Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Mathias on do 14-01-2016 at 19:13:23,18.
Microsoft Windows 10 Pro 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Mathias\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

14-1-2016 19:13:50 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Avira deleted successfully
C:\Program Files\Google deleted successfully
C:\Program Files\Unlocker deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\Mathias\AppData\Local\ActiveSync deleted successfully
C:\Users\Mathias\AppData\Local\CutePDF Writer deleted successfully
C:\Users\Mathias\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Mathias\AppData\Local\EmieSiteList deleted successfully
C:\Users\Mathias\AppData\Local\EmieUserList deleted successfully
C:\Users\Mathias\AppData\Local\PeerDistRepub deleted successfully
C:\Users\Mathias\AppData\Local\Ubisoft Game Launcher deleted successfully
C:\Users\Mathias\AppData\Local\VirtualStore deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

ęTorrent  
Adobe Flash Player 20 NPAPI  
Adobe Reader XI (11.0.14) - Nederlands  
Adobe Refresh Manager  
Assassins Creed Syndicate  
Avast Free Antivirus  
Battlelog Web Plugins  
Borderlands: The Pre-Sequel Update v1.03 with DLC  
CCleaner  
CutePDF Writer 3.0  
DAEMON Tools Lite  
Dragon AgeT: Inquisition  
EPSON Scan  
EVGA PrecisionX 16  
Fallout 4  
Far Cry 4 versie 1.9.0  
Fraps  
Grand Theft Auto V  
GRID  
Intel(R) Chipset Device Software  
Intel(R) Management Engine Components  
Intel(R) Network Connections 18.8.136.0  
Intel(R) Processor Graphics  
Intel(R) Rapid Storage Technology  
Intel(R) USB 3.0 eXtensible Host Controller Driver  
Intel© Trusted Connect Service Client  
Logitech Gaming Software  
Logitech Gaming Software 8.57  
Logitech Options  
Malwarebytes Anti-Malware versie 2.2.0.1024  
MediaInfo 0.7.76  
Microsoft .NET Framework 4.5.2  
Microsoft .NET Framework 4.5.2 (NLD)  
Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64)  
Microsoft Games for Windows - LIVE Redistributable  
Microsoft Games for Windows Marketplace  
Microsoft Office Professional 2013 - nl-nl  
Microsoft Silverlight  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2005 Redistributable (x64)  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219  
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219  
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030  
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030  
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030  
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030  
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030  
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030  
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501  
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501  
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005  
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005  
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005  
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005  
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)  
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD  
Microsoft XNA Framework Redistributable 4.0 Refresh  
MKVToolNix 5.5.0  
Mozilla Firefox 42.0 (x86 nl)  
Mozilla Maintenance Service  
NFS Hot Pursuit version 1.0  
NVIDIA-configuratiescherm 358.91  
NVIDIA 3D Vision controllerstuurprogramma 352.65  
NVIDIA 3D Vision stuurprogramma 358.91  
NVIDIA Grafisch stuurprogramma 358.91  
NVIDIA HD Audio-stuurprogramma 1.3.34.4  
NVIDIA Install Application  
NVIDIA PhysX Systeem Software 9.15.0428  
NVIDIA Stereoscopic 3D Driver  
Office 15 Click-to-Run Extensibility Component  
Office 15 Click-to-Run Licensing Component  
Office 15 Click-to-Run Localization Component  
OpenAL  
Origin  
Rockstar Games Social Club  
Software voor Intel© Chipset-apparaten  
SpeedFan (remove only)  
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD  
VLC media player  
Winamp  
Windows Live ID Sign-in Assistant  
WinRAR 5.21 (64-bit)  

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionXServer.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Mathias\Downloads\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Mathias\AppData\Roaming\Mozilla\Firefox\Profiles\ys2eczs7.default

user.js not found
---- Lines surfing removed from prefs.js ----
user_pref("browser.search.searchengine.alias", "oursurfing");
user_pref("browser.search.searchengine.iconURL", "http://www.oursurfing.com/favicon.ico");
user_pref("browser.search.searchengine.name", "oursurfing");
user_pref("browser.search.searchengine.url", "http://www.oursurfing.com/web/?type=ds&ts=1436111172&z=e65881015aca9ae170c0e12gczfc8qfg7g8gfg2m4g&from=s
---- Lines quick_start removed from prefs.js ----
user_pref("extensions.quick_start.enable_search1", false);
user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
---- Lines searchengine removed from prefs.js ----
user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
user_pref("browser.search.searchengine.ptid", "smt");
user_pref("browser.search.searchengine.uid", "ADATAXSP900_7E0420001946");
---- FireFox user.js and prefs.js backups ---- 

prefs_14-01-2016_1929_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Avira not found
C:\PROGRA~3\Package Cache deleted
C:\Users\Mathias\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\Syswow64\tmpDAD2.tmp deleted
C:\WINDOWS\Syswow64\tmpDAD3.tmp deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 16252 MB
CPU Info: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
CPU Speed: 3501,1 MHz
Sound Card: SAMSUNG-C (NVIDIA High Definiti | 
Luidsprekers (High Definition A | 
Digitale audio (S/PDIF) (High D | 
H277H-4 (NVIDIA High Definition | 
Display Adapters: NVIDIA GeForce GTX 970 | NVIDIA GeForce GTX 970 | NVIDIA GeForce GTX 970 | NVIDIA GeForce GTX 970 | Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600
Monitors: 3x; Generic PnP Monitor | Generic PnP Monitor | Generic PnP Monitor | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Bluetooth Device (Personal Area Network) | Intel(R) Ethernet Connection I217-V
CD / DVD Drives: 2x (H: | K: | ) H: hp      DVD-RAM GH40L    | K: DTSOFT  BDROM
Ports: COM1 LPT Port NOT Present. 
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  237,9GB | D:  1862,9GB | E:  2794,4GB | F:  3725,9GB | G:  5588,9GB
Hard Disks - Free: C:  162,0GB | D:  885,4GB | E:  212,0GB | F:  87,4GB | G:  355,5GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 04/25/14 | ALASKA - 1072009
Time Zone: Romance (standaardtijd)
Motherboard *: Gigabyte Technology Co., Ltd. Z97X-UD3H-BK-CF
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Default Browser: Firefox	43.0.4
Internet Explorer Version: 11.63.10586.0 
Mozilla Firefox version: 42.0 (x86 nl)
Adobe Reader version: 11.0.14.16
Flash Player version: 20.0.0.267

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2016-01-06 21:48:57	2A68061E6BB4BD68079B0A67D103988A	67584	--s-a-w-	C:\WINDOWS\bootstat.dat
====== C:\Users\Mathias\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2016-01-12 23:03:05	268366A5E301A61823E95D14258EAC17	18677760	----a-w-	C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-12 23:03:04	AD780450655553B8A55B327E2051D42F	2180128	----a-w-	C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 23:03:04	21F36915236B7B1466632A0E66E11FBA	13018624	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-12 23:03:04	1F7C4CBC0C5788E3E91C08A3D32F7BB9	1118208	----a-w-	C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 23:03:04	1661BE40F2ADC5FABF3EEA50655AEA42	5660160	----a-w-	C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-12 23:03:03	6E7BF3FB027D46B7DEFCFFBEF8C4511D	2026736	----a-w-	C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-12 23:03:02	FB105327027BFD691840687456690BBA	2796032	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-12 23:03:02	B582395C45BEE500A33FDD1F4D6F9F47	3667456	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-12 23:03:02	0B7C5790893F3650162BED4BEA35D9A6	695752	----a-w-	C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 23:03:02	0A8409C137B580A3EEB80E33649044F3	701384	----a-w-	C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 23:03:01	C8892F76C2D15CB1175E3F7A04D07904	890880	----a-w-	C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 23:03:01	AD509AC05E94B96768165FA744642AD9	703840	----a-w-	C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-12 23:03:01	53C56BBD38D51810E2221C3BDDA8D9C9	652312	----a-w-	C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 23:03:01	2B6C84CF3AE5E1CEE5C763115DAF5FB4	389120	----a-w-	C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 23:03:01	039AD4C3FDCF13CE3196C0258C24D0C7	1371792	----a-w-	C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 23:03:00	5B4A72F4E698940C858F54BE2E1E21C1	1542656	----a-w-	C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 23:03:00	30C2700A2CDEF6042585C9296ABC9054	499432	----a-w-	C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 23:03:00	30440486E1D0DF0A4F6EFB714AB53898	709688	----a-w-	C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 23:02:59	EF3D963CD01DBBBAA7394BB1A638A1BB	116728	----a-w-	C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 23:02:59	7BA4B67BDA4222B55FA700E31B63F32D	208176	----a-w-	C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 23:02:59	51B550A0FBFA6E04F8595ED0BD99C202	100160	----a-w-	C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 23:02:59	44CBF47585584D74C3D0C2320031E539	569856	----a-w-	C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 23:02:59	0B8C82099C16CC3AF45ABBE9BADC0B0C	498176	----a-w-	C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-12 23:02:58	6F1EEEF679AFA703C7C328BD87C5AB68	558592	----a-w-	C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-12 23:02:58	6CE4F5BC53932C885B2276C2B352065C	34816	----a-w-	C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 23:02:58	627DC6C1A8D38FFC64BF884C2DE90410	573440	----a-w-	C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 23:02:58	626E736B04150EC59601D2D3EEFEDA6D	123392	----a-w-	C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-12 23:02:57	94A99147A62D9830676B47D2BFA8FA46	125440	----a-w-	C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-12 23:02:57	29EF8EC898FE21680DB5FB15DB513EC8	235008	----a-w-	C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 23:02:57	132209E26098FCDDEC023B460E68EBEB	1070080	----a-w-	C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 23:02:56	EDD93EDB3758471A4862D3CF70FE9007	503296	----a-w-	C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 23:02:56	64F7A89D4DBFA69D40C7C1FF5BB4457E	166912	----a-w-	C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-07 00:18:54	EDC75B4FF6A66B0AC1A360476D9CBCC9	12125184	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-07 00:18:52	083A4C6C21371B011771A350942DEB8F	19339264	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-07 00:18:51	FAE7DA27029FDDA27375722B4DC387D7	138240	----a-w-	C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-01-07 00:18:50	A820BD54E6B4A68C6E4490EA23FA5650	1860096	----a-w-	C:\WINDOWS\SysWOW64\cdp.dll
2016-01-07 00:18:50	57A2AAE6BD896F54767284BAB7C2D183	1859448	----a-w-	C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-01-07 00:18:49	EBD19D0E20C113468631504BFE56FB3F	2185840	----a-w-	C:\WINDOWS\SysWOW64\d3d11.dll
2016-01-07 00:18:49	97097223B24F49F5934188FA24D74B46	1944576	----a-w-	C:\WINDOWS\SysWOW64\InputService.dll
2016-01-07 00:18:49	847B31F89A3009D5D851479224B7579A	2680320	----a-w-	C:\WINDOWS\SysWOW64\msftedit.dll
2016-01-07 00:18:48	90F7CF0E4FFD720EBAC601CABE25D880	2121216	----a-w-	C:\WINDOWS\SysWOW64\wininet.dll
2016-01-07 00:18:46	5B64BFE61393D22D908BB5E2A17B6147	1328128	----a-w-	C:\WINDOWS\SysWOW64\comsvcs.dll
2016-01-07 00:18:45	D8E958F0E5929BFEC15238E0E1F94C64	983464	----a-w-	C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-01-07 00:18:45	3B1D8CE3E56BA82EF02C126226B7C357	948224	----a-w-	C:\WINDOWS\SysWOW64\Unistore.dll
2016-01-07 00:18:44	EB6BAC2C67F848F2C0EFE82AEAC5C67A	1540768	----a-w-	C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-07 00:18:44	600A12A37D8F0B98E3497C59505338D1	716928	----a-w-	C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-01-07 00:18:44	532AC1D121972B17BE523A9988A3A0E5	2155008	----a-w-	C:\WINDOWS\SysWOW64\authui.dll
2016-01-07 00:18:44	302A0BE9FA2874A3E99C0E25C992E7C7	1467392	----a-w-	C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-01-07 00:18:44	2EECE39CDFFF244B2489FD8ACDC14D7A	517632	----a-w-	C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-01-07 00:18:43	D80737E0C4AFE5D4714D14F27A9E6CFB	1706496	----a-w-	C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-01-07 00:18:43	BEDE63EB0B3B100A1FBD2996FE3AF0EF	1505280	----a-w-	C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-07 00:18:43	2029AAF923CE131E5157F6175DE66881	2919320	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2016-01-07 00:18:42	7CDF1630DCF7C9167E551874D18C3CE0	709120	----a-w-	C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-01-07 00:18:42	674333934AEF201C56419742CD86782B	973664	----a-w-	C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-01-07 00:18:42	588E4109C8A78BC211AC1D5756652A67	1139200	----a-w-	C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-01-07 00:18:41	F32770E19F1CB817274BC85824730E48	470528	----a-w-	C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-01-07 00:18:41	32BF0F999279961833888317C3FE45D9	2061824	----a-w-	C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-01-07 00:18:40	B8C4EFAA6AAED98E6B5AB57CAFA489B9	1337240	----a-w-	C:\WINDOWS\SysWOW64\user32.dll
2016-01-07 00:18:40	9ACCC0C1786391EF1FD1FAF12AE22801	340480	----a-w-	C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-01-07 00:18:40	4F04FB02D215667B505A060EEE02B5DF	686592	----a-w-	C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-07 00:18:39	F8C66D9D6AEC233715C8B32DB203EF6D	502112	----a-w-	C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-01-07 00:18:39	D213E29D66D7182AF58CB525EFC2F409	421888	----a-w-	C:\WINDOWS\SysWOW64\LogonController.dll
2016-01-07 00:18:39	6D151B11358362786C45F1A4A21576FA	925064	----a-w-	C:\WINDOWS\SysWOW64\mfplat.dll
2016-01-07 00:18:38	FD6EE242ACD2E05AFE920139D12C3053	670928	----a-w-	C:\WINDOWS\SysWOW64\mfds.dll
2016-01-07 00:18:38	8310F69B59EFA4EC47B6B3F535BFC3CB	898184	----a-w-	C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-01-07 00:18:38	76B00BE575C4D8CF3D7334240C8DAF90	683008	----a-w-	C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-01-07 00:18:38	2DA46210CBE5B92C4E79FDD70A6C0ADE	2049024	----a-w-	C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-07 00:18:38	110A45F765495043CB8ED918FEFD8D90	572928	----a-w-	C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-01-07 00:18:37	B934E18B1A20A26768F57EDBD6882A38	884256	----a-w-	C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-01-07 00:18:37	A9B375A65A92C45D9723B1BAD8F87D1E	1105920	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-01-07 00:18:37	775C32A6DE7E9702CB04B10C69D80457	450904	----a-w-	C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-01-07 00:18:36	C85501FE7EFD33E06A877B8786F396B6	462760	----a-w-	C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-01-07 00:18:36	86A2DFAAE917E8852363BD716BD8D5CF	334848	----a-w-	C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-07 00:18:36	4C85D9A9FD26D3F00BBF5D3F469F1800	241664	----a-w-	C:\WINDOWS\SysWOW64\cryptngc.dll
2016-01-07 00:18:36	0FA8D61A4D4F56063113F9DA4E18848B	289248	----a-w-	C:\WINDOWS\SysWOW64\MFPlay.dll
2016-01-07 00:18:35	D9EF9F5DA78CD085FD23C8EBB6108662	409088	----a-w-	C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-01-07 00:18:34	5467DAD0BDB397D84052FCCF8686FB9C	60928	----a-w-	C:\WINDOWS\SysWOW64\mssign32.dll
2016-01-07 00:18:34	337E7D5B768ABDBEA9F17823F76D5F1B	381952	----a-w-	C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-01-07 00:18:34	23A968565D51FEC30EADFBC70BE35117	793600	----a-w-	C:\WINDOWS\SysWOW64\SRH.dll
2016-01-07 00:18:34	1F48933EFAB68EDD3B456C78E17B89CE	871936	----a-w-	C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-07 00:18:33	F2061A1835E8844637168800292309BF	84832	----a-w-	C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-01-07 00:18:33	D6DF0F68136C6148989E927572319F21	431232	----a-w-	C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-07 00:18:33	4C421E34FF4A836590401A3E9A5B5DE8	415744	----a-w-	C:\WINDOWS\SysWOW64\catsrvut.dll
2016-01-07 00:18:33	3A24E199AA5A30D6E7C30D01E2BF4C7E	161280	----a-w-	C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-01-07 00:18:32	4CE9BF384DAAE2BF9E49C5B7E2F106F0	270848	----a-w-	C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-01-07 00:18:32	35383CA7169E12D885B9B553F59E3154	41984	----a-w-	C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-01-07 00:18:32	102F3BB5D63225A25817C8E44B85533F	63528	----a-w-	C:\WINDOWS\SysWOW64\wwapi.dll
2016-01-07 00:18:26	2DE2DAF437341AECB280DBFE88CBB581	346112	----a-w-	C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-01-07 00:18:24	FDEEA5397A0D079E1EF8F1B765BC7D04	6297088	----a-w-	C:\WINDOWS\SysWOW64\mos.dll
2016-01-07 00:18:23	92551AFCC476CBEBBB66B6420C60AB20	5202944	----a-w-	C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-07 00:18:23	382AA3E205808FBF0458A143B0F4ACFF	45568	----a-w-	C:\WINDOWS\SysWOW64\jsproxy.dll
2016-01-07 00:18:22	192B579E14C116D2B742FEBE85A4D3C1	2756096	----a-w-	C:\WINDOWS\SysWOW64\mshtml.tlb
2016-01-07 00:18:21	B0DB58B85CF68C61AFBEFC107807FECF	784896	----a-w-	C:\WINDOWS\SysWOW64\NMAA.dll
2016-01-07 00:18:21	A971D150CD168A1F7BD775674896F02C	711680	----a-w-	C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-01-07 00:18:21	7F64C196D3FA41C0F437A158FDEF7F50	800768	----a-w-	C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-01-07 00:18:21	6BBB4172DDF348821C3C4B7FE844077B	1443328	----a-w-	C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-01-07 00:18:20	CA260C1A4CFC95D49DBE4DAEDCD65585	58368	----a-w-	C:\WINDOWS\SysWOW64\MosStorage.dll
2016-01-07 00:18:20	C132402FABE387126B5CB0D2D3426671	133632	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-07 00:18:20	9FA5093D91ED3CB6B4CE67A040C5E40A	65536	----a-w-	C:\WINDOWS\SysWOW64\wininetlui.dll
2016-01-07 00:18:20	761E6E736B47DA42D74227A26F658108	100864	----a-w-	C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-01-07 00:18:19	92F331E360CB8DC73FA1158934CA9491	86528	----a-w-	C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-07 00:18:19	65E98344070A6C0B66ED476F735B14D3	59904	----a-w-	C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-01-07 00:18:19	1973BD62F29F443E9BC467FAA9F27159	83456	----a-w-	C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-01-07 00:18:18	D707B12965D5E8DFBD7C5BF7FB12AF02	24064	----a-w-	C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-01-07 00:18:18	AA0644D24DD488B1E1517189DD3DC00B	48640	----a-w-	C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-01-07 00:18:18	9FE071ED2AAE48A691D234E757297CF3	49152	----a-w-	C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-01-07 00:18:17	F60E1993D8D8FD2E23516C1278B209C1	34304	----a-w-	C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-01-07 00:18:16	6AE2C3CFEA73E2D01CB1E00DBD1EC4A5	205824	----a-w-	C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-01-07 00:18:15	D51618B0CB2B51F7D9B8DEB38A454126	36352	----a-w-	C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-01-07 00:18:15	C11AFEBFFDD62BA366D2F146212B415E	110592	----a-w-	C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-01-07 00:18:15	53E2029302DA056DE856D4C662663B2B	10240	----a-w-	C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-01-07 00:18:15	52838DDB3B20C7330A30D89509A93B55	1268736	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-01-07 00:18:15	262D880248233D3A96C15F7C7E1BAD21	58368	----a-w-	C:\WINDOWS\SysWOW64\MosResource.dll
2016-01-07 00:18:14	451356B814B46BB6582F307E24AA0863	9728	----a-w-	C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-01-07 00:18:14	3FCEAC0D175851962F9CF797A370A14F	3072	----a-w-	C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-01-06 21:50:27	42DE22BB4E675AE8DADD9038B26F8EFE	2718208	----a-w-	C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-01-06 21:49:48	63124FE6E5475B11FFC424DADF8FC462	2038392	----a-w-	C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-01-06 21:47:42	1008D525DBD436AB171CE6EF432F92D1	44147	----a-w-	C:\WINDOWS\SysWOW64\license.rtf
2016-01-06 21:46:25	F7F009E10E52C760EF48D2AD7E4D892E	29696	----a-w-	C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-01-06 21:46:25	F2D9AB28744983980E6BCE08DA077528	21125408	----a-w-	C:\WINDOWS\SysWOW64\shell32.dll
2016-01-06 21:46:25	F2D2E8091D0929884E6A86AFD9981E2F	2001408	----a-w-	C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-01-06 21:46:25	F0ED21F9D39229B305C363B6ED023170	11776	----a-w-	C:\WINDOWS\SysWOW64\dciman32.dll
2016-01-06 21:46:25	EF22B84131DB17D40D523F649CAD31D2	366224	----a-w-	C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-06 21:46:25	EBB01B0223DBB9660E4FFB35854D69BF	400896	----a-w-	C:\WINDOWS\SysWOW64\winspool.drv
2016-01-06 21:46:25	D0693220928997E1DD513B261AF86308	454056	----a-w-	C:\WINDOWS\SysWOW64\AudioEng.dll
2016-01-06 21:46:25	BC6B60847CDEFFB3DE3AA394366881DF	490496	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-01-06 21:46:25	B13BE7A31C732B5773FDF51FB140B614	334336	----a-w-	C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-01-06 21:46:25	ADAF3873B0A29C4AFC0D8B89C3485A94	227840	----a-w-	C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-01-06 21:46:25	AD2E3CC2771EADB0605CC0FAE73EAA45	405048	----a-w-	C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-06 21:46:25	AC742BB0B79CD4C535E6A317FD4A18A8	315904	----a-w-	C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-01-06 21:46:25	A95DDF60D6EC95625C4987750619C5DB	93696	----a-w-	C:\WINDOWS\SysWOW64\fontsub.dll
2016-01-06 21:46:25	A4CC1E8330E839AA619978E61AEEEAC4	73360	----a-w-	C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-01-06 21:46:25	9E57FF10D37B672B8781BAF92DB00A8B	9918976	----a-w-	C:\WINDOWS\SysWOW64\twinui.dll
2016-01-06 21:46:25	93050CE746C09F2F6F49A4893FB060ED	647168	----a-w-	C:\WINDOWS\SysWOW64\jscript.dll
2016-01-06 21:46:25	8E93F5481D1A608D90104F24DD610B76	540752	----a-w-	C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-01-06 21:46:25	8E2CB7E297C2631CB063319377ED7AD0	303104	----a-w-	C:\WINDOWS\SysWOW64\atmfd.dll
2016-01-06 21:46:25	8BAD6657817E0960C7CB6026323828A1	511320	----a-w-	C:\WINDOWS\SysWOW64\mf.dll
2016-01-06 21:46:25	89F3F69C9996D5BCC879C664BF74A4E2	675064	----a-w-	C:\WINDOWS\SysWOW64\dcomp.dll
2016-01-06 21:46:25	75F7D82383D8CF10D5999874993A2EF5	27136	----a-w-	C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-01-06 21:46:25	54F47C0CD2DE99A7B8C7583CF6C22D92	3072	----a-w-	C:\WINDOWS\SysWOW64\lpk.dll
2016-01-06 21:46:25	3B7DA8EC6FC4F16F85934D944A2149CD	791552	----a-w-	C:\WINDOWS\SysWOW64\kerberos.dll
2016-01-06 21:46:25	31DE6A034E8BBA043CB2F4612033C12A	296488	----a-w-	C:\WINDOWS\SysWOW64\policymanager.dll
2016-01-06 21:46:25	2C5A8D334EFB14914B1618247CD0DAAF	37376	----a-w-	C:\WINDOWS\SysWOW64\atmlib.dll
2016-01-06 21:46:25	2AF0E5217FE677C29669E0243F28D64F	70656	----a-w-	C:\WINDOWS\SysWOW64\AppCapture.dll
2016-01-06 21:46:25	1E7B13CDBA9D57D2BF54A7501FB17376	586080	----a-w-	C:\WINDOWS\SysWOW64\wimgapi.dll
2016-01-06 21:46:25	123BD3D4504BB548A823152EAC57DE00	32040	----a-w-	C:\WINDOWS\SysWOW64\mfpmp.exe
2016-01-06 21:45:57	6F2CA3BDD1C78C465BC0C1E5DDA15B28	2629632	----a-w-	C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2016-01-06 21:45:57	14129011499850E46153AB0E6C325F87	4847616	----a-w-	C:\WINDOWS\SysWOW64\NlsData0009.dll
2016-01-06 21:44:39	F432E0E5B0958F4982D40EB622FBD7FC	35480	----a-w-	C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-01-06 21:44:39	BF9CAA33ADD4C21C118148B5CFC5494B	778936	----a-w-	C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-01-06 21:44:39	6F391E9286733CC6B34FC0FAB23B8DF3	103120	----a-w-	C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2016-01-12 23:03:08	C85084053134A7FDA9D3BCB174654A1C	22393856	----a-w-	C:\WINDOWS\Sysnative\edgehtml.dll
2016-01-12 23:03:07	7C60661994699C46DA511131697AE7F2	16986112	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2016-01-12 23:03:06	602E23B67E82266E1D1B1D0E4B623F5C	7826432	----a-w-	C:\WINDOWS\Sysnative\Chakra.dll
2016-01-12 23:03:06	5CB2CB9410BD09BE144D64BF447D6582	1299504	----a-w-	C:\WINDOWS\Sysnative\mfnetsrc.dll
2016-01-12 23:03:05	C5BEFFC71C5584000F7DD92BC2AE27DC	2544256	----a-w-	C:\WINDOWS\Sysnative\mfcore.dll
2016-01-12 23:03:03	70E822EC30C93426C2C51D8CB8BBCDDF	2587696	----a-w-	C:\WINDOWS\Sysnative\msxml6.dll
2016-01-12 23:03:03	67C00AEDBE4B3AD408A4910A357E046F	786696	----a-w-	C:\WINDOWS\Sysnative\WMADMOD.DLL
2016-01-12 23:03:03	43807C26BF18DA3EDFB5F4FFFD92BCD8	7477600	----a-w-	C:\WINDOWS\Sysnative\ntoskrnl.exe
2016-01-12 23:03:03	36EC82F0E399F36BD25F593D63DC144A	912384	----a-w-	C:\WINDOWS\Sysnative\usermgr.dll
2016-01-12 23:03:03	06B4CA3A5033B775B8C33DD56899C32C	4894720	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
2016-01-12 23:03:02	D1824F779289CA26635A186FF30C0F92	858952	----a-w-	C:\WINDOWS\Sysnative\mfnetcore.dll
2016-01-12 23:03:02	B84FEAB09387BECCA1900E4BFBD899A9	1009152	----a-w-	C:\WINDOWS\Sysnative\WMSPDMOD.DLL
2016-01-12 23:03:02	93373D10F0F00D1DEE2EB822654735A5	275968	----a-w-	C:\WINDOWS\Sysnative\facecredentialprovider.dll
2016-01-12 23:03:02	8F0749D5F46FDC5C82E74AC26138B7E5	796352	----a-w-	C:\WINDOWS\Sysnative\generaltel.dll
2016-01-12 23:03:02	5D0AADA2231BBC252D71D65CA98D33CE	3428864	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.dll
2016-01-12 23:03:02	48D356CBA869FA4720A32B6285E7018D	785088	----a-w-	C:\WINDOWS\Sysnative\evr.dll
2016-01-12 23:03:01	F5F72E0612286EE2A3700211015BF16B	848160	----a-w-	C:\WINDOWS\Sysnative\mfsvr.dll
2016-01-12 23:03:01	E00F94FADD6FE28F62841F8D31EF47BF	1594408	----a-w-	C:\WINDOWS\Sysnative\gdi32.dll
2016-01-12 23:03:01	7E0BD4140FFB06EB7253074C872EAF54	513888	----a-w-	C:\WINDOWS\Sysnative\devinv.dll
2016-01-12 23:03:01	76F240DE951303CD5B717C9583C4C8C0	808800	----a-w-	C:\WINDOWS\Sysnative\WWAHost.exe
2016-01-12 23:03:01	5F88CE195745E419A444E1CBED58AB00	1674240	----a-w-	C:\WINDOWS\Sysnative\quartz.dll
2016-01-12 23:03:01	3FF05901B36C55E61E0C30B208B884F8	713568	----a-w-	C:\WINDOWS\Sysnative\invagent.dll
2016-01-12 23:03:01	0522361AB3FE5B9C63D7B8C793E793F6	638464	----a-w-	C:\WINDOWS\Sysnative\enterprisecsps.dll
2016-01-12 23:03:00	DFDA465D7D14906ECC04071E20D0F19E	644096	----a-w-	C:\WINDOWS\Sysnative\uReFS.dll
2016-01-12 23:03:00	DEEA03E61DCE718C64BF68D446E8ABA0	1309376	----a-w-	C:\WINDOWS\Sysnative\appraiser.dll
2016-01-12 23:03:00	C7A6CC05D5D1BE5A863F858D963F7E0C	628736	----a-w-	C:\WINDOWS\Sysnative\MessagingDataModel2.dll
2016-01-12 23:03:00	C46159A366C6AA90F1B742999745FA36	2280448	----a-w-	C:\WINDOWS\Sysnative\wuaueng.dll
2016-01-12 23:03:00	7B24B823404D53DA4748F21AD2BF04C9	584704	----a-w-	C:\WINDOWS\Sysnative\winlogon.exe
2016-01-12 23:03:00	7677EA28D43C73FBD58BFA7C8E21FE97	479232	----a-w-	C:\WINDOWS\Sysnative\schannel.dll
2016-01-12 23:03:00	63B9376F17E6DE7DE8B25BC6F3319A98	671472	----a-w-	C:\WINDOWS\Sysnative\advapi32.dll
2016-01-12 23:03:00	3A6DFDE14FEDB078985C6D0EA8C19FC9	162816	----a-w-	C:\WINDOWS\Sysnative\DeviceCensus.exe
2016-01-12 23:03:00	11B74BAF9BD95FC3B7F17658A8CDBF3C	1804664	----a-w-	C:\WINDOWS\Sysnative\WMALFXGFXDSP.dll
2016-01-12 23:02:59	EF3D67F37ACC4CEFFDC853B960EC5856	1141496	----a-w-	C:\WINDOWS\Sysnative\winload.exe
2016-01-12 23:02:59	90AA1A4C3B4FF984BB33D74C23D71536	678912	----a-w-	C:\WINDOWS\Sysnative\qedit.dll
2016-01-12 23:02:59	815D17429CBDA7DD5D11AA57B379E94B	119320	----a-w-	C:\WINDOWS\Sysnative\MP3DMOD.DLL
2016-01-12 23:02:59	5E509E7E8AA0DC686F749AC2996F4124	208896	----a-w-	C:\WINDOWS\Sysnative\storewuauth.dll
2016-01-12 23:02:59	57606281E23B0F53347527691E947B2B	749056	----a-w-	C:\WINDOWS\Sysnative\PhoneService.dll
2016-01-12 23:02:59	55FB0D95CC3EF6A0EB40DBDBC529787A	1255936	----a-w-	C:\WINDOWS\Sysnative\WMSPDMOE.DLL
2016-01-12 23:02:59	29A61BF9EAB31507C36060CFAFEBE154	234504	----a-w-	C:\WINDOWS\Sysnative\mftranscode.dll
2016-01-12 23:02:59	0C59D6C4129FDDCAB29B432DD2F57AC5	1173344	----a-w-	C:\WINDOWS\Sysnative\aeinv.dll
2016-01-12 23:02:58	CCFE330C465256D5D835E9248C676E9E	245840	----a-w-	C:\WINDOWS\Sysnative\mfps.dll
2016-01-12 23:02:58	B94746868C7AD8F0449662E8552E55DE	145920	----a-w-	C:\WINDOWS\Sysnative\omadmclient.exe
2016-01-12 23:02:58	903F7858A69A95836B0C1D36CBEC5E5B	387072	----a-w-	C:\WINDOWS\Sysnative\qdvd.dll
2016-01-12 23:02:58	8321155AACF85779A42582B0CD5084A4	148992	----a-w-	C:\WINDOWS\Sysnative\wshom.ocx
2016-01-12 23:02:58	503FFDCC4319F7419DE2B201B03BDB54	305664	----a-w-	C:\WINDOWS\Sysnative\ksproxy.ax
2016-01-12 23:02:58	4EA244C67F3D3B0EB0CC694443D3F5AA	167936	----a-w-	C:\WINDOWS\Sysnative\ProximityCommon.dll
2016-01-12 23:02:58	26DFF195B1A59942541CE199C586F0D4	43520	----a-w-	C:\WINDOWS\Sysnative\usermgrcli.dll
2016-01-12 23:02:58	0C4257E848E186BD4624DD12C6B5507E	1317640	----a-w-	C:\WINDOWS\Sysnative\winload.efi
2016-01-12 23:02:57	E95EA71BD560BF02276DF339FA412FCB	472576	----a-w-	C:\WINDOWS\Sysnative\DscCore.dll
2016-01-12 23:02:57	C8C10002DF980C3830D103960957AA3C	1582080	----a-w-	C:\WINDOWS\Sysnative\aitstatic.exe
2016-01-12 23:02:57	7ADDFA6327AD43B2D1DB974FE1B35BD4	764928	----a-w-	C:\WINDOWS\Sysnative\Chakradiag.dll
2016-01-12 23:02:57	561B71EE613240D3CC643E2E308BD3F7	248832	----a-w-	C:\WINDOWS\Sysnative\UserMgrProxy.dll
2016-01-12 23:02:57	4DAAEB83744362082EA91B05C9CC13F3	604672	----a-w-	C:\WINDOWS\Sysnative\vbscript.dll
2016-01-12 23:02:56	671DA2607117AC3BC7C028C0A6F4555E	210432	----a-w-	C:\WINDOWS\Sysnative\aepic.dll
2016-01-12 20:41:19	486968A5592A12523ADAD0F74624EA97	339792	----a-w-	C:\WINDOWS\Sysnative\FNTCACHE.DAT
2016-01-07 00:18:58	E761095ADFC48739CA54A3B58242AF0D	24601600	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2016-01-07 00:18:55	EE5BD4F67199E1C5142F3C731035D18C	13381120	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2016-01-07 00:18:52	A6E666BC673DD38C3ECDB53FD83138E7	3993600	----a-w-	C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll
2016-01-07 00:18:51	F5AF729AD65041D74FED75E02DA4A4DC	138240	----a-w-	C:\WINDOWS\Sysnative\ETWCoreUIComponentsResources.dll
2016-01-07 00:18:51	294BD6D65CE93F7B709DBB38F96759DA	2653816	----a-w-	C:\WINDOWS\Sysnative\CoreUIComponents.dll
2016-01-07 00:18:51	0DC4BEB16161362B4E46D117204D8566	2843136	----a-w-	C:\WINDOWS\Sysnative\cdp.dll
2016-01-07 00:18:50	8C8161E40F42E437161972E8866025D5	3355136	----a-w-	C:\WINDOWS\Sysnative\msftedit.dll
2016-01-07 00:18:50	340B841A05087B581B3F321853996960	2624512	----a-w-	C:\WINDOWS\Sysnative\InputService.dll
2016-01-07 00:18:49	10020730E0E51555A58C20D361F233A9	2772584	----a-w-	C:\WINDOWS\Sysnative\d3d11.dll
2016-01-07 00:18:48	CD2CC65DDF46F065BCC975C2BC89DD11	1648640	----a-w-	C:\WINDOWS\Sysnative\comsvcs.dll
2016-01-07 00:18:48	AB4C1A9F37C0B8467AC923ED4AD727D6	2647552	----a-w-	C:\WINDOWS\Sysnative\wininet.dll
2016-01-07 00:18:48	7443938BC4B8DCE1D8E6C51BC3F9DBFE	948224	----a-w-	C:\WINDOWS\Sysnative\XblAuthManager.dll
2016-01-07 00:18:48	10B6962619F3965030395019E352B7B4	870400	----a-w-	C:\WINDOWS\Sysnative\modernexecserver.dll
2016-01-07 00:18:47	A44FB85192EE0DD3F7D6518B63044F4E	2598400	----a-w-	C:\WINDOWS\Sysnative\NetworkMobileSettings.dll
2016-01-07 00:18:47	87E291D9CC3ECE9AA56ABFD8063C4050	1223168	----a-w-	C:\WINDOWS\Sysnative\Unistore.dll
2016-01-07 00:18:47	486C22DD70BE538B1C164AE38E130009	2352128	----a-w-	C:\WINDOWS\Sysnative\authui.dll
2016-01-07 00:18:47	2D7E3C2913AAE063774795E6790BCC48	1212928	----a-w-	C:\WINDOWS\Sysnative\wwansvc.dll
2016-01-07 00:18:46	95F53D812EF80A2819E9C1539A629B5F	823264	----a-w-	C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll
2016-01-07 00:18:46	78065D08A6D5886ACF9B6BA7E34A554C	3593216	----a-w-	C:\WINDOWS\Sysnative\win32kfull.sys
2016-01-07 00:18:46	45B88D0BBAB3EAA10883097C14C33678	1281376	----a-w-	C:\WINDOWS\Sysnative\LicenseManager.dll
2016-01-07 00:18:46	184F5C80753CD7F6400AAA4087288B97	2582016	----a-w-	C:\WINDOWS\Sysnative\MFMediaEngine.dll
2016-01-07 00:18:45	8F6118120D9A11A1CFD8822850826064	1155944	----a-w-	C:\WINDOWS\Sysnative\mfasfsrcsnk.dll
2016-01-07 00:18:45	69B4974176206D7276B733B30BCE442E	1717248	----a-w-	C:\WINDOWS\Sysnative\GdiPlus.dll
2016-01-07 00:18:45	63976F057A5A9FD426DC84FB97CF3446	3671888	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2016-01-07 00:18:45	3A1FCBE9103770CF17F81EBD9809FE1B	697856	----a-w-	C:\WINDOWS\Sysnative\PlayToManager.dll
2016-01-07 00:18:44	25086E02B6C3F34BC4646C134C3E1769	1042432	----a-w-	C:\WINDOWS\Sysnative\BingOnlineServices.dll
2016-01-07 00:18:44	03EB1EBAB72BB8322C30D070C346EA33	1395200	----a-w-	C:\WINDOWS\Sysnative\UIAutomationCore.dll
2016-01-07 00:18:43	549A1696E594E6939C210972B4AD9747	824320	----a-w-	C:\WINDOWS\Sysnative\WpcWebFilter.dll
2016-01-07 00:18:43	4EB351CB5A23E0F7AB2B7137374EFB85	870400	----a-w-	C:\WINDOWS\Sysnative\wpncore.dll
2016-01-07 00:18:43	43091BCAB6446E01AEB9DFFB2538B2F9	1995776	----a-w-	C:\WINDOWS\Sysnative\ActiveSyncProvider.dll
2016-01-07 00:18:43	42B6285314851A693F68F7A7B79FD1B9	1393664	----a-w-	C:\WINDOWS\Sysnative\win32kbase.sys
2016-01-07 00:18:43	2AB2C72D88CE2BC73E6F708D0B1A9657	440160	----a-w-	C:\WINDOWS\Sysnative\services.exe
2016-01-07 00:18:42	E81DF157F4F225928EAE2B1E82863BF6	1817160	----a-w-	C:\WINDOWS\Sysnative\ntdll.dll
2016-01-07 00:18:42	839F7EC52C8E6888C4E9120E68652438	589312	----a-w-	C:\WINDOWS\Sysnative\MbaeApi.dll
2016-01-07 00:18:42	43B6BF7F95CF7D60599740EF2BF0DDD8	938496	----a-w-	C:\WINDOWS\Sysnative\MapControlCore.dll
2016-01-07 00:18:42	04EDF539ED97A3BFBD7464CED7ADBB7A	783360	----a-w-	C:\WINDOWS\Sysnative\msfeeds.dll
2016-01-07 00:18:41	C4DF460B84DB6A0D4C18375DE1117DD0	696160	----a-w-	C:\WINDOWS\Sysnative\NetSetupEngine.dll
2016-01-07 00:18:41	686E73A0F24F56A25A78D8EFE8E4B937	1318912	----a-w-	C:\WINDOWS\Sysnative\wifinetworkmanager.dll
2016-01-07 00:18:41	589A33EE394273A4F1338EBF705A1CEF	1387008	----a-w-	C:\WINDOWS\Sysnative\lsasrv.dll
2016-01-07 00:18:40	DD97EF0AE9224B8C1161736E033C03F1	1399224	----a-w-	C:\WINDOWS\Sysnative\user32.dll
2016-01-07 00:18:40	836DC2848B800FC890E8FCF96F5E639B	458752	----a-w-	C:\WINDOWS\Sysnative\PlayToDevice.dll
2016-01-07 00:18:40	4A657E5F9D4BE53028B643889E786296	2126848	----a-w-	C:\WINDOWS\Sysnative\inetcpl.cpl
2016-01-07 00:18:40	334A9D347CC52E7581DC21FA7CDBB261	515584	----a-w-	C:\WINDOWS\Sysnative\LogonController.dll
2016-01-07 00:18:40	28B52034DB907EA14BF8DFB399BC1A94	1734656	----a-w-	C:\WINDOWS\Sysnative\urlmon.dll
2016-01-07 00:18:39	CCB125BB7072FEAFC68A56749FD2DFD7	1020096	----a-w-	C:\WINDOWS\Sysnative\mfsrcsnk.dll
2016-01-07 00:18:39	C08AA0383BCEE881C319F23A5189AB8D	794888	----a-w-	C:\WINDOWS\Sysnative\mfds.dll
2016-01-07 00:18:39	A74C62AE99A015CD6275F0D8D8843886	342016	----a-w-	C:\WINDOWS\Sysnative\SensorService.dll
2016-01-07 00:18:39	9D9A25E3E658EAC6FA9BC1BC23168516	1092456	----a-w-	C:\WINDOWS\Sysnative\mfplat.dll
2016-01-07 00:18:39	4588022BF3C34392C0C2AFDC3634C0CF	1065080	----a-w-	C:\WINDOWS\Sysnative\mfmp4srcsnk.dll
2016-01-07 00:18:39	0F09B99EF80BB0D914538FC17A305A4F	1131520	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.Audio.dll
2016-01-07 00:18:39	01AE64981A7C7AE4F84799931D8DAAD1	900608	----a-w-	C:\WINDOWS\Sysnative\Windows.Networking.BackgroundTransfer.dll
2016-01-07 00:18:38	C8AEE94042CFDF6383C153AFD284AEF1	497152	----a-w-	C:\WINDOWS\Sysnative\mfmkvsrcsnk.dll
2016-01-07 00:18:38	960E3DB158FC9D262EE33D928AEDA3F5	320000	----a-w-	C:\WINDOWS\Sysnative\cryptngc.dll
2016-01-07 00:18:38	39E07EE74F50C39C1EB315152F03199C	607232	----a-w-	C:\WINDOWS\Sysnative\wcmsvc.dll
2016-01-07 00:18:38	18CE63A5B5EB84FF7F9F575C8FE53F44	931328	----a-w-	C:\WINDOWS\Sysnative\MSMPEG2ENC.DLL
2016-01-07 00:18:37	F3B1BFB19C6A47DE7706A9CF1A177028	526856	----a-w-	C:\WINDOWS\Sysnative\mfreadwrite.dll
2016-01-07 00:18:37	83365A5A2632275C7B005B7A4995DCE1	416768	----a-w-	C:\WINDOWS\Sysnative\dmenrollengine.dll
2016-01-07 00:18:37	7DD3B4B77A787E06A6B3DC9AE7B451E0	292352	----a-w-	C:\WINDOWS\Sysnative\provengine.dll
2016-01-07 00:18:37	7014B74B0F62698EC891A19A781689D5	337840	----a-w-	C:\WINDOWS\Sysnative\MFPlay.dll
2016-01-07 00:18:37	69E727F94BEA64E66C284F3C482F33E6	1035776	----a-w-	C:\WINDOWS\Sysnative\XboxNetApiSvc.dll
2016-01-07 00:18:37	32D57C79EA65D0D6A923BF1C26A0EC0A	558080	----a-w-	C:\WINDOWS\Sysnative\MBMediaManager.dll
2016-01-07 00:18:37	2AE2C153D33AB0D2B89E0920EC2ACF69	498448	----a-w-	C:\WINDOWS\Sysnative\MFCaptureEngine.dll
2016-01-07 00:18:36	63A71E0B8BEF5FC3A5C9669B5C771A1C	286208	----a-w-	C:\WINDOWS\Sysnative\provhandlers.dll
2016-01-07 00:18:36	6100515B0A4A9DE9EB83E632F873D1F7	323072	----a-w-	C:\WINDOWS\Sysnative\MSFlacDecoder.dll
2016-01-07 00:18:36	57C2033773055CEE5963EBCB999337F8	210432	----a-w-	C:\WINDOWS\Sysnative\wcmcsp.dll
2016-01-07 00:18:36	2D1682BEC4615A154079383E25BB0DF2	220672	----a-w-	C:\WINDOWS\Sysnative\ie4uinit.exe
2016-01-07 00:18:36	0A9C90159378EAF0F45AF2275156EF0D	264544	----a-w-	C:\WINDOWS\Sysnative\ContentDeliveryManager.Utilities.dll
2016-01-07 00:18:35	6D7B4647F5FB25CE88E2555A9DFF1D2E	70656	----a-w-	C:\WINDOWS\Sysnative\XblAuthManagerProxy.dll
2016-01-07 00:18:35	3B36AFC1B127B13A82752A3F02CE9D8C	543232	----a-w-	C:\WINDOWS\Sysnative\StoreAgent.dll
2016-01-07 00:18:35	2B91178DE30EF92DD383486485B0C97D	523776	----a-w-	C:\WINDOWS\Sysnative\catsrvut.dll
2016-01-07 00:18:34	F7AE2EB8D2FA095AD9DED30CCE10BC13	957440	----a-w-	C:\WINDOWS\Sysnative\SRH.dll
2016-01-07 00:18:34	BFFC187B1FFA022F59D652A6A4CA130F	199168	----a-w-	C:\WINDOWS\Sysnative\InstallAgent.exe
2016-01-07 00:18:34	95B9A9F4D41A54FD421CF6F7323B87FF	126464	----a-w-	C:\WINDOWS\Sysnative\dialserver.dll
2016-01-07 00:18:34	6D0F04544716C90220B58008B4422B97	459776	----a-w-	C:\WINDOWS\Sysnative\MapConfiguration.dll
2016-01-07 00:18:33	F40D409308162E071561049ACADF753C	80600	----a-w-	C:\WINDOWS\Sysnative\wwapi.dll
2016-01-07 00:18:33	D33E93BE685C6B9C72E063EA41F9BAEF	538632	----a-w-	C:\WINDOWS\Sysnative\WWanAPI.dll
2016-01-07 00:18:33	BBEC134DA91F61E6D91CDB47D8724E86	382464	----a-w-	C:\WINDOWS\Sysnative\iedkcs32.dll
2016-01-07 00:18:33	849275D7BF36660743973B8E28542E45	51680	----a-w-	C:\WINDOWS\Sysnative\SensorsUtilsV2.dll
2016-01-07 00:18:33	38F068BA3D5CE3C53A025E1F9381CC54	115040	----a-w-	C:\WINDOWS\Sysnative\NetSetupApi.dll
2016-01-07 00:18:33	2DA8708EB1FCB83375A450D401A1ED09	74240	----a-w-	C:\WINDOWS\Sysnative\mssign32.dll
2016-01-07 00:18:33	14CE7BCE9C6A442BD4B93AB3CB8765BF	375296	----a-w-	C:\WINDOWS\Sysnative\MDEServer.exe
2016-01-07 00:18:32	D6B9D1A83BDDF6912309A9C7C4024E10	133120	----a-w-	C:\WINDOWS\Sysnative\flvprophandler.dll
2016-01-07 00:18:32	D1BB4122E41E04E2D8D57702396AE031	412512	----a-w-	C:\WINDOWS\Sysnative\wifitask.exe
2016-01-07 00:18:32	9920C9AD4528A4396D19BC03AA2D0882	58408	----a-w-	C:\WINDOWS\Sysnative\SensorsNativeApi.dll
2016-01-07 00:18:32	8BACF65C95DA69173FA80F644502F9BC	26408	----a-w-	C:\WINDOWS\Sysnative\wuauclt.exe
2016-01-07 00:18:32	6D7BC576DEC9750D5F8AED361E687384	704000	----a-w-	C:\WINDOWS\Sysnative\CellularAPI.dll
2016-01-07 00:18:32	54051585F9E1A644C3ED024B639C0E32	231936	----a-w-	C:\WINDOWS\Sysnative\KnobsCore.dll
2016-01-07 00:18:32	156963089DF9C18AF330E08BFE41884D	165376	----a-w-	C:\WINDOWS\Sysnative\provdatastore.dll
2016-01-07 00:18:31	1C671129864880F66678D3B80316074E	56320	----a-w-	C:\WINDOWS\Sysnative\provtool.exe
2016-01-07 00:18:31	01C759FD50DFD46E30CC56B2B672B1A7	203776	----a-w-	C:\WINDOWS\Sysnative\NetSetupSvc.dll
2016-01-07 00:18:27	FDB262D0B2C0790385B894AA4B2C0A6C	182784	----a-w-	C:\WINDOWS\Sysnative\shutdownux.dll
2016-01-07 00:18:27	E853D5823793FE6E5FB0351F256DC1F2	223232	----a-w-	C:\WINDOWS\Sysnative\fveapibase.dll
2016-01-07 00:18:27	B1305CDD98D5FC49863279D4B51DB510	618496	----a-w-	C:\WINDOWS\Sysnative\StorSvc.dll
2016-01-07 00:18:27	A0C330AAF06A36A13171A28FE4B582A2	92160	----a-w-	C:\WINDOWS\Sysnative\policymanagerprecheck.dll
2016-01-07 00:18:27	88B38A7435DFA9B7E8F94F5D5FE999D2	66560	----a-w-	C:\WINDOWS\Sysnative\moshost.dll
2016-01-07 00:18:27	7A9FF15EF71DAC09420C4997D3FA7E48	850432	----a-w-	C:\WINDOWS\Sysnative\MapsStore.dll
2016-01-07 00:18:27	67C1D042FA62E2294973FD0CD1F1BC36	192000	----a-w-	C:\WINDOWS\Sysnative\provisioningcsp.dll
2016-01-07 00:18:27	55A629331D5EB924A1926C18E5028243	764928	----a-w-	C:\WINDOWS\Sysnative\fveapi.dll
2016-01-07 00:18:27	25DA92A03FFF1A620A950ED6209CDC8F	77312	----a-w-	C:\WINDOWS\Sysnative\ProvPluginEng.dll
2016-01-07 00:18:26	735C408ADE2017B8D2F6A8D2C2DB7016	7979008	----a-w-	C:\WINDOWS\Sysnative\mos.dll
2016-01-07 00:18:26	5F8178A9C45D9C69819C63AFC5988C33	66560	----a-w-	C:\WINDOWS\Sysnative\iesetup.dll
2016-01-07 00:18:26	0053C878CDBA8F8D55339547EC2E99E8	269824	----a-w-	C:\WINDOWS\Sysnative\moshostcore.dll
2016-01-07 00:18:25	B83CCF1BEECF4BCDE71FC431BAB9A790	34304	----a-w-	C:\WINDOWS\Sysnative\iernonce.dll
2016-01-07 00:18:25	B46D8BBF27B186B0AE7C57C88A1A6D93	6572032	----a-w-	C:\WINDOWS\Sysnative\wwanmm.dll
2016-01-07 00:18:24	EFA47480BEB0968E3A18479593B2E60C	18944	----a-w-	C:\WINDOWS\Sysnative\wshrm.dll
2016-01-07 00:18:24	781EFD88C2BD9A95CA6961E16AFF7332	168960	----a-w-	C:\WINDOWS\Sysnative\mdmmigrator.dll
2016-01-07 00:18:24	5B7B6AF7E94E972DCE4BF892ABD466B6	115200	----a-w-	C:\WINDOWS\Sysnative\win32k.sys
2016-01-07 00:18:23	F0B772D90082371CE0DDE4286EF0AE16	7199232	----a-w-	C:\WINDOWS\Sysnative\BingMaps.dll
2016-01-07 00:18:23	E8C7F673B75210D3F35142361923C945	157184	----a-w-	C:\WINDOWS\Sysnative\dmcertinst.exe
2016-01-07 00:18:23	D7ED1ADDC1D19A9D6A1C583A938F4AF4	465920	----a-w-	C:\WINDOWS\Sysnative\wwanconn.dll
2016-01-07 00:18:23	9976E10E1FC313755C9F8632F96072F7	52224	----a-w-	C:\WINDOWS\Sysnative\jsproxy.dll
2016-01-07 00:18:23	8A0BAD6F9EEFB0FCD1629F6366394380	1814528	----a-w-	C:\WINDOWS\Sysnative\pnidui.dll
2016-01-07 00:18:21	EACD8F5C17AC39E43E1FCD85674F4B0D	1713664	----a-w-	C:\WINDOWS\Sysnative\SRHInproc.dll
2016-01-07 00:18:21	B7D367ABFC188C1AC27C6C961694B5B4	1056256	----a-w-	C:\WINDOWS\Sysnative\JpMapControl.dll
2016-01-07 00:18:21	8938F957903BBA18ED242AE4DBF419FD	73728	----a-w-	C:\WINDOWS\Sysnative\wwancfg.dll
2016-01-07 00:18:21	7950D23F5542F6F8A9D41F046C01067F	2756096	----a-w-	C:\WINDOWS\Sysnative\mshtml.tlb
2016-01-07 00:18:21	35F9920E5B9757E2047C024063C9A279	988160	----a-w-	C:\WINDOWS\Sysnative\NMAA.dll
2016-01-07 00:18:20	9C6D0A1464410A25389C9D004DE48D36	175616	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Core.TextInput.dll
2016-01-07 00:18:20	716E299C1058C9F2030F31BC7270A210	52224	----a-w-	C:\WINDOWS\Sysnative\Wwanpref.dll
2016-01-07 00:18:20	4B4970CB5FF1D25B444F95A18ED8AF22	114688	----a-w-	C:\WINDOWS\Sysnative\offlinelsa.dll
2016-01-07 00:18:20	447413C46C687CF730051DD8B4EA12F6	75264	----a-w-	C:\WINDOWS\Sysnative\wwanprotdim.dll
2016-01-07 00:18:20	301A917544D10E9F28A946BA0E84C407	160768	----a-w-	C:\WINDOWS\Sysnative\enrollmentapi.dll
2016-01-07 00:18:20	24206CBE7165E296D598FF98590C4D59	69632	----a-w-	C:\WINDOWS\Sysnative\wininetlui.dll
2016-01-07 00:18:19	D0C4A5B386F585B2BE7620D3CEFD7CE8	119808	----a-w-	C:\WINDOWS\Sysnative\MapsBtSvc.dll
2016-01-07 00:18:19	C6F9333F6C5F326B075CBC062E33793D	7680	----a-w-	C:\WINDOWS\Sysnative\readingviewresources.dll
2016-01-07 00:18:19	7DC5115A32BA087DCED8CF76352A79DC	108544	----a-w-	C:\WINDOWS\Sysnative\InputLocaleManager.dll
2016-01-07 00:18:19	7538F05A7C07DB69F6E82B67CAA67286	92160	----a-w-	C:\WINDOWS\Sysnative\SensorsNativeApi.V2.dll
2016-01-07 00:18:19	4E5B496EBD95AEE005F54EA49EECAAC6	72704	----a-w-	C:\WINDOWS\Sysnative\MosStorage.dll
2016-01-07 00:18:18	E0FBBE85A7DC215F97F7B81236CE2674	60928	----a-w-	C:\WINDOWS\Sysnative\XblAuthTokenBrokerExt.dll
2016-01-07 00:18:18	DC59D9253F50A2D329945CBDBE3B8B7A	32256	----a-w-	C:\WINDOWS\Sysnative\wups2.dll
2016-01-07 00:18:18	D0E812616609B1E6E3317FF46B9177C8	44032	----a-w-	C:\WINDOWS\Sysnative\wsplib.dll
2016-01-07 00:18:18	BF1A001A4EBD005CB412E322F20DB0D7	75264	----a-w-	C:\WINDOWS\Sysnative\EditBufferTestHook.dll
2016-01-07 00:18:18	9AEEB769F72EF13134BC21BA1465CCE3	134656	----a-w-	C:\WINDOWS\Sysnative\wificonnapi.dll
2016-01-07 00:18:18	80EEB2E91EE933EFB1384D9866BD997F	64000	----a-w-	C:\WINDOWS\Sysnative\MosHostClient.dll
2016-01-07 00:18:18	7CDB2034A13C7009CFF479C170E21C90	55808	----a-w-	C:\WINDOWS\Sysnative\rilproxy.dll
2016-01-07 00:18:18	5358F9A3A5C55ED1395BBFFCFA65F551	28672	----a-w-	C:\WINDOWS\Sysnative\mapsupdatetask.dll
2016-01-07 00:18:18	4AAD96366A51B26F50113A6393CB5587	42496	----a-w-	C:\WINDOWS\Sysnative\mapstoasttask.dll
2016-01-07 00:18:18	46BF56CC45F3EBE9DCF04EA702F79FF7	64000	----a-w-	C:\WINDOWS\Sysnative\ihvrilproxy.dll
2016-01-07 00:18:18	46668562A5BDD2D2F383CAD6D35DCB15	89088	----a-w-	C:\WINDOWS\Sysnative\MapsCSP.dll
2016-01-07 00:18:17	9F171CF4EDEB38DB4CA906ABD535DC44	13312	----a-w-	C:\WINDOWS\Sysnative\MapsBtSvcProxy.dll
2016-01-07 00:18:17	9E55D606C3CE9A37FB2FE5A419AE9CE6	30208	----a-w-	C:\WINDOWS\Sysnative\StorageUsage.dll
2016-01-07 00:18:17	8C86CB7C7725B196773451DE66602199	75776	----a-w-	C:\WINDOWS\Sysnative\Windows.Networking.XboxLive.ProxyStub.dll
2016-01-07 00:18:17	3C9066503DE3E45CB98C8584DE19C186	28160	----a-w-	C:\WINDOWS\Sysnative\nativemap.dll
2016-01-07 00:18:17	23B32FD7B58007D0407B8A4191AB76BB	28672	----a-w-	C:\WINDOWS\Sysnative\WordBreakers.dll
2016-01-07 00:18:17	1CC123FE215B7FFBA4B7889FD13B32D5	36864	----a-w-	C:\WINDOWS\Sysnative\BackgroundTransferHost.exe
2016-01-07 00:18:16	79BD0E63A9E54ED8AFFD19F43B5B83F2	264192	----a-w-	C:\WINDOWS\Sysnative\NmaDirect.dll
2016-01-07 00:18:16	183B210A411E23AC9C5374AEE5645312	36352	----a-w-	C:\WINDOWS\Sysnative\UIAutomationCoreRes.dll
2016-01-07 00:18:15	EBDDBFCAA0E8BF346F5DC13BC364B39E	110592	----a-w-	C:\WINDOWS\Sysnative\Microsoft-Windows-MapControls.dll
2016-01-07 00:18:15	8AA095B5A4826840B348D0A94969CE1A	1268736	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Xaml.Resources.dll
2016-01-07 00:18:15	33F4AE1E913D7F865D0CFA716BDC9032	10240	----a-w-	C:\WINDOWS\Sysnative\Microsoft-Windows-MosTrace.dll
2016-01-07 00:18:15	2031A1DA09AFF8A8BADFFF73511AF306	58368	----a-w-	C:\WINDOWS\Sysnative\MosResource.dll
2016-01-07 00:18:15	08F0E6B466F44EA24CA1601F3196E43E	9728	----a-w-	C:\WINDOWS\Sysnative\Microsoft-Windows-MosHost.dll
2016-01-07 00:18:14	79EE5C9F9DF073C315D035A1785B502F	3072	----a-w-	C:\WINDOWS\Sysnative\MapControlStringsRes.dll
2016-01-06 21:49:50	4B6A4827D7064DDED2A433E910699B24	2138404	----a-w-	C:\WINDOWS\Sysnative\PerfStringBackup.INI
2016-01-06 21:49:21	CB4A68E6371257BC55FD46CD200CA819	2554672	----a-w-	C:\WINDOWS\Sysnative\nvsvcr.dll
2016-01-06 21:49:21	BF44A44D422438D48507410513175973	2983216	----a-w-	C:\WINDOWS\Sysnative\nvsvc64.dll
2016-01-06 21:49:21	79FD12E589A5413F8499B8E02344089C	6358648	----a-w-	C:\WINDOWS\Sysnative\nvcpl.dll
2016-01-06 21:49:21	5815B9A6442DFD13D296AA4E57AAA22A	6027430	----a-w-	C:\WINDOWS\Sysnative\nvcoproc.bin
2016-01-06 21:49:21	4BB45D776E535F1B3F1CF54525792230	62584	----a-w-	C:\WINDOWS\Sysnative\nvshext.dll
2016-01-06 21:49:21	1CD8D5BF5E4058A2E12949D74A7E27FD	938616	----a-w-	C:\WINDOWS\Sysnative\nvvsvc.exe
2016-01-06 21:49:21	1B25348C4964AE11038A6548310C97D1	385328	----a-w-	C:\WINDOWS\Sysnative\nvmctray.dll
2016-01-06 21:49:10	90BB0FDC95B7C5FA87B54C0E9CB45845	82432	----a-w-	C:\WINDOWS\Sysnative\OpenCL.DLL
2016-01-06 21:49:10	5C5A797761421CF9B72087F3BC8A5259	180	----a-w-	C:\WINDOWS\Sysnative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-06 21:49:10	1373F6562D5E4C715D5D3583E350093E	200	----a-w-	C:\WINDOWS\Sysnative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-01-06 21:47:42	1008D525DBD436AB171CE6EF432F92D1	44147	----a-w-	C:\WINDOWS\Sysnative\license.rtf
2016-01-06 21:46:25	FE808DE33D79F2ACB8757EE544615626	414720	----a-w-	C:\WINDOWS\Sysnative\bcastdvr.exe
2016-01-06 21:46:25	FCB7D0215CA010400777A2144432FBDC	630632	----a-w-	C:\WINDOWS\Sysnative\fontdrvhost.exe
2016-01-06 21:46:25	FBEFDA259F6254B6590956753421D387	89600	----a-w-	C:\WINDOWS\Sysnative\NFCProvisioningPlugin.dll
2016-01-06 21:46:25	FAC1E762CB49992381691B00D2069B3E	1063424	----a-w-	C:\WINDOWS\Sysnative\audiosrv.dll
2016-01-06 21:46:25	F5DC166DC9D533651B83B83CD70FD14C	88392	----a-w-	C:\WINDOWS\Sysnative\remoteaudioendpoint.dll
2016-01-06 21:46:25	EF94C4BB5DDCEB9F0A092122582CF4E5	516544	----a-w-	C:\WINDOWS\Sysnative\AudioEng.dll
2016-01-06 21:46:25	E104F46B2E0C4F760382CF95E248E0AD	43520	----a-w-	C:\WINDOWS\Sysnative\bcastdvr.proxy.dll
2016-01-06 21:46:25	DD723E3E44BBD7A1B94D8914B7E72549	623616	----a-w-	C:\WINDOWS\Sysnative\PhoneProviders.dll
2016-01-06 21:46:25	DA81241A3493CD3B7EEF3AFD6BBE38B6	92352	----a-w-	C:\WINDOWS\Sysnative\acmigration.dll
2016-01-06 21:46:25	C46FC25D2742C6426F6581A4C59331D9	35656	----a-w-	C:\WINDOWS\Sysnative\mfpmp.exe
2016-01-06 21:46:25	BB2DD53E90A958FDB1254839F30329D5	803840	----a-w-	C:\WINDOWS\Sysnative\jscript.dll
2016-01-06 21:46:25	BA45A9F29AB13A0E66BAABF9D7C30B70	523616	----a-w-	C:\WINDOWS\Sysnative\wimserv.exe
2016-01-06 21:46:25	B9A74283BD46350F2A32962C1B16225A	369912	----a-w-	C:\WINDOWS\Sysnative\audiodg.exe
2016-01-06 21:46:25	B8F17AB618578B9024D949DE8308B95A	14336	----a-w-	C:\WINDOWS\Sysnative\dciman32.dll
2016-01-06 21:46:25	AD37B56D53795944240011FF4EEBBD30	911648	----a-w-	C:\WINDOWS\Sysnative\dcomp.dll
2016-01-06 21:46:25	ABC346A1CD915DEE6231BB4A7F0B96EC	204800	----a-w-	C:\WINDOWS\Sysnative\Microsoft-Windows-AppModelExecEvents.dll
2016-01-06 21:46:25	9FCC3D4817CCA5BCEF1FB4B14E523EBC	78336	----a-w-	C:\WINDOWS\Sysnative\BarcodeProvisioningPlugin.dll
2016-01-06 21:46:25	9BF34692BC6933BAB7627EC173EB1E8A	45568	----a-w-	C:\WINDOWS\Sysnative\atmlib.dll
2016-01-06 21:46:25	95AF774B7D20C3006DC0AC9AEDF48655	674816	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.dll
2016-01-06 21:46:25	89E74EC4422905377D45D58FD2832D02	408128	----a-w-	C:\WINDOWS\Sysnative\AUDIOKSE.dll
2016-01-06 21:46:25	890BF20BDF500E4E84720EA84448EDDF	275456	----a-w-	C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll
2016-01-06 21:46:25	87A8DD15B7DEAC51916358250E5BC7C5	122368	----a-w-	C:\WINDOWS\Sysnative\KnobsCsp.dll
2016-01-06 21:46:25	877512145CB9B3F6EBD5424DE15C14F8	365568	----a-w-	C:\WINDOWS\Sysnative\atmfd.dll
2016-01-06 21:46:25	85031015C1F1B9A7DAA002DAAEE341AA	2444288	----a-w-	C:\WINDOWS\Sysnative\twinui.appcore.dll
2016-01-06 21:46:25	8456D2DBEAC8F06712FE8AC2AB5A1AE2	969728	----a-w-	C:\WINDOWS\Sysnative\kerberos.dll
2016-01-06 21:46:25	82EDCF9C603F3FA09AAAACA82D34E74E	450560	----a-w-	C:\WINDOWS\Sysnative\Windows.Internal.Bluetooth.dll
2016-01-06 21:46:25	81785D31BEB7C741BB23BE0CB98E691F	536768	----a-w-	C:\WINDOWS\Sysnative\AudioSes.dll
2016-01-06 21:46:25	8109C3D1CFDC7AE78605D8F3EA4EAA20	586208	----a-w-	C:\WINDOWS\Sysnative\mf.dll
2016-01-06 21:46:25	80BF2990E01E774D64F6E13F30661942	162304	----a-w-	C:\WINDOWS\Sysnative\tetheringservice.dll
2016-01-06 21:46:25	7B106C453D6EF1A32F8669AD503E21BB	517632	----a-w-	C:\WINDOWS\Sysnative\winspool.drv
2016-01-06 21:46:25	71B94A84934AA3DA61378C4121523FEA	86528	----a-w-	C:\WINDOWS\Sysnative\AppCapture.dll
2016-01-06 21:46:25	6D64E74EF63AD36912C89EA80449A299	118272	----a-w-	C:\WINDOWS\Sysnative\fontsub.dll
2016-01-06 21:46:25	6D04648D2E3F42A295B6D080A948E9BA	163328	----a-w-	C:\WINDOWS\Sysnative\provops.dll
2016-01-06 21:46:25	6ABAC83AD594B0390C470F9C1C017382	3072	----a-w-	C:\WINDOWS\Sysnative\lpk.dll
2016-01-06 21:46:25	66312F4AFEFB1AE0B80051F8A5E5B26B	698208	----a-w-	C:\WINDOWS\Sysnative\wimgapi.dll
2016-01-06 21:46:25	5E7C875662B05B28E899F0C59B549645	286720	----a-w-	C:\WINDOWS\Sysnative\deviceaccess.dll
2016-01-06 21:46:25	559E4E19F481FBB9AF622E23772533CC	52736	----a-w-	C:\WINDOWS\Sysnative\RemovableMediaProvisioningPlugin.dll
2016-01-06 21:46:25	44699ED0B4D39D109D1BAEEF0DB66A9E	22572632	----a-w-	C:\WINDOWS\Sysnative\shell32.dll
2016-01-06 21:46:25	445E792DB399A2DA611B1F3C9DC6070D	11545088	----a-w-	C:\WINDOWS\Sysnative\twinui.dll
2016-01-06 21:46:25	3DF7BD7E0E0CFCF8D8856B639FD46C3C	30720	----a-w-	C:\WINDOWS\Sysnative\tetheringconfigsp.dll
2016-01-06 21:46:25	3690FAA19C6D3C68C033D0E5CB3BDB03	28160	----a-w-	C:\WINDOWS\Sysnative\Windows.Management.Provisioning.ProxyStub.dll
2016-01-06 21:46:25	36208F250EE9B93B87AD6384237373A9	110032	----a-w-	C:\WINDOWS\Sysnative\EncDump.dll
2016-01-06 21:46:25	25C9F417FA6FE9073392BD34630A89B4	17408	----a-w-	C:\WINDOWS\Sysnative\IcsEntitlementHost.exe
2016-01-06 21:46:25	233BA5B1A277D0A42E432E9A9F43EF7A	37376	----a-w-	C:\WINDOWS\Sysnative\LaunchWinApp.exe
2016-01-06 21:46:25	1A9A77ACDAC29C39F50D2A492FD0DB16	87040	----a-w-	C:\WINDOWS\Sysnative\tzautoupdate.dll
2016-01-06 21:46:25	1083375C70D529AA1C8224E13D9E6F40	334736	----a-w-	C:\WINDOWS\Sysnative\policymanager.dll
2016-01-06 21:46:25	0161DABC5CDB2BE6D0B91BEB5386B47D	52736	----a-w-	C:\WINDOWS\Sysnative\tetheringclient.dll
2016-01-06 21:45:57	F44AA79DF45B1CAE6E6C64372D846AA5	6359040	----a-w-	C:\WINDOWS\Sysnative\NlsData0009.dll
2016-01-06 21:45:57	E52612EA0C1C1ACD3ABFD09534F6AAE6	5739520	----a-w-	C:\WINDOWS\Sysnative\prm0009.dll
2016-01-06 21:45:57	8F1CD3FABC7F24FE329FE39A3EB58C58	2629632	----a-w-	C:\WINDOWS\Sysnative\NlsLexicons0009.dll
2016-01-06 21:44:38	E91942A0D00C6AA014B2EA33EE0ED0A3	35480	----a-w-	C:\WINDOWS\Sysnative\TsWpfWrp.exe
2016-01-06 21:44:38	E2296A6174894682DF8F0FF29FDDCC82	1166520	----a-w-	C:\WINDOWS\Sysnative\PresentationNative_v0300.dll
2016-01-06 21:44:38	C5FEF4B4A7FB961ECDB0AB07DBCF379E	124624	----a-w-	C:\WINDOWS\Sysnative\PresentationCFFRasterizerNative_v0300.dll
====== C:\WINDOWS\Sysnative\drivers =====
2016-01-12 23:02:58	40811857B266F02D75DE654AE92D98C9	953856	----a-w-	C:\WINDOWS\Sysnative\drivers\bthport.sys
2016-01-12 23:02:57	CC6C1393B423EBFF9F6696CB9CC4CBCB	245760	----a-w-	C:\WINDOWS\Sysnative\drivers\BthLEEnum.sys
2016-01-07 00:18:49	EFEFC245B884B1BE0401931398DCD707	2152800	----a-w-	C:\WINDOWS\Sysnative\drivers\ntfs.sys
2016-01-07 00:18:37	DBBACE77DDE8CCFD85B37B114965C385	147968	----a-w-	C:\WINDOWS\Sysnative\drivers\rmcast.sys
2016-01-07 00:18:35	DE6D7DC78D956928F59F7415A0F41E13	95072	----a-w-	C:\WINDOWS\Sysnative\drivers\sdstor.sys
2016-01-07 00:18:34	C24C27FDF93B85A4EFCF25F830253AA2	117248	----a-w-	C:\WINDOWS\Sysnative\drivers\capimg.sys
2016-01-07 00:18:34	80977779A19947939D680A4899E829EC	604928	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2016-01-07 00:18:32	7D8B9214692C4D0F1646215D9984E19A	161632	----a-w-	C:\WINDOWS\Sysnative\drivers\ksecpkg.sys
2016-01-06 21:48:33	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-01-06 21:46:25	EF536C54AB9281FDC4E83B07279FCFC4	35680	----a-w-	C:\WINDOWS\Sysnative\drivers\wimmount.sys
2016-01-06 21:46:25	91D3F2A6253EF83EFBD7903028F58C4D	118624	----a-w-	C:\WINDOWS\Sysnative\drivers\tdx.sys
2016-01-06 21:46:25	70148EFA9A562E7185B75BBE7D376BF7	578912	----a-w-	C:\WINDOWS\Sysnative\drivers\afd.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-01-12 23:08:20	--------	d-----w-	C:\Program Files\trend micro
2016-01-06 21:50:38	--------	d-----w-	C:\Program Files\Common Files\SpeechEngines
2016-01-06 21:49:12	--------	d-----w-	C:\Program Files\NVIDIA Corporation
2016-01-06 21:48:39	--------	d-----w-	C:\Program Files\Intel
2016-01-06 21:44:52	--------	d-----w-	C:\Program Files\Reference Assemblies
2016-01-06 21:44:52	--------	d-----w-	C:\Program Files\MSBuild
======= C:\PROGRA~2 =====
2016-01-06 21:50:38	--------	d-----w-	C:\PROGRA~2\COMMON~1\SpeechEngines
2016-01-06 21:49:20	--------	d--h--w-	C:\PROGRA~2\Uninstall Information
2016-01-06 21:49:12	--------	d-----w-	C:\PROGRA~2\NVIDIA Corporation
2016-01-06 21:48:37	--------	d-----w-	C:\PROGRA~2\COMMON~1\Intel
2016-01-06 21:44:52	--------	d-----w-	C:\PROGRA~2\Reference Assemblies
2016-01-06 21:44:52	--------	d-----w-	C:\PROGRA~2\MSBuild
2015-12-16 03:08:06	--------	d---a-w-	C:\PROGRA~2\uTorrent
======= C: =====
====== C:\Users\Mathias\AppData\Roaming ======
2016-01-14 04:32:45	2A2EA305544E23FDC7CD2B7F68E63755	192848	----a-w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2016-01-07 23:48:48	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing
2016-01-06 21:53:54	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages
2016-01-06 21:52:01	--------	d-----w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
2016-01-06 21:52:01	--------	d-----w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
2016-01-06 21:52:01	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
2016-01-06 21:52:01	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
2016-01-06 21:50:06	--------	d-s---r-	C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-01-06 21:50:06	--------	d-s---r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-01-06 21:50:06	--------	d-----w-	C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-01-06 21:50:06	--------	d-----w-	C:\Users\Mathias\AppData\Roaming
2016-01-06 21:50:06	--------	d-----w-	C:\Users\Mathias\AppData\Local\Temp
2016-01-06 21:50:06	--------	d-----w-	C:\Users\Mathias\AppData\Local\Microsoft
2016-01-06 21:50:06	--------	d-----w-	C:\Users\Mathias\AppData\Local
2016-01-06 21:50:06	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-01-06 21:50:06	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-01-06 21:50:06	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming
2016-01-06 21:50:06	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local\Temp
2016-01-06 21:50:06	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local\Microsoft
2016-01-06 21:50:06	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local
2016-01-06 21:50:06	--------	d-----r-	C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-01-06 21:50:06	--------	d-----r-	C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-01-06 21:50:06	--------	d-----r-	C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-01-06 21:50:06	--------	d-----r-	C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-01-06 21:50:06	--------	d-----r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-01-06 21:50:06	--------	d-----r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-01-06 21:50:06	--------	d-----r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-01-06 21:49:20	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2016-01-06 21:48:27	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache
2016-01-06 21:48:10	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming
2016-01-06 21:48:10	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp
2016-01-06 21:48:10	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft
2016-01-06 21:48:10	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\Local
2016-01-06 21:48:10	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming
2016-01-06 21:48:10	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp
2016-01-06 21:45:40	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft
2016-01-02 23:02:40	--------	d-----w-	C:\Users\Mathias\AppData\Local\Comms
2015-12-29 20:25:58	--------	d-----w-	C:\Users\Mathias\AppData\Local\Activision
====== C:\Users\Mathias ======
2016-01-12 00:40:11	ECFE1C2B2E07596E78C39637F5303E25	6805440	----a-w-	C:\Users\Mathias\Downloads\ccsetup_513.exe
2016-01-12 00:28:45	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Mathias\Downloads\RSITx64.exe
2016-01-07 22:03:12	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\DefaultAppPool\ntuser.ini
2016-01-06 21:54:52	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\Mathias\ntuser.ini
2016-01-06 21:50:06	--------	d--h--w-	C:\Users\Mathias\AppData
2016-01-06 21:50:06	--------	d--h--w-	C:\Users\DefaultAppPool\AppData
2016-01-06 21:49:53	51016D2F16AC470F1132553BB5196428	327680	----a-w-	C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bak
2016-01-06 21:49:53	20BFFEECFA1A2C919BBDABBA8B784F26	4194304	----a-w-	C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bin
2016-01-06 21:49:22	--------	d-----w-	C:\ProgramData\NVIDIA
2016-01-06 21:49:16	--------	d-----w-	C:\ProgramData\NVIDIA Corporation
2016-01-06 21:48:27	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\winhttp
2016-01-06 21:48:10	--------	d--h--w-	C:\WINDOWS\serviceprofiles\networkservice\AppData
2016-01-06 21:48:10	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\Saved Games
2016-01-06 21:48:10	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\Saved Games
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Videos
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Pictures
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Music
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Links
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Favorites
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Downloads
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Documents
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Desktop
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Videos
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Pictures
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Music
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Links
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Favorites
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Downloads
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Documents
2016-01-06 21:48:10	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Desktop

====== C: exe-files ==
2016-01-12 23:08:20	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Mathias.exe
2016-01-12 23:03:07	8ED88C794234FC7755366E0532471360	9371488	----a-w-	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
2016-01-12 23:03:07	26BC5501372848420F794CF091872DE5	7318896	----a-w-	C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
2016-01-12 23:03:03	43807C26BF18DA3EDFB5F4FFFD92BCD8	7477600	----a-w-	C:\Windows\System32\ntoskrnl.exe
2016-01-12 23:03:01	AD509AC05E94B96768165FA744642AD9	703840	----a-w-	C:\Windows\SysWOW64\WWAHost.exe
2016-01-12 23:03:01	76F240DE951303CD5B717C9583C4C8C0	808800	----a-w-	C:\Windows\System32\WWAHost.exe
2016-01-12 23:03:00	7B24B823404D53DA4748F21AD2BF04C9	584704	----a-w-	C:\Windows\System32\winlogon.exe
2016-01-12 23:03:00	3A6DFDE14FEDB078985C6D0EA8C19FC9	162816	----a-w-	C:\Windows\System32\DeviceCensus.exe
2016-01-12 23:02:59	EF3D67F37ACC4CEFFDC853B960EC5856	1141496	----a-w-	C:\Windows\System32\winload.exe
2016-01-12 23:02:59	EF3D67F37ACC4CEFFDC853B960EC5856	1141496	----a-w-	C:\Windows\System32\Boot\winload.exe
2016-01-12 23:02:58	CC1C7CA4077F0BFA920C70F2E4F48D82	219136	----a-w-	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
2016-01-12 23:02:58	B94746868C7AD8F0449662E8552E55DE	145920	----a-w-	C:\Windows\System32\omadmclient.exe
2016-01-12 23:02:57	C8C10002DF980C3830D103960957AA3C	1582080	----a-w-	C:\Windows\System32\aitstatic.exe
2016-01-12 23:02:57	3FE3E8C8495C10BFEE0CBFF21EC14C2A	104448	----a-w-	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
2016-01-12 00:40:11	ECFE1C2B2E07596E78C39637F5303E25	6805440	----a-w-	C:\Users\Mathias\Downloads\ccsetup_513.exe
2016-01-12 00:28:45	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Mathias\Downloads\RSITx64.exe
=== C: other files ==
2016-01-12 23:02:58	40811857B266F02D75DE654AE92D98C9	953856	----a-w-	C:\Windows\System32\drivers\bthport.sys
2016-01-12 23:02:57	CC6C1393B423EBFF9F6696CB9CC4CBCB	245760	----a-w-	C:\Windows\System32\drivers\BthLEEnum.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-482935340-3259083738-37802165-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Mathias\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"uTorrent"="C:\Program Files (x86)\uTorrent\uTorrent.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-21-482935340-3259083738-37802165-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Mathias\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Mathias\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Mathias\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"uTorrent"="C:\Program Files (x86)\uTorrent\uTorrent.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Mathias\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Mathias\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"
"Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized"
"LogiOptions"="C:\Program Files\Logitech\LogiOptions\LogiOptions.exe /noui"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CCleaner Monitoring"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DAEMON Tools Lite"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Origin Client Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Steam Client Service]


==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [29-12-2015 00:10]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\Core Temp Autostart Mathias" ["C:\Program Files\Core Temp\Core Temp.exe"]
"C:\WINDOWS\SysNative\tasks\EVGAPrecisionX" [C:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionX_x64.exe]
"C:\WINDOWS\SysNative\tasks\IntelMemoryDiagnostic" ["C:\Users\Mathias\AppData\Local\Temp\d3dx10.exe"]
"C:\WINDOWS\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{AF3E45F2-DD10-4F76-A16C-DA2B01DAF2D1}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\WINDOWS\SysNative\tasks\Speedfan\Speedfan" ["C:\Program Files (x86)\SpeedFan\speedfan.exe"]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Mathias\AppData\Roaming\Mozilla\Firefox\Profiles\ys2eczs7.default
user_pref("browser.startup.homepage", "https://www.google.be/?gfe_rd=cr&ei=zXyZVdTmBoqI8QfhxYHACQ&gws_rd=ssl");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [12-12-2015 16:22]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Mathias\AppData\Roaming\Mozilla\Firefox\Profiles\ys2eczs7.default
- Blur - %ProfilePath%\extensions\donottrackplus@abine.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Mathias\AppData\Roaming\Mozilla\Firefox\Profiles\ys2eczs7.default
18CF51689186AEB9D1D149AEB0E92D03	- C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -	Microsoft Office 2013
70858ED7836E5C849D33576A84DC8CCF	- C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll -	Shockwave Flash


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[29-11-2015 16:50]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Mathias\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Mathias\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mathias\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: PrecisionX_x64.exe
O4 - Startup: speedfan.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Mathias\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Mathias\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Mathias\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Mathias\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Mathias\AppData\Local\Mozilla\Firefox\Profiles\ys2eczs7.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=32 folders=37 32622813 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Mathias\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 14-01-2016 at 19:32:57,12 ======================