll 2016-08-18 10:05:25 06156486E314900120DFEF50D9FA6CA6 450120 ----a-w- C:\WINDOWS\Sysnative\SEAPO64.dll 2016-08-18 10:05:24 FD39ACDE5AD5FA81111317E283206D90 214840 ----a-w- C:\WINDOWS\Sysnative\RTEED64A.dll 2016-08-18 10:05:24 F469ECD3627795E26774BF64D23DCD1E 72520720 ----a-w- C:\WINDOWS\Sysnative\RCoRes64.dat 2016-08-18 10:05:24 EB20B51E6D124FB25997AC6A25C1D1D5 689888 ----a-w- C:\WINDOWS\Sysnative\RtDataProc64.dll 2016-08-18 10:05:24 E508788898F4928DE7202C212DE14704 387320 ----a-w- C:\WINDOWS\Sysnative\RTEEP64A.dll 2016-08-18 10:05:24 D8A792BC5A9F1DBAE3357F605A01C0CE 88352 ----a-w- C:\WINDOWS\Sysnative\RTEEG64A.dll 2016-08-18 10:05:24 BA265478CA159AEDAA8D72EFC9EF5B67 110992 ----a-w- C:\WINDOWS\Sysnative\RTEEL64A.dll 2016-08-18 10:05:24 AE78E45571849B99920E796083375567 2070784 ----a-w- C:\WINDOWS\Sysnative\RCoInstII64.dll 2016-08-18 10:05:24 59F48E755E9E43CC86A0FD5ECC568AD3 1355616 ----a-w- C:\WINDOWS\Sysnative\RTCOM64.dll 2016-08-18 10:05:24 1F019FAA8AE59556F25EFBAF0F3CE3A9 321720 ----a-w- C:\WINDOWS\Sysnative\RP3DHT64.dll 2016-08-18 10:05:24 00AF8B6911C11DCB4403F611E00EA160 321720 ----a-w- C:\WINDOWS\Sysnative\RP3DAA64.dll 2016-08-18 10:05:23 A02902080BE93C76AF2A4AD209963A21 84624 ----a-w- C:\WINDOWS\Sysnative\R4EEG64A.dll 2016-08-18 10:05:23 96B5021BC75015058899568C03F339B1 134208 ----a-w- C:\WINDOWS\Sysnative\R4EEA64A.dll 2016-08-18 10:05:23 94FF8930A0372C7FCC81295C8BF5068A 1334384 ----a-w- C:\WINDOWS\Sysnative\MaxxSpeechAPO64.dll 2016-08-18 10:05:23 8CE56CC3AB208D5642DFEDE41FB98186 7172920 ----a-w- C:\WINDOWS\Sysnative\R4EEP64A.dll 2016-08-18 10:05:23 8397461D4B6054AF9D9156BC5465CA79 923752 ----a-w- C:\WINDOWS\Sysnative\MISS_APO.dll 2016-08-18 10:05:23 77554DF77EE926786E3719741FDCC078 12988352 ----a-w- C:\WINDOWS\Sysnative\MaxxVoiceAPO4064.dll 2016-08-18 10:05:23 73C2E52A7F15D203CD5CFB5634E6C0B0 5593624 ----a-w- C:\WINDOWS\Sysnative\NAHIMICAPOlfx.dll 2016-08-18 10:05:23 6F791411ED97749A5442F8F3065108C4 1003864 ----a-w- C:\WINDOWS\Sysnative\NahimicAPONSControl.dll 2016-08-18 10:05:23 6526C03C9DFC5175F013AE0360F49342 999864 ----a-w- C:\WINDOWS\Sysnative\MaxxVoiceAPO2064.dll 2016-08-18 10:05:23 6192591C1BF5A352651437DB21240823 151792 ----a-w- C:\WINDOWS\Sysnative\R4EEL64A.dll 2016-08-18 10:05:23 5CA74AAFC51FDF7250E7CD35B2F3328F 24404696 ----a-w- C:\WINDOWS\Sysnative\MaxxAudioRenderAVX64.dll 2016-08-18 10:05:23 5848FC5D81555F390F84E2798B1C80CE 5793528 ----a-w- C:\WINDOWS\Sysnative\NAHIMICV2apo.dll 2016-08-18 10:05:23 40AB8483E54171DED5CE8383B4CA7A3C 447728 ----a-w- C:\WINDOWS\Sysnative\R4EED64A.dll 2016-08-18 10:05:23 3643266EE8F200B1F7961BAD62A519B6 6358552 ----a-w- C:\WINDOWS\Sysnative\NAHIMICV3apo.dll 2016-08-18 10:05:23 334564634FAFA337F36FC0AD6BE25517 13122584 ----a-w- C:\WINDOWS\Sysnative\MaxxVoiceAPO3064.dll 2016-08-18 10:05:23 0AE0FBE3433056E0AED1C7CE2870667E 677680 ----a-w- C:\WINDOWS\Sysnative\MaxxVolumeSDAPO.dll 2016-08-18 10:05:22 FEC49C9D039B6DD69B8DDF6ACE9F5985 1166168 ----a-w- C:\WINDOWS\Sysnative\MaxxAudioAPO4064.dll 2016-08-18 10:05:22 F094EF0D32A52E20F8FA5C576CA74E32 678184 ----a-w- C:\WINDOWS\Sysnative\MaxxAudioAPO30.dll 2016-08-18 10:05:22 D3D33FCF8F89100B3F78D8CB1FBB85D6 1422936 ----a-w- C:\WINDOWS\Sysnative\MaxxAudioAPO6064.dll 2016-08-18 10:05:22 D09F53AA22C2F8DD7FFA2AA9369BD10C 472312 ----a-w- C:\WINDOWS\Sysnative\ICEsoundAPO64.dll 2016-08-18 10:05:22 C82E9ED2E9FD69B4A5BBCEDD686F0567 360352 ----a-w- C:\WINDOWS\Sysnative\HMClariFi.dll 2016-08-18 10:05:22 B4C9136BB93F292DFB217B0F78772BA5 10512456 ----a-w- C:\WINDOWS\Sysnative\IntelSSTAPO.dll 2016-08-18 10:05:22 B1FEAC84070C7FC125468A247F44B4EE 190936 ----a-w- C:\WINDOWS\Sysnative\HMEQ.dll 2016-08-18 10:05:22 904E4FDB5D7B32020DFD9BC6EC2D9B21 1186832 ----a-w- C:\WINDOWS\Sysnative\IntelSstCApoPropPage.dll 2016-08-18 10:05:22 85619843587CA85E6C3000863B4A63C0 1213664 ----a-w- C:\WINDOWS\Sysnative\MaxxAudioAPO5064.dll 2016-08-18 10:05:22 829D41ED79FB311244C6E71CB57BD43F 330568 ----a-w- C:\WINDOWS\Sysnative\MaxxAudioAPO20.dll 2016-08-18 10:05:22 725312209E5300C3F023A2B6CCCAC791 24312224 ----a-w- C:\WINDOWS\Sysnative\MaxxAudioRender64.dll 2016-08-18 10:05:22 618935AFB3B6C9429A17F733A5728D75 2825112 ----a-w- C:\WINDOWS\Sysnative\MaxxAudioAPO7064.dll 2016-08-18 10:05:22 5FEBA21B1212799E71C3D388F9880BC8 179608 ----a-w- C:\WINDOWS\Sysnative\HMLimiter.dll 2016-08-18 10:05:22 557CF2DA930BA70BA1E776A68AFB9444 366128 ----a-w- C:\WINDOWS\Sysnative\HMAPO.dll 2016-08-18 10:05:22 510D74FDE085D22F84025710885C2E45 931624 ----a-w- C:\WINDOWS\Sysnative\MaxxAudioAPOShell64.dll 2016-08-18 10:05:22 50A12C8FE4D8E8F54E9289D9B1E134D5 17362784 ----a-w- C:\WINDOWS\Sysnative\MaxxAudioCapture64.dll 2016-08-18 10:05:22 4A33134BD63099E51044489770C26A67 618192 ----a-w- C:\WINDOWS\Sysnative\KAAPORT64.dll 2016-08-18 10:05:22 455627F4E35E1DCFD4B896746F4EC0E1 14057256 ----a-w- C:\WINDOWS\Sysnative\MaxxAudioRealtek64.dll 2016-08-18 10:05:22 418B04E33E826AB7A6A941F7EE13C99D 203848 ----a-w- C:\WINDOWS\Sysnative\HMHVS.dll 2016-08-18 10:05:22 1BEAADFCDBD4E2110AF23E30C3E030BD 190944 ----a-w- C:\WINDOWS\Sysnative\HMEQ_Voice.dll 2016-08-18 10:05:22 0E2620D687647EDCE3CF939C0D354836 2050184 ----a-w- C:\WINDOWS\Sysnative\MaxxAudioEQ64.dll 2016-08-18 10:05:22 0C8F48174695D6A60A0AAEEEAC9644E9 416512 ----a-w- C:\WINDOWS\Sysnative\HMUI.dll 2016-08-18 10:05:22 03872EB79D12E248FC6F11BE0E4DA016 371448 ----a-w- C:\WINDOWS\Sysnative\HiFiDAX2API.dll 2016-08-18 10:05:21 FEDD44C7FFA5E9F5A8B18BBF9D0A03D0 445408 ----a-w- C:\WINDOWS\Sysnative\DTSLimiterDLL64.dll 2016-08-18 10:05:21 F94F5F0757894E634D9477E2C746F718 2437760 ----a-w- C:\WINDOWS\Sysnative\DolbyDAX2APOv201.dll 2016-08-18 10:05:21 EC5930F724748E1B663B4FD0AAD65934 727440 ----a-w- C:\WINDOWS\Sysnative\DTSSymmetryDLL64.dll 2016-08-18 10:05:21 CFFBFE40A2C11FDD27E150B96F37FD05 5339560 ----a-w- C:\WINDOWS\Sysnative\DolbyDAX2APOv211.dll 2016-08-18 10:05:21 B80E59C6A7C76118429B62199BD57206 1061120 ----a-w- C:\WINDOWS\Sysnative\DolbyDAX2APOProp.dll 2016-08-18 10:05:21 B4CF267CC8A4485DD339F42822A3736A 708320 ----a-w- C:\WINDOWS\Sysnative\DTSVoiceClarityDLL64.dll 2016-08-18 10:05:21 9D84EA57159A00AD8C0CD682349386F2 253872 ----a-w- C:\WINDOWS\Sysnative\DTSLFXAPO64.dll 2016-08-18 10:05:21 9979ABC6F7E1970B5504EBB32162FAFE 1959608 ----a-w- C:\WINDOWS\Sysnative\DDPD64AF3.dll 2016-08-18 10:05:21 9748AF2AEC0EB5E563B9A2193125EC33 428232 ----a-w- C:\WINDOWS\Sysnative\DTSU2PREC64.dll 2016-08-18 10:05:21 801D2CFDD4DEE7EAFFA55E8FBCB5160D 362064 ----a-w- C:\WINDOWS\Sysnative\DDPO64AF3.dll 2016-08-18 10:05:21 6EA2384F1E942A5CA1C9F8BD8BDDCF18 7096192 ----a-w- C:\WINDOWS\Sysnative\DDPP64A.dll 2016-08-18 10:05:21 6E01A55B346A0051787E612D5F7B2B91 1591064 ----a-w- C:\WINDOWS\Sysnative\DTSS2HeadphoneDLL64.dll 2016-08-18 10:05:21 6BABAD03FB9AC6CC7E9FE7C6D7CF6B03 500560 ----a-w- C:\WINDOWS\Sysnative\DTSU2PGFX64.dll 2016-08-18 10:05:21 6701FC2A7E54AB8C750C7BD23DFA9674 154368 ----a-w- C:\WINDOWS\Sysnative\HarmanAudioInterface.dll 2016-08-18 10:05:21 59DB2D4EC3385A9007C3DD1AD345A78C 272720 ----a-w- C:\WINDOWS\Sysnative\DDPA64.dll 2016-08-18 10:05:21 4D42347A5DE27C2881F7EFEDBB04DFEA 1965816 ----a-w- C:\WINDOWS\Sysnative\DDPD64A.dll 2016-08-18 10:05:21 45EEC0F31F183E4AF7E60046BC42420C 253904 ----a-w- C:\WINDOWS\Sysnative\DTSGFXAPO64.dll 2016-08-18 10:05:21 43AE30ECD5E003769233A51BD2A6FD80 1508936 ----a-w- C:\WINDOWS\Sysnative\DTSBoostDLL64.dll 2016-08-18 10:05:21 3FD9138023319149592B0F881CE7161F 441272 ----a-w- C:\WINDOWS\Sysnative\DTSGainCompensatorDLL64.dll 2016-08-18 10:05:21 365EA52DD8F0BDAA31A494B72C152064 743968 ----a-w- C:\WINDOWS\Sysnative\DTSBassEnhancementDLL64.dll 2016-08-18 10:05:21 27778E119D1153F2A15AEDC7BBECAA60 310432 ----a-w- C:\WINDOWS\Sysnative\DDPA64F3.dll 2016-08-18 10:05:21 1D1BAFCEC47AC2AAE1577C1B43B60E08 252880 ----a-w- C:\WINDOWS\Sysnative\DTSGFXAPONS64.dll 2016-08-18 10:05:21 1C325BE67DF532B562D8B3A5E3EB76C0 327464 ----a-w- C:\WINDOWS\Sysnative\DDPO64A.dll 2016-08-18 10:05:21 1C1D92B1A5AE8D2B2A62C87AEE501239 504312 ----a-w- C:\WINDOWS\Sysnative\DTSNeoPCDLL64.dll 2016-08-18 10:05:21 1B0B19FB8C71A4B35BB7BCCD95782D7A 1780624 ----a-w- C:\WINDOWS\Sysnative\DTSS2SpeakerDLL64.dll 2016-08-18 10:05:21 1838DE95E0DCFF6A95F5F52BA6DA42E3 514528 ----a-w- C:\WINDOWS\Sysnative\DTSU2PLFX64.dll 2016-08-18 10:05:21 17563F30DF0D3A92669BFC5F5F350DC8 6264640 ----a-w- C:\WINDOWS\Sysnative\DDPP64AF3.dll 2016-08-18 10:05:21 12CE6E18852892B3BF430C541814D094 3282544 ----a-w- C:\WINDOWS\Sysnative\FMAPO64.dll 2016-08-18 10:05:20 F328C921113877DC8E207E47CA2A6BE3 118600 ----a-w- C:\WINDOWS\Sysnative\AERTAR64.dll 2016-08-18 10:05:20 C93BEA6EA0AF6963C7E05F97CB667ED6 112496 ----a-w- C:\WINDOWS\Sysnative\Caf64api.dll 2016-08-18 10:05:20 A5ECAF9395E5642A12E26B641E0CB07B 118600 ----a-w- C:\WINDOWS\Sysnative\AcpiServiceVnA64.dll 2016-08-18 10:05:20 8D01A038DF9C90FD405CF748EEABCA8D 736 ----a-w- C:\WINDOWS\Sysnative\cxapo.prop 2016-08-18 10:05:20 7865213C6C2BEAD797A47A3D18757F78 574760 ----a-w- C:\WINDOWS\Sysnative\AERTAC64.dll 2016-08-18 10:05:20 783237C15D9272527C692F0D3A128871 122328 ----a-w- C:\WINDOWS\Sysnative\CONEQMSAPOGUILibrary.dll 2016-08-18 10:05:20 623E49CA7AD6113B9837C4FD71F8EE80 105312 ----a-w- C:\WINDOWS\Sysnative\audioLibVc.dll 2016-08-18 10:05:20 2B4C3D9F114EE40FEAD6A86395F2FC89 5604 ----a-w- C:\WINDOWS\Sysnative\cxapo.lncs 2016-08-18 10:05:20 192488F0B74C3AC0C19EF932765634CB 435632 ----a-w- C:\WINDOWS\Sysnative\CAF64APO2.dll 2016-08-18 10:05:20 0602FD70892071D0F9C7429AD50B0C62 1608128 ----a-w- C:\WINDOWS\Sysnative\CX64APO.dll 2016-08-18 10:04:32 AF2A678DDB141072EA7072FD1AD5F39B 91272 ----a-w- C:\WINDOWS\Sysnative\RtNicProp64.dll 2016-08-11 14:51:21 3CF052C22F34174BE783DAF2F3A81D8A 210944 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2016-08-11 14:51:21 0482CFC6D06935953519340A0D360329 114192 ----a-w- C:\WINDOWS\Sysnative\win32u.dll 2016-08-11 14:51:20 1E25FC0F0CBDC16A7597FF2B47DF66DE 3617280 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-08-11 14:51:19 D9B1423D700666459BD54670B0273CEA 22219328 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2016-08-11 14:51:07 726C487C409C7DEB114451B6EFFD990B 1656320 ----a-w- C:\WINDOWS\Sysnative\GdiPlus.dll 2016-08-11 14:51:06 D6D3EC8F8ECFC501603CCEE77CB04467 151232 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll 2016-08-11 14:51:02 CDEB6DC6F451BFBC41A474A5085563C0 2755584 ----a-w- C:\WINDOWS\Sysnative\mshtml.tlb 2016-08-11 14:50:58 8527953FFC8707AB5EA5E1C6461FCF6D 43008 ----a-w- C:\WINDOWS\Sysnative\LaunchWinApp.exe 2016-08-11 14:50:58 6FB48F624829BFD03D67E3666822D170 58880 ----a-w- C:\WINDOWS\Sysnative\Windows.Shell.Search.UriHandler.dll 2016-08-11 14:50:58 3F34CDE2C58C1A996C3D37416A114D56 509952 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_Bluetooth.dll 2016-08-11 14:50:57 ADE940101D037E0C8048C07A8B751435 496128 ----a-w- C:\WINDOWS\Sysnative\SystemSettings.UserAccountsHandlers.dll 2016-08-11 14:50:57 A972DDEFFEF76A9643A65F07C6762154 140288 ----a-w- C:\WINDOWS\Sysnative\Chakrathunk.dll 2016-08-11 14:50:57 17CA16C7B5AFE34B919D5C86C0E41C5D 289792 ----a-w- C:\WINDOWS\Sysnative\DeveloperOptionsSettingsHandlers.dll 2016-08-11 14:50:56 D74E08C83CB93EB5E099702FDEF157B9 1508864 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2016-08-11 14:50:56 AD920A85D98B2048373A69B02B9E08B7 1785856 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-08-11 14:50:56 850BBEFE1D202E832F5148E8A821500D 49152 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll 2016-08-11 14:50:56 5725D2F9E67D2D2F944777384BFC5EC3 1081856 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2016-08-11 14:50:56 402010E58B3F92A42643F384A7BDE573 8124416 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-08-11 14:50:56 10C6A750AF9B13DC59BBF4FAC628DBE7 241496 ----a-w- C:\WINDOWS\Sysnative\CloudExperienceHost.dll 2016-08-11 14:50:55 F10387C12A9FD47AC67764E75312739C 909312 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Search.dll 2016-08-11 14:50:55 73BBDD6A450AF2708B089B0DFEE74252 495104 ----a-w- C:\WINDOWS\Sysnative\DataSenseHandlers.dll 2016-08-11 14:50:55 21D2999AE3EDB633E2843B7C9AF55B6E 6664192 ----a-w- C:\WINDOWS\Sysnative\mspaint.exe 2016-08-11 14:50:54 8CA03831CA43C6258F6C0266A76A2656 115200 ----a-w- C:\WINDOWS\Sysnative\offlinelsa.dll 2016-08-11 14:50:54 797636D76C2F1D0A101A66E1BEF8AEDB 23682048 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-08-11 14:50:54 6B9F8614D6A0EAB2EF3A6570F7E9CC4A 261120 ----a-w- C:\WINDOWS\Sysnative\indexeddbserver.dll 2016-08-11 14:50:54 1F32156F2C7C3842C91DC2C13F5D94C0 231424 ----a-w- C:\WINDOWS\Sysnative\shutdownux.dll 2016-08-11 14:50:53 664366A014A9CD0EC72C7E343E91A305 4749312 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll 2016-08-11 14:50:52 B498C439EAD02478BA3F337394295FB9 2745224 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2016-08-11 14:50:52 9B27A791D3B58C8EC5CDC5ADD4E512A5 9125888 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-08-11 14:50:52 81760E0851C132C77F6DDAA55A0D2D02 5511168 ----a-w- C:\WINDOWS\Sysnative\aclui.dll 2016-08-11 14:50:52 7385ECF9E68A5C3F165FF316A71C84C5 1491456 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2016-08-11 14:50:51 CCEDCF29AC3AD4C00B646D3F8F282264 22572032 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-08-11 09:53:14 293B6F39B58FB266F808A86750D579D1 44653 ----a-w- C:\WINDOWS\Sysnative\license.rtf 2016-08-11 09:50:54 E08C00B7044F58E7D53CB4F6451D3ABB 227840 ----a-w- C:\WINDOWS\Sysnative\cdd.dll 2016-08-11 09:50:54 958AD14CDF4EBB6BADDB13F8B39A97CF 1461200 ----a-w- C:\WINDOWS\Sysnative\user32.dll 2016-08-11 09:50:54 804FEF2567E7CC81312903074371B179 1260384 ----a-w- C:\WINDOWS\Sysnative\LicenseManager.dll 2016-08-11 09:50:54 78C35DD7CF780428650B1EE9B0F8D41E 770048 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll 2016-08-11 09:50:54 4B53781598D1DB2D33DE9F7248F5A26F 1708544 ----a-w- C:\WINDOWS\Sysnative\wevtsvc.dll 2016-08-11 09:50:54 43F717FBB79C9B408D96FAAF6732C4A2 1418304 ----a-w- C:\WINDOWS\Sysnative\msctf.dll 2016-08-11 09:50:54 37BD0ED26D65A28E7CAA32F446BDA67A 389000 ----a-w- C:\WINDOWS\Sysnative\wevtapi.dll 2016-08-11 09:48:32 DB5CEDD2D9B6BEC1F008AB32F6430407 35480 ----a-w- C:\WINDOWS\Sysnative\TsWpfWrp.exe 2016-08-11 09:48:32 CAF55CA39F076939E6CF4C8660235610 1166520 ----a-w- C:\WINDOWS\Sysnative\PresentationNative_v0300.dll 2016-08-11 09:48:32 587DDEDEA34DBDF2B7C4F5EEC1685A19 124624 ----a-w- C:\WINDOWS\Sysnative\PresentationCFFRasterizerNative_v0300.dll 2016-08-11 08:53:55 5DB5B86BF9EA7E231516EA75C2D01C71 339928 ----a-w- C:\WINDOWS\Sysnative\FNTCACHE.DAT ====== C:\WINDOWS\Sysnative\drivers ===== 2016-08-18 10:05:24 80089EC356CA035D87937C1D540824E4 6364648 ----a-w- C:\WINDOWS\Sysnative\drivers\RTAIODAT.DAT 2016-08-11 14:50:54 3B342AD20A76FAEC4851A38774B99AB4 168800 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2016-08-11 14:50:51 E09C3E2CD29727AAC0977E1A7CE0425E 619368 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-08-11 09:50:54 A90C76FB62526DEB5A5557A8839841AB 2190688 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-08-11 09:50:54 68B1E0DA1BB1680494227E88CE821E2F 62816 ----a-w- C:\WINDOWS\Sysnative\drivers\dam.sys 2016-08-11 09:50:54 661B84B24D690DF50BD47DFA7B036122 658784 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-08-11 09:50:54 14AE4AAED71AE09151AED376420B630D 402272 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys ====== C:\WINDOWS\Tasks ====== 2016-08-11 09:05:33 4FDEF4265BD7DDB41466178AA8A22899 3764 ----a-w- C:\WINDOWS\Sysnative\Tasks\AMD Updater 2016-08-11 09:05:33 44AF4D831942BDEB3BB4561537164BBF 2698 ----a-w- C:\WINDOWS\Sysnative\Tasks\HPCustParticipation HP Officejet Pro 8620 2016-08-11 09:05:33 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\BullGuard ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-08-20 20:23:00 -------- d-----w- C:\Program Files\trend micro 2016-08-11 09:51:02 -------- d-----w- C:\Program Files\CMAK 2016-08-11 09:49:02 -------- d-----w- C:\Program Files\Reference Assemblies 2016-08-11 09:49:02 -------- d-----w- C:\Program Files\MSBuild 2016-08-11 08:55:45 -------- d-----w- C:\Program Files\Realtek 2016-08-11 08:55:38 -------- d-----w- C:\Program Files\Common Files\ATI Technologies 2016-08-11 08:55:37 -------- d---a-w- C:\Program Files\AMD ======= C:\PROGRA~2 ===== 2016-08-11 09:51:03 -------- d-----w- C:\PROGRA~2\CMAK 2016-08-11 09:49:02 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2016-08-11 09:49:02 -------- d-----w- C:\PROGRA~2\MSBuild 2016-08-11 09:04:42 -------- d--h--w- C:\PROGRA~2\Uninstall Information 2016-08-05 17:21:37 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Sarah\AppData\Roaming ====== 2016-08-21 08:18:30 -------- d-s---w- C:\WINDOWS\serviceprofiles\networkservice\AppData\LocalLow 2016-08-12 09:12:30 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing 2016-08-11 17:07:00 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\ConnectedDevicesPlatform 2016-08-11 09:50:10 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft 2016-08-11 09:09:13 -------- d-----w- C:\Users\Sarah\AppData\Local\ConnectedDevicesPlatform 2016-08-11 09:06:53 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\ConnectedDevicesPlatform 2016-08-11 09:04:42 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2016-08-11 09:03:40 -------- d-----w- C:\Users\Default\AppData\Local\ATI 2016-08-11 09:03:40 -------- d-----w- C:\Users\Default User\AppData\Local\ATI 2016-08-11 08:59:32 -------- d-----w- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-08-11 08:59:32 -------- d-----w- C:\Users\Sarah\AppData\Roaming 2016-08-11 08:59:32 -------- d-----w- C:\Users\Sarah\AppData\Local\Temp 2016-08-11 08:59:32 -------- d-----w- C:\Users\Sarah\AppData\Local\Microsoft 2016-08-11 08:59:32 -------- d-----w- C:\Users\Sarah\AppData\Local 2016-08-11 08:59:32 -------- d-----r- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-08-11 08:59:32 -------- d-----r- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-08-11 08:59:32 -------- d-----r- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-08-11 08:59:32 -------- d-----r- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-08-11 08:59:32 -------- d-----r- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-08-11 08:59:14 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages 2016-08-11 08:54:43 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache 2016-08-11 08:53:59 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming 2016-08-11 08:53:59 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp 2016-08-11 08:53:59 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft 2016-08-11 08:53:59 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local 2016-08-11 08:53:58 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming 2016-08-11 08:53:58 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp 2016-08-11 08:53:58 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft 2016-08-11 08:53:58 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local 2016-08-01 16:19:40 -------- d-----w- C:\Users\Sarah\AppData\Local\Aeria Games 2016-08-01 16:17:49 -------- d-----w- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Digimon Masters 2016-08-01 16:17:49 -------- d-----w- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames 2016-07-31 11:49:53 -------- d-----w- C:\Users\Sarah\AppData\Local\Microsoft Help ====== C:\Users\Sarah ====== 2016-08-20 20:22:35 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Sarah\Desktop\RSITx64.exe 2016-08-16 07:41:14 B4C0D1C7DC7276BF069CEF6190BF83AB 3784256 ----a-w- C:\Users\Sarah\Downloads\adwcleaner_6.000.exe 2016-08-11 09:10:50 -------- d-----w- C:\ProgramData\Microsoft OneDrive 2016-08-11 09:10:15 -------- d-----w- C:\ProgramData\USOShared 2016-08-11 09:09:13 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Sarah\ntuser.ini 2016-08-11 08:59:32 -------- d--h--w- C:\Users\Sarah\AppData 2016-08-11 08:55:53 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\ProgramData\DP45977C.lfl 2016-08-11 08:54:43 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2016-08-11 08:53:59 -------- d--h--w- C:\WINDOWS\serviceprofiles\Localservice\AppData 2016-08-11 08:53:59 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\Saved Games 2016-08-11 08:53:59 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Videos 2016-08-11 08:53:59 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Pictures 2016-08-11 08:53:59 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Music 2016-08-11 08:53:59 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Links 2016-08-11 08:53:59 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Favorites 2016-08-11 08:53:59 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Downloads 2016-08-11 08:53:59 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Documents 2016-08-11 08:53:59 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Desktop 2016-08-11 08:53:58 -------- d--h--w- C:\WINDOWS\serviceprofiles\networkservice\AppData 2016-08-11 08:53:58 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\Saved Games 2016-08-11 08:53:58 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Videos 2016-08-11 08:53:58 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Pictures 2016-08-11 08:53:58 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Music 2016-08-11 08:53:58 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Links 2016-08-11 08:53:58 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Favorites 2016-08-11 08:53:58 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Downloads 2016-08-11 08:53:58 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Documents 2016-08-11 08:53:58 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Desktop 2016-08-10 09:22:27 116FC5F830C743A998E05E87DB43A15C 2965192 ----a-w- C:\Users\Sarah\Downloads\twinsaga_us_downloader.exe 2016-08-02 11:09:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames 2016-08-01 16:19:27 -------- d-----w- C:\ProgramData\Aeria Games ====== C: exe-files == 2016-08-21 08:21:04 8D1765328902CE63392055F5451C3480 504488 ----a-w- C:\Windows\System32\MpSigStub.exe 2016-08-20 20:23:06 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Sarah.exe 2016-08-20 20:22:35 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Sarah\Desktop\RSITx64.exe 2016-08-18 10:05:25 994AA4E23214574F2DC66FBB257024E9 1777408 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe 2016-08-18 10:05:25 4EE044A6692A1B147D172179A78DB7DD 571544 ----a-w- C:\Program Files\Realtek\Audio\HDA\vncutil64.exe 2016-08-18 10:05:24 9B48A2F99F426BFAC6F19CBCF1312129 312568 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 2016-08-18 10:05:24 83372B38F5CE47D4A93E472B4150C99A 8842496 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 2016-08-18 10:05:23 AD4B1D8A604CE6844555B5338FAC52FE 16475392 ----a-w- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 2016-08-18 10:05:23 8DD72B6219E05358C8702F6DA6732DE3 1454328 ----a-w- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 2016-08-18 10:05:21 BACD77402950BA7D7FE2A520EF121108 218776 ----a-w- C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe 2016-08-18 10:05:21 AE7607F685E71EB3E6D88C5A04175110 150072 ----a-w- C:\Program Files\Realtek\Audio\HDA\FMAPP.exe 2016-08-18 10:05:21 91D3497D762F939B71B450ADC8C33917 249328 ----a-w- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe 2016-08-18 10:05:20 9D6AE765E9DC410D3C595893FA26BBFE 751336 ----a-w- C:\Program Files\Realtek\Audio\HDA\CXAPOAgent64.exe 2016-08-18 10:05:20 9A8DD916DD4A4E6E63D54C98A3479502 75512 ----a-w- C:\Program Files\Realtek\Audio\HDA\CreateRtkToastLnk.exe 2016-08-18 10:05:20 6F7E47613CEB45D5F38E63DB69DE25D5 106952 ----a-w- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 2016-08-18 10:05:16 4EE044A6692A1B147D172179A78DB7DD 571544 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\vncutil64.exe 2016-08-18 10:05:15 9B48A2F99F426BFAC6F19CBCF1312129 312568 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\RtkAudioService64.exe 2016-08-18 10:05:15 994AA4E23214574F2DC66FBB257024E9 1777408 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\RtlUpd64.exe 2016-08-18 10:05:15 83372B38F5CE47D4A93E472B4150C99A 8842496 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\RtkNGUI64.exe 2016-08-18 10:05:14 AD4B1D8A604CE6844555B5338FAC52FE 16475392 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\RAVCpl64.exe 2016-08-18 10:05:14 8DD72B6219E05358C8702F6DA6732DE3 1454328 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\RAVBg64.exe 2016-08-18 10:05:12 E9E784E6175DA5C8604E195D158828FD 3700360 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\MaxxAudioMeters64.exe 2016-08-18 10:05:11 AE7607F685E71EB3E6D88C5A04175110 150072 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\FMAPP.exe 2016-08-18 10:05:11 91D3497D762F939B71B450ADC8C33917 249328 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\DTSU2PAuSrv64.exe 2016-08-18 10:05:10 BACD77402950BA7D7FE2A520EF121108 218776 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\DTSAudioService64.exe 2016-08-18 10:05:10 9D6AE765E9DC410D3C595893FA26BBFE 751336 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\CXAPOAgent64.exe 2016-08-18 10:05:10 9A8DD916DD4A4E6E63D54C98A3479502 75512 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\CreateRtkToastLnk.exe 2016-08-18 10:05:10 6F7E47613CEB45D5F38E63DB69DE25D5 106952 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\AERTSr64.exe 2016-08-18 10:05:10 2360F59BBB25E60A0E351C68C3E9318A 1123168 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\ATKEX_cmd.exe 2016-08-18 10:05:09 D8811C9B1F3E48659F475BE903578BDB 441496 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\vncutil.exe 2016-08-18 10:05:08 F9839BB891BBAAB2078B144C506A4179 1560832 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\RtlUpd.exe 2016-08-18 10:05:08 D312CD0208ACA2C9332C7D3975C1AD3B 14737664 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\RtHDVCpl.exe 2016-08-18 10:05:08 92D5152DFA11BB7F516AD88A97DAFF30 1052928 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\RtHDVBg.exe 2016-08-18 10:05:08 3D75D358BD1AEC7CC43D83FF6C9B8B1E 270592 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\RtkAudioService.exe 2016-08-18 10:05:08 323D4BCDC724DAE7514C060911D0A343 7831808 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\RtkNGUI.exe 2016-08-18 10:05:05 42A243F57FE306550E7D542166F7C1AB 2876040 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\MaxxAudioMeters.exe 2016-08-18 10:05:04 D2D22269BC3C12EF189076AF8D507A81 135232 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\FMAPP.exe 2016-08-18 10:05:04 841496221CAF6DCAF4111EA4043A9871 202224 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\DTSU2PAuSrv32.exe 2016-08-18 10:05:04 22ECB6500180FA35F587256A4B06BDBB 182424 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\DTSAudioService.exe 2016-08-18 10:05:03 FB4E35ABF24C9CE208FE10165608F5AA 75520 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\CreateRtkToastLnk.exe 2016-08-18 10:05:03 FAF8CE5C039B27FEDBAEEB72BC2AFFF2 196608 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\ASIO\RTASIOCP.exe 2016-08-18 10:05:03 E77740C0E2FFEA743CE7131AC6E20639 96704 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\AERTSrv.exe 2016-08-18 10:05:03 7BF71E1B36A7AA8D9579E814B830B58A 729832 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\CXAPOAgent.exe 2016-08-18 10:05:03 63DA26B7E12FD846F6F826C9DD7B483A 1123168 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\ATKEX_cmd.exe 2016-08-18 10:05:03 226ACB62E29E4FDD2A4F774884315FE0 1194576 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\Setup.exe 2016-08-18 10:05:03 04892381D6393CE4A073B4EB80C31BBD 299008 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\ASIO\Install.exe 2016-08-18 10:05:02 EB16D96E39E3BC82EDCAD6DF3CA7E94B 76392 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\ChCfg.exe 2016-08-18 10:04:32 AC289739817AFE881C68460E9700A6A4 195288 ----a-w- C:\Program Files (x86)\Realtek\NICDRV_8169\RTINSTALLER64.EXE 2016-08-18 10:04:26 9C8592971EC5819981D4CFFD7A2EA674 88680 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_PCIE_Network_Drivers_10.9.422.2016\AutoInst.exe 2016-08-18 10:04:26 143F5556FEDC43FBA25DC7C37C6D8A1F 1193688 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_PCIE_Network_Drivers_10.9.422.2016\setup.exe 2016-08-18 10:03:31 3262EE863F6CDA4E609CC773B741F373 7794536 ----a-w- C:\MSI\LiveUpdate\DL_FILE\ASMedia_USB3.0_3.1_Drivers_1.16.33.1\setup.exe 2016-08-18 09:59:18 EC3FCC1970F6DD14476ECFA55147F581 260482176 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855.exe 2016-08-18 09:59:18 E718D81455855DE708834D3FC043E94B 9550921 ----a-w- C:\MSI\LiveUpdate\DL_FILE\ASMedia_USB3.0_3.1_Drivers_1.16.33.1.exe 2016-08-18 09:59:18 D61CF6F6628352EED73D6F50537A61CF 5732027 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_PCIE_Network_Drivers_10.9.422.2016.exe 2016-08-17 08:05:47 4EA0BA06DDAAC4BC6E9BAA7289407765 706328 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe 2016-08-16 07:56:37 F1F3DAE5230DC47103ADA94CD901DCA4 33744 ----a-w- C:\Program Files (x86)\MSI\Super Charger\ipadchg2.exe 2016-08-16 07:56:37 D11F897F4A9B123E193865D976C8030A 2614736 ----a-w- C:\Program Files (x86)\MSI\Super Charger\unins000.exe 2016-08-16 07:56:37 C106A013D41970AA9F6540F1AEAC70DF 1022928 ----a-w- C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe 2016-08-16 07:56:37 909FF1C9CB2553FF16B83EC5A78DAE19 34288 ----a-w- C:\Program Files (x86)\MSI\Super Charger\ipadchg.exe 2016-08-16 07:56:37 112D0C8073CECFD3C2CE81D1CFCE5F3F 163280 ----a-w- C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe 2016-08-16 07:55:15 2F3475D2C5764F70F64F07308438CAA6 2588528 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Super_Charger_1.3.0.07\Super Charger.exe 2016-08-16 07:55:12 FFC488862CBC51E854E2E31BF37CE8B0 2423388 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Super_Charger_1.3.0.07.exe 2016-08-16 07:41:14 B4C0D1C7DC7276BF069CEF6190BF83AB 3784256 ----a-w- C:\Users\Sarah\Downloads\adwcleaner_6.000.exe 2016-08-15 15:48:27 07C2C20EF752918B0F0E1D0801181EB9 4647400 ----a-w- C:\ProgramData\Battle.net\Agent\Agent.5111\Agent.exe === C: other files == 2016-08-21 08:33:35 A29030FB93B2E48EDD124749881406CE 943211 ----a-w- C:\Users\Sarah\AppData\Local\Temp\sysspec\SysSpec.zip 2016-08-18 10:05:47 EE5D9FE076B62BD39C6359478107F8F4 5006080 ----a-w- C:\Windows\LastGood.Tmp\system32\drivers\RTKVHD64.sys 2016-08-18 10:05:15 6A51BB92E05897FB5ACD99340132B776 5179648 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\RTKVHD64.sys 2016-08-18 10:05:14 8D6FB964D10B8C39F7CF9469AD3DF40D 41088 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\mbfilt64.sys 2016-08-18 10:05:11 BBBE9D013AD68A9214052688BD161CC7 43576 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN64\GWfilt64.sys 2016-08-18 10:05:08 FE5FFCCA52FB89E683897F5699D33C63 4033792 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\RTKVHDA.sys 2016-08-18 10:05:06 EED186522D9D387DCD35742C524B98A9 33408 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7855\WIN32\mbfilt32.sys 2016-08-18 10:04:32 D23AF14A8C26855B3D6CB5F8E32B08F3 937728 ----a-w- C:\Program Files (x86)\Realtek\NICDRV_8169\WIN10\rt640x64.sys 2016-08-18 10:04:27 D23AF14A8C26855B3D6CB5F8E32B08F3 937728 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_PCIE_Network_Drivers_10.9.422.2016\WIN10\WinPE\64\rt640x64.sys 2016-08-18 10:04:27 D23AF14A8C26855B3D6CB5F8E32B08F3 937728 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_PCIE_Network_Drivers_10.9.422.2016\WIN10\64\rt640x64.sys 2016-08-18 10:04:27 B2E126332B2A2176A4F7C5D4DDBE72EA 791296 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_PCIE_Network_Drivers_10.9.422.2016\WIN10\WinPE\32\rt640x86.sys 2016-08-18 10:04:27 B2E126332B2A2176A4F7C5D4DDBE72EA 791296 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_PCIE_Network_Drivers_10.9.422.2016\WIN10\32\rt640x86.sys 2016-08-18 10:04:26 FE16967D7A97D813EC9D5CE4CC9C2F86 53 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_PCIE_Network_Drivers_10.9.422.2016\Silent_Uninstall_CD.bat 2016-08-18 10:04:26 C47899326A92A043CF51E33CCB8BB7BC 12 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_PCIE_Network_Drivers_10.9.422.2016\Silent_Install.bat 2016-08-18 10:04:26 BA5A6D653D212FE313CACFC2BEC5B0E3 34 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_PCIE_Network_Drivers_10.9.422.2016\Silent_Install_CD.bat 2016-08-18 10:04:26 339D4A9F69191D64ACC89FA4CB4D1802 31 ----a-w- C:\MSI\LiveUpdate\DL_FILE\Realtek_PCIE_Network_Drivers_10.9.422.2016\Silent_Uninstall.bat 2016-08-18 10:03:31 FB6C81DC18F5D91B57D1A7772898A98C 121088 ----a-w- C:\MSI\LiveUpdate\DL_FILE\ASMedia_USB3.0_3.1_Drivers_1.16.33.1\Driver\i386\asmthub3.sys 2016-08-18 10:03:31 EB6F9C8D8FD806258B37708A08D0761B 1159928 ----a-w- C:\MSI\LiveUpdate\DL_FILE\ASMedia_USB3.0_3.1_Drivers_1.16.33.1\Driver\ia64\asmtxhci.sys 2016-08-18 10:03:31 DD8AB19056243383DF745E5D53F4D5AF 1159936 ----a-w- C:\MSI\LiveUpdate\DL_FILE\ASMedia_USB3.0_3.1_Drivers_1.16.33.1\Driver_Win10\ia64\asmtxhci.sys 2016-08-18 10:03:31 D798DE8E8271C84C7BD1EA2F006FE245 380160 ----a-w- C:\MSI\LiveUpdate\DL_FILE\ASMedia_USB3.0_3.1_Drivers_1.16.33.1\Driver\ia64\asmthub3.sys 2016-08-18 10:03:31 D1D4E084FFA912E338DE326C6F84B52A 360704 ----a-w- C:\MSI\LiveUpdate\DL_FILE\ASMedia_USB3.0_3.1_Drivers_1.16.33.1\Driver\i386\asmtxhci.sys 2016-08-18 10:03:31 388D47F3B160DB126A35E0FE21A2CBB2 449792 ----a-w- C:\MSI\LiveUpdate\DL_FILE\ASMedia_USB3.0_3.1_Drivers_1.16.33.1\Driver\amd64\asmtxhci.sys 2016-08-18 10:03:31 085D39BB3C763F713331B5BD76B4A993 150272 ----a-w- C:\MSI\LiveUpdate\DL_FILE\ASMedia_USB3.0_3.1_Drivers_1.16.33.1\Driver\amd64\asmthub3.sys 2016-08-18 10:03:30 B23289EB786E81E21386F5D851211FEC 117504 ----a-w- C:\MSI\LiveUpdate\DL_FILE\ASMedia_USB3.0_3.1_Drivers_1.16.33.1\Driver_Win10\i386\asmthub3.sys 2016-08-18 10:03:30 A750BB0FA32D1CC1E0FC740F09BBA3FD 149760 ----a-w- C:\MSI\LiveUpdate\DL_FILE\ASMedia_USB3.0_3.1_Drivers_1.16.33.1\Driver_Win10\amd64\asmthub3.sys 2016-08-18 10:03:30 564BD522F993A3C4A250D0ED4ADFB40A 380160 ----a-w- C:\MSI\LiveUpdate\DL_FILE\ASMedia_USB3.0_3.1_Drivers_1.16.33.1\Driver_Win10\ia64\asmthub3.sys 2016-08-18 10:03:30 3054586B131D04D2E8796806CA581361 451320 ----a-w- C:\MSI\LiveUpdate\DL_FILE\ASMedia_USB3.0_3.1_Drivers_1.16.33.1\Driver_Win10\amd64\asmtxhci.sys 2016-08-18 10:03:30 2547B8B8AD956BDB5168230B8F740F9F 354560 ----a-w- C:\MSI\LiveUpdate\DL_FILE\ASMedia_USB3.0_3.1_Drivers_1.16.33.1\Driver_Win10\i386\asmtxhci.sys 2016-08-18 09:34:46 26F0F6B1DF97D74C342FB51423EF0207 140 ----a-w- C:\Users\Sarah\AppData\Roaming\BullGuard\TuneUp\RegBk_2016.08.18.11.34.46\_RestoreAll.bat 2016-08-16 07:56:37 E59F589F4280E04ADBCFB9189F6A4750 16336 ----a-w- C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys 2016-08-16 07:56:37 815997548826FC80D2F862B435A0BDE6 14960 ----a-w- C:\Program Files (x86)\MSI\Super Charger\ipadtst.sys 2016-08-16 07:56:37 4BD5DEAF66B21C5E5070C0B4C104B0F6 14288 ----a-w- C:\Program Files (x86)\MSI\Super Charger\ipadtst2.sys 2016-08-16 07:56:37 44A9B60ECA9F6D760E0292E56127BCED 20464 ----a-w- C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys 2016-08-16 07:56:37 2F1EBC14BD8A29B89896737CA4076002 14392 ----a-w- C:\Program Files (x86)\MSI\Super Charger\NTIOLib.sys 2016-08-16 07:56:37 23CF3DA010497EB2BF39A5C5A57E437C 13368 ----a-w- C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-2517234581-1217236581-741160512-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "f.lux"="C:\Users\Sarah\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "OneDrive"="C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "HP Officejet Pro 8620 (NET)"="C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe -deviceID CN4ADD40YK:NW -scfn HP Officejet Pro 8620 (NET) -AutoStart 1" "Akamai NetSession Interface"="C:\Users\Sarah\AppData\Local\Akamai\netsession_win.exe" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Raptr"="C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "StartCCC"="C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "Fast Boot"="C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe" "Command Center"="C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe" "Aeria Ignite"="D:\aeriaignite.exe silent" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Live Update"="C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER" "Super Charger"="C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "f.lux"="C:\Users\Sarah\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "OneDrive"="C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "HP Officejet Pro 8620 (NET)"="C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe -deviceID CN4ADD40YK:NW -scfn HP Officejet Pro 8620 (NET) -AutoStart 1" "Akamai NetSession Interface"="C:\Users\Sarah\AppData\Local\Akamai\netsession_win.exe" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "BullGuard"="C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe -boot" "WindowsDefender"=""%ProgramFiles%\Windows Defender\MSASCuiL.exe"" ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\AMD Updater" ["C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe"] "C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Officejet Pro 8620" ["C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPCustPartic.exe"] "C:\WINDOWS\SysNative\tasks\BullGuard\BullGuardUpdate2" [c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [15/08/2016 15:15] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\t2kig4ik.default - Flash and Video Download - %ProfilePath%\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\t2kig4ik.default 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL - Microsoft Office 2013 F987F944D2B9A9D5D7886061B0D87120 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll - Microsoft Office 2013 57C7E359ED8D049132EED23EFA444C63 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll - Shockwave Flash ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\antiphishing@bullguard deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe O4 - HKLM\..\Run: [Command Center] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe O4 - HKLM\..\Run: [Aeria Ignite] "D:\aeriaignite.exe" silent O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER O4 - HKLM\..\Run: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe O4 - HKCU\..\Run: [f.lux] "C:\Users\Sarah\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [OneDrive] "C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [HP Officejet Pro 8620 (NET)] "C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe" -deviceID "CN4ADD40YK:NW" -scfn "HP Officejet Pro 8620 (NET)" -AutoStart 1 O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Sarah\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Global Startup: Dell Display Manager.lnk = C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIE.dll O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.aeriagames.com O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: MSI Command Center Clock Service (MSIClock_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe O23 - Service: MSI Command Center Comm Service (MSICOMM_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe O23 - Service: MSI Command Center CPU Service (MSICPU_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe O23 - Service: MSI Command Center control Service (MSICTL_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe O23 - Service: MSI Command Center DDR Service (MSIDDR_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe O23 - Service: MSI Command Center SMBus Service (MSISMB_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe O23 - Service: MSI Command Center SuperIO Service (MSISuperIO_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe O23 - Service: MSI Live Update Service (MSI_LiveUpdate_Service) - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sarah\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Sarah\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Sarah\AppData\Local\Mozilla\Firefox\Profiles\t2kig4ik.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=39 folders=51 52152471 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Sarah\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 21/08/2016 at 10:41:48,59 ======================