Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by Xavier on zo 18-12-2016 at 13:47:05,51. Microsoft Windows 10 Home 10.0.14393 x64 Running in: Safe Mode NETWORK No Internet Access Detected Launched: C:\Users\Xavier\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 18-12-2016 13:49:26 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Avira deleted successfully C:\PROGRA~2\Dashlane deleted successfully C:\PROGRA~2\GUM8A55.tmp deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\abelhadigital.com deleted successfully C:\PROGRA~3\ALM deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\LocalLow deleted successfully C:\Users\Xavier\AppData\Local\ActiveSync deleted successfully C:\Users\Xavier\AppData\Local\DriverToolkit deleted successfully C:\Users\Xavier\AppData\Local\EmieSiteList deleted successfully C:\Users\Xavier\AppData\Local\EmieUserList deleted successfully C:\Users\Xavier\AppData\Local\LG Electronics deleted successfully C:\Users\Xavier\AppData\Local\MediaShow deleted successfully C:\Users\Xavier\AppData\Local\NetworkTiles deleted successfully C:\Users\Xavier\AppData\Local\PackageStaging deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3771618856-1216886772-2068263370-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{829D7F17-6DB5-4207-A0F1-DD077E09EE50} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{829D7F17-6DB5-4207-A0F1-DD077E09EE50} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{829D7F17-6DB5-4207-A0F1-DD077E09EE50} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Avira not found C:\PROGRA~2\Dashlane not found C:\PROGRA~2\GUM8A55.tmp not found C:\Users\Xavier\AppData\Roaming\WhatsApp deleted C:\ProgramData\KMSAutoS deleted C:\Program Files\KMSpico deleted C:\WINDOWS\AutoKMS deleted C:\Users\Public\Pokki deleted C:\PROGRA~3\Package Cache deleted C:\Users\Default\AppData\Local\Pokki deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted "C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0439637c97884.job" deleted "C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0919c582ee171.job" deleted "C:\WINDOWS\tasks\DriverToolkit Autorun.job" deleted "C:\WINDOWS\Installer\4ea71db.msi" deleted "C:\WINDOWS\Installer\bed8dab.msi" deleted "C:\windows\Installer\126c7c.msi" deleted "C:\Users\Xavier\AppData\Local\{1770776E-F230-4631-B031-89C25C552269}" deleted "C:\Users\Xavier\AppData\Local\{36D50A4A-4A0E-4C17-8DD9-090730142551}" deleted "C:\Users\Xavier\AppData\Local\{CC23C637-7AEC-4D7C-8902-67247074B923}" deleted "C:\Users\Xavier\AppData\Roaming\Yandex\ui" deleted "C:\Users\Xavier\AppData\Roaming\Hola" deleted "C:\Users\Xavier\AppData\Roaming\Yandex" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-12-10 10:59:41 4E10FB1A015B49AC68F76C1A3F4D9C0F 4673304 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\Xavier\AppData\Local\Temp ==== ====== Java Cache ===== 2016-12-18 11:09:16 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Xavier\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\a69c80-3d1e3694 2016-12-18 11:09:13 33E6A7F07217C4DAFA9AA4E7714A0CCA 8513 ----a-w- C:\Users\Xavier\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\2afc474c-6cd9a8be 2016-12-18 11:09:13 4F85459CEC4F78A3987FFFD5B6A816C5 605 ----a-w- C:\Users\Xavier\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\39ba0a44-342fc28a 2016-12-18 11:09:13 342DE3B9EB8912E1BB97EF694A74891F 429 ----a-w- C:\Users\Xavier\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\39ba0a44-688f43ff70552e1e5729d3d88fa07cedfe6cd31c5920b3375f93ff861c1ecdcf-6.0.lap ====== C:\WINDOWS\SysWOW64 ===== 2016-12-18 11:07:24 C38011359BB765C0D2CEAE0261B867EC 97856 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-12-15 21:50:59 2A7309FDC7AE938B497AF9B986523EBA 4612608 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-12-15 21:50:58 E8FBC76BDC0CC5005110AE38DB6C93F6 3306496 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-12-15 21:50:57 6D8AF670995DC432C07C5321DE3967B5 1852720 ----a-w- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-12-15 21:50:57 3E689A2AE38163D67297C87ED7770B9C 2323728 ----a-w- C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-12-15 21:50:56 D478AD237CC6925BDC08062A195C5AA7 313856 ----a-w- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-12-15 21:50:56 46E91FB548882ACFE377FFB1282D052D 2138112 ----a-w- C:\WINDOWS\SysWOW64\InputService.dll 2016-12-15 21:50:54 76F30D5D38F46DF16AF86B3549046CC8 32768 ----a-w- C:\WINDOWS\SysWOW64\WordBreakers.dll 2016-12-15 21:50:54 3BFB09E18CE3158070C7CFE0C3DA6DE2 68096 ----a-w- C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2016-12-15 21:50:54 2CCBA569613401EA6011EE08E8D36D88 92672 ----a-w- C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-12-15 21:50:54 03B273395EA0BF2E9C56222183217E17 206848 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-12-15 21:50:48 B19A804BC41C276DAF5753BE541A97B4 1503544 ----a-w- C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2016-12-15 21:50:47 4BEC594A3D4AEAFAC400D88F7E328C7B 1435896 ----a-w- C:\WINDOWS\SysWOW64\user32.dll 2016-12-15 21:50:46 1A8E7650017F0BC9AD12A6861B5119ED 117240 ----a-w- C:\WINDOWS\SysWOW64\sspicli.dll 2016-12-15 21:50:44 464235F5DB3FAF56C594A7B74D3837E3 12177920 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-12-15 21:50:40 D86AD86B05274E6386976FE42A7BA7C0 3689984 ----a-w- C:\WINDOWS\SysWOW64\msi.dll 2016-12-15 21:50:40 5C9A0EDE876D5D63A6EB34BC24384A17 2998272 ----a-w- C:\WINDOWS\SysWOW64\win32kfull.sys 2016-12-15 21:50:39 56A1F18F27A325A4C17BF7EA963DBD2B 1415752 ----a-w- C:\WINDOWS\SysWOW64\gdi32full.dll 2016-12-15 21:50:37 DF53C40EE6572B64691668277156FA41 147968 ----a-w- C:\WINDOWS\SysWOW64\win32k.sys 2016-12-15 21:50:35 358EB97C59FF33C968FB1333E9876494 6668040 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-12-15 21:50:33 30FE605338408D1D459012E4ED9B903D 3198464 ----a-w- C:\WINDOWS\SysWOW64\cdp.dll 2016-12-15 21:50:32 9B3298D80A2E4DA567C16BF5F88E5150 861024 ----a-w- C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-12-15 21:50:32 8F857B2705BECC734B4D979A0D2C0D03 886272 ----a-w- C:\WINDOWS\SysWOW64\aadtb.dll 2016-12-15 21:50:32 09FB1E45C38939B300140F01D14D0E6A 2166752 ----a-w- C:\WINDOWS\SysWOW64\combase.dll 2016-12-15 21:50:31 EBD4C2424DC0C023F82AC7F13970016D 846560 ----a-w- C:\WINDOWS\SysWOW64\WinTypes.dll 2016-12-15 21:50:31 C041ED5CE66BEDFA0CEAC973C8E5DAC5 106896 ----a-w- C:\WINDOWS\SysWOW64\bcrypt.dll 2016-12-15 21:50:31 A1CB32732926340BAC6A79F1BBA6538F 566784 ----a-w- C:\WINDOWS\SysWOW64\ShareHost.dll 2016-12-15 21:50:31 1D090D82282336CD790733FAE33641E9 483840 ----a-w- C:\WINDOWS\SysWOW64\CoreMessaging.dll 2016-12-15 21:50:30 CC32207A4520FD1956AF2D68D7DA7BDD 288768 ----a-w- C:\WINDOWS\SysWOW64\wincorlib.dll 2016-12-15 21:50:30 A61F71788BAE3F65FF2DEA42B35E35C9 165376 ----a-w- C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-12-15 21:50:26 38000DC06180F3C2F68B7175BC6C6B94 19413504 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-12-15 21:50:25 C2A2CC42F71927ABB95AA1F851056638 19417088 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-12-15 21:50:23 98F4C3DE98F6C24B74DA6150836BDDC9 6044160 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-12-15 21:50:22 92D533895D9D4BFB469083F5221CAE71 3666432 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2016-12-15 21:50:21 7F14E8300CC72C06417D2980F2FBA0FE 2048496 ----a-w- C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-12-15 21:50:20 E74F2C29ECF25124BE3DA75FBD6A0E46 959112 ----a-w- C:\WINDOWS\SysWOW64\ole32.dll 2016-12-15 21:50:20 DF990FE5B6590BB98145BEBCA2C7E721 822784 ----a-w- C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-12-15 21:50:20 A9AE442890AA112F8B3AA6692DC7CDE6 231936 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2016-12-15 21:50:20 9E9039ED9DB41DEA49B9B56E38964916 198656 ----a-w- C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-12-15 21:50:20 65B9445D4FDB93ABEB5C62761C229BF6 635904 ----a-w- C:\WINDOWS\SysWOW64\jscript9diag.dll 2016-12-10 11:00:37 308693585CE30B3ABC804292FA2853FA 3892864 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll 2016-12-10 11:00:36 C4043D16BE4B2E9B66866060162B6769 6109184 ----a-w- C:\WINDOWS\SysWOW64\mos.dll 2016-12-10 11:00:36 9D0717ECC88FA1090C675B9308979DE7 5380608 ----a-w- C:\WINDOWS\SysWOW64\BingMaps.dll 2016-12-10 11:00:35 3EA9BF7D7E9423CAC323CF54F184EF53 952416 ----a-w- C:\WINDOWS\SysWOW64\mfsvr.dll 2016-12-10 11:00:35 14165F6BC67B1B51DD9F55C339D63CB0 2277248 ----a-w- C:\WINDOWS\SysWOW64\d3d11.dll 2016-12-10 11:00:34 4B2A806FC406B8F66CE610CC6CC6299A 2109952 ----a-w- C:\WINDOWS\SysWOW64\MapGeocoder.dll 2016-12-10 11:00:33 FE68CCE3D2985526FB00C692E92E0FE2 3370496 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2016-12-10 11:00:33 F050C5ED0C243759023D91F25C2DA94C 4423680 ----a-w- C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-12-10 11:00:33 D6469A94E2CA0A33616FE408463918DD 2362880 ----a-w- C:\WINDOWS\SysWOW64\MapRouter.dll 2016-12-10 11:00:33 053B12D5D2E45A7E01E43F008552620C 912896 ----a-w- C:\WINDOWS\SysWOW64\comdlg32.dll 2016-12-10 11:00:32 B5F75AF049EB8CBD884B044CCE14A8BD 33280 ----a-w- C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe 2016-12-10 11:00:32 B124B6D66EE6FAB7B59FD114A633A1D1 2333184 ----a-w- C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-12-10 11:00:32 A7AA7586A6E1CDD99667BDD8A9AD54BC 1123912 ----a-w- C:\WINDOWS\SysWOW64\mfplat.dll 2016-12-10 11:00:32 7CEB531B7F1D82344DD3F649227F1840 1992704 ----a-w- C:\WINDOWS\SysWOW64\dwmcore.dll 2016-12-10 11:00:31 F5A9BAC2FD606A4F0909D996CBE8BC78 91936 ----a-w- C:\WINDOWS\SysWOW64\mfaudiocnv.dll 2016-12-10 11:00:31 8FF2C9FEAEE403366F41FED41EBC6049 838144 ----a-w- C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-12-10 11:00:31 87BE502E7B1D3705783C366ED0CBA9F7 1357824 ----a-w- C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2016-12-10 11:00:31 7A855DC526109A2410EF2D52FC2DF378 760832 ----a-w- C:\WINDOWS\SysWOW64\NMAA.dll 2016-12-10 11:00:31 0FA371C4D87D47E4D2E39655DE14F521 527880 ----a-w- C:\WINDOWS\SysWOW64\dxgi.dll 2016-12-10 11:00:30 FED441C74C98F346B68BED55CC33DE0A 263472 ----a-w- C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2016-12-10 11:00:30 C5E96B8A8A97430BA42FCF112DFB76FD 332288 ----a-w- C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-12-10 11:00:30 6C547034D9502FD212651C9C8D0C390E 715264 ----a-w- C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-12-10 11:00:29 C45CC1044D106B59EBC61679D79FCF96 1755136 ----a-w- C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll 2016-12-10 11:00:29 B896EE88B38810BF83E1A2D08ADDA673 157536 ----a-w- C:\WINDOWS\SysWOW64\CloudStorageWizard.exe 2016-12-10 11:00:29 417CB790193F1FB9511923D268133E28 71168 ----a-w- C:\WINDOWS\SysWOW64\MosStorage.dll 2016-12-10 11:00:29 363EC48D319DE030B48C56F3E65DCB84 117248 ----a-w- C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-12-10 11:00:29 2FCEC70D411ED16AFC79FA3711CCB66A 545280 ----a-w- C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2016-12-10 11:00:24 5B5AAD18FE6719A7D1BE169388618391 348672 ----a-w- C:\WINDOWS\SysWOW64\zipfldr.dll 2016-12-10 11:00:23 C0E596721A1500F565BF28229158EA6E 138240 ----a-w- C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-12-10 11:00:23 504C7DA573CB9065889ECE643746D5F4 94208 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-12-10 11:00:22 21D6D4555C11864CF0328746937ACA05 284672 ----a-w- C:\WINDOWS\SysWOW64\apprepsync.dll 2016-12-10 11:00:22 1EC580C9F5F111EBC2E08E05AAF3C1EC 2682880 ----a-w- C:\WINDOWS\SysWOW64\netshell.dll 2016-12-10 11:00:22 15966EA1972A55F661FC509FE3074B77 125952 ----a-w- C:\WINDOWS\SysWOW64\apprepapi.dll 2016-12-10 11:00:19 9114BA853A4F6441101CD38246FD4B28 382784 ----a-w- C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2016-12-10 11:00:18 8EE8BDF714D986AC30193FE75478047C 1263856 ----a-w- C:\WINDOWS\SysWOW64\msctf.dll 2016-12-10 11:00:16 33F992140B11BF32F08008B7E52631D0 505856 ----a-w- C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-12-10 11:00:15 24FC2879F6A3E2F92648B8F5058BD21C 484584 ----a-w- C:\WINDOWS\SysWOW64\AudioSes.dll 2016-12-10 11:00:13 AC335330C3D82A5DC7C2994F63F7A048 400384 ----a-w- C:\WINDOWS\SysWOW64\PlayToManager.dll 2016-12-10 11:00:13 5BC2D871EB445A70EB762ECE7C574BBD 152416 ----a-w- C:\WINDOWS\SysWOW64\RTWorkQ.dll 2016-12-10 11:00:12 FE65A5BA6720E69BF79A1069F73D946F 156672 ----a-w- C:\WINDOWS\SysWOW64\BcastDVRHelper.dll 2016-12-10 11:00:12 CC41DF9EB48F743E5CD747011376D539 431616 ----a-w- C:\WINDOWS\SysWOW64\efswrt.dll 2016-12-10 11:00:12 3A52D6E555AA67029ACF48766163B49A 1336320 ----a-w- C:\WINDOWS\SysWOW64\wsecedit.dll 2016-12-10 11:00:12 2ECE88940B9F7513A6C99D8108FF398A 333312 ----a-w- C:\WINDOWS\SysWOW64\ActivationManager.dll 2016-12-10 11:00:12 24559CE6E21ECC3DD2A597300F6819B2 1228288 ----a-w- C:\WINDOWS\SysWOW64\usercpl.dll 2016-12-10 11:00:11 993585DD4B3DEB915659A65CA27A6B6E 140288 ----a-w- C:\WINDOWS\SysWOW64\AppCapture.dll 2016-12-10 11:00:09 88DD13B762E3BD681E044A269DC1D57E 13868544 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-12-10 11:00:08 3BC9C1743322B4D73344183C99C411AA 7626752 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-12-10 11:00:07 0D8CA86B639533ED0A7FE1792C5BE600 2256384 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-12-10 11:00:06 AF46710DDB8B0E304AA4FD2B940CABD8 4311736 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2016-12-10 11:00:06 A3C9A12D3B208557EB69D7BC3B2E1EAA 869848 ----a-w- C:\WINDOWS\SysWOW64\MrmCoreR.dll 2016-12-10 11:00:06 771F172114E51FC2DF5838476D97D90A 1595392 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-12-10 11:00:05 AA3B16977532312A378B532DB494B653 1572768 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2016-12-10 11:00:05 64DF6ECDC75659AC4A42E176957192FD 711680 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-12-10 11:00:04 F3E173252DB9570ACD22306F115FCFF5 746496 ----a-w- C:\WINDOWS\SysWOW64\msdtcprx.dll 2016-12-10 11:00:04 F2936C785E75757A4241DC9C25C69D25 1631232 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2016-12-10 11:00:04 5BD8F54F125CC5F5E6CD358A98264E23 2484736 ----a-w- C:\WINDOWS\SysWOW64\gameux.dll 2016-12-10 11:00:04 5B388E2E843FA0F4FA0B79FD477EEB1D 248480 ----a-w- C:\WINDOWS\SysWOW64\policymanager.dll 2016-12-10 11:00:04 0ECD96BC460CC643B980D111E7F92602 1556480 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-12-10 11:00:03 934F47AB68E2D38577E348F497A3BC21 395264 ----a-w- C:\WINDOWS\SysWOW64\dmenrollengine.dll 2016-12-10 11:00:03 5CAA3BA7EAE16D621E0854F71165E376 1576448 ----a-w- C:\WINDOWS\SysWOW64\actxprxy.dll 2016-12-10 11:00:03 4330AF6614F053DD11985FE6AC037C7D 565248 ----a-w- C:\WINDOWS\SysWOW64\rasapi32.dll 2016-12-10 11:00:02 4B8563DA5553EB3D6257D6285AC2D9BA 122880 ----a-w- C:\WINDOWS\SysWOW64\sendmail.dll 2016-12-10 11:00:02 1A87B6398A18BB9EF7207CA3C8B8DBEB 359936 ----a-w- C:\WINDOWS\SysWOW64\mtxclu.dll 2016-12-10 11:00:01 F26A1B27FBF49588AFF089539D0CDB0E 34304 ----a-w- C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-12-10 11:00:01 EE3D4702DC0AEDE708804DEE888E1BEF 91648 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 2016-12-10 11:00:01 EA1FE375F92970D1AE3088E9A0D7F74E 6474752 ----a-w- C:\WINDOWS\SysWOW64\mspaint.exe 2016-12-10 11:00:01 DE78C0522296196718D4045BC99948F3 358912 ----a-w- C:\WINDOWS\SysWOW64\stobject.dll 2016-12-10 11:00:01 B7D071365F74E52DDE39C9705A3EFFFD 53248 ----a-w- C:\WINDOWS\SysWOW64\xolehlp.dll 2016-12-10 11:00:01 A185BCC083628A702D61F384B2D37DE3 298496 ----a-w- C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2016-12-10 11:00:01 933F3C40C2062AFF47327FA676735DBD 318464 ----a-w- C:\WINDOWS\SysWOW64\SearchFolder.dll 2016-12-10 11:00:01 8A21948CF905F807F478FA87E1823CC4 506880 ----a-w- C:\WINDOWS\SysWOW64\DevicePairing.dll 2016-12-10 11:00:01 45424A1103724E3834988D9FD56DC731 47104 ----a-w- C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-12-10 10:59:56 22096A33F31A39599AF270EF6A55230D 5722832 ----a-w- C:\WINDOWS\SysWOW64\windows.storage.dll 2016-12-10 10:59:52 4A0B06DD8211CDA36D209FE61283DB58 1706488 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2016-12-10 10:59:50 AAA2134FF68DDD12365011A105C3186A 499200 ----a-w- C:\WINDOWS\SysWOW64\LogonController.dll 2016-12-10 10:59:49 EDD8DCA7F0DC0029E21BD55D2E4372F0 285696 ----a-w- C:\WINDOWS\SysWOW64\cryptngc.dll 2016-12-10 10:59:49 52B85DFC0E8FE1682F6E8DA83F8C6663 122208 ----a-w- C:\WINDOWS\SysWOW64\migisol.dll 2016-12-10 10:59:49 178835F0334565C9AF5522B9E46E799A 374448 ----a-w- C:\WINDOWS\SysWOW64\MFPlay.dll 2016-12-10 10:59:49 0E9B4F6705BB4831D932BEA1922A9399 519168 ----a-w- C:\WINDOWS\SysWOW64\ngccredprov.dll 2016-12-10 10:59:46 3371300D70E83990990D056563C12A03 259584 ----a-w- C:\WINDOWS\SysWOW64\msdtcuiu.dll 2016-12-10 10:59:37 F1ED45682DB96B37AF5D8DCD355EAA42 2206496 ----a-w- C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2016-12-10 10:59:34 90217C2BF22BCACC99E7A11D7FCFA7E0 20969928 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2016-12-10 10:59:31 F969E083B97AE85454390299C4348B32 1430720 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-12-10 10:59:30 562E97FEB07676FF73F4A3BD8723661B 1969912 ----a-w- C:\WINDOWS\SysWOW64\hevcdecoder.dll 2016-12-10 10:59:24 C1DCB93B1DB4FD0CC08051373C4EBACA 557568 ----a-w- C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-12-10 10:59:24 7FC056540E986F37EC8DE0F2C6BE99BA 364544 ----a-w- C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-12-10 10:59:23 70EE8BA7A3B9AA577EBA6E8B9C9AB37C 223232 ----a-w- C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2016-12-10 10:59:22 D948FC01C18AB80947DEFDB7E7DDE598 180224 ----a-w- C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-12-10 10:59:22 BA8D9C7C5381E8BD9438E1E0F38775CB 167848 ----a-w- C:\WINDOWS\SysWOW64\wscapi.dll 2016-12-10 10:59:22 120FCB09AEBD03A459FA44412106D4FE 306176 ----a-w- C:\WINDOWS\SysWOW64\ieproxy.dll 2016-12-10 10:59:20 7C13A18901A701202A1DD6514BA4D053 114176 ----a-w- C:\WINDOWS\SysWOW64\setupugc.exe 2016-12-10 10:59:19 B14EC96F7A15DECF967560E981E592C8 772608 ----a-w- C:\WINDOWS\SysWOW64\ntshrui.dll 2016-12-10 10:59:19 1E411B75AE947557FC8031B417DC299B 30720 ----a-w- C:\WINDOWS\SysWOW64\ReAgentc.exe 2016-12-10 10:59:17 B3BE4F5ACC4E72C204C70CA4CA86D528 1196544 ----a-w- C:\WINDOWS\SysWOW64\wscui.cpl 2016-12-10 10:59:17 A481F2EBBB1B9FCB413CB32BA34A8D13 65024 ----a-w- C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe 2016-12-10 10:59:17 0D04F5AF5D4E9025EA7410446BE2AEDF 108544 ----a-w- C:\WINDOWS\SysWOW64\wscinterop.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-12-15 21:50:59 2F3EA67476D78958F91E070C14A8E31B 8168000 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Protection.PlayReady.dll 2016-12-15 21:50:58 06244AE293E04AB801876B9059DC7615 3059200 ----a-w- C:\WINDOWS\Sysnative\msi.dll 2016-12-15 21:50:57 F1A1EBBFDC04204B89E1B4C4E9EF753E 1589760 ----a-w- C:\WINDOWS\Sysnative\msdtctm.dll 2016-12-15 21:50:57 1067D34BEEA34E48E4D30F37F6AA93AF 410112 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentClient.dll 2016-12-15 21:50:56 FCC7B4C5CAD998DC936251247AB22C9A 1274712 ----a-w- C:\WINDOWS\Sysnative\ole32.dll 2016-12-15 21:50:56 D5C59218EDAD5E424C33D825DD797C49 989024 ----a-w- C:\WINDOWS\Sysnative\hvax64.exe 2016-12-15 21:50:56 9A077360DC6A6BF2E364FE4A47DC9854 1100128 ----a-w- C:\WINDOWS\Sysnative\hvix64.exe 2016-12-15 21:50:55 9458B2D945C676A0795823C76B8B506A 324608 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.LockScreen.dll 2016-12-15 21:50:55 7F6BDCFC4EB0E47EBA67F8CEC404C26C 947552 ----a-w- C:\WINDOWS\Sysnative\hvloader.efi 2016-12-15 21:50:55 12736C69D73EB8A0D2889CBE167217E2 811872 ----a-w- C:\WINDOWS\Sysnative\hvloader.exe 2016-12-15 21:50:51 666090378138806ECC581835FB134C8B 3777536 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2016-12-15 21:50:51 20A7D1848593F5988A2ACE63F22DE8BF 6285312 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll 2016-12-15 21:50:50 C6E7C0577523905FF4FF3B0D5A036A3B 7816032 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-12-15 21:50:50 70D5AF138FDBDF97F8A6415C596C80E4 1988560 ----a-w- C:\WINDOWS\Sysnative\mfmp4srcsnk.dll 2016-12-15 21:50:49 8D7AC60330B3E96C4D00E682437868D0 2681200 ----a-w- C:\WINDOWS\Sysnative\CoreUIComponents.dll 2016-12-15 21:50:49 6012019C0E09D6194E0E6144B4859EB2 1293152 ----a-w- C:\WINDOWS\Sysnative\LicenseManager.dll 2016-12-15 21:50:48 96A380C14A4FFC2883A00FFB250EBD44 1692672 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.onecore.dll 2016-12-15 21:50:48 7B2301A9FE0A9B1DF7A321F1E044BA41 1121280 ----a-w- C:\WINDOWS\Sysnative\aadtb.dll 2016-12-15 21:50:48 2C1CEC25F6D92871F38960E2E84CC3EE 2275840 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2016-12-15 21:50:47 40C1E763ACB4FCB8744C220D7B1A4800 425984 ----a-w- C:\WINDOWS\Sysnative\aadcloudap.dll 2016-12-15 21:50:47 24B894CCC09F373C8E0883E31A7A1CB0 2820096 ----a-w- C:\WINDOWS\Sysnative\InputService.dll 2016-12-15 21:50:47 0C2545B95A19F573D335608680B0C31D 411136 ----a-w- C:\WINDOWS\Sysnative\facecredentialprovider.dll 2016-12-15 21:50:45 C30FB61C85D12E1F7DDEFEA141F79DB4 261120 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Core.TextInput.dll 2016-12-15 21:50:45 C1C8560C3FA7E2F970CB134393B594BC 40448 ----a-w- C:\WINDOWS\Sysnative\WordBreakers.dll 2016-12-15 21:50:45 981159C5094E4C2AD4DADCEDF3E8F532 13084160 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-12-15 21:50:45 8F8B9B67E8BAFE7AEE433609D5DE8076 119296 ----a-w- C:\WINDOWS\Sysnative\InputLocaleManager.dll 2016-12-15 21:50:45 3B9487062A0CFF44131EAC1731CA47CE 85504 ----a-w- C:\WINDOWS\Sysnative\EditBufferTestHook.dll 2016-12-15 21:50:42 C415587AC829504F74ACE07066A0402F 4749312 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll 2016-12-15 21:50:41 A930AD470CBCBEEAA2B684325453D48A 3616768 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-12-15 21:50:41 1F5FF8C45418A3D47DC73D612EFBD47E 5114368 ----a-w- C:\WINDOWS\Sysnative\cdp.dll 2016-12-15 21:50:39 DA446593637409C623A1F308371F0505 716800 ----a-w- C:\WINDOWS\Sysnative\ShareHost.dll 2016-12-15 21:50:39 976EB2566EF7A48DD80BEEDE63DE1C65 241504 ----a-w- C:\WINDOWS\Sysnative\CloudExperienceHost.dll 2016-12-15 21:50:39 5DE2049D5F57C1D142F36FA9CE443693 764392 ----a-w- C:\WINDOWS\Sysnative\CoreMessaging.dll 2016-12-15 21:50:39 5BEEB27D8F314D94773FA6568740AE13 1572768 ----a-w- C:\WINDOWS\Sysnative\gdi32full.dll 2016-12-15 21:50:38 C46EA86BF0E7C96235E9064CBAD6ED26 1461200 ----a-w- C:\WINDOWS\Sysnative\user32.dll 2016-12-15 21:50:38 6343BD5C58F385703454D47416EE0100 206848 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2016-12-15 21:50:38 2925A1C60E081F0B51699C148AE1925A 455520 ----a-w- C:\WINDOWS\Sysnative\securekernel.exe 2016-12-15 21:50:37 A8594741E7FFBA9579715E9451066533 1051112 ----a-w- C:\WINDOWS\Sysnative\winresume.efi 2016-12-15 21:50:37 74C191A1BF7AD5AD63432E104E1D7A54 1173496 ----a-w- C:\WINDOWS\Sysnative\winload.exe 2016-12-15 21:50:37 183B7A1DCA847669FB16A7392535B095 1354320 ----a-w- C:\WINDOWS\Sysnative\winload.efi 2016-12-15 21:50:37 0DCF6AF8987CD9EEBAB548A593380C3E 894096 ----a-w- C:\WINDOWS\Sysnative\winresume.exe 2016-12-15 21:50:36 32F359D2120A8C670FE650994A9FF419 49152 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll 2016-12-15 21:50:34 DCB77F9C30B269461B59E87810EE2B43 137568 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll 2016-12-15 21:50:34 8F1AF1A559291DE87C91C9FBC15BDB80 1637728 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll 2016-12-15 21:50:33 B50F4C3A4DE252EA5E7656A4438F0792 2913144 ----a-w- C:\WINDOWS\Sysnative\combase.dll 2016-12-15 21:50:32 151AEA80776413C9FCE3185A10EB4B00 1490944 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2016-12-15 21:50:31 AC5344ED480F896C3BCE688F0AAE5144 168424 ----a-w- C:\WINDOWS\Sysnative\bcrypt.dll 2016-12-15 21:50:31 28CF4575C39A0662138E6C6A0B107BCB 172544 ----a-w- C:\WINDOWS\Sysnative\DeviceEnroller.exe 2016-12-15 21:50:31 2892EB16D39C6F6E27BF8A9276B49F20 1004544 ----a-w- C:\WINDOWS\Sysnative\enterprisecsps.dll 2016-12-15 21:50:30 A5D48D65A9D0CB4C0DB8F76C76BA9BCC 380928 ----a-w- C:\WINDOWS\Sysnative\wincorlib.dll 2016-12-15 21:50:30 7B07A0CFEB7F5B6C016433C15DCCA9E7 1267512 ----a-w- C:\WINDOWS\Sysnative\WinTypes.dll 2016-12-15 21:50:30 3717827707AC0C50E670F842666FFA87 187392 ----a-w- C:\WINDOWS\Sysnative\mdmregistration.dll 2016-12-15 21:50:29 DCDA84B4419F9A9520D831273B087967 261632 ----a-w- C:\WINDOWS\Sysnative\indexeddbserver.dll 2016-12-15 21:50:28 25A2DFE2ACE0CA2B7CCEF337EBEA672E 23677952 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-12-15 21:50:27 86DBBA9B08AB9DDA31C2F49E9F8EEFD9 227328 ----a-w- C:\WINDOWS\Sysnative\cdd.dll 2016-12-15 21:50:27 39D428A31DA525F730D3262ADCA41CCE 22563328 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-12-15 21:50:24 997050BEA4A90A3DBF69C7393BD54C08 8129536 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-12-15 21:50:22 4CCAD745F8CB73E02B2BE685D3094F5D 4746752 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2016-12-15 21:50:22 0BD00AE0D8AAF0A62FDBAE8856F152D9 2677544 ----a-w- C:\WINDOWS\Sysnative\d3d10warp.dll 2016-12-15 21:50:21 99C236BDF40912E253650B562DB65235 1738560 ----a-w- C:\WINDOWS\Sysnative\WindowsCodecs.dll 2016-12-15 21:50:21 7C98397279D619956D6A7F9294FA5C5F 1512960 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2016-12-15 21:50:20 7AF01F6539F66128237A3D7E62EE1135 376832 ----a-w- C:\WINDOWS\Sysnative\CryptoWinRT.dll 2016-12-15 21:50:20 2DF07B2560A3E961C1CA6ABBB4400C68 172528 ----a-w- C:\WINDOWS\Sysnative\sspicli.dll 2016-12-15 21:50:20 00C24D6FDEF221DDA1625836702AFC6C 730624 ----a-w- C:\WINDOWS\Sysnative\fveapi.dll 2016-12-10 11:00:43 B5EBC4909DC4BA8D3757F6A65AF32A95 1631232 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.Resources.dll 2016-12-10 11:00:43 704FE1155EAE560979226C6902115B2D 1232384 ----a-w- C:\WINDOWS\Sysnative\dosvc.dll 2016-12-10 11:00:42 A9FAD443A2F9424AB7B21A183050F206 17188352 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2016-12-10 11:00:40 E4AE313316CCE407A393DDF15690BEB0 534096 ----a-w- C:\WINDOWS\Sysnative\AudioEng.dll 2016-12-10 11:00:40 59F44051BCD479E70446506B7E4E78BB 337920 ----a-w- C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll 2016-12-10 11:00:40 1C986DC8F4FDA1B040AC1176FB24467F 942080 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2016-12-10 11:00:40 12563643B2A0D6AD44392F23A34119E8 590960 ----a-w- C:\WINDOWS\Sysnative\AudioSes.dll 2016-12-10 11:00:39 587F8B85DA3328512DBF396D595DCCCF 22224480 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2016-12-10 11:00:38 FB72606571F97668A773079A3A3A3ADF 1859264 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll 2016-12-10 11:00:37 C5C184635BA06F8F707BB8837D1F7BD1 603488 ----a-w- C:\WINDOWS\Sysnative\ContentDeliveryManager.Utilities.dll 2016-12-10 11:00:37 0CC546199EA54CB510176DB999A455A3 379392 ----a-w- C:\WINDOWS\Sysnative\apprepsync.dll 2016-12-10 11:00:37 09CF47A74BFB480B8262FCEE222004B6 407552 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Management.dll 2016-12-10 11:00:37 0257EB6E424875D1FFEF193FED1F2F2E 176128 ----a-w- C:\WINDOWS\Sysnative\apprepapi.dll 2016-12-10 11:00:36 B6699EAD25D76CCA04ACA8CEEB8508E6 418952 ----a-w- C:\WINDOWS\Sysnative\AUDIOKSE.dll 2016-12-10 11:00:36 A1D2D0F342A11179AE4D4640416ED6CA 324096 ----a-w- C:\WINDOWS\Sysnative\domgmt.dll 2016-12-10 11:00:35 79939990A672F2ED0F56E70475C2EB35 615424 ----a-w- C:\WINDOWS\Sysnative\wpnprv.dll 2016-12-10 11:00:35 45198B71B548B113A18ACD0D9DF7F686 1886344 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2016-12-10 11:00:33 D07C0FEBC9CF05306DDD3B8320BD1331 98304 ----a-w- C:\WINDOWS\Sysnative\browserbroker.dll 2016-12-10 11:00:33 C31AFDF95FE4162ACCA59DB5FBA14EF3 1069720 ----a-w- C:\WINDOWS\Sysnative\MrmCoreR.dll 2016-12-10 11:00:32 1A2871BEA49447B68194D0A2BF6759AA 81408 ----a-w- C:\WINDOWS\Sysnative\HttpsDataSource.dll 2016-12-10 11:00:31 AA9A5061D81F59B8DB107A871CE96CEE 424616 ----a-w- C:\WINDOWS\Sysnative\MFPlay.dll 2016-12-10 11:00:31 96ADD6454DC4FC40CCEE4C1B195E0EA8 748544 ----a-w- C:\WINDOWS\Sysnative\StoreAgent.dll 2016-12-10 11:00:30 F26AACA6DC392FE1C903FE866B039958 347648 ----a-w- C:\WINDOWS\Sysnative\rascustom.dll 2016-12-10 11:00:30 9DAA32C2B9E9E60259491BBFD6F1EB88 211968 ----a-w- C:\WINDOWS\Sysnative\InstallAgent.exe 2016-12-10 11:00:30 94552B30376D315653BE815BEFAC5AD4 539136 ----a-w- C:\WINDOWS\Sysnative\PlayToManager.dll 2016-12-10 11:00:30 2CB858F99F34CCECC72BE24B2000817F 260608 ----a-w- C:\WINDOWS\Sysnative\InstallAgentUserBroker.exe 2016-12-10 11:00:30 1EABA23A7305A232C9A16C14806ED091 163752 ----a-w- C:\WINDOWS\Sysnative\RTWorkQ.dll 2016-12-10 11:00:29 A8AE70993C0FB8DB0EA893B451E36367 366080 ----a-w- C:\WINDOWS\Sysnative\SearchFolder.dll 2016-12-10 11:00:29 A736567105C8ECE9135C84E23273CE79 147968 ----a-w- C:\WINDOWS\Sysnative\dmcertinst.exe 2016-12-10 11:00:29 620316E17FB073F9FA519AD0CA9FA615 455168 ----a-w- C:\WINDOWS\Sysnative\dmenrollengine.dll 2016-12-10 11:00:29 4005682897714B769CDAE9965C9F732F 266544 ----a-w- C:\WINDOWS\Sysnative\policymanager.dll 2016-12-10 11:00:29 0660F4A14F9D2A2F59B26B1D74F1A6D0 650752 ----a-w- C:\WINDOWS\Sysnative\RDXService.dll 2016-12-10 11:00:24 9E700419EA86397448296B7D9B195907 389632 ----a-w- C:\WINDOWS\Sysnative\ActivationManager.dll 2016-12-10 11:00:24 81C7314FEF69EE047D94AC2BC72F18D2 163840 ----a-w- C:\WINDOWS\Sysnative\EnterpriseModernAppMgmtCSP.dll 2016-12-10 11:00:24 8054F43873E02C41D7D6B73955F7EED8 110080 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 2016-12-10 11:00:24 1CB6B8E8E4B483D65BC4F13E755211C8 574464 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_StorageSense.dll 2016-12-10 11:00:23 FAE5D9725F3E1BE1214FBD92A190D01A 143360 ----a-w- C:\WINDOWS\Sysnative\EDPCleanup.exe 2016-12-10 11:00:23 D23738B17E5B74BC4D6BB58A3B103C35 41472 ----a-w- C:\WINDOWS\Sysnative\EAMProgressHandler.dll 2016-12-10 11:00:23 B600F3021B9991C8EC72938E6D25A282 306176 ----a-w- C:\WINDOWS\Sysnative\msdtcuiu.dll 2016-12-10 11:00:23 85220DEC5309BDF0A0F2CBEDADE6EF45 2800128 ----a-w- C:\WINDOWS\Sysnative\netshell.dll 2016-12-10 11:00:23 3CE2B6AECB9AF8BC159299EEC46A35CA 285696 ----a-w- C:\WINDOWS\Sysnative\EnterpriseAppMgmtSvc.dll 2016-12-10 11:00:23 302C6A5649494779A2CD86492E16AB73 842240 ----a-w- C:\WINDOWS\Sysnative\ntshrui.dll 2016-12-10 11:00:22 517644763301E25D21FF48F8A894CAC3 2828376 ----a-w- C:\WINDOWS\Sysnative\d3d11.dll 2016-12-10 11:00:22 003A750CF9401B57FD41263188134CDA 109056 ----a-w- C:\WINDOWS\Sysnative\ReportingCSP.dll 2016-12-10 11:00:21 5160B6F5CCB2DBFDC6FBF00604BF80B8 2482280 ----a-w- C:\WINDOWS\Sysnative\msmpeg2vdec.dll 2016-12-10 11:00:20 BD56EA20694C18421E7A616CEAA05D39 2186896 ----a-w- C:\WINDOWS\Sysnative\hevcdecoder.dll 2016-12-10 11:00:20 A0746EF6C5AB7A17A67BC167167499C1 560128 ----a-w- C:\WINDOWS\Sysnative\AppReadiness.dll 2016-12-10 11:00:19 E15711970C5BE05E8D70B294D0AFF621 2104320 ----a-w- C:\WINDOWS\Sysnative\wlidsvc.dll 2016-12-10 11:00:19 3D2079B85B9D87D025E0C3E23CDA1D75 2084352 ----a-w- C:\WINDOWS\Sysnative\DeviceFlows.DataModel.dll 2016-12-10 11:00:18 88104DF1A924408A61B35438A0596A1B 909312 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Search.dll 2016-12-10 11:00:18 4E330AD1EED4A5D582EE415FD55953A2 4136448 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepository.dll 2016-12-10 11:00:17 30C9B8967B561B2C8BBA8027F09F4FB2 2510848 ----a-w- C:\WINDOWS\Sysnative\NetworkMobileSettings.dll 2016-12-10 11:00:16 EC449756B377F4330B2885567112ACF5 3542016 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2016-12-10 11:00:16 D8FA419B49A4EFC3F2CE3BCB881B797F 637400 ----a-w- C:\WINDOWS\Sysnative\dxgi.dll 2016-12-10 11:00:16 D0B1B74D085035CE6BA5AFCE4AC7F725 641024 ----a-w- C:\WINDOWS\Sysnative\ngccredprov.dll 2016-12-10 11:00:15 9C09E3057378ADE13AFB1C43C9D13F64 409088 ----a-w- C:\WINDOWS\Sysnative\NgcCtnr.dll 2016-12-10 11:00:15 9A0E0B836413EB0BC885532D2A5389D6 184832 ----a-w- C:\WINDOWS\Sysnative\wscsvc.dll 2016-12-10 11:00:15 6C9AD8E67F7D1F7AA735A9299D261816 2852864 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsThresholdAdminFlowUI.dll 2016-12-10 11:00:13 8FC3E97C6063915D1F3DBA35930169FC 360040 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsAdminFlows.exe 2016-12-10 11:00:13 5729FB886E5B0663C6CE1D7F6CCEA566 366080 ----a-w- C:\WINDOWS\Sysnative\RDXTaskFactory.dll 2016-12-10 11:00:13 4EC62F8C60191A2710294C8BDFEECB9A 198856 ----a-w- C:\WINDOWS\Sysnative\wscapi.dll 2016-12-10 11:00:13 3C69CC28665854F1AAB4B4005005FA31 454592 ----a-w- C:\WINDOWS\Sysnative\services.exe 2016-12-10 11:00:13 30CED9C2EBD1CA0E3F47A31B3C1E4CBD 1359360 ----a-w- C:\WINDOWS\Sysnative\usercpl.dll 2016-12-10 11:00:12 FB081DD05891F05ECF6B015CBD7AEC8F 1220096 ----a-w- C:\WINDOWS\Sysnative\wscui.cpl 2016-12-10 11:00:12 EF63052EC54A826B484455FB9DB62E0E 158720 ----a-w- C:\WINDOWS\Sysnative\VEStoreEventHandlers.dll 2016-12-10 11:00:12 BFC3A0E0D9CA0BC28FFDDB1999794970 58880 ----a-w- C:\WINDOWS\Sysnative\Windows.Shell.Search.UriHandler.dll 2016-12-10 11:00:12 8019685F581BD9E0C605D227383CFF58 159232 ----a-w- C:\WINDOWS\Sysnative\wscinterop.dll 2016-12-10 11:00:12 31D39097AC99F6A539A363A5722485C2 278016 ----a-w- C:\WINDOWS\Sysnative\netplwiz.dll 2016-12-10 11:00:12 13F5191092A5767D17BAB667395BA42F 122880 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepositoryClient.dll 2016-12-10 11:00:12 0B854C8F588D38CBA00C2B1889A11F2A 381952 ----a-w- C:\WINDOWS\Sysnative\cryptngc.dll 2016-12-10 11:00:11 1D8F285E38781C2688FCBD249B4AA50C 73216 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepositoryBroker.dll 2016-12-10 11:00:10 CBA63D4B9F8A9117A59703EF18DABC53 991232 ----a-w- C:\WINDOWS\Sysnative\comdlg32.dll 2016-12-10 11:00:10 A93C9B9EBE2FDE5A536000D72CC17F7F 339456 ----a-w- C:\WINDOWS\Sysnative\cdpusersvc.dll 2016-12-10 11:00:10 4C80C700BA6B90EE9ED878EEBE67851D 1600624 ----a-w- C:\WINDOWS\Sysnative\sppobjs.dll 2016-12-10 11:00:10 2E6612376D257F74781F2EF1F869D8C3 411648 ----a-w- C:\WINDOWS\Sysnative\cdpsvc.dll 2016-12-10 11:00:08 D7F8E55D7AECA523B2B88EA04545B995 717824 ----a-w- C:\WINDOWS\Sysnative\LogonController.dll 2016-12-10 11:00:06 F20DD184C8DC1BEF7863BEE44BB3D09F 1418312 ----a-w- C:\WINDOWS\Sysnative\msctf.dll 2016-12-10 11:00:06 BBB6B1F731DC954B833115DA90A89597 159744 ----a-w- C:\WINDOWS\Sysnative\ACPBackgroundManagerPolicy.dll 2016-12-10 11:00:06 90E6A44311F392E63043D4B395FEBE80 1366016 ----a-w- C:\WINDOWS\Sysnative\wpncore.dll 2016-12-10 11:00:06 4F41459377C3C1B05BF46B7C0D50125A 743224 ----a-w- C:\WINDOWS\Sysnative\sppwinob.dll 2016-12-10 11:00:05 C1DBD5C3898237A2C8065D7722C8EA36 960000 ----a-w- C:\WINDOWS\Sysnative\modernexecserver.dll 2016-12-10 11:00:05 9664CEE01F1F168FD201C1972DB2C718 1477632 ----a-w- C:\WINDOWS\Sysnative\wsecedit.dll 2016-12-10 11:00:05 52A50D6838A6ED4255FF8B0CE2BC4B11 1726976 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Immersive.dll 2016-12-10 11:00:05 4CDF5A5841E22456E7D64CC01B41E6AF 882680 ----a-w- C:\WINDOWS\Sysnative\EditionUpgradeManagerObj.dll 2016-12-10 11:00:05 2269644E1163FEE49D3D3B04372B13B1 2009600 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll 2016-12-10 11:00:04 DE6DF9BBBECAFDEF462A37D839167368 673792 ----a-w- C:\WINDOWS\Sysnative\winlogon.exe 2016-12-10 11:00:03 B91FBE7CB4633FEB32AFBD0B48576396 396800 ----a-w- C:\WINDOWS\Sysnative\StorSvc.dll 2016-12-10 11:00:03 B69B3DCCF4C87451F738330C94A99AC9 101216 ----a-w- C:\WINDOWS\Sysnative\DeviceReactivation.dll 2016-12-10 11:00:03 6B02A2756E4D3D4DB0DF5A71A5A7E1E0 391168 ----a-w- C:\WINDOWS\Sysnative\wuuhext.dll 2016-12-10 11:00:03 3C26EB27EA2D1ADE809434D330A9FA3C 107520 ----a-w- C:\WINDOWS\Sysnative\VPNv2CSP.dll 2016-12-10 11:00:02 DB0C3558378D0D752F52919BA10FF05E 1002496 ----a-w- C:\WINDOWS\Sysnative\SRH.dll 2016-12-10 11:00:02 04E33678D2737E0612084F0AAFBFE832 161792 ----a-w- C:\WINDOWS\Sysnative\EditionUpgradeHelper.dll 2016-12-10 11:00:00 80316B3EB295BFA0E8B155A0A79869FB 2287616 ----a-w- C:\WINDOWS\Sysnative\dwmcore.dll 2016-12-10 11:00:00 7EF363096F4411D0EEE1270C73EA2535 4708864 ----a-w- C:\WINDOWS\Sysnative\ExplorerFrame.dll 2016-12-10 10:59:58 DA842AEF3EED0C980036B5E6A8E51F4F 2213760 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2016-12-10 10:59:57 3968825A109FE7940D5DB648556D756C 7219672 ----a-w- C:\WINDOWS\Sysnative\windows.storage.dll 2016-12-10 10:59:54 E4207E8B3FCD84B019E03B51B57CE4C1 198656 ----a-w- C:\WINDOWS\Sysnative\BcastDVRHelper.dll 2016-12-10 10:59:54 DEE66FE9F9001BC60D757E5CCD01E0E8 185344 ----a-w- C:\WINDOWS\Sysnative\DisplayManager.dll 2016-12-10 10:59:54 9B5701A33BA8CE1E547645FFAF4CDD18 4130432 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll 2016-12-10 10:59:54 87BF36C0AD9398C7C5AF48CA9C7F3E56 170496 ----a-w- C:\WINDOWS\Sysnative\AppCapture.dll 2016-12-10 10:59:54 4CD89AE11FF2D1C8C5FB4579E42C870B 620544 ----a-w- C:\WINDOWS\Sysnative\bcastdvr.exe 2016-12-10 10:59:52 18F00DE0A1E18D8740B589BABE1965D8 1062480 ----a-w- C:\WINDOWS\Sysnative\mfsvr.dll 2016-12-10 10:59:51 7FC2CEE4B16F4E9AEB5565C9429FC5A5 1473048 ----a-w- C:\WINDOWS\Sysnative\mfplat.dll 2016-12-10 10:59:50 F107BF38350045A51AEBFA2C4E0E03B7 126568 ----a-w- C:\WINDOWS\Sysnative\mfaudiocnv.dll 2016-12-10 10:59:50 B202DB61CBB01C34EF1083225B869BB0 870912 ----a-w- C:\WINDOWS\Sysnative\msdtcprx.dll 2016-12-10 10:59:50 613FF7815E475EEB84F898A9FB1F658E 328008 ----a-w- C:\WINDOWS\Sysnative\Windows.Storage.ApplicationData.dll 2016-12-10 10:59:50 524086B8BB70DDE6C167F9CC5DC129DD 870400 ----a-w- C:\WINDOWS\Sysnative\mfmkvsrcsnk.dll 2016-12-10 10:59:49 DAA6A4E3DD36F21A486901284D7BBFB1 164352 ----a-w- C:\WINDOWS\Sysnative\dialserver.dll 2016-12-10 10:59:49 D5EFC0BAEC21EDE6FE03D377D403B421 691712 ----a-w- C:\WINDOWS\Sysnative\lsm.dll 2016-12-10 10:59:49 B6337AC6D2C16E4050362711041B2DA4 187520 ----a-w- C:\WINDOWS\Sysnative\CloudStorageWizard.exe 2016-12-10 10:59:49 A324C1FBD3BC34DD0C88E97E5E75EF5C 142176 ----a-w- C:\WINDOWS\Sysnative\migisol.dll 2016-12-10 10:59:49 33DBBCF71F68EA97D9FD34E4C9AB5AC6 283648 ----a-w- C:\WINDOWS\Sysnative\wkssvc.dll 2016-12-10 10:59:48 F8C0699FAA8C4A4A3F3C45FAF3D1D903 178176 ----a-w- C:\WINDOWS\Sysnative\sppnp.dll 2016-12-10 10:59:48 C4049F43A5BC629689B2629D50EECF3F 68096 ----a-w- C:\WINDOWS\Sysnative\ProvSysprep.dll 2016-12-10 10:59:47 488302B09300EB1CFDE4EDAD21390A68 198144 ----a-w- C:\WINDOWS\Sysnative\dpapisrv.dll 2016-12-10 10:59:47 38D8CA93EC675696D8F4A39C3081A515 1691136 ----a-w- C:\WINDOWS\Sysnative\aitstatic.exe 2016-12-10 10:59:47 07EA23DB96222D373E81CD2E4EFDE528 34816 ----a-w- C:\WINDOWS\Sysnative\ReAgentc.exe 2016-12-10 10:59:47 033C350C64617BA4F65084BD0B78385E 105984 ----a-w- C:\WINDOWS\Sysnative\RjvMDMConfig.dll 2016-12-10 10:59:46 BB08E753C027F5FEECA835759F180014 567296 ----a-w- C:\WINDOWS\Sysnative\DevicePairing.dll 2016-12-10 10:59:45 9CE8024075A91397B1059DE58C76502D 1779712 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-12-10 10:59:45 2F495415E9E3386C82B3A2459D93ABD0 2611200 ----a-w- C:\WINDOWS\Sysnative\gameux.dll 2016-12-10 10:59:44 E584CDC70F694F9A984A060A8291EB04 2669056 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-12-10 10:59:44 02DB72679572E637F4688596F12CFBEA 115200 ----a-w- C:\WINDOWS\Sysnative\IdCtrls.dll 2016-12-10 10:59:39 047038089EBA9376B3B280C50243263C 9131008 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-12-10 10:59:37 88125659EFA273D90BF43F34D1209032 7812096 ----a-w- C:\WINDOWS\Sysnative\BingMaps.dll 2016-12-10 10:59:36 9EDCF34001A705B3F0F065E6A4D340CC 7654400 ----a-w- C:\WINDOWS\Sysnative\mos.dll 2016-12-10 10:59:32 1E75344E86ED73D0FDCA29F3435F9FFF 3441152 ----a-w- C:\WINDOWS\Sysnative\MapRouter.dll 2016-12-10 10:59:31 BD71ABBF635991C41569163DE31AB674 2953216 ----a-w- C:\WINDOWS\Sysnative\MapGeocoder.dll 2016-12-10 10:59:30 FB42A5A74A56DF6A85929B81860F1B64 690688 ----a-w- C:\WINDOWS\Sysnative\ieproxy.dll 2016-12-10 10:59:28 B8C0D620219ECAA23A2AC841EAF454D1 2716672 ----a-w- C:\WINDOWS\Sysnative\WsmSvc.dll 2016-12-10 10:59:28 11D3620AB49916F0179316888852A570 32256 ----a-w- C:\WINDOWS\Sysnative\WSManHTTPConfig.exe 2016-12-10 10:59:28 0243E66C562B7FBE9697A36141D177BB 1709056 ----a-w- C:\WINDOWS\Sysnative\UIAutomationCore.dll 2016-12-10 10:59:27 B2988953AF18B7DEDDE06B195A8DEE64 905216 ----a-w- C:\WINDOWS\Sysnative\MapControlCore.dll 2016-12-10 10:59:27 5C98A144C06B806976FA4F5BEEBD4D10 1031680 ----a-w- C:\WINDOWS\Sysnative\MapsStore.dll 2016-12-10 10:59:26 EC99B92C40EA47862BF1723EDA9BE55D 936448 ----a-w- C:\WINDOWS\Sysnative\NMAA.dll 2016-12-10 10:59:26 E72280A50E35C3402276E5C8B02C784C 489472 ----a-w- C:\WINDOWS\Sysnative\NetSetupShim.dll 2016-12-10 10:59:26 E337677FFD088B87F5D7876F0ED3EC34 1060864 ----a-w- C:\WINDOWS\Sysnative\JpMapControl.dll 2016-12-10 10:59:26 9C86A399648A6FC9A4016B336CAA9F86 125952 ----a-w- C:\WINDOWS\Sysnative\setupugc.exe 2016-12-10 10:59:26 5163F5BABAE1FF8CCC0AFD60B6EDD20A 2317312 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-12-10 10:59:25 F79BFB5588B777C71734C1D1EC129D07 657920 ----a-w- C:\WINDOWS\Sysnative\rasmans.dll 2016-12-10 10:59:25 BC198A2793B6B84789D9C159AE146298 151040 ----a-w- C:\WINDOWS\Sysnative\MapsBtSvc.dll 2016-12-10 10:59:25 35202E997F51B4832FF77F52CAC06695 313856 ----a-w- C:\WINDOWS\Sysnative\moshostcore.dll 2016-12-10 10:59:25 32D5C807FCC03D07AE7C3616FAF5CD08 446976 ----a-w- C:\WINDOWS\Sysnative\MapConfiguration.dll 2016-12-10 10:59:24 CAAF0CD70FEE7C5110B1E62804E41B17 82944 ----a-w- C:\WINDOWS\Sysnative\moshost.dll 2016-12-10 10:59:24 7715BF8720E38F77E69B1B688DCD719D 587776 ----a-w- C:\WINDOWS\Sysnative\vpnike.dll 2016-12-10 10:59:23 83D459A5CBAF13FA700EBCFD35C8E98A 495104 ----a-w- C:\WINDOWS\Sysnative\DataSenseHandlers.dll 2016-12-10 10:59:23 4333EB2F0D4EFD6591CC2007F8EBA26C 89600 ----a-w- C:\WINDOWS\Sysnative\MosStorage.dll 2016-12-10 10:59:23 11BDDEDDCAC6CD65A6A082DF53ED0F39 3400192 ----a-w- C:\WINDOWS\Sysnative\SyncCenter.dll 2016-12-10 10:59:21 F00D9885A1B3173B75E9C2A954238984 388096 ----a-w- C:\WINDOWS\Sysnative\zipfldr.dll 2016-12-10 10:59:21 4851F31B5BFBC2F164A317BD70F82E9C 632320 ----a-w- C:\WINDOWS\Sysnative\rasapi32.dll 2016-12-10 10:59:20 F25A86C9E36402BD4E76B7B5C2301C4B 96256 ----a-w- C:\WINDOWS\Sysnative\umpoext.dll 2016-12-10 10:59:20 3BBD41D11F3888F2500CB5A5FBF5A9B2 590336 ----a-w- C:\WINDOWS\Sysnative\efswrt.dll 2016-12-10 10:59:19 E6BA6FF8E956F684524CF5DBBB053687 136192 ----a-w- C:\WINDOWS\Sysnative\sendmail.dll 2016-12-10 10:59:19 8C02F264C60183EEFCE1ED27FDF006DC 389632 ----a-w- C:\WINDOWS\Sysnative\stobject.dll 2016-12-10 10:59:19 675A95DCF8F9C66122A4E3357E95C6DF 43008 ----a-w- C:\WINDOWS\Sysnative\LaunchWinApp.exe 2016-12-10 10:59:18 9F2965CB4D07ED5420C3E01A94888E21 6664192 ----a-w- C:\WINDOWS\Sysnative\mspaint.exe 2016-12-10 10:59:17 F2924292A6E176536C598F03B2AB3786 86016 ----a-w- C:\WINDOWS\Sysnative\NetCfgNotifyObjectHost.exe 2016-12-10 10:59:17 8439DB137E719EBFF71FD20586AAA2B4 40960 ----a-w- C:\WINDOWS\Sysnative\CbtBackgroundManagerPolicy.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2016-12-16 21:04:51 8B80EDD5A814DFE32ECA94D0FD6739BD 332512 ----a-w- C:\WINDOWS\Sysnative\drivers\tmcomm.sys 2016-12-15 21:50:31 B72D26074E72A757D788FB1BEF8B2F2E 377184 ----a-w- C:\WINDOWS\Sysnative\drivers\clfs.sys 2016-12-15 21:50:31 B0D9B87B795B7833C9152441CBD55CC4 624048 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-12-15 21:50:29 5634BF53BE184314A82E638EAD67DE73 402272 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2016-12-15 21:50:28 D24345315139AAF6E3DF106344EE9422 658784 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-12-15 21:50:27 19F2B54EE8861D90579BD0E3AE5182F9 2189664 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-12-10 11:00:43 851ED52AE3E62CD5374BD4BBFF7A9DAB 967168 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2016-12-10 11:00:30 FA918EC296EB410FF02867D008D02421 352096 ----a-w- C:\WINDOWS\Sysnative\drivers\fastfat.sys 2016-12-10 11:00:30 CDBD029BAEC8D09F6FBD404632D9AF28 128352 ----a-w- C:\WINDOWS\Sysnative\drivers\partmgr.sys 2016-12-10 11:00:19 9627BBAA50878F6833A6A7843EE3B1D9 258560 ----a-w- C:\WINDOWS\Sysnative\drivers\xboxgip.sys 2016-12-10 11:00:09 46171262D0E806779DEEDFCAB2F830CC 219488 ----a-w- C:\WINDOWS\Sysnative\drivers\tpm.sys 2016-12-10 11:00:01 0D50B3F3AB32D416786B58D4553859CE 42496 ----a-w- C:\WINDOWS\Sysnative\drivers\modem.sys 2016-12-10 10:59:57 E2DD2E5BDCCD225670831B439826065B 335712 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2016-12-10 10:59:50 55CA5329D1ADEB8F8034045930147AE4 713216 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2016-12-10 10:59:48 D4D12BC29DE0F09280868FDCA65B3474 282624 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys 2016-12-10 10:59:25 AF6963414B820B7C45578ED3300438A7 433504 ----a-w- C:\WINDOWS\Sysnative\drivers\rdbss.sys 2016-12-10 10:59:24 93A77008A8932FC84A173C4E97E52874 223584 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-12-17 22:20:53 -------- d-----w- C:\Program Files\EPSON 2016-12-16 22:02:31 -------- d-----w- C:\Program Files\Lavasoft 2016-12-16 22:01:17 -------- d-----w- C:\Program Files\Common Files\Lavasoft 2016-12-16 21:41:08 -------- d-----w- C:\Program Files\trend micro 2016-12-10 22:54:33 -------- d-----w- C:\Program Files\Microsoft Office 15 ======= C:\PROGRA~2 ===== 2016-12-18 11:07:40 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Xavier\AppData\Roaming ====== 2016-12-16 21:31:15 F3D2D268C83F98FFCAEFF13B4E750905 1094526 ----a-w- C:\Users\Xavier\AppData\Local\census.cache 2016-12-16 21:29:57 53F917D11713BD5E30E2262C64A533B1 1212571 ----a-w- C:\Users\Xavier\AppData\Local\ars.cache 2016-12-16 21:24:29 3789E5252A5CD9893D889AD92F885F4A 10 ----a-w- C:\Users\Xavier\AppData\Local\sponge.last.runtime.cache 2016-12-16 21:04:37 D4DBB1C35FD63EA5F61E508C9487CBD3 36 ----a-w- C:\Users\Xavier\AppData\Local\housecall.guid.cache ====== C:\Users\Xavier ====== 2016-12-18 11:07:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-12-18 11:01:06 A8752E848C88A477CF88BA615E4EB28A 737344 ----a-w- C:\Users\Xavier\Downloads\JavaSetup8u111.exe 2016-12-16 22:04:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2016-12-16 22:00:07 -------- d-----w- C:\ProgramData\Lavasoft 2016-12-16 21:38:42 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Xavier\Downloads\RSITx64.exe 2016-12-16 21:07:17 -------- d-----w- C:\ProgramData\Trend Micro 2016-12-16 21:04:25 D470C51F10696C81F310B8062BDF53F8 2527376 ----a-w- C:\Users\Xavier\Downloads\HousecallLauncher64.exe ====== C: exe-files == 2016-12-18 12:35:07 F9813C456FE75D614116199B3E138D65 229088 ----a-w- C:\Users\Xavier\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncConfig.exe 2016-12-18 12:35:07 345D131E3C8E4D2794EC750104716DA4 1669856 ----a-w- C:\Users\Xavier\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\OneDriveStandaloneUpdater.exe 2016-12-18 12:35:06 7EA564DB7A3D890EC000D2F7812EDF10 215264 ----a-w- C:\Users\Xavier\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileCoAuth.exe 2016-12-18 12:35:06 44348495F9D6ED21F4EFB3FF80677D99 1517280 ----a-w- C:\Users\Xavier\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\OneDrive.exe 2016-12-18 11:07:25 A90E29C3839ED2141F80670A3DB32F69 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2016-12-18 11:07:25 5A92988B4DEC8EAFE62F7D2DBE8AB620 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2016-12-18 11:07:25 1B7F15EA9DA5322698988698C7D58959 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2016-12-18 11:07:21 F38FB008B3816D9585F10A7D2CC22DF1 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\orbd.exe 2016-12-18 11:07:21 ED141A08605AF568747C8F418170FC06 159296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\unpack200.exe 2016-12-18 11:07:21 EBF20DDA7DDA14BBD1F6F2F1B37BC113 83008 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2launcher.exe 2016-12-18 11:07:21 C2B897032A8604E1827B0CD07EBB3306 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\java-rmi.exe 2016-12-18 11:07:21 C07D4839606118BBF7C5153FF171301C 70208 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\javacpl.exe 2016-12-18 11:07:21 B8EDC4631E2B5D7AE9E626690F6506FF 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\rmid.exe 2016-12-18 11:07:21 A90E29C3839ED2141F80670A3DB32F69 191552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\javaw.exe 2016-12-18 11:07:21 A1AD424B821EB9878B985AB43253DCA0 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\keytool.exe 2016-12-18 11:07:21 8448994199BEE00F4C40A561AE77672F 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\kinit.exe 2016-12-18 11:07:21 6DDA1D127FD0C4B8F93307E6D52B1ABD 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\tnameserv.exe 2016-12-18 11:07:21 65E94EC48AE31838C8F6F2F4FC59AB44 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\pack200.exe 2016-12-18 11:07:21 5F2D0025CB3C078E0AAB83E1430827C6 52800 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssvagent.exe 2016-12-18 11:07:21 5A92988B4DEC8EAFE62F7D2DBE8AB620 269888 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\javaws.exe 2016-12-18 11:07:21 490D67C45EE587B06833ADA0811F241B 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\servertool.exe 2016-12-18 11:07:21 487C48AA28B0DC99A387F31E7764ABFB 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\jjs.exe 2016-12-18 11:07:21 3FAF0C9A1D59F5D196C0578839A00EFE 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\policytool.exe 2016-12-18 11:07:21 391D35229BF096E04FEE6F8520DC3B21 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\klist.exe 2016-12-18 11:07:21 1D623A885163D6BA50175987B4BB9450 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\rmiregistry.exe 2016-12-18 11:07:21 1B7F15EA9DA5322698988698C7D58959 191040 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\java.exe 2016-12-18 11:07:21 1598CF2FAD014E95975560929F578E05 30784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\jabswitch.exe 2016-12-18 11:07:21 09C754EFAEE0DA93817D5DC0A5FFE8B4 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\bin\ktab.exe 2016-12-18 11:01:06 A8752E848C88A477CF88BA615E4EB28A 737344 ----a-w- C:\Users\Xavier\Downloads\JavaSetup8u111.exe 2016-12-17 23:44:14 D97D40F85A015354AD060386943D4DAA 128 ----a-w- C:\$Recycle.Bin\S-1-5-21-3771618856-1216886772-2068263370-1001\$IPAZKUW.exe 2016-12-17 23:44:08 A619D46ED310606DD65CDEDAA65F275C 124 ----a-w- C:\$Recycle.Bin\S-1-5-21-3771618856-1216886772-2068263370-1001\$III9PBT.exe 2016-12-17 23:44:08 8FC646D4B7920C8152732B3535B8AF5B 138 ----a-w- C:\$Recycle.Bin\S-1-5-21-3771618856-1216886772-2068263370-1001\$IX3LQVR.exe 2016-12-17 23:43:51 51F47FE4E8425B95549A676AEE3BA95F 120 ----a-w- C:\$Recycle.Bin\S-1-5-21-3771618856-1216886772-2068263370-1001\$IAQTZAZ.exe 2016-12-17 22:32:54 62014E15B08D9F260B95307B1BB89A92 13983608 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\55.0.2883.87\55.0.2883.87_54.0.2840.99_chrome_updater.exe 2016-12-17 22:26:58 5E7ADCF81096860FED5AB569A8ADE3AB 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe 2016-12-17 22:26:58 33DF23DDDE222C6270C99885D7A70DE2 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateWebPlugin.exe 2016-12-17 22:26:57 57769E78CCB9F3DE92B507B72D49AF99 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateBroker.exe 2016-12-17 22:26:56 FCAEDFFAA41EA74BA53FDADABBB8B21A 1129376 ----a-w- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateSetup.exe 2016-12-17 22:26:54 FE9E6388A039441098EB09C070EA5049 601752 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateCore.exe 2016-12-17 22:26:54 FE40EC349D80C0ED24A5808DCFE9A0D2 288920 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe 2016-12-17 22:26:54 FACC7DC5EEF8AF0D969BC2481AAA3EFC 174232 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateComRegisterShell64.exe 2016-12-17 22:26:54 B5C7D56B6DB76C66E24B4B735BB66509 366232 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe 2016-12-17 22:26:54 2D8BBF6C7241AAD9EDE7708EBB7B43A4 153752 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdate.exe 2016-12-17 22:26:50 FCAEDFFAA41EA74BA53FDADABBB8B21A 1129376 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.32.7\GoogleUpdateSetup.exe 2016-12-17 22:23:45 E1012CAD71806D7F36CCBF0BC967D2BD 3590144 ----a-w- C:\$Recycle.Bin\S-1-5-21-3771618856-1216886772-2068263370-1001\$RPAZKUW.exe 2016-12-17 22:17:43 E1012CAD71806D7F36CCBF0BC967D2BD 3590144 ----a-w- C:\$Recycle.Bin\S-1-5-21-3771618856-1216886772-2068263370-1001\$RAQTZAZ.exe 2016-12-17 22:14:08 249672E81A9B37FE4FD9D7CE3158FB65 253024 ----a-w- C:\Program Files (x86)\EPSON Software\ECLink\EPECLINK.EXE 2016-12-17 22:13:11 01476FBE43E5F83C57669CBA5BA1A81F 5765112 ----a-w- C:\Users\Xavier\AppData\Local\Temp\EPSON\Download\Resource\mepSetup_20160413.exe 2016-12-17 22:13:10 BF4626FFDACFD0CB40E2F804E10ED817 235880 ----a-w- C:\Users\Xavier\AppData\Local\Temp\EPSON\Download\Resource\ECLink.exe 2016-12-17 22:13:05 38768B1BF2B29C6E1268040C64B7598C 3319808 ----a-w- C:\Users\Xavier\AppData\Local\Temp\EPSON\Download\Resource\EPCPSetup.exe 2016-12-17 22:12:50 9DD9C7384BFFEDD42B0ACCAAF0E0D100 11158400 ----a-w- C:\Users\Xavier\AppData\Local\Temp\EPSON\Download\Resource\EPS_10009_ALL_web_32.exe 2016-12-17 22:02:18 C3C0D688D60D1914750B20A603BE9723 6109176 ----a-w- C:\Users\Xavier\AppData\Local\Temp\EPSON\Download\Resource\CESU4440.exe 2016-12-17 21:42:59 04B150FF079FD5BF4E774D1A19958A9E 738816 ----a-w- C:\Users\Xavier\AppData\Local\NVIDIA\NvBackend\Packages\000098aa\CoProc update.21484016.exe 2016-12-16 22:03:02 D000E0DD332DCF9275B561E663C151BF 230260576 ----a-w- C:\$Recycle.Bin\S-1-5-21-3771618856-1216886772-2068263370-1001\$RX3LQVR.exe 2016-12-16 21:59:55 F062C6192D68BE8556EEA906B48E11F1 2586928 ----a-w- C:\$Recycle.Bin\S-1-5-21-3771618856-1216886772-2068263370-1001\$RII9PBT.exe 2016-12-16 21:41:08 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Xavier.exe 2016-12-16 21:38:42 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Xavier\Downloads\RSITx64.exe 2016-12-16 21:07:15 F46540BB342400D298DB6978C170B661 523176 ----a-w- C:\Users\Xavier\AppData\Local\Temp\HouseCall\HomeDeviceGuard_Downloader_Silent.exe 2016-12-16 21:04:50 E1B53B492915322A1021F8B44388F11D 1154008 ----a-w- C:\Users\Xavier\AppData\Local\Temp\HouseCall\HouseCallX_x64\HouseCallX.exe 2016-12-16 21:04:49 233B7325049B2B173B9D8BEA2296FF92 523184 ----a-w- C:\Users\Xavier\AppData\Local\Temp\HouseCall\HomeDeviceGuard_Downloader.exe 2016-12-16 21:04:37 240DA6A41C9C102868941DC1AB5452BF 8283488 ----a-w- C:\Users\Xavier\AppData\Local\Temp\HCBackup\hcpackage64.exe 2016-12-16 21:04:25 D470C51F10696C81F310B8062BDF53F8 2527376 ----a-w- C:\Users\Xavier\Downloads\HousecallLauncher64.exe 2016-12-16 15:16:09 CB7A4790615372ACC501E0AA35106ED7 2248184 ----a-w- C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\SwReporter\15.85.1\software_reporter_tool.exe 2016-12-15 21:50:56 D5C59218EDAD5E424C33D825DD797C49 989024 ----a-w- C:\Windows\System32\hvax64.exe 2016-12-15 21:50:56 9A077360DC6A6BF2E364FE4A47DC9854 1100128 ----a-w- C:\Windows\System32\hvix64.exe 2016-12-15 21:50:55 12736C69D73EB8A0D2889CBE167217E2 811872 ----a-w- C:\Windows\System32\hvloader.exe 2016-12-15 21:50:53 D8BC84CEC908147CB88FE6E87138EB58 7655280 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 2016-12-15 21:50:50 C6E7C0577523905FF4FF3B0D5A036A3B 7816032 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-12-15 21:50:46 1D5C9E2102D2F0A98BC1564F8532F9F0 275296 ----a-w- C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe 2016-12-15 21:50:38 2925A1C60E081F0B51699C148AE1925A 455520 ----a-w- C:\Windows\System32\securekernel.exe 2016-12-15 21:50:37 74C191A1BF7AD5AD63432E104E1D7A54 1173496 ----a-w- C:\Windows\System32\winload.exe 2016-12-15 21:50:37 0DCF6AF8987CD9EEBAB548A593380C3E 894096 ----a-w- C:\Windows\System32\winresume.exe 2016-12-15 21:50:37 0DCF6AF8987CD9EEBAB548A593380C3E 894096 ----a-w- C:\Windows\System32\Boot\winresume.exe 2016-12-15 21:50:31 28CF4575C39A0662138E6C6A0B107BCB 172544 ----a-w- C:\Windows\System32\DeviceEnroller.exe 2016-12-15 12:07:04 6B1284608476D26F4E884A501833BA23 2589432 ----a-w- C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.15.1046.10613\AdAwareWebInstaller.exe 2016-12-15 12:05:54 5E36F3FE2E6D2AC9DA7C2F7C7BBFEA32 9533688 ----a-w- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareTray.exe 2016-12-15 12:05:48 8B03D74DD2E05CDEA0A9186481D0360A 628984 ----a-w- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareServiceHelper.exe 2016-12-15 12:05:32 DB3C806F5CA1AFE57E2E033CDCFECC2F 19338488 ----a-w- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareDesktop.exe 2016-12-15 12:05:28 25FC2A5E85848C3A718EDF1106028A8D 1561336 ----a-w- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareCommandLine.exe 2016-12-15 12:02:16 9AF445DB61530CC511FBFC2E430B7FB3 5846072 ----a-w- C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.15.1046.10613\AdAwareUpdater.exe 2016-12-15 12:02:14 A3D5DB8245C5C1DEAD0B33FEB96D6817 630976 ----a-w- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareService.exe === C: other files == 2016-12-18 12:35:06 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\Xavier\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\CollectOneDriveLogs.bat 2016-12-18 11:07:21 467720B73E839ED66826EAF59C9A59E7 14156 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\lib\deploy\ffjcext.zip 2016-12-16 21:06:54 82B4C346A14FA398D8BA9AC19BA11B55 16967164 ----a-w- C:\Users\Xavier\AppData\Local\Temp\HouseCall\tmase.zip 2016-12-16 21:04:52 EED337CE9E70696EC247D395B9250EE0 2674 ----a-w- C:\Users\Xavier\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ini_xml.zip 2016-12-16 21:04:51 99559F8DE53EAC2C8DBC23595803A69D 46352 ----a-w- C:\Users\Xavier\AppData\Local\Temp\HouseCall\TMEBC64.sys 2016-12-16 21:04:51 8B80EDD5A814DFE32ECA94D0FD6739BD 332512 ----a-w- C:\Windows\System32\drivers\tmcomm.sys 2016-12-16 21:04:51 8B80EDD5A814DFE32ECA94D0FD6739BD 332512 ----a-w- C:\Users\Xavier\AppData\Local\Temp\HouseCall\Tmcomm.sys 2016-12-15 21:50:41 A930AD470CBCBEEAA2B684325453D48A 3616768 ----a-w- C:\Windows\System32\win32kfull.sys 2016-12-15 21:50:40 5C9A0EDE876D5D63A6EB34BC24384A17 2998272 ----a-w- C:\Windows\SysWOW64\win32kfull.sys 2016-12-15 21:50:38 6343BD5C58F385703454D47416EE0100 206848 ----a-w- C:\Windows\System32\win32k.sys 2016-12-15 21:50:37 DF53C40EE6572B64691668277156FA41 147968 ----a-w- C:\Windows\SysWOW64\win32k.sys 2016-12-15 21:50:31 B72D26074E72A757D788FB1BEF8B2F2E 377184 ----a-w- C:\Windows\System32\drivers\clfs.sys 2016-12-15 21:50:31 B0D9B87B795B7833C9152441CBD55CC4 624048 ----a-w- C:\Windows\System32\drivers\cng.sys 2016-12-15 21:50:29 5634BF53BE184314A82E638EAD67DE73 402272 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2016-12-15 21:50:28 D24345315139AAF6E3DF106344EE9422 658784 ----a-w- C:\Windows\System32\drivers\dxgmms2.sys 2016-12-15 21:50:27 19F2B54EE8861D90579BD0E3AE5182F9 2189664 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2016-12-15 21:50:21 7C98397279D619956D6A7F9294FA5C5F 1512960 ----a-w- C:\Windows\System32\win32kbase.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3771618856-1216886772-2068263370-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Power2GoExpress8"="C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "OneDrive"="C:\Users\Xavier\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Spotify Web Helper"="C:\Users\Xavier\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "f.lux"="C:\Users\Xavier\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "EPLTarget\P0000000000000001"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE /EPT EPLTarget\P0000000000000001 /M XP-235 Series" "EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE /EPT EPLTarget\P0000000000000000 /M XP-235 Series" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin" "AccelerometerSysTrayApplet"="C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe" "HPMessageService"="C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe" "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Power2GoExpress8"="C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "OneDrive"="C:\Users\Xavier\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Spotify Web Helper"="C:\Users\Xavier\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "f.lux"="C:\Users\Xavier\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "EPLTarget\P0000000000000001"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE /EPT EPLTarget\P0000000000000001 /M XP-235 Series" "EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE /EPT EPLTarget\P0000000000000000 /M XP-235 Series" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "AdAwareTray"="C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareTray.exe" "WindowsDefender"=""%ProgramFiles%\Windows Defender\MSASCuiL.exe"" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job --a-------- C:\WINDOWS\explorer.exe [11-11-2016 10:56] C:\WINDOWS\tasks\EPSON XP-235 Series Update {74EC9FED-24FE-424A-864F-236431E77F61}.job --a-------- C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPFE.exe [21-11-2013 17:30] C:\WINDOWS\tasks\EPSON XP-235 Series Update {BE746C4B-8BD0-4D13-B443-D54676F86183}.job --a-------- C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPFE.exe [21-11-2013 17:30] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-08-2015 11:56] C:\WINDOWS\tasks\HPCeeScheduleForXavier.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [16-06-2015 08:51] C:\WINDOWS\tasks\?????????? ???????? ?????? .job --a-------- C:\Users\Xavier\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\DriverToolkit Autorun" [C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe] "C:\WINDOWS\SysNative\tasks\EPSON XP-235 Series Update {74EC9FED-24FE-424A-864F-236431E77F61}" [C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPFE.EXE] "C:\WINDOWS\SysNative\tasks\EPSON XP-235 Series Update {BE746C4B-8BD0-4D13-B443-D54676F86183}" [C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPFE.EXE] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore1d0439637c97884" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore1d0919c582ee171" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore1d0bfa55bad2a3e" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3771618856-1216886772-2068263370-1001Core" [C:\Users\Xavier\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3771618856-1216886772-2068263370-1001Core1d0a68246733f53" [C:\Users\Xavier\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HPCeeScheduleForXavier" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" [C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task" [C:\Users\Xavier\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\Start OPBHOBroker" ["C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe"] "C:\WINDOWS\SysNative\tasks\Start OPBHOBrokerDesktop" ["C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"] "C:\WINDOWS\SysNative\tasks\Start SimplePass" ["C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe"] "C:\WINDOWS\SysNative\tasks\USER_ESRV_SVC_WILLAMETTE" ["C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{558E39AA-0318-466E-B460-71C3FA1DCB32}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe] "C:\WINDOWS\SysNative\tasks\{B14E67B8-646D-499B-BB3D-3D4D19F7EE7F}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon" [C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\Intel\Intel Telemetry 2" [C:\Program Files\Intel\Telemetry 2.0\lrio.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64 35" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "e-webprint@epson.com"="C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on" [24-09-2016 10:29] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Xavier\AppData\Roaming\Mozilla\Firefox\Profiles\MhVbhcXJ.default - Segurana do navegador Avira - %ProfilePath%\extensions\abs@avira.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fidikogfgleiaefnjbmnjaplmgknppkg - No path found[] flliilndjeohchalpbbcdekjklbdgfkk - No path found[] Duolingo on the Web - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl Google Drive - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf eID Chrome Extension - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbdaodnaecdijpajecpncpdomgcoakc YouTube - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Pushbullet - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd Google Search - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Ice - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhffefhdkeibnkdldinbncimlojchnie Google Docs Offline - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Whitelisted domains - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Unlimited Free VPN - Hola - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio Gent - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjcebnadigegmllahigplolfjhbipnkk Imagus - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab The Great Suspender - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg Google Maps - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh Default filename template: - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg Apple Shooter - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbhfnlipcinfjmjplgegncjlmpnihecg Chrome Web Store Payments - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Background Tab - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic 4chan X - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohnjgmpcibpbafdlkimncjhflgedgpam Gmail - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A7F3CAB7369BE86489E25B06A87804D8 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6DBEC9DAD2449794D9D11E50F0E272D2 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2C0D8C2E79C150C439A9B5310AEF56C5 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7BAC3F7A-B963-468E-982E-B5608A87408D} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AD9CEBD6-442D-4979-9D1D-E1050F2E272D} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A7F3CAB7369BE86489E25B06A87804D8 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\6DBEC9DAD2449794D9D11E50F0E272D2 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2C0D8C2E79C150C439A9B5310AEF56C5 deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Xavier\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Xavier\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Xavier\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Xavier\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=6669 folders=280 386688681 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Xavier\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 18-12-2016 at 14:09:27,65 ======================