Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Wim on za 24/12/2016 at 11:44:14,52.
Microsoft Windows 10 Home 10.0.14393  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Wim\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

24/12/2016 11:45:46 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\log deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Wim\AppData\Local\ActiveSync deleted successfully
C:\Users\Wim\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Wim\AppData\Local\EmieSiteList deleted successfully
C:\Users\Wim\AppData\Local\EmieUserList deleted successfully
C:\Users\Wim\AppData\Local\Femap deleted successfully
C:\Users\Wim\AppData\Local\NetworkTiles deleted successfully
C:\Users\Wim\AppData\Local\VirtualStore deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1406585922-2982736091-624962569-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-1406585922-2982736091-624962569-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-1406585922-2982736091-624962569-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

AVG  
AVG 2016  
AVG Protection  
AVG Web TuneUp  
Belgium e-ID middleware 4.1.18 (build 1730)  
CCleaner  
FMW 1  
Google Chrome  
Google Update Helper  
Java 8 Update 111  
Java Auto Updater  
KeyShot 5 64 bit  
Microsoft Office 365 ProPlus - nl-nl  
Microsoft OneDrive  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Office 16 Click-to-Run Extensibility Component  
Office 16 Click-to-Run Extensibility Component 64-bit Registration  
Office 16 Click-to-Run Licensing Component  
Office 16 Click-to-Run Localization Component  
paint.net  
Solid Edge ST7  
Speccy  
Stuurprogrammapakket voor Windows - Fedict SmartCard  (08/08/2015 4.1.5)  
Synaptics Pointing Device Driver  
Visual Studio 2012 x64 Redistributables  
Visual Studio 2012 x86 Redistributables  

==== Running Processes ======================

C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe
C:\Users\Wim\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Wim\Desktop\zoek.exe
C:\WINDOWS\SysWoW64\cmd.exe
C:\WINDOWS\SysWoW64\cmd.exe
C:\WINDOWS\SysWoW64\cmd.exe

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater40.3.6 deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] 
"vProt"=- 

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 

==== Deleting Files \ Folders ======================

C:\Users\Wim\AppData\Local\AVG Web TuneUp deleted
C:\Program Files\AVG Web TuneUp deleted
C:\PROGRA~3\AVG Web TuneUp deleted
C:\PROGRA~3\AVG Security Toolbar deleted
C:\PROGRA~3\AVG Secure Search deleted
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" deleted
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" deleted
"C:\PROGRA~2\AVG Web TuneUp\vprot.exe" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\40.3.6\avgdttbx.dll" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\40.3.6\avgdttbx.dll" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\40.3.6\avgdttbx.dll" deleted
"C:\Program Files (x86)\AVG Web TuneUp" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search" deleted
"C:\Program Files (x86)\AVG Web TuneUp" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search" deleted
"C:\PROGRA~2\AVG Web TuneUp" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\40.3.6" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\40.3.6" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\40.3.6" deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 3891 MB
CPU Info: Intel(R) Pentium(R) CPU        P6100  @ 2.00GHz
CPU Speed: 2011,1 MHz
Sound Card: Luidsprekers (High Definition A | 
Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe FE Family-controller | Realtek RTL8188CE draadloze LAN 802.11n PCI-E-netwerkinterfacekaart | Microsoft Wi-Fi Direct Virtual Adapter
CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW TS-L633J
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  296,8GB
Hard Disks - Free: C:  259,1GB
Manufacturer *: TOSHIBA
BIOS Info: AT/AT COMPATIBLE | 05/17/11 | TOSCPL - 74
Time Zone: Romance (standaardtijd)
Motherboard *: TOSHIBA PWWAA
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Default Browser: Google Chrome	55.0.2883.87
Internet Explorer Version: 11.576.14393.0 
Google Chrome version: 55.0.2883.87
Sun Java version: 1.8.0_111 (32-bit) 
Sun Java version: 1.8.0_111 (64-bit) 

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2016-12-23 15:45:53	E1F18F8E0376B67836D68A7374BA0F70	500111800	----a-w-	C:\WINDOWS\MEMORY.DMP
2016-12-23 14:25:10	4E10FB1A015B49AC68F76C1A3F4D9C0F	4673304	----a-w-	C:\WINDOWS\explorer.exe
====== C:\Users\Wim\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2016-12-23 14:26:04	22096A33F31A39599AF270EF6A55230D	5722832	----a-w-	C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-23 14:26:03	C4043D16BE4B2E9B66866060162B6769	6109184	----a-w-	C:\WINDOWS\SysWOW64\mos.dll
2016-12-23 14:26:03	9D0717ECC88FA1090C675B9308979DE7	5380608	----a-w-	C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-23 14:26:02	E8FBC76BDC0CC5005110AE38DB6C93F6	3306496	----a-w-	C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-23 14:26:02	D6469A94E2CA0A33616FE408463918DD	2362880	----a-w-	C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-23 14:26:02	2A7309FDC7AE938B497AF9B986523EBA	4612608	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-23 14:26:01	6D8AF670995DC432C07C5321DE3967B5	1852720	----a-w-	C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-23 14:26:01	4B2A806FC406B8F66CE610CC6CC6299A	2109952	----a-w-	C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-23 14:26:01	3E689A2AE38163D67297C87ED7770B9C	2323728	----a-w-	C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-23 14:26:00	3EA9BF7D7E9423CAC323CF54F184EF53	952416	----a-w-	C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-23 14:26:00	308693585CE30B3ABC804292FA2853FA	3892864	----a-w-	C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-23 14:26:00	14165F6BC67B1B51DD9F55C339D63CB0	2277248	----a-w-	C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-23 14:25:59	0FA371C4D87D47E4D2E39655DE14F521	527880	----a-w-	C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-23 14:25:57	FE68CCE3D2985526FB00C692E92E0FE2	3370496	----a-w-	C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-23 14:25:57	D478AD237CC6925BDC08062A195C5AA7	313856	----a-w-	C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-23 14:25:57	C5E96B8A8A97430BA42FCF112DFB76FD	332288	----a-w-	C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-23 14:25:56	7CEB531B7F1D82344DD3F649227F1840	1992704	----a-w-	C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-23 14:25:56	46E91FB548882ACFE377FFB1282D052D	2138112	----a-w-	C:\WINDOWS\SysWOW64\InputService.dll
2016-12-23 14:25:55	F5A9BAC2FD606A4F0909D996CBE8BC78	91936	----a-w-	C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-23 14:25:55	B124B6D66EE6FAB7B59FD114A633A1D1	2333184	----a-w-	C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-23 14:25:55	A7AA7586A6E1CDD99667BDD8A9AD54BC	1123912	----a-w-	C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-23 14:25:55	87BE502E7B1D3705783C366ED0CBA9F7	1357824	----a-w-	C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-23 14:25:54	F050C5ED0C243759023D91F25C2DA94C	4423680	----a-w-	C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-23 14:25:53	363EC48D319DE030B48C56F3E65DCB84	117248	----a-w-	C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-23 14:25:52	6C547034D9502FD212651C9C8D0C390E	715264	----a-w-	C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-23 14:25:52	417CB790193F1FB9511923D268133E28	71168	----a-w-	C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-23 14:25:51	F3E173252DB9570ACD22306F115FCFF5	746496	----a-w-	C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-23 14:25:51	B896EE88B38810BF83E1A2D08ADDA673	157536	----a-w-	C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-23 14:25:51	7C13A18901A701202A1DD6514BA4D053	114176	----a-w-	C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-23 14:25:51	2FCEC70D411ED16AFC79FA3711CCB66A	545280	----a-w-	C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-23 14:25:50	03B273395EA0BF2E9C56222183217E17	206848	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-23 14:25:47	76F30D5D38F46DF16AF86B3549046CC8	32768	----a-w-	C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-23 14:25:47	3BFB09E18CE3158070C7CFE0C3DA6DE2	68096	----a-w-	C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-23 14:25:47	2CCBA569613401EA6011EE08E8D36D88	92672	----a-w-	C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-23 14:25:47	1A87B6398A18BB9EF7207CA3C8B8DBEB	359936	----a-w-	C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-23 14:25:46	B7D071365F74E52DDE39C9705A3EFFFD	53248	----a-w-	C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-23 14:25:46	5B5AAD18FE6719A7D1BE169388618391	348672	----a-w-	C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-23 14:25:46	504C7DA573CB9065889ECE643746D5F4	94208	----a-w-	C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-23 14:25:46	053B12D5D2E45A7E01E43F008552620C	912896	----a-w-	C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-23 14:25:45	B5F75AF049EB8CBD884B044CCE14A8BD	33280	----a-w-	C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-23 14:25:45	8FF2C9FEAEE403366F41FED41EBC6049	838144	----a-w-	C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-23 14:25:45	7A855DC526109A2410EF2D52FC2DF378	760832	----a-w-	C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-23 14:25:36	3BC9C1743322B4D73344183C99C411AA	7626752	----a-w-	C:\WINDOWS\SysWOW64\twinui.dll
2016-12-23 14:25:34	B19A804BC41C276DAF5753BE541A97B4	1503544	----a-w-	C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-23 14:25:33	AF46710DDB8B0E304AA4FD2B940CABD8	4311736	----a-w-	C:\WINDOWS\SysWOW64\explorer.exe
2016-12-23 14:25:31	8EE8BDF714D986AC30193FE75478047C	1263856	----a-w-	C:\WINDOWS\SysWOW64\msctf.dll
2016-12-23 14:25:30	64DF6ECDC75659AC4A42E176957192FD	711680	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-23 14:25:30	4BEC594A3D4AEAFAC400D88F7E328C7B	1435896	----a-w-	C:\WINDOWS\SysWOW64\user32.dll
2016-12-23 14:25:29	FED441C74C98F346B68BED55CC33DE0A	263472	----a-w-	C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-23 14:25:29	33F992140B11BF32F08008B7E52631D0	505856	----a-w-	C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-23 14:25:28	52B85DFC0E8FE1682F6E8DA83F8C6663	122208	----a-w-	C:\WINDOWS\SysWOW64\migisol.dll
2016-12-23 14:25:28	1A8E7650017F0BC9AD12A6861B5119ED	117240	----a-w-	C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-23 14:25:28	0ECD96BC460CC643B980D111E7F92602	1556480	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-23 14:25:27	BA8D9C7C5381E8BD9438E1E0F38775CB	167848	----a-w-	C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-23 14:25:27	5BD8F54F125CC5F5E6CD358A98264E23	2484736	----a-w-	C:\WINDOWS\SysWOW64\gameux.dll
2016-12-23 14:25:26	2ECE88940B9F7513A6C99D8108FF398A	333312	----a-w-	C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-23 14:25:25	C0E596721A1500F565BF28229158EA6E	138240	----a-w-	C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-23 14:25:25	4B8563DA5553EB3D6257D6285AC2D9BA	122880	----a-w-	C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-23 14:25:24	EA1FE375F92970D1AE3088E9A0D7F74E	6474752	----a-w-	C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-23 14:25:24	B3BE4F5ACC4E72C204C70CA4CA86D528	1196544	----a-w-	C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-23 14:25:23	1EC580C9F5F111EBC2E08E05AAF3C1EC	2682880	----a-w-	C:\WINDOWS\SysWOW64\netshell.dll
2016-12-23 14:25:23	0D04F5AF5D4E9025EA7410446BE2AEDF	108544	----a-w-	C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-23 14:25:22	FE65A5BA6720E69BF79A1069F73D946F	156672	----a-w-	C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-23 14:25:22	F26A1B27FBF49588AFF089539D0CDB0E	34304	----a-w-	C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-23 14:25:22	DE78C0522296196718D4045BC99948F3	358912	----a-w-	C:\WINDOWS\SysWOW64\stobject.dll
2016-12-23 14:25:22	993585DD4B3DEB915659A65CA27A6B6E	140288	----a-w-	C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-23 14:25:22	933F3C40C2062AFF47327FA676735DBD	318464	----a-w-	C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-23 14:25:22	8A21948CF905F807F478FA87E1823CC4	506880	----a-w-	C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-23 14:25:22	45424A1103724E3834988D9FD56DC731	47104	----a-w-	C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-23 14:25:19	464235F5DB3FAF56C594A7B74D3837E3	12177920	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-23 14:25:12	F1ED45682DB96B37AF5D8DCD355EAA42	2206496	----a-w-	C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-23 14:25:12	D86AD86B05274E6386976FE42A7BA7C0	3689984	----a-w-	C:\WINDOWS\SysWOW64\msi.dll
2016-12-23 14:25:12	5C9A0EDE876D5D63A6EB34BC24384A17	2998272	----a-w-	C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-23 14:25:09	A3C9A12D3B208557EB69D7BC3B2E1EAA	869848	----a-w-	C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-23 14:25:09	4A0B06DD8211CDA36D209FE61283DB58	1706488	----a-w-	C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-23 14:25:07	56A1F18F27A325A4C17BF7EA963DBD2B	1415752	----a-w-	C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-23 14:25:06	562E97FEB07676FF73F4A3BD8723661B	1969912	----a-w-	C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-23 14:25:06	3A52D6E555AA67029ACF48766163B49A	1336320	----a-w-	C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-23 14:25:04	DF53C40EE6572B64691668277156FA41	147968	----a-w-	C:\WINDOWS\SysWOW64\win32k.sys
2016-12-23 14:25:04	C45CC1044D106B59EBC61679D79FCF96	1755136	----a-w-	C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-23 14:25:03	5CAA3BA7EAE16D621E0854F71165E376	1576448	----a-w-	C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-23 14:25:00	3371300D70E83990990D056563C12A03	259584	----a-w-	C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-23 14:24:59	358EB97C59FF33C968FB1333E9876494	6668040	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-23 14:24:57	30FE605338408D1D459012E4ED9B903D	3198464	----a-w-	C:\WINDOWS\SysWOW64\cdp.dll
2016-12-23 14:24:56	09FB1E45C38939B300140F01D14D0E6A	2166752	----a-w-	C:\WINDOWS\SysWOW64\combase.dll
2016-12-23 14:24:55	9B3298D80A2E4DA567C16BF5F88E5150	861024	----a-w-	C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-23 14:24:55	8F857B2705BECC734B4D979A0D2C0D03	886272	----a-w-	C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-23 14:24:54	AA3B16977532312A378B532DB494B653	1572768	----a-w-	C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-23 14:24:54	A1CB32732926340BAC6A79F1BBA6538F	566784	----a-w-	C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-23 14:24:53	F969E083B97AE85454390299C4348B32	1430720	----a-w-	C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-23 14:24:53	9114BA853A4F6441101CD38246FD4B28	382784	----a-w-	C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-23 14:24:52	EBD4C2424DC0C023F82AC7F13970016D	846560	----a-w-	C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-23 14:24:52	4330AF6614F053DD11985FE6AC037C7D	565248	----a-w-	C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-23 14:24:51	AAA2134FF68DDD12365011A105C3186A	499200	----a-w-	C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-23 14:24:51	1D090D82282336CD790733FAE33641E9	483840	----a-w-	C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-23 14:24:50	C041ED5CE66BEDFA0CEAC973C8E5DAC5	106896	----a-w-	C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-23 14:24:50	5BC2D871EB445A70EB762ECE7C574BBD	152416	----a-w-	C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-23 14:24:49	AC335330C3D82A5DC7C2994F63F7A048	400384	----a-w-	C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-23 14:24:48	5B388E2E843FA0F4FA0B79FD477EEB1D	248480	----a-w-	C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-23 14:24:48	24FC2879F6A3E2F92648B8F5058BD21C	484584	----a-w-	C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-23 14:24:48	0E9B4F6705BB4831D932BEA1922A9399	519168	----a-w-	C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-23 14:24:47	EDD8DCA7F0DC0029E21BD55D2E4372F0	285696	----a-w-	C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-23 14:24:46	CC32207A4520FD1956AF2D68D7DA7BDD	288768	----a-w-	C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-23 14:24:46	934F47AB68E2D38577E348F497A3BC21	395264	----a-w-	C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-23 14:24:44	C1DCB93B1DB4FD0CC08051373C4EBACA	557568	----a-w-	C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-23 14:24:44	24559CE6E21ECC3DD2A597300F6819B2	1228288	----a-w-	C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-23 14:24:44	1E411B75AE947557FC8031B417DC299B	30720	----a-w-	C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-23 14:24:43	CC41DF9EB48F743E5CD747011376D539	431616	----a-w-	C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-23 14:24:43	70EE8BA7A3B9AA577EBA6E8B9C9AB37C	223232	----a-w-	C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-23 14:24:42	D948FC01C18AB80947DEFDB7E7DDE598	180224	----a-w-	C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-23 14:24:42	A61F71788BAE3F65FF2DEA42B35E35C9	165376	----a-w-	C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-23 14:24:42	A185BCC083628A702D61F384B2D37DE3	298496	----a-w-	C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-23 14:24:31	38000DC06180F3C2F68B7175BC6C6B94	19413504	----a-w-	C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-23 14:24:29	C2A2CC42F71927ABB95AA1F851056638	19417088	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-23 14:24:20	98F4C3DE98F6C24B74DA6150836BDDC9	6044160	----a-w-	C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-23 14:24:19	88DD13B762E3BD681E044A269DC1D57E	13868544	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-23 14:24:16	92D533895D9D4BFB469083F5221CAE71	3666432	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-23 14:24:15	90217C2BF22BCACC99E7A11D7FCFA7E0	20969928	----a-w-	C:\WINDOWS\SysWOW64\shell32.dll
2016-12-23 14:24:13	7F14E8300CC72C06417D2980F2FBA0FE	2048496	----a-w-	C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-23 14:24:11	E74F2C29ECF25124BE3DA75FBD6A0E46	959112	----a-w-	C:\WINDOWS\SysWOW64\ole32.dll
2016-12-23 14:24:11	771F172114E51FC2DF5838476D97D90A	1595392	----a-w-	C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-23 14:24:07	9E9039ED9DB41DEA49B9B56E38964916	198656	----a-w-	C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-23 14:24:07	7FC056540E986F37EC8DE0F2C6BE99BA	364544	----a-w-	C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-23 14:24:02	F2936C785E75757A4241DC9C25C69D25	1631232	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-23 14:24:02	178835F0334565C9AF5522B9E46E799A	374448	----a-w-	C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-23 14:24:02	120FCB09AEBD03A459FA44412106D4FE	306176	----a-w-	C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-23 14:24:02	0D8CA86B639533ED0A7FE1792C5BE600	2256384	----a-w-	C:\WINDOWS\SysWOW64\wininet.dll
2016-12-23 14:24:01	EE3D4702DC0AEDE708804DEE888E1BEF	91648	----a-w-	C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-23 14:24:01	DF990FE5B6590BB98145BEBCA2C7E721	822784	----a-w-	C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-23 14:24:01	B14EC96F7A15DECF967560E981E592C8	772608	----a-w-	C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-23 14:24:01	A9AE442890AA112F8B3AA6692DC7CDE6	231936	----a-w-	C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-23 14:24:00	A481F2EBBB1B9FCB413CB32BA34A8D13	65024	----a-w-	C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-23 14:24:00	65B9445D4FDB93ABEB5C62761C229BF6	635904	----a-w-	C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-23 14:24:00	21D6D4555C11864CF0328746937ACA05	284672	----a-w-	C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-23 14:24:00	15966EA1972A55F661FC509FE3074B77	125952	----a-w-	C:\WINDOWS\SysWOW64\apprepapi.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2016-12-23 14:26:05	2F3EA67476D78958F91E070C14A8E31B	8168000	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.Protection.PlayReady.dll
2016-12-23 14:26:01	06244AE293E04AB801876B9059DC7615	3059200	----a-w-	C:\WINDOWS\Sysnative\msi.dll
2016-12-23 14:26:00	F1A1EBBFDC04204B89E1B4C4E9EF753E	1589760	----a-w-	C:\WINDOWS\Sysnative\msdtctm.dll
2016-12-23 14:26:00	A0746EF6C5AB7A17A67BC167167499C1	560128	----a-w-	C:\WINDOWS\Sysnative\AppReadiness.dll
2016-12-23 14:25:59	FCC7B4C5CAD998DC936251247AB22C9A	1274712	----a-w-	C:\WINDOWS\Sysnative\ole32.dll
2016-12-23 14:25:59	9A077360DC6A6BF2E364FE4A47DC9854	1100128	----a-w-	C:\WINDOWS\Sysnative\hvix64.exe
2016-12-23 14:25:59	1067D34BEEA34E48E4D30F37F6AA93AF	410112	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentClient.dll
2016-12-23 14:25:58	D5C59218EDAD5E424C33D825DD797C49	989024	----a-w-	C:\WINDOWS\Sysnative\hvax64.exe
2016-12-23 14:25:58	4E330AD1EED4A5D582EE415FD55953A2	4136448	----a-w-	C:\WINDOWS\Sysnative\Windows.StateRepository.dll
2016-12-23 14:25:56	6C9AD8E67F7D1F7AA735A9299D261816	2852864	----a-w-	C:\WINDOWS\Sysnative\SystemSettingsThresholdAdminFlowUI.dll
2016-12-23 14:25:55	9664CEE01F1F168FD201C1972DB2C718	1477632	----a-w-	C:\WINDOWS\Sysnative\wsecedit.dll
2016-12-23 14:25:54	7F6BDCFC4EB0E47EBA67F8CEC404C26C	947552	----a-w-	C:\WINDOWS\Sysnative\hvloader.efi
2016-12-23 14:25:53	B202DB61CBB01C34EF1083225B869BB0	870912	----a-w-	C:\WINDOWS\Sysnative\msdtcprx.dll
2016-12-23 14:25:53	8FC3E97C6063915D1F3DBA35930169FC	360040	----a-w-	C:\WINDOWS\Sysnative\SystemSettingsAdminFlows.exe
2016-12-23 14:25:53	52A50D6838A6ED4255FF8B0CE2BC4B11	1726976	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Immersive.dll
2016-12-23 14:25:53	12736C69D73EB8A0D2889CBE167217E2	811872	----a-w-	C:\WINDOWS\Sysnative\hvloader.exe
2016-12-23 14:25:52	D7F8E55D7AECA523B2B88EA04545B995	717824	----a-w-	C:\WINDOWS\Sysnative\LogonController.dll
2016-12-23 14:25:52	D07C0FEBC9CF05306DDD3B8320BD1331	98304	----a-w-	C:\WINDOWS\Sysnative\browserbroker.dll
2016-12-23 14:25:52	94552B30376D315653BE815BEFAC5AD4	539136	----a-w-	C:\WINDOWS\Sysnative\PlayToManager.dll
2016-12-23 14:25:52	613FF7815E475EEB84F898A9FB1F658E	328008	----a-w-	C:\WINDOWS\Sysnative\Windows.Storage.ApplicationData.dll
2016-12-23 14:25:52	3C69CC28665854F1AAB4B4005005FA31	454592	----a-w-	C:\WINDOWS\Sysnative\services.exe
2016-12-23 14:25:51	6B02A2756E4D3D4DB0DF5A71A5A7E1E0	391168	----a-w-	C:\WINDOWS\Sysnative\wuuhext.dll
2016-12-23 14:25:51	3C26EB27EA2D1ADE809434D330A9FA3C	107520	----a-w-	C:\WINDOWS\Sysnative\VPNv2CSP.dll
2016-12-23 14:25:50	DEE66FE9F9001BC60D757E5CCD01E0E8	185344	----a-w-	C:\WINDOWS\Sysnative\DisplayManager.dll
2016-12-23 14:25:50	CBA63D4B9F8A9117A59703EF18DABC53	991232	----a-w-	C:\WINDOWS\Sysnative\comdlg32.dll
2016-12-23 14:25:50	9458B2D945C676A0795823C76B8B506A	324608	----a-w-	C:\WINDOWS\Sysnative\Windows.ApplicationModel.LockScreen.dll
2016-12-23 14:25:50	3BBD41D11F3888F2500CB5A5FBF5A9B2	590336	----a-w-	C:\WINDOWS\Sysnative\efswrt.dll
2016-12-23 14:25:46	EF63052EC54A826B484455FB9DB62E0E	158720	----a-w-	C:\WINDOWS\Sysnative\VEStoreEventHandlers.dll
2016-12-23 14:25:46	9E700419EA86397448296B7D9B195907	389632	----a-w-	C:\WINDOWS\Sysnative\ActivationManager.dll
2016-12-23 14:25:46	8439DB137E719EBFF71FD20586AAA2B4	40960	----a-w-	C:\WINDOWS\Sysnative\CbtBackgroundManagerPolicy.dll
2016-12-23 14:25:46	13F5191092A5767D17BAB667395BA42F	122880	----a-w-	C:\WINDOWS\Sysnative\Windows.StateRepositoryClient.dll
2016-12-23 14:25:45	1D8F285E38781C2688FCBD249B4AA50C	73216	----a-w-	C:\WINDOWS\Sysnative\Windows.StateRepositoryBroker.dll
2016-12-23 14:25:42	20A7D1848593F5988A2ACE63F22DE8BF	6285312	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.dll
2016-12-23 14:25:40	666090378138806ECC581835FB134C8B	3777536	----a-w-	C:\WINDOWS\Sysnative\MFMediaEngine.dll
2016-12-23 14:25:39	4C80C700BA6B90EE9ED878EEBE67851D	1600624	----a-w-	C:\WINDOWS\Sysnative\sppobjs.dll
2016-12-23 14:25:38	C6E7C0577523905FF4FF3B0D5A036A3B	7816032	----a-w-	C:\WINDOWS\Sysnative\ntoskrnl.exe
2016-12-23 14:25:38	70D5AF138FDBDF97F8A6415C596C80E4	1988560	----a-w-	C:\WINDOWS\Sysnative\mfmp4srcsnk.dll
2016-12-23 14:25:36	8D7AC60330B3E96C4D00E682437868D0	2681200	----a-w-	C:\WINDOWS\Sysnative\CoreUIComponents.dll
2016-12-23 14:25:35	6012019C0E09D6194E0E6144B4859EB2	1293152	----a-w-	C:\WINDOWS\Sysnative\LicenseManager.dll
2016-12-23 14:25:35	2C1CEC25F6D92871F38960E2E84CC3EE	2275840	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
2016-12-23 14:25:34	9B5701A33BA8CE1E547645FFAF4CDD18	4130432	----a-w-	C:\WINDOWS\Sysnative\mfcore.dll
2016-12-23 14:25:33	E15711970C5BE05E8D70B294D0AFF621	2104320	----a-w-	C:\WINDOWS\Sysnative\wlidsvc.dll
2016-12-23 14:25:33	96A380C14A4FFC2883A00FFB250EBD44	1692672	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentExtensions.onecore.dll
2016-12-23 14:25:33	7B2301A9FE0A9B1DF7A321F1E044BA41	1121280	----a-w-	C:\WINDOWS\Sysnative\aadtb.dll
2016-12-23 14:25:33	18F00DE0A1E18D8740B589BABE1965D8	1062480	----a-w-	C:\WINDOWS\Sysnative\mfsvr.dll
2016-12-23 14:25:32	4F41459377C3C1B05BF46B7C0D50125A	743224	----a-w-	C:\WINDOWS\Sysnative\sppwinob.dll
2016-12-23 14:25:32	40C1E763ACB4FCB8744C220D7B1A4800	425984	----a-w-	C:\WINDOWS\Sysnative\aadcloudap.dll
2016-12-23 14:25:32	24B894CCC09F373C8E0883E31A7A1CB0	2820096	----a-w-	C:\WINDOWS\Sysnative\InputService.dll
2016-12-23 14:25:31	FB72606571F97668A773079A3A3A3ADF	1859264	----a-w-	C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll
2016-12-23 14:25:31	F107BF38350045A51AEBFA2C4E0E03B7	126568	----a-w-	C:\WINDOWS\Sysnative\mfaudiocnv.dll
2016-12-23 14:25:31	88104DF1A924408A61B35438A0596A1B	909312	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Search.dll
2016-12-23 14:25:31	7FC2CEE4B16F4E9AEB5565C9429FC5A5	1473048	----a-w-	C:\WINDOWS\Sysnative\mfplat.dll
2016-12-23 14:25:31	0C2545B95A19F573D335608680B0C31D	411136	----a-w-	C:\WINDOWS\Sysnative\facecredentialprovider.dll
2016-12-23 14:25:30	EC449756B377F4330B2885567112ACF5	3542016	----a-w-	C:\WINDOWS\Sysnative\actxprxy.dll
2016-12-23 14:25:30	4CDF5A5841E22456E7D64CC01B41E6AF	882680	----a-w-	C:\WINDOWS\Sysnative\EditionUpgradeManagerObj.dll
2016-12-23 14:25:29	DE6DF9BBBECAFDEF462A37D839167368	673792	----a-w-	C:\WINDOWS\Sysnative\winlogon.exe
2016-12-23 14:25:29	C5C184635BA06F8F707BB8837D1F7BD1	603488	----a-w-	C:\WINDOWS\Sysnative\ContentDeliveryManager.Utilities.dll
2016-12-23 14:25:29	524086B8BB70DDE6C167F9CC5DC129DD	870400	----a-w-	C:\WINDOWS\Sysnative\mfmkvsrcsnk.dll
2016-12-23 14:25:28	B6337AC6D2C16E4050362711041B2DA4	187520	----a-w-	C:\WINDOWS\Sysnative\CloudStorageWizard.exe
2016-12-23 14:25:27	B69B3DCCF4C87451F738330C94A99AC9	101216	----a-w-	C:\WINDOWS\Sysnative\DeviceReactivation.dll
2016-12-23 14:25:26	F00D9885A1B3173B75E9C2A954238984	388096	----a-w-	C:\WINDOWS\Sysnative\zipfldr.dll
2016-12-23 14:25:26	C4049F43A5BC629689B2629D50EECF3F	68096	----a-w-	C:\WINDOWS\Sysnative\ProvSysprep.dll
2016-12-23 14:25:26	B91FBE7CB4633FEB32AFBD0B48576396	396800	----a-w-	C:\WINDOWS\Sysnative\StorSvc.dll
2016-12-23 14:25:26	8F8B9B67E8BAFE7AEE433609D5DE8076	119296	----a-w-	C:\WINDOWS\Sysnative\InputLocaleManager.dll
2016-12-23 14:25:26	0660F4A14F9D2A2F59B26B1D74F1A6D0	650752	----a-w-	C:\WINDOWS\Sysnative\RDXService.dll
2016-12-23 14:25:25	C30FB61C85D12E1F7DDEFEA141F79DB4	261120	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Core.TextInput.dll
2016-12-23 14:25:25	C1C8560C3FA7E2F970CB134393B594BC	40448	----a-w-	C:\WINDOWS\Sysnative\WordBreakers.dll
2016-12-23 14:25:25	96ADD6454DC4FC40CCEE4C1B195E0EA8	748544	----a-w-	C:\WINDOWS\Sysnative\StoreAgent.dll
2016-12-23 14:25:25	3B9487062A0CFF44131EAC1731CA47CE	85504	----a-w-	C:\WINDOWS\Sysnative\EditBufferTestHook.dll
2016-12-23 14:25:24	BFC3A0E0D9CA0BC28FFDDB1999794970	58880	----a-w-	C:\WINDOWS\Sysnative\Windows.Shell.Search.UriHandler.dll
2016-12-23 14:25:24	9DAA32C2B9E9E60259491BBFD6F1EB88	211968	----a-w-	C:\WINDOWS\Sysnative\InstallAgent.exe
2016-12-23 14:25:24	2CB858F99F34CCECC72BE24B2000817F	260608	----a-w-	C:\WINDOWS\Sysnative\InstallAgentUserBroker.exe
2016-12-23 14:25:23	033C350C64617BA4F65084BD0B78385E	105984	----a-w-	C:\WINDOWS\Sysnative\RjvMDMConfig.dll
2016-12-23 14:25:22	04E33678D2737E0612084F0AAFBFE832	161792	----a-w-	C:\WINDOWS\Sysnative\EditionUpgradeHelper.dll
2016-12-23 14:25:21	981159C5094E4C2AD4DADCEDF3E8F532	13084160	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2016-12-23 14:25:20	88125659EFA273D90BF43F34D1209032	7812096	----a-w-	C:\WINDOWS\Sysnative\BingMaps.dll
2016-12-23 14:25:18	9EDCF34001A705B3F0F065E6A4D340CC	7654400	----a-w-	C:\WINDOWS\Sysnative\mos.dll
2016-12-23 14:25:17	C415587AC829504F74ACE07066A0402F	4749312	----a-w-	C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll
2016-12-23 14:25:15	047038089EBA9376B3B280C50243263C	9131008	----a-w-	C:\WINDOWS\Sysnative\twinui.dll
2016-12-23 14:25:14	1F5FF8C45418A3D47DC73D612EFBD47E	5114368	----a-w-	C:\WINDOWS\Sysnative\cdp.dll
2016-12-23 14:25:13	A930AD470CBCBEEAA2B684325453D48A	3616768	----a-w-	C:\WINDOWS\Sysnative\win32kfull.sys
2016-12-23 14:25:13	1E75344E86ED73D0FDCA29F3435F9FFF	3441152	----a-w-	C:\WINDOWS\Sysnative\MapRouter.dll
2016-12-23 14:25:12	BD71ABBF635991C41569163DE31AB674	2953216	----a-w-	C:\WINDOWS\Sysnative\MapGeocoder.dll
2016-12-23 14:25:10	DA446593637409C623A1F308371F0505	716800	----a-w-	C:\WINDOWS\Sysnative\ShareHost.dll
2016-12-23 14:25:10	5DE2049D5F57C1D142F36FA9CE443693	764392	----a-w-	C:\WINDOWS\Sysnative\CoreMessaging.dll
2016-12-23 14:25:10	5C98A144C06B806976FA4F5BEEBD4D10	1031680	----a-w-	C:\WINDOWS\Sysnative\MapsStore.dll
2016-12-23 14:25:09	45198B71B548B113A18ACD0D9DF7F686	1886344	----a-w-	C:\WINDOWS\Sysnative\ntdll.dll
2016-12-23 14:25:08	F20DD184C8DC1BEF7863BEE44BB3D09F	1418312	----a-w-	C:\WINDOWS\Sysnative\msctf.dll
2016-12-23 14:25:08	DA842AEF3EED0C980036B5E6A8E51F4F	2213760	----a-w-	C:\WINDOWS\Sysnative\KernelBase.dll
2016-12-23 14:25:08	90E6A44311F392E63043D4B395FEBE80	1366016	----a-w-	C:\WINDOWS\Sysnative\wpncore.dll
2016-12-23 14:25:08	5BEEB27D8F314D94773FA6568740AE13	1572768	----a-w-	C:\WINDOWS\Sysnative\gdi32full.dll
2016-12-23 14:25:07	C31AFDF95FE4162ACCA59DB5FBA14EF3	1069720	----a-w-	C:\WINDOWS\Sysnative\MrmCoreR.dll
2016-12-23 14:25:07	C1DBD5C3898237A2C8065D7722C8EA36	960000	----a-w-	C:\WINDOWS\Sysnative\modernexecserver.dll
2016-12-23 14:25:07	B2988953AF18B7DEDDE06B195A8DEE64	905216	----a-w-	C:\WINDOWS\Sysnative\MapControlCore.dll
2016-12-23 14:25:07	4CD89AE11FF2D1C8C5FB4579E42C870B	620544	----a-w-	C:\WINDOWS\Sysnative\bcastdvr.exe
2016-12-23 14:25:07	35202E997F51B4832FF77F52CAC06695	313856	----a-w-	C:\WINDOWS\Sysnative\moshostcore.dll
2016-12-23 14:25:07	32D5C807FCC03D07AE7C3616FAF5CD08	446976	----a-w-	C:\WINDOWS\Sysnative\MapConfiguration.dll
2016-12-23 14:25:06	BC198A2793B6B84789D9C159AE146298	151040	----a-w-	C:\WINDOWS\Sysnative\MapsBtSvc.dll
2016-12-23 14:25:06	AA9A5061D81F59B8DB107A871CE96CEE	424616	----a-w-	C:\WINDOWS\Sysnative\MFPlay.dll
2016-12-23 14:25:06	2E6612376D257F74781F2EF1F869D8C3	411648	----a-w-	C:\WINDOWS\Sysnative\cdpsvc.dll
2016-12-23 14:25:05	CAAF0CD70FEE7C5110B1E62804E41B17	82944	----a-w-	C:\WINDOWS\Sysnative\moshost.dll
2016-12-23 14:25:05	C46EA86BF0E7C96235E9064CBAD6ED26	1461200	----a-w-	C:\WINDOWS\Sysnative\user32.dll
2016-12-23 14:25:05	83D459A5CBAF13FA700EBCFD35C8E98A	495104	----a-w-	C:\WINDOWS\Sysnative\DataSenseHandlers.dll
2016-12-23 14:25:05	2925A1C60E081F0B51699C148AE1925A	455520	----a-w-	C:\WINDOWS\Sysnative\securekernel.exe
2016-12-23 14:25:04	BBB6B1F731DC954B833115DA90A89597	159744	----a-w-	C:\WINDOWS\Sysnative\ACPBackgroundManagerPolicy.dll
2016-12-23 14:25:04	976EB2566EF7A48DD80BEEDE63DE1C65	241504	----a-w-	C:\WINDOWS\Sysnative\CloudExperienceHost.dll
2016-12-23 14:25:04	6343BD5C58F385703454D47416EE0100	206848	----a-w-	C:\WINDOWS\Sysnative\win32k.sys
2016-12-23 14:25:04	4333EB2F0D4EFD6591CC2007F8EBA26C	89600	----a-w-	C:\WINDOWS\Sysnative\MosStorage.dll
2016-12-23 14:25:04	11BDDEDDCAC6CD65A6A082DF53ED0F39	3400192	----a-w-	C:\WINDOWS\Sysnative\SyncCenter.dll
2016-12-23 14:25:03	E6BA6FF8E956F684524CF5DBBB053687	136192	----a-w-	C:\WINDOWS\Sysnative\sendmail.dll
2016-12-23 14:25:03	DAA6A4E3DD36F21A486901284D7BBFB1	164352	----a-w-	C:\WINDOWS\Sysnative\dialserver.dll
2016-12-23 14:25:03	A8594741E7FFBA9579715E9451066533	1051112	----a-w-	C:\WINDOWS\Sysnative\winresume.efi
2016-12-23 14:25:03	74C191A1BF7AD5AD63432E104E1D7A54	1173496	----a-w-	C:\WINDOWS\Sysnative\winload.exe
2016-12-23 14:25:03	5729FB886E5B0663C6CE1D7F6CCEA566	366080	----a-w-	C:\WINDOWS\Sysnative\RDXTaskFactory.dll
2016-12-23 14:25:03	2F495415E9E3386C82B3A2459D93ABD0	2611200	----a-w-	C:\WINDOWS\Sysnative\gameux.dll
2016-12-23 14:25:03	183B7A1DCA847669FB16A7392535B095	1354320	----a-w-	C:\WINDOWS\Sysnative\winload.efi
2016-12-23 14:25:03	0DCF6AF8987CD9EEBAB548A593380C3E	894096	----a-w-	C:\WINDOWS\Sysnative\winresume.exe
2016-12-23 14:25:02	8C02F264C60183EEFCE1ED27FDF006DC	389632	----a-w-	C:\WINDOWS\Sysnative\stobject.dll
2016-12-23 14:25:02	675A95DCF8F9C66122A4E3357E95C6DF	43008	----a-w-	C:\WINDOWS\Sysnative\LaunchWinApp.exe
2016-12-23 14:25:01	BB08E753C027F5FEECA835759F180014	567296	----a-w-	C:\WINDOWS\Sysnative\DevicePairing.dll
2016-12-23 14:25:01	32F359D2120A8C670FE650994A9FF419	49152	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Shell.dll
2016-12-23 14:25:00	EC99B92C40EA47862BF1723EDA9BE55D	936448	----a-w-	C:\WINDOWS\Sysnative\NMAA.dll
2016-12-23 14:25:00	E4207E8B3FCD84B019E03B51B57CE4C1	198656	----a-w-	C:\WINDOWS\Sysnative\BcastDVRHelper.dll
2016-12-23 14:25:00	E337677FFD088B87F5D7876F0ED3EC34	1060864	----a-w-	C:\WINDOWS\Sysnative\JpMapControl.dll
2016-12-23 14:25:00	A93C9B9EBE2FDE5A536000D72CC17F7F	339456	----a-w-	C:\WINDOWS\Sysnative\cdpusersvc.dll
2016-12-23 14:25:00	9F2965CB4D07ED5420C3E01A94888E21	6664192	----a-w-	C:\WINDOWS\Sysnative\mspaint.exe
2016-12-23 14:25:00	87BF36C0AD9398C7C5AF48CA9C7F3E56	170496	----a-w-	C:\WINDOWS\Sysnative\AppCapture.dll
2016-12-23 14:25:00	02DB72679572E637F4688596F12CFBEA	115200	----a-w-	C:\WINDOWS\Sysnative\IdCtrls.dll
2016-12-23 14:24:58	DCB77F9C30B269461B59E87810EE2B43	137568	----a-w-	C:\WINDOWS\Sysnative\acmigration.dll
2016-12-23 14:24:58	8F1AF1A559291DE87C91C9FBC15BDB80	1637728	----a-w-	C:\WINDOWS\Sysnative\appraiser.dll
2016-12-23 14:24:57	5160B6F5CCB2DBFDC6FBF00604BF80B8	2482280	----a-w-	C:\WINDOWS\Sysnative\msmpeg2vdec.dll
2016-12-23 14:24:56	B50F4C3A4DE252EA5E7656A4438F0792	2913144	----a-w-	C:\WINDOWS\Sysnative\combase.dll
2016-12-23 14:24:55	704FE1155EAE560979226C6902115B2D	1232384	----a-w-	C:\WINDOWS\Sysnative\dosvc.dll
2016-12-23 14:24:55	151AEA80776413C9FCE3185A10EB4B00	1490944	----a-w-	C:\WINDOWS\Sysnative\lsasrv.dll
2016-12-23 14:24:52	80316B3EB295BFA0E8B155A0A79869FB	2287616	----a-w-	C:\WINDOWS\Sysnative\dwmcore.dll
2016-12-23 14:24:52	2269644E1163FEE49D3D3B04372B13B1	2009600	----a-w-	C:\WINDOWS\Sysnative\SRHInproc.dll
2016-12-23 14:24:51	D0B1B74D085035CE6BA5AFCE4AC7F725	641024	----a-w-	C:\WINDOWS\Sysnative\ngccredprov.dll
2016-12-23 14:24:51	AC5344ED480F896C3BCE688F0AAE5144	168424	----a-w-	C:\WINDOWS\Sysnative\bcrypt.dll
2016-12-23 14:24:51	A1D2D0F342A11179AE4D4640416ED6CA	324096	----a-w-	C:\WINDOWS\Sysnative\domgmt.dll
2016-12-23 14:24:51	9C09E3057378ADE13AFB1C43C9D13F64	409088	----a-w-	C:\WINDOWS\Sysnative\NgcCtnr.dll
2016-12-23 14:24:51	2892EB16D39C6F6E27BF8A9276B49F20	1004544	----a-w-	C:\WINDOWS\Sysnative\enterprisecsps.dll
2016-12-23 14:24:50	F26AACA6DC392FE1C903FE866B039958	347648	----a-w-	C:\WINDOWS\Sysnative\rascustom.dll
2016-12-23 14:24:50	7B07A0CFEB7F5B6C016433C15DCCA9E7	1267512	----a-w-	C:\WINDOWS\Sysnative\WinTypes.dll
2016-12-23 14:24:50	33DBBCF71F68EA97D9FD34E4C9AB5AC6	283648	----a-w-	C:\WINDOWS\Sysnative\wkssvc.dll
2016-12-23 14:24:50	28CF4575C39A0662138E6C6A0B107BCB	172544	----a-w-	C:\WINDOWS\Sysnative\DeviceEnroller.exe
2016-12-23 14:24:49	A324C1FBD3BC34DD0C88E97E5E75EF5C	142176	----a-w-	C:\WINDOWS\Sysnative\migisol.dll
2016-12-23 14:24:49	488302B09300EB1CFDE4EDAD21390A68	198144	----a-w-	C:\WINDOWS\Sysnative\dpapisrv.dll
2016-12-23 14:24:48	BD56EA20694C18421E7A616CEAA05D39	2186896	----a-w-	C:\WINDOWS\Sysnative\hevcdecoder.dll
2016-12-23 14:24:48	81C7314FEF69EE047D94AC2BC72F18D2	163840	----a-w-	C:\WINDOWS\Sysnative\EnterpriseModernAppMgmtCSP.dll
2016-12-23 14:24:48	4005682897714B769CDAE9965C9F732F	266544	----a-w-	C:\WINDOWS\Sysnative\policymanager.dll
2016-12-23 14:24:48	1CB6B8E8E4B483D65BC4F13E755211C8	574464	----a-w-	C:\WINDOWS\Sysnative\SettingsHandlers_StorageSense.dll
2016-12-23 14:24:47	D5EFC0BAEC21EDE6FE03D377D403B421	691712	----a-w-	C:\WINDOWS\Sysnative\lsm.dll
2016-12-23 14:24:47	A736567105C8ECE9135C84E23273CE79	147968	----a-w-	C:\WINDOWS\Sysnative\dmcertinst.exe
2016-12-23 14:24:47	620316E17FB073F9FA519AD0CA9FA615	455168	----a-w-	C:\WINDOWS\Sysnative\dmenrollengine.dll
2016-12-23 14:24:47	0CC546199EA54CB510176DB999A455A3	379392	----a-w-	C:\WINDOWS\Sysnative\apprepsync.dll
2016-12-23 14:24:47	09CF47A74BFB480B8262FCEE222004B6	407552	----a-w-	C:\WINDOWS\Sysnative\Windows.Internal.Management.dll
2016-12-23 14:24:46	F8C0699FAA8C4A4A3F3C45FAF3D1D903	178176	----a-w-	C:\WINDOWS\Sysnative\sppnp.dll
2016-12-23 14:24:46	A8AE70993C0FB8DB0EA893B451E36367	366080	----a-w-	C:\WINDOWS\Sysnative\SearchFolder.dll
2016-12-23 14:24:46	A5D48D65A9D0CB4C0DB8F76C76BA9BCC	380928	----a-w-	C:\WINDOWS\Sysnative\wincorlib.dll
2016-12-23 14:24:46	0257EB6E424875D1FFEF193FED1F2F2E	176128	----a-w-	C:\WINDOWS\Sysnative\apprepapi.dll
2016-12-23 14:24:45	DB0C3558378D0D752F52919BA10FF05E	1002496	----a-w-	C:\WINDOWS\Sysnative\SRH.dll
2016-12-23 14:24:44	D23738B17E5B74BC4D6BB58A3B103C35	41472	----a-w-	C:\WINDOWS\Sysnative\EAMProgressHandler.dll
2016-12-23 14:24:44	38D8CA93EC675696D8F4A39C3081A515	1691136	----a-w-	C:\WINDOWS\Sysnative\aitstatic.exe
2016-12-23 14:24:44	0B854C8F588D38CBA00C2B1889A11F2A	381952	----a-w-	C:\WINDOWS\Sysnative\cryptngc.dll
2016-12-23 14:24:44	07EA23DB96222D373E81CD2E4EFDE528	34816	----a-w-	C:\WINDOWS\Sysnative\ReAgentc.exe
2016-12-23 14:24:43	3CE2B6AECB9AF8BC159299EEC46A35CA	285696	----a-w-	C:\WINDOWS\Sysnative\EnterpriseAppMgmtSvc.dll
2016-12-23 14:24:43	3717827707AC0C50E670F842666FFA87	187392	----a-w-	C:\WINDOWS\Sysnative\mdmregistration.dll
2016-12-23 14:24:43	1A2871BEA49447B68194D0A2BF6759AA	81408	----a-w-	C:\WINDOWS\Sysnative\HttpsDataSource.dll
2016-12-23 14:24:42	FAE5D9725F3E1BE1214FBD92A190D01A	143360	----a-w-	C:\WINDOWS\Sysnative\EDPCleanup.exe
2016-12-23 14:24:41	B600F3021B9991C8EC72938E6D25A282	306176	----a-w-	C:\WINDOWS\Sysnative\msdtcuiu.dll
2016-12-23 14:24:41	85220DEC5309BDF0A0F2CBEDADE6EF45	2800128	----a-w-	C:\WINDOWS\Sysnative\netshell.dll
2016-12-23 14:24:40	003A750CF9401B57FD41263188134CDA	109056	----a-w-	C:\WINDOWS\Sysnative\ReportingCSP.dll
2016-12-23 14:24:37	25A2DFE2ACE0CA2B7CCEF337EBEA672E	23677952	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2016-12-23 14:24:34	39D428A31DA525F730D3262ADCA41CCE	22563328	----a-w-	C:\WINDOWS\Sysnative\edgehtml.dll
2016-12-23 14:24:27	587F8B85DA3328512DBF396D595DCCCF	22224480	----a-w-	C:\WINDOWS\Sysnative\shell32.dll
2016-12-23 14:24:26	3968825A109FE7940D5DB648556D756C	7219672	----a-w-	C:\WINDOWS\Sysnative\windows.storage.dll
2016-12-23 14:24:25	997050BEA4A90A3DBF69C7393BD54C08	8129536	----a-w-	C:\WINDOWS\Sysnative\Chakra.dll
2016-12-23 14:24:23	A9FAD443A2F9424AB7B21A183050F206	17188352	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2016-12-23 14:24:17	0BD00AE0D8AAF0A62FDBAE8856F152D9	2677544	----a-w-	C:\WINDOWS\Sysnative\d3d10warp.dll
2016-12-23 14:24:16	4CCAD745F8CB73E02B2BE685D3094F5D	4746752	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
2016-12-23 14:24:14	99C236BDF40912E253650B562DB65235	1738560	----a-w-	C:\WINDOWS\Sysnative\WindowsCodecs.dll
2016-12-23 14:24:14	7C98397279D619956D6A7F9294FA5C5F	1512960	----a-w-	C:\WINDOWS\Sysnative\win32kbase.sys
2016-12-23 14:24:13	79939990A672F2ED0F56E70475C2EB35	615424	----a-w-	C:\WINDOWS\Sysnative\wpnprv.dll
2016-12-23 14:24:13	517644763301E25D21FF48F8A894CAC3	2828376	----a-w-	C:\WINDOWS\Sysnative\d3d11.dll
2016-12-23 14:24:12	9CE8024075A91397B1059DE58C76502D	1779712	----a-w-	C:\WINDOWS\Sysnative\urlmon.dll
2016-12-23 14:24:12	3D2079B85B9D87D025E0C3E23CDA1D75	2084352	----a-w-	C:\WINDOWS\Sysnative\DeviceFlows.DataModel.dll
2016-12-23 14:24:10	B8C0D620219ECAA23A2AC841EAF454D1	2716672	----a-w-	C:\WINDOWS\Sysnative\WsmSvc.dll
2016-12-23 14:24:10	B6699EAD25D76CCA04ACA8CEEB8508E6	418952	----a-w-	C:\WINDOWS\Sysnative\AUDIOKSE.dll
2016-12-23 14:24:10	30C9B8967B561B2C8BBA8027F09F4FB2	2510848	----a-w-	C:\WINDOWS\Sysnative\NetworkMobileSettings.dll
2016-12-23 14:24:10	0243E66C562B7FBE9697A36141D177BB	1709056	----a-w-	C:\WINDOWS\Sysnative\UIAutomationCore.dll
2016-12-23 14:24:09	F79BFB5588B777C71734C1D1EC129D07	657920	----a-w-	C:\WINDOWS\Sysnative\rasmans.dll
2016-12-23 14:24:09	D8FA419B49A4EFC3F2CE3BCB881B797F	637400	----a-w-	C:\WINDOWS\Sysnative\dxgi.dll
2016-12-23 14:24:09	7EF363096F4411D0EEE1270C73EA2535	4708864	----a-w-	C:\WINDOWS\Sysnative\ExplorerFrame.dll
2016-12-23 14:24:09	5163F5BABAE1FF8CCC0AFD60B6EDD20A	2317312	----a-w-	C:\WINDOWS\Sysnative\wuaueng.dll
2016-12-23 14:24:08	E72280A50E35C3402276E5C8B02C784C	489472	----a-w-	C:\WINDOWS\Sysnative\NetSetupShim.dll
2016-12-23 14:24:08	86DBBA9B08AB9DDA31C2F49E9F8EEFD9	227328	----a-w-	C:\WINDOWS\Sysnative\cdd.dll
2016-12-23 14:24:08	4851F31B5BFBC2F164A317BD70F82E9C	632320	----a-w-	C:\WINDOWS\Sysnative\rasapi32.dll
2016-12-23 14:24:08	00C24D6FDEF221DDA1625836702AFC6C	730624	----a-w-	C:\WINDOWS\Sysnative\fveapi.dll
2016-12-23 14:24:07	FB42A5A74A56DF6A85929B81860F1B64	690688	----a-w-	C:\WINDOWS\Sysnative\ieproxy.dll
2016-12-23 14:24:07	9A0E0B836413EB0BC885532D2A5389D6	184832	----a-w-	C:\WINDOWS\Sysnative\wscsvc.dll
2016-12-23 14:24:04	9C86A399648A6FC9A4016B336CAA9F86	125952	----a-w-	C:\WINDOWS\Sysnative\setupugc.exe
2016-12-23 14:24:03	E584CDC70F694F9A984A060A8291EB04	2669056	----a-w-	C:\WINDOWS\Sysnative\wininet.dll
2016-12-23 14:24:03	7715BF8720E38F77E69B1B688DCD719D	587776	----a-w-	C:\WINDOWS\Sysnative\vpnike.dll
2016-12-23 14:24:03	2DF07B2560A3E961C1CA6ABBB4400C68	172528	----a-w-	C:\WINDOWS\Sysnative\sspicli.dll
2016-12-23 14:24:03	1EABA23A7305A232C9A16C14806ED091	163752	----a-w-	C:\WINDOWS\Sysnative\RTWorkQ.dll
2016-12-23 14:24:02	E4AE313316CCE407A393DDF15690BEB0	534096	----a-w-	C:\WINDOWS\Sysnative\AudioEng.dll
2016-12-23 14:24:02	DCDA84B4419F9A9520D831273B087967	261632	----a-w-	C:\WINDOWS\Sysnative\indexeddbserver.dll
2016-12-23 14:24:02	B5EBC4909DC4BA8D3757F6A65AF32A95	1631232	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Xaml.Resources.dll
2016-12-23 14:24:02	4EC62F8C60191A2710294C8BDFEECB9A	198856	----a-w-	C:\WINDOWS\Sysnative\wscapi.dll
2016-12-23 14:24:02	12563643B2A0D6AD44392F23A34119E8	590960	----a-w-	C:\WINDOWS\Sysnative\AudioSes.dll
2016-12-23 14:24:01	FB081DD05891F05ECF6B015CBD7AEC8F	1220096	----a-w-	C:\WINDOWS\Sysnative\wscui.cpl
2016-12-23 14:24:01	F25A86C9E36402BD4E76B7B5C2301C4B	96256	----a-w-	C:\WINDOWS\Sysnative\umpoext.dll
2016-12-23 14:24:01	8054F43873E02C41D7D6B73955F7EED8	110080	----a-w-	C:\WINDOWS\Sysnative\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-23 14:24:01	7AF01F6539F66128237A3D7E62EE1135	376832	----a-w-	C:\WINDOWS\Sysnative\CryptoWinRT.dll
2016-12-23 14:24:01	30CED9C2EBD1CA0E3F47A31B3C1E4CBD	1359360	----a-w-	C:\WINDOWS\Sysnative\usercpl.dll
2016-12-23 14:24:01	302C6A5649494779A2CD86492E16AB73	842240	----a-w-	C:\WINDOWS\Sysnative\ntshrui.dll
2016-12-23 14:24:01	1C986DC8F4FDA1B040AC1176FB24467F	942080	----a-w-	C:\WINDOWS\Sysnative\audiosrv.dll
2016-12-23 14:24:00	F2924292A6E176536C598F03B2AB3786	86016	----a-w-	C:\WINDOWS\Sysnative\NetCfgNotifyObjectHost.exe
2016-12-23 14:24:00	8019685F581BD9E0C605D227383CFF58	159232	----a-w-	C:\WINDOWS\Sysnative\wscinterop.dll
2016-12-23 14:24:00	59F44051BCD479E70446506B7E4E78BB	337920	----a-w-	C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll
2016-12-23 14:24:00	31D39097AC99F6A539A363A5722485C2	278016	----a-w-	C:\WINDOWS\Sysnative\netplwiz.dll
2016-12-23 14:24:00	11D3620AB49916F0179316888852A570	32256	----a-w-	C:\WINDOWS\Sysnative\WSManHTTPConfig.exe
====== C:\WINDOWS\Sysnative\drivers =====
2016-12-23 14:25:51	FA918EC296EB410FF02867D008D02421	352096	----a-w-	C:\WINDOWS\Sysnative\drivers\fastfat.sys
2016-12-23 14:25:29	46171262D0E806779DEEDFCAB2F830CC	219488	----a-w-	C:\WINDOWS\Sysnative\drivers\tpm.sys
2016-12-23 14:25:24	55CA5329D1ADEB8F8034045930147AE4	713216	----a-w-	C:\WINDOWS\Sysnative\drivers\srv2.sys
2016-12-23 14:25:24	0D50B3F3AB32D416786B58D4553859CE	42496	----a-w-	C:\WINDOWS\Sysnative\drivers\modem.sys
2016-12-23 14:25:05	CDBD029BAEC8D09F6FBD404632D9AF28	128352	----a-w-	C:\WINDOWS\Sysnative\drivers\partmgr.sys
2016-12-23 14:24:54	B0D9B87B795B7833C9152441CBD55CC4	624048	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2016-12-23 14:24:52	AF6963414B820B7C45578ED3300438A7	433504	----a-w-	C:\WINDOWS\Sysnative\drivers\rdbss.sys
2016-12-23 14:24:52	93A77008A8932FC84A173C4E97E52874	223584	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys
2016-12-23 14:24:51	B72D26074E72A757D788FB1BEF8B2F2E	377184	----a-w-	C:\WINDOWS\Sysnative\drivers\clfs.sys
2016-12-23 14:24:14	19F2B54EE8861D90579BD0E3AE5182F9	2189664	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2016-12-23 14:24:11	D24345315139AAF6E3DF106344EE9422	658784	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2016-12-23 14:24:09	5634BF53BE184314A82E638EAD67DE73	402272	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2016-12-23 14:24:07	9627BBAA50878F6833A6A7843EE3B1D9	258560	----a-w-	C:\WINDOWS\Sysnative\drivers\xboxgip.sys
2016-12-23 14:24:03	E2DD2E5BDCCD225670831B439826065B	335712	----a-w-	C:\WINDOWS\Sysnative\drivers\pci.sys
2016-12-23 14:24:02	D4D12BC29DE0F09280868FDCA65B3474	282624	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys
2016-12-04 13:37:05	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-12-04 13:36:56	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_Kernel_SynTP_01011.Wdf
2016-12-04 13:36:56	6F577F1C828B8B4E80E93947C74E29C3	51392	----a-w-	C:\WINDOWS\Sysnative\drivers\Smb_driver_Intel.sys
====== C:\WINDOWS\Tasks ======
2016-12-23 13:41:41	7CE210BED48D7ABAD022715A80621FFF	3272	----a-w-	C:\WINDOWS\Sysnative\Tasks\OneDrive Standalone Update Task v2
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-12-23 21:13:05	--------	d-----w-	C:\Program Files\trend micro
2016-12-23 14:15:22	--------	d---a-w-	C:\Program Files\Speccy
2016-12-04 13:36:42	--------	d-----w-	C:\Program Files\Synaptics
======= C:\PROGRA~2 =====
2016-12-23 14:10:29	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2016-11-30 17:36:41	--------	d---a-w-	C:\PROGRA~2\COMMON~1\DESIGNER
======= C: =====
====== C:\Users\Wim\AppData\Roaming ======
2016-12-03 13:33:21	--------	d-----w-	C:\Users\Wim\AppData\Local\CEF
====== C:\Users\Wim ======
2016-12-23 21:11:45	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Wim\Desktop\RSITx64.exe
2016-12-23 14:15:23	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-12-23 14:13:58	0942AE8ABF027AC095EF3CE2B590448A	6293184	----a-w-	C:\Users\Wim\Downloads\spsetup130 (1).exe
2016-12-23 14:13:34	0942AE8ABF027AC095EF3CE2B590448A	6293184	----a-w-	C:\Users\Wim\Downloads\spsetup130.exe

====== C: exe-files ==
2016-12-23 21:39:51	418299F70B35752CB048ED773C59002E	145088	----a-w-	C:\Users\Wim\AppData\Local\Temp\68B7D9BA-C0C8-4D42-97B4-7FECFA44CF74\DismHost.exe
2016-12-23 21:34:43	418299F70B35752CB048ED773C59002E	145088	----a-w-	C:\Users\Wim\AppData\Local\Temp\A1A12F07-70C7-45CF-B581-8B0CAC6E1CC6\DismHost.exe
2016-12-23 21:26:50	418299F70B35752CB048ED773C59002E	145088	----a-w-	C:\Users\Wim\AppData\Local\Temp\75965943-00C0-4D78-9CC3-DAE1C7197999\DismHost.exe
2016-12-23 21:13:05	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Wim.exe
2016-12-23 21:11:45	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Wim\Desktop\RSITx64.exe
2016-12-23 20:48:40	418299F70B35752CB048ED773C59002E	145088	----a-w-	C:\Users\Wim\AppData\Local\Temp\9D2E206E-DEF9-4296-8B6F-4F2A5909BD83\DismHost.exe
2016-12-23 17:55:28	418299F70B35752CB048ED773C59002E	145088	----a-w-	C:\Users\Wim\AppData\Local\Temp\D08640F1-7CD9-4455-BE7F-AC38AC6AA8BB\DismHost.exe
2016-12-23 17:39:04	418299F70B35752CB048ED773C59002E	145088	----a-w-	C:\Users\Wim\AppData\Local\Temp\7B735DC4-982B-4874-9296-F2CA93177B62\DismHost.exe
2016-12-23 17:34:30	418299F70B35752CB048ED773C59002E	145088	----a-w-	C:\Users\Wim\AppData\Local\Temp\B041313C-3F70-4964-9A39-EF45ABB8E083\DismHost.exe
2016-12-23 17:28:04	418299F70B35752CB048ED773C59002E	145088	----a-w-	C:\Users\Wim\AppData\Local\Temp\382F8AD2-2274-47CD-8CA2-74BDE996EF6D\DismHost.exe
2016-12-23 17:12:05	418299F70B35752CB048ED773C59002E	145088	----a-w-	C:\Users\Wim\AppData\Local\Temp\A5CE1D4A-6685-49FD-801A-98D65C849058\DismHost.exe
2016-12-23 14:25:59	9A077360DC6A6BF2E364FE4A47DC9854	1100128	----a-w-	C:\Windows\System32\hvix64.exe
2016-12-23 14:25:58	D5C59218EDAD5E424C33D825DD797C49	989024	----a-w-	C:\Windows\System32\hvax64.exe
2016-12-23 14:25:53	CF7ED2DA9A76C70267E9CED3CA783EF5	171008	----a-w-	C:\Windows\System32\oobe\msoobe.exe
2016-12-23 14:25:53	8FC3E97C6063915D1F3DBA35930169FC	360040	----a-w-	C:\Windows\System32\SystemSettingsAdminFlows.exe
2016-12-23 14:25:53	12736C69D73EB8A0D2889CBE167217E2	811872	----a-w-	C:\Windows\System32\hvloader.exe
2016-12-23 14:25:52	3C69CC28665854F1AAB4B4005005FA31	454592	----a-w-	C:\Windows\System32\services.exe
2016-12-23 14:25:51	B896EE88B38810BF83E1A2D08ADDA673	157536	----a-w-	C:\Windows\SysWOW64\CloudStorageWizard.exe
2016-12-23 14:25:51	7C13A18901A701202A1DD6514BA4D053	114176	----a-w-	C:\Windows\SysWOW64\setupugc.exe
2016-12-23 14:25:45	D8BC84CEC908147CB88FE6E87138EB58	7655280	----a-w-	C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
2016-12-23 14:25:45	B5F75AF049EB8CBD884B044CCE14A8BD	33280	----a-w-	C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-12-23 14:25:38	C6E7C0577523905FF4FF3B0D5A036A3B	7816032	----a-w-	C:\Windows\System32\ntoskrnl.exe
2016-12-23 14:25:33	AF46710DDB8B0E304AA4FD2B940CABD8	4311736	----a-w-	C:\Windows\SysWOW64\explorer.exe
2016-12-23 14:25:29	DE6DF9BBBECAFDEF462A37D839167368	673792	----a-w-	C:\Windows\System32\winlogon.exe
2016-12-23 14:25:29	33F992140B11BF32F08008B7E52631D0	505856	----a-w-	C:\Windows\SysWOW64\bcastdvr.exe
2016-12-23 14:25:28	B6337AC6D2C16E4050362711041B2DA4	187520	----a-w-	C:\Windows\System32\CloudStorageWizard.exe
2016-12-23 14:25:28	1D5C9E2102D2F0A98BC1564F8532F9F0	275296	----a-w-	C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe
2016-12-23 14:25:24	EA1FE375F92970D1AE3088E9A0D7F74E	6474752	----a-w-	C:\Windows\SysWOW64\mspaint.exe
2016-12-23 14:25:24	9DAA32C2B9E9E60259491BBFD6F1EB88	211968	----a-w-	C:\Windows\System32\InstallAgent.exe
2016-12-23 14:25:24	2CB858F99F34CCECC72BE24B2000817F	260608	----a-w-	C:\Windows\System32\InstallAgentUserBroker.exe
2016-12-23 14:25:22	F26A1B27FBF49588AFF089539D0CDB0E	34304	----a-w-	C:\Windows\SysWOW64\LaunchWinApp.exe
2016-12-23 14:25:10	4E10FB1A015B49AC68F76C1A3F4D9C0F	4673304	----a-w-	C:\Windows\explorer.exe
2016-12-23 14:25:07	4CD89AE11FF2D1C8C5FB4579E42C870B	620544	----a-w-	C:\Windows\System32\bcastdvr.exe
2016-12-23 14:25:05	2925A1C60E081F0B51699C148AE1925A	455520	----a-w-	C:\Windows\System32\securekernel.exe
2016-12-23 14:25:03	74C191A1BF7AD5AD63432E104E1D7A54	1173496	----a-w-	C:\Windows\System32\winload.exe
2016-12-23 14:25:03	0DCF6AF8987CD9EEBAB548A593380C3E	894096	----a-w-	C:\Windows\System32\winresume.exe
2016-12-23 14:25:03	0DCF6AF8987CD9EEBAB548A593380C3E	894096	----a-w-	C:\Windows\System32\Boot\winresume.exe
2016-12-23 14:25:02	675A95DCF8F9C66122A4E3357E95C6DF	43008	----a-w-	C:\Windows\System32\LaunchWinApp.exe
2016-12-23 14:25:02	01A7F0EB0FA2E15BE8F6B84316F95DA3	512000	----a-w-	C:\Program Files\Internet Explorer\iediagcmd.exe
2016-12-23 14:25:00	9F2965CB4D07ED5420C3E01A94888E21	6664192	----a-w-	C:\Windows\System32\mspaint.exe
2016-12-23 14:25:00	9BE821EB9BD18ED241A926B5DDAC6D18	495616	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2016-12-23 14:25:00	4459AAD5DA99EF5BF12D18D1FA0D1EC0	478720	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2016-12-23 14:24:50	50708495E442C3C66048E34E61367694	490496	----a-w-	C:\Windows\System32\Sysprep\sysprep.exe
2016-12-23 14:24:50	28CF4575C39A0662138E6C6A0B107BCB	172544	----a-w-	C:\Windows\System32\DeviceEnroller.exe
2016-12-23 14:24:48	9E978D320F6334FB99BC03EB81CB4606	275136	----a-w-	C:\Windows\System32\oobe\Setup.exe
2016-12-23 14:24:47	A736567105C8ECE9135C84E23273CE79	147968	----a-w-	C:\Windows\System32\dmcertinst.exe
2016-12-23 14:24:46	0381ED762157698F20586F3F1211F1B1	79872	----a-w-	C:\Windows\System32\oobe\audit.exe
2016-12-23 14:24:45	BFB136EB77A25F0623D4BDD1D3ABEEEA	31744	----a-w-	C:\Windows\System32\oobe\AuditShD.exe
2016-12-23 14:24:44	38D8CA93EC675696D8F4A39C3081A515	1691136	----a-w-	C:\Windows\System32\aitstatic.exe
2016-12-23 14:24:44	1E411B75AE947557FC8031B417DC299B	30720	----a-w-	C:\Windows\SysWOW64\ReAgentc.exe
2016-12-23 14:24:44	07EA23DB96222D373E81CD2E4EFDE528	34816	----a-w-	C:\Windows\System32\ReAgentc.exe
2016-12-23 14:24:43	70EE8BA7A3B9AA577EBA6E8B9C9AB37C	223232	----a-w-	C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2016-12-23 14:24:42	FAE5D9725F3E1BE1214FBD92A190D01A	143360	----a-w-	C:\Windows\System32\EDPCleanup.exe
2016-12-23 14:24:42	D948FC01C18AB80947DEFDB7E7DDE598	180224	----a-w-	C:\Windows\SysWOW64\InstallAgent.exe
2016-12-23 14:24:04	9C86A399648A6FC9A4016B336CAA9F86	125952	----a-w-	C:\Windows\System32\setupugc.exe
2016-12-23 14:24:02	026DE0C95587AC002012274CFC19436B	165888	----a-w-	C:\Windows\System32\oobe\windeploy.exe
2016-12-23 14:24:01	0E2120144540E04F74D67F29BB6042AF	65536	----a-w-	C:\Windows\System32\oobe\oobeldr.exe
2016-12-23 14:24:01	09440FA30C020B4443391FAFCF4876E3	122880	----a-w-	C:\Windows\servicing\TrustedInstaller.exe
2016-12-23 14:24:00	F2924292A6E176536C598F03B2AB3786	86016	----a-w-	C:\Windows\System32\NetCfgNotifyObjectHost.exe
2016-12-23 14:24:00	A481F2EBBB1B9FCB413CB32BA34A8D13	65024	----a-w-	C:\Windows\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-23 14:24:00	11D3620AB49916F0179316888852A570	32256	----a-w-	C:\Windows\System32\WSManHTTPConfig.exe
2016-12-23 14:15:18	15477F7E088D901F344D1AA43FCEE1A3	8805960	----a-w-	C:\Users\Wim\AppData\Local\Microsoft\Windows\INetCache\IE\MY6YTBFM\cctrialsetup[1].exe
2016-12-23 14:13:58	0942AE8ABF027AC095EF3CE2B590448A	6293184	----a-w-	C:\Users\Wim\Downloads\spsetup130 (1).exe
2016-12-23 14:13:34	0942AE8ABF027AC095EF3CE2B590448A	6293184	----a-w-	C:\Users\Wim\Downloads\spsetup130.exe
2016-12-23 14:10:08	F38FB008B3816D9585F10A7D2CC22DF1	16448	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\orbd.exe
2016-12-23 14:10:08	ED141A08605AF568747C8F418170FC06	159296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\unpack200.exe
2016-12-23 14:10:08	EBF20DDA7DDA14BBD1F6F2F1B37BC113	83008	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2launcher.exe
2016-12-23 14:10:08	B8EDC4631E2B5D7AE9E626690F6506FF	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\rmid.exe
2016-12-23 14:10:08	A1AD424B821EB9878B985AB43253DCA0	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\keytool.exe
2016-12-23 14:10:08	8448994199BEE00F4C40A561AE77672F	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\kinit.exe
2016-12-23 14:10:08	6DDA1D127FD0C4B8F93307E6D52B1ABD	16448	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\tnameserv.exe
2016-12-23 14:10:08	65E94EC48AE31838C8F6F2F4FC59AB44	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\pack200.exe
2016-12-23 14:10:08	5F2D0025CB3C078E0AAB83E1430827C6	52800	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssvagent.exe
2016-12-23 14:10:08	490D67C45EE587B06833ADA0811F241B	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\servertool.exe
2016-12-23 14:10:08	487C48AA28B0DC99A387F31E7764ABFB	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\jjs.exe
2016-12-23 14:10:08	3FAF0C9A1D59F5D196C0578839A00EFE	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\policytool.exe
2016-12-23 14:10:08	391D35229BF096E04FEE6F8520DC3B21	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\klist.exe
2016-12-23 14:10:08	1D623A885163D6BA50175987B4BB9450	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\rmiregistry.exe
2016-12-23 14:10:08	09C754EFAEE0DA93817D5DC0A5FFE8B4	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\ktab.exe
2016-12-23 14:10:07	C2B897032A8604E1827B0CD07EBB3306	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\java-rmi.exe
2016-12-23 14:10:07	C07D4839606118BBF7C5153FF171301C	70208	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\javacpl.exe
2016-12-23 14:10:07	A90E29C3839ED2141F80670A3DB32F69	191552	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\javaw.exe
2016-12-23 14:10:07	5A92988B4DEC8EAFE62F7D2DBE8AB620	269888	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\javaws.exe
2016-12-23 14:10:07	1B7F15EA9DA5322698988698C7D58959	191040	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\java.exe
2016-12-23 14:10:07	1598CF2FAD014E95975560929F578E05	30784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\bin\jabswitch.exe
2016-12-23 14:09:00	8DA3FB0C49CEBF5F28AB6E59B7BC86C0	737856	----a-w-	C:\Users\Wim\AppData\Local\Temp\jre-8u111-windows-au.exe
2016-12-23 13:55:21	A7529F0791532BE456AE1F9E9BC6B3C4	35600	----a-w-	C:\ProgramData\Avg\Setup\fmw\avgrdsttestx.exe
2016-12-23 13:55:21	4EA8F8C0396B8F0D2E3434E71BCECF5B	38160	----a-w-	C:\ProgramData\Avg\Setup\fmw\avgrdsttesta.exe
2016-12-23 13:55:16	E15CFA0847C0AACE405CA4711DF7C876	2831608	----a-w-	C:\ProgramData\Avg\Setup\fmw\vc_redist.x86.exe
2016-12-23 13:55:16	88DB62649FA04E557F90F3E28A5462F6	3118312	----a-w-	C:\ProgramData\Avg\Setup\fmw\vc_redist.x64.exe
2016-12-23 13:53:23	8E04F95BACD68F9094FC9F5D0D67C02B	698128	----a-w-	C:\Program Files (x86)\AVG\Setup\avgntdumpx.exe
2016-12-23 13:53:23	197FC519C9031556889E1466582A7415	3661072	----a-w-	C:\Program Files (x86)\AVG\Setup\avgsetupx.exe
2016-12-23 13:49:48	A01D05F7C7D2A73F298B0C2123C3E835	1384792	----a-w-	C:\Windows\Temp\CR_7DF75.tmp\setup.exe
2016-12-23 13:49:42	62014E15B08D9F260B95307B1BB89A92	13983608	----a-w-	C:\Program Files (x86)\Google\Update\Install\{06390241-9D7E-432B-BEAA-30537B860655}\55.0.2883.87_54.0.2840.99_chrome_updater.exe
2016-12-23 13:49:41	62014E15B08D9F260B95307B1BB89A92	13983608	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\55.0.2883.87\55.0.2883.87_54.0.2840.99_chrome_updater.exe
2016-12-23 13:47:08	CB7A4790615372ACC501E0AA35106ED7	2248184	----a-w-	C:\Users\Wim\AppData\Local\Google\Chrome\User Data\SwReporter\15.85.1\software_reporter_tool.exe
2016-12-23 13:43:12	5E7ADCF81096860FED5AB569A8ADE3AB	96920	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe
2016-12-23 13:43:12	57769E78CCB9F3DE92B507B72D49AF99	96920	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateBroker.exe
2016-12-23 13:43:12	33DF23DDDE222C6270C99885D7A70DE2	96920	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateWebPlugin.exe
2016-12-23 13:43:10	FCAEDFFAA41EA74BA53FDADABBB8B21A	1129376	----a-w-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateSetup.exe
2016-12-23 13:42:43	FE40EC349D80C0ED24A5808DCFE9A0D2	288920	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
2016-12-23 13:42:43	FACC7DC5EEF8AF0D969BC2481AAA3EFC	174232	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateComRegisterShell64.exe
2016-12-23 13:42:43	B5C7D56B6DB76C66E24B4B735BB66509	366232	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
2016-12-23 13:42:43	A96C9FCD81BA21171324E9F6EB724D31	500704	----a-w-	C:\Program Files (x86)\AVG\Av\Notification\emupdate.exe
2016-12-23 13:42:41	FE9E6388A039441098EB09C070EA5049	601752	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateCore.exe
2016-12-23 13:42:41	2D8BBF6C7241AAD9EDE7708EBB7B43A4	153752	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdate.exe
2016-12-23 13:42:34	FCAEDFFAA41EA74BA53FDADABBB8B21A	1129376	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.32.7\GoogleUpdateSetup.exe
2016-12-23 13:41:30	345D131E3C8E4D2794EC750104716DA4	1669856	----a-w-	C:\Users\Wim\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
2016-12-23 13:41:18	847D3A328291E7B91E79F8CB1DA1141B	21628640	----a-w-	C:\Users\Wim\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
2016-12-23 13:41:18	847D3A328291E7B91E79F8CB1DA1141B	21628640	----a-w-	C:\Users\Wim\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\OneDriveSetup.exe
2016-12-23 13:40:02	F9813C456FE75D614116199B3E138D65	229088	----a-w-	C:\Users\Wim\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncConfig.exe
2016-12-23 13:40:01	7EA564DB7A3D890EC000D2F7812EDF10	215264	----a-w-	C:\Users\Wim\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileCoAuth.exe
=== C: other files ==
2016-12-23 14:25:51	FA918EC296EB410FF02867D008D02421	352096	----a-w-	C:\Windows\System32\drivers\fastfat.sys
2016-12-23 14:25:29	46171262D0E806779DEEDFCAB2F830CC	219488	----a-w-	C:\Windows\System32\drivers\tpm.sys
2016-12-23 14:25:24	55CA5329D1ADEB8F8034045930147AE4	713216	----a-w-	C:\Windows\System32\drivers\srv2.sys
2016-12-23 14:25:24	0D50B3F3AB32D416786B58D4553859CE	42496	----a-w-	C:\Windows\System32\drivers\modem.sys
2016-12-23 14:25:13	A930AD470CBCBEEAA2B684325453D48A	3616768	----a-w-	C:\Windows\System32\win32kfull.sys
2016-12-23 14:25:12	5C9A0EDE876D5D63A6EB34BC24384A17	2998272	----a-w-	C:\Windows\SysWOW64\win32kfull.sys
2016-12-23 14:25:05	CDBD029BAEC8D09F6FBD404632D9AF28	128352	----a-w-	C:\Windows\System32\drivers\partmgr.sys
2016-12-23 14:25:04	DF53C40EE6572B64691668277156FA41	147968	----a-w-	C:\Windows\SysWOW64\win32k.sys
2016-12-23 14:25:04	6343BD5C58F385703454D47416EE0100	206848	----a-w-	C:\Windows\System32\win32k.sys
2016-12-23 14:24:54	B0D9B87B795B7833C9152441CBD55CC4	624048	----a-w-	C:\Windows\System32\drivers\cng.sys
2016-12-23 14:24:52	AF6963414B820B7C45578ED3300438A7	433504	----a-w-	C:\Windows\System32\drivers\rdbss.sys
2016-12-23 14:24:52	93A77008A8932FC84A173C4E97E52874	223584	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2016-12-23 14:24:51	B72D26074E72A757D788FB1BEF8B2F2E	377184	----a-w-	C:\Windows\System32\drivers\clfs.sys
2016-12-23 14:24:14	7C98397279D619956D6A7F9294FA5C5F	1512960	----a-w-	C:\Windows\System32\win32kbase.sys
2016-12-23 14:24:14	19F2B54EE8861D90579BD0E3AE5182F9	2189664	----a-w-	C:\Windows\System32\drivers\dxgkrnl.sys
2016-12-23 14:24:11	D24345315139AAF6E3DF106344EE9422	658784	----a-w-	C:\Windows\System32\drivers\dxgmms2.sys
2016-12-23 14:24:09	5634BF53BE184314A82E638EAD67DE73	402272	----a-w-	C:\Windows\System32\drivers\dxgmms1.sys
2016-12-23 14:24:07	9627BBAA50878F6833A6A7843EE3B1D9	258560	----a-w-	C:\Windows\System32\drivers\xboxgip.sys
2016-12-23 14:24:03	E2DD2E5BDCCD225670831B439826065B	335712	----a-w-	C:\Windows\System32\drivers\pci.sys
2016-12-23 14:24:02	D4D12BC29DE0F09280868FDCA65B3474	282624	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2016-12-23 14:10:08	467720B73E839ED66826EAF59C9A59E7	14156	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_111\lib\deploy\ffjcext.zip
2016-12-23 13:40:01	8CF4163521FDB8E53482003C7EFA7121	5850	----a-w-	C:\Users\Wim\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\CollectOneDriveLogs.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-1406585922-2982736091-624962569-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Wim\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe /lps=fmw"
"AVG_UI"="C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe /lps=av"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Wim\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"
"Persistence"="C:\WINDOWS\system32\igfxpers.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\AVG EUpdate Task" [avgsetupx.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task" [C:\Users\Wim\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe]
"C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task v2" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{27401EE0-1AE4-4D5B-9043-1BC56C4B2E01}" [C:\WINDOWS\system32\msfeedssync.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [16/09/2016 20:00]

==== Chromium Look ======================

Google Slides - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Store Payments - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Chrome Media Router - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.be/?hl=nl"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.be/?hl=nl"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=av
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Wim\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Wim\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Wim\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Wim\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Wim\AppData\Local\Microsoft\Windows\INetCache\IE\MY6YTBFM will be deleted at reboot
C:\Users\Wim\AppData\Local\Microsoft\Windows\INetCache\IE\RRA145N3 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=709 folders=201 255118854 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Wim\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Wim\AppData\Local\Microsoft\Windows\INetCache\IE\MY6YTBFM" not found
"C:\Users\Wim\AppData\Local\Microsoft\Windows\INetCache\IE\RRA145N3" not found

==== EOF on za 24/12/2016 at 12:26:20,55 ======================