Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Solange on do 16-06-2016 at 21:06:57,69.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Solange\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

16-6-2016 21:07:49 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\DropboxCopyHook {FBC9D74C-AF55-4309-9FB2-C426E071637F} C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\PROGRA~2\Adobe deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Solange\AppData\Local\ActiveSync deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
C:\Windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Users\Solange\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Solange\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
C:\Users\Solange\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Adobe not found
C:\Users\Solange\AppData\Local\Adobe deleted
C:\PROGRA~3\Kingsoft deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\Tasks\avast! SL Update deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 8095 MB
CPU Info: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
CPU Speed: 2260,0 MHz
Sound Card: Luidsprekers (Realtek High Defi | 
Display Adapters: Intel(R) HD Graphics 5500 | Intel(R) HD Graphics 5500 | Intel(R) HD Graphics 5500
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Realtek PCIe GBE Family Controller | Qualcomm Atheros AR9485 Wireless Network Adapter
CD / DVD Drives: No optical drives found.
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 2 Button Mouse Present
Hard Disks: C:  118,5GB
Hard Disks - Free: C:  80,4GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE |  | _ASUS_ - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASUSTeK COMPUTER INC. X302LA
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Default Browser: Firefox	47.0
Internet Explorer Version: 11.420.10586.0 
Mozilla Firefox version: 47.0 (x86 nl)
Flash Player version: 22.0.0.192

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2016-06-15 18:04:12	E15BEB03592BA12C5C99E2BA46146BDD	4515264	----a-w-	C:\Windows\explorer.exe
2016-05-31 20:36:20	6D7FDBF9CEAC51A76750FD38CF801F30	3584	----a-w-	C:\Windows\SECOH-QAD.dll
2016-05-31 20:36:20	38DE5B216C33833AF710E88F7F64FC98	4608	----a-w-	C:\Windows\SECOH-QAD.exe
2016-05-31 19:07:08	9FFBB81A2AD7AE8AE05D7B0169E16E68	67584	--s-a-w-	C:\Windows\bootstat.dat
====== C:\Users\Solange\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2016-06-15 18:04:26	92347FC58A8BD2A45F440239EA9A4F04	12128256	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2016-06-15 18:04:25	6D879552B32CCD2536F66F4F88F54800	19344384	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2016-06-15 18:04:25	21D80595A8427CB6F1DDC134E948AECE	6295552	----a-w-	C:\Windows\SysWOW64\mos.dll
2016-06-15 18:04:24	DDE33C05D644CC57429340ACB2DA53C5	18674176	----a-w-	C:\Windows\SysWOW64\edgehtml.dll
2016-06-15 18:04:22	6762E4ACE8D11FCD80EA4011DD22B857	5660160	----a-w-	C:\Windows\SysWOW64\Chakra.dll
2016-06-15 18:04:21	DCAC3EE469A3B0C0EC5660D730DF6BDF	9918976	----a-w-	C:\Windows\SysWOW64\twinui.dll
2016-06-15 18:04:20	7823862FA05558EB61C72D8A5A163ADA	3664896	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2016-06-15 18:04:20	02ABF6A6775B745CCCEAEB4594AA6354	5323776	----a-w-	C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 18:04:19	D8C44C34BC206902947E55E2C94E8D38	2921880	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2016-06-15 18:04:19	105DE7AF1C9763E56D5322CECF3465EB	5205504	----a-w-	C:\Windows\SysWOW64\BingMaps.dll
2016-06-15 18:04:16	B981A07C0A0CCE68BD90DF3E3EC520DE	1707520	----a-w-	C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-06-15 18:04:15	71DF6482300C802BB104514F34B460F0	91648	----a-w-	C:\Windows\SysWOW64\tdlrecover.exe
2016-06-15 18:04:14	B9AD8E15F6641E328C1543688B5EE2E8	2061824	----a-w-	C:\Windows\SysWOW64\MFMediaEngine.dll
2016-06-15 18:04:14	B004992A381FCE04934893BB7D9BDD19	504320	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2016-06-15 18:04:14	92A252E7DAF67D36BC81758A0F8596EB	2195632	----a-w-	C:\Windows\SysWOW64\d3d10warp.dll
2016-06-15 18:04:14	5922C03A67F868265E5AB176DB6D641D	316256	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2016-06-15 18:04:13	F58B6B20BB45E99C99D0F2B73B9EE373	1372312	----a-w-	C:\Windows\SysWOW64\gdi32.dll
2016-06-15 18:04:12	836DF245362A9E09CC050EB107E85D74	467456	----a-w-	C:\Windows\SysWOW64\AppContracts.dll
2016-06-15 18:04:12	7FFD756E7DD8BA83B4B4EF41F51B7DF5	1582080	----a-w-	C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 18:04:11	CA90D72C7249D79017057F1F48FD1958	711680	----a-w-	C:\Windows\SysWOW64\MapControlCore.dll
2016-06-15 18:04:11	8162BC2EC9E529AA90F196A12D887308	4268880	----a-w-	C:\Windows\SysWOW64\setupapi.dll
2016-06-15 18:04:11	56339962C1448BA2CF4C4D25C89938D2	521664	----a-w-	C:\Windows\SysWOW64\dxgi.dll
2016-06-15 18:04:11	1E497317417C1C68B5453DD04721B16D	614400	----a-w-	C:\Windows\SysWOW64\winhttp.dll
2016-06-15 18:04:10	E724CB02012CEBF773DC9FE304DCD946	501600	----a-w-	C:\Windows\SysWOW64\NetSetupEngine.dll
2016-06-15 18:04:10	A142F1D0FF07C172FA90075B7848CCD0	521728	----a-w-	C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-15 18:04:09	E391DD57E6965C8D2DB05A4A52F80EC8	546456	----a-w-	C:\Windows\SysWOW64\fontdrvhost.exe
2016-06-15 18:04:09	B09DFF7CD8E40EA77559C87F3BF310DE	703840	----a-w-	C:\Windows\SysWOW64\WWAHost.exe
2016-06-15 18:04:09	B011360F95F911F025BC91CB17449798	1500160	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2016-06-15 18:04:08	FBBE8B9147474379F54F8A1BACBF9748	388384	----a-w-	C:\Windows\SysWOW64\ws2_32.dll
2016-06-15 18:04:08	FB8900191867C5B4AA61AF85B8DD1869	4074160	----a-w-	C:\Windows\SysWOW64\explorer.exe
2016-06-15 18:04:08	73A58788F32A98E446220B5E48843967	349696	----a-w-	C:\Windows\SysWOW64\MapConfiguration.dll
2016-06-15 18:04:07	388077FF1642D94BF81F9D814F22BBA2	499712	----a-w-	C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-06-15 18:04:07	1B4F03A9F11169672067ED4FD7504AD6	1445888	----a-w-	C:\Windows\SysWOW64\SRHInproc.dll
2016-06-15 18:04:06	0B2EB30A9E987E8F85C9B28BDE04F028	254656	----a-w-	C:\Windows\SysWOW64\LockAppHost.exe
2016-06-15 18:04:04	A495EA4706387D12C00641D8C48BA527	890368	----a-w-	C:\Windows\SysWOW64\AppxPackaging.dll
2016-06-15 18:04:04	9BBE7D1B5B0FC534CBA0B2444BD05204	957608	----a-w-	C:\Windows\SysWOW64\ole32.dll
2016-06-15 18:04:03	C3BB1475ABDFBC0BB5A37D8BAF3DE733	687616	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2016-06-15 18:04:02	B503CB64CC62265B914DA10A5CF87B05	2230272	----a-w-	C:\Windows\SysWOW64\wininet.dll
2016-06-15 18:04:02	1F5B5642253FC9760EEACD81900C38DC	312160	----a-w-	C:\Windows\SysWOW64\mswsock.dll
2016-06-15 18:04:02	110EE87B0F4E38609AD73E9075EF82A4	97096	----a-w-	C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-15 18:04:00	20D8DBFB40E025C2E99F7146E48116CD	800768	----a-w-	C:\Windows\SysWOW64\JpMapControl.dll
2016-06-15 18:03:58	1C09B75EF1869E7790444928F89E3D3C	50176	----a-w-	C:\Windows\SysWOW64\MosHostClient.dll
2016-06-15 18:03:57	D93D6F9BC1EE3329A9DCF3B9591EB156	219136	----a-w-	C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-06-15 18:03:56	551624F398703A90CAFCC5777CEA99E8	450560	----a-w-	C:\Windows\SysWOW64\SyncController.dll
2016-06-15 18:03:56	2FDF5001427D457AC43942FADC742404	360480	----a-w-	C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-15 18:03:55	F07AE86B2CD1C2CF6AE7812C60299032	535040	----a-w-	C:\Windows\SysWOW64\rastls.dll
2016-06-15 18:03:55	CD12A269274F2916A3661198E13CBBC4	799744	----a-w-	C:\Windows\SysWOW64\SRH.dll
2016-06-15 18:03:55	8000FB1D40149AC05F6BDE9248A6B956	230400	----a-w-	C:\Windows\SysWOW64\dhcpcore6.dll
2016-06-15 18:03:54	A3B6AED415AEEA114597E5043F45FF18	415232	----a-w-	C:\Windows\SysWOW64\StoreAgent.dll
2016-06-15 18:03:54	688687C8D860657E6BFDD77B0FFE1DE4	59904	----a-w-	C:\Windows\SysWOW64\MosStorage.dll
2016-06-15 18:03:54	53BD5A0B7D0B027984D99BEDB945CEE6	84832	----a-w-	C:\Windows\SysWOW64\NetSetupApi.dll
2016-06-15 18:03:54	4DED20A327D15D69FB85310D14D67711	291328	----a-w-	C:\Windows\SysWOW64\polstore.dll
2016-06-15 18:03:53	F62430C1C9A23E5BAD5C4A43A66F662B	87040	----a-w-	C:\Windows\SysWOW64\MapsBtSvc.dll
2016-06-15 18:03:53	861D71E2284DCEA5E9309CDE8D920252	485888	----a-w-	C:\Windows\SysWOW64\newdev.dll
2016-06-15 18:03:52	56DEB6F17F290B8C4AF8B2AA10097B55	88576	----a-w-	C:\Windows\SysWOW64\olepro32.dll
2016-06-15 18:03:52	4243F729D260C0D6C6A3B605F51FD518	103424	----a-w-	C:\Windows\SysWOW64\updatepolicy.dll
2016-06-15 18:03:50	88A3958213B43EED8402D4496149924A	64000	----a-w-	C:\Windows\SysWOW64\dhcpcsvc.dll
2016-06-15 18:03:50	4F34CCC76E60CCE8BA12663A747EC05B	57344	----a-w-	C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-06-15 18:03:49	CEF14DB231B344BBDBF7C04A12D8336B	293888	----a-w-	C:\Windows\SysWOW64\dhcpcore.dll
2016-06-15 18:03:49	5DC9ED2C89D94C47892DF237D604BDC8	200192	----a-w-	C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-06-15 18:03:49	4C6145BBEFDD7092ABFA5F7614BA2E66	53760	----a-w-	C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 18:03:48	A9E193BE154B7145EF06FD0FD10232A0	151040	----a-w-	C:\Windows\SysWOW64\mdmregistration.dll
2016-06-15 18:03:48	9BD17D372080234722C1139DAC039C9D	93696	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2016-06-15 18:03:48	3C563003AFDD2E6CDC199C2EBDB07886	784896	----a-w-	C:\Windows\SysWOW64\NMAA.dll
2016-06-15 18:03:47	69E1CFC67F4A4043F01AD3513A73ED02	161280	----a-w-	C:\Windows\SysWOW64\InstallAgent.exe
2016-06-15 18:03:46	FB68B81CBD3F79D09E3EA1D0DFB424B6	37376	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2016-06-15 17:15:08	2FC7EF5D9FE2F3CB1384C2B9DE84C664	342680	----a-w-	C:\Windows\SysWOW64\SRCOM.dll
2016-06-15 17:15:05	F976CA9BF83A0BDDDCA79910C07F5092	570960	----a-w-	C:\Windows\SysWOW64\SECOMN32.DLL
2016-06-15 17:15:05	5053B085A298504913E7675E2F13367B	85152	----a-w-	C:\Windows\SysWOW64\SFCOM.dll
2016-06-15 17:15:00	5807FCD534EBA7E1398CD45962852F2A	2632440	----a-w-	C:\Windows\SysWOW64\RltkAPO.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2016-06-15 18:04:33	C1B13204994572C941C14A7FF410C4D6	24605696	----a-w-	C:\Windows\Sysnative\mshtml.dll
2016-06-15 18:04:32	2FEEF51C4A1DB9D1334D5B77DEC92865	22379008	----a-w-	C:\Windows\Sysnative\edgehtml.dll
2016-06-15 18:04:30	EBE69568E527FD4EF37EDD0C62608B28	7977472	----a-w-	C:\Windows\Sysnative\mos.dll
2016-06-15 18:04:29	F7A0927CE6772BD2B809DAB4C18F52F2	46784	----a-w-	C:\Windows\Sysnative\CompatTelRunner.exe
2016-06-15 18:04:29	8E49ED08328FB7446228617B129DD377	7200256	----a-w-	C:\Windows\Sysnative\BingMaps.dll
2016-06-15 18:04:29	05E07AE24F3BE69DEF01145C9BF99B8C	6973952	----a-w-	C:\Windows\Sysnative\Windows.Data.Pdf.dll
2016-06-15 18:04:28	CE8A06FE15854BAEE15E5E87D1CB6EBA	1401024	----a-w-	C:\Windows\Sysnative\appraiser.dll
2016-06-15 18:04:28	26E32337D1525AE114645A53EBA9ECDE	13385728	----a-w-	C:\Windows\Sysnative\ieframe.dll
2016-06-15 18:04:27	A68F4601A79556A0E912458703D30A1D	7832576	----a-w-	C:\Windows\Sysnative\Chakra.dll
2016-06-15 18:04:27	9EDE32C8BEAF4E95CBCE3CA158984D2A	3585536	----a-w-	C:\Windows\Sysnative\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 18:04:27	80851FD6C1795071602244DDAC856C78	11545088	----a-w-	C:\Windows\Sysnative\twinui.dll
2016-06-15 18:04:24	1CF69EF4E2844F9D297F309CF80122CB	2168320	----a-w-	C:\Windows\Sysnative\AppXDeploymentServer.dll
2016-06-15 18:04:23	D2A63D882C5A702C0E3081D4CC6855B0	3994624	----a-w-	C:\Windows\Sysnative\SettingsHandlers_nt.dll
2016-06-15 18:04:23	3704397D35001B56B371B3395BD8B876	123392	----a-w-	C:\Windows\Sysnative\tdlrecover.exe
2016-06-15 18:04:23	224DC52AE777A1B23A6774B6C4C04853	2609664	----a-w-	C:\Windows\Sysnative\NetworkMobileSettings.dll
2016-06-15 18:04:21	5370350A591EC5A55801AA8378DFADCE	4896256	----a-w-	C:\Windows\Sysnative\jscript9.dll
2016-06-15 18:04:20	C3417E8791096AA0E211B201ACA66757	2582016	----a-w-	C:\Windows\Sysnative\MFMediaEngine.dll
2016-06-15 18:04:20	B89C353AFC8F56D961D07FF1FE7B4BCD	1339904	----a-w-	C:\Windows\Sysnative\gpsvc.dll
2016-06-15 18:04:19	730D45D8008EECC0BAD2CBEB48A5EA6F	853504	----a-w-	C:\Windows\Sysnative\MapsStore.dll
2016-06-15 18:04:19	2C3C82F85556F91EC1621268DDCC7554	3675512	----a-w-	C:\Windows\Sysnative\iertutil.dll
2016-06-15 18:04:18	C49E5A83F5454A06A1306A8B1589B928	1996288	----a-w-	C:\Windows\Sysnative\ActiveSyncProvider.dll
2016-06-15 18:04:18	4B4439FE941574FDF7A757DF6E100705	3590144	----a-w-	C:\Windows\Sysnative\win32kfull.sys
2016-06-15 18:04:18	4799A06F0BC0694E8D6FBF38110B7F65	939520	----a-w-	C:\Windows\Sysnative\MapControlCore.dll
2016-06-15 18:04:18	131547B1C1D2ABD355C5DFE945BCB9A4	693600	----a-w-	C:\Windows\Sysnative\NetSetupEngine.dll
2016-06-15 18:04:17	DDA0A83CA083DC6CBFAB7015B10F5377	1716736	----a-w-	C:\Windows\Sysnative\SRHInproc.dll
2016-06-15 18:04:17	5CE34C981833706A0B6051572AC5B6CE	379232	----a-w-	C:\Windows\Sysnative\atmfd.dll
2016-06-15 18:04:17	2BB3FACF2648595E14FAD596DC68DB65	7474528	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2016-06-15 18:04:17	186F9035AEF7E15C4D3F15C3536AB24C	2548944	----a-w-	C:\Windows\Sysnative\d3d10warp.dll
2016-06-15 18:04:16	D56E06BE971D9AE99400D435D28D56ED	592896	----a-w-	C:\Windows\Sysnative\AppContracts.dll
2016-06-15 18:04:16	CA2F55C653DEEEC99802103AD6C9E810	1797120	----a-w-	C:\Windows\Sysnative\Windows.UI.Immersive.dll
2016-06-15 18:04:16	A8AFB8AD3E24134382BFA0EBE534F95C	290496	----a-w-	C:\Windows\Sysnative\invagent.dll
2016-06-15 18:04:16	8D3AC00C88BC2A63D1D3CC320E0EAA19	2281472	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2016-06-15 18:04:16	7ECACE6D0B4C2D323408EB00FD93C682	503808	----a-w-	C:\Windows\Sysnative\tileobjserver.dll
2016-06-15 18:04:15	E7522EFA8A09808046F88BCF3F1B8827	1594416	----a-w-	C:\Windows\Sysnative\gdi32.dll
2016-06-15 18:04:15	729B7FF96EC3C2EC13EEBD12BBF15322	649792	----a-w-	C:\Windows\Sysnative\dxgi.dll
2016-06-15 18:04:15	6521E1FB66B3E1897C4EFDECC7C95D4C	606208	----a-w-	C:\Windows\Sysnative\vbscript.dll
2016-06-15 18:04:14	E91AB87F7E533BA1566FDEC651347E07	988160	----a-w-	C:\Windows\Sysnative\NMAA.dll
2016-06-15 18:04:14	D4B30E23A3B373648F61290DAF432CB2	794624	----a-w-	C:\Windows\Sysnative\winhttp.dll
2016-06-15 18:04:14	669A63116B94E259A6D583C099A6B48C	460800	----a-w-	C:\Windows\Sysnative\MapConfiguration.dll
2016-06-15 18:04:14	5AAB28A6AC2AAC9F66D4EAB6695D0474	963072	----a-w-	C:\Windows\Sysnative\iphlpsvc.dll
2016-06-15 18:04:13	F0DF375130CF8A135D9BF5459BD7691D	636304	----a-w-	C:\Windows\Sysnative\fontdrvhost.exe
2016-06-15 18:04:13	C9CF27CF340A5909B1C1953776957C87	567808	----a-w-	C:\Windows\Sysnative\MBMediaManager.dll
2016-06-15 18:04:13	C39B97A8B3C193303D09A3C95AF46531	1322248	----a-w-	C:\Windows\Sysnative\ole32.dll
2016-06-15 18:04:13	A63889B4BCFDF67306AC239374F823B0	2066432	----a-w-	C:\Windows\Sysnative\AppXDeploymentExtensions.dll
2016-06-15 18:04:12	FA8E0A9C648035CA1B47C9DA77EDB7EA	380416	----a-w-	C:\Windows\Sysnative\SystemEventsBrokerServer.dll
2016-06-15 18:04:12	E53E383F2C47424BD793210CC3A17FE5	808288	----a-w-	C:\Windows\Sysnative\WWAHost.exe
2016-06-15 18:04:12	CD9F1B2F8D6FDDEB0501666542E31D96	990208	----a-w-	C:\Windows\Sysnative\SharedStartModel.dll
2016-06-15 18:04:12	248EE89220C4B1156EDA5F295C9133D3	1730560	----a-w-	C:\Windows\Sysnative\urlmon.dll
2016-06-15 18:04:10	F69610C2C741B025CE28BBAA7DA8A9EA	684544	----a-w-	C:\Windows\Sysnative\StructuredQuery.dll
2016-06-15 18:04:10	F68AD4ACC7535D811F94A52233AE0457	430312	----a-w-	C:\Windows\Sysnative\ws2_32.dll
2016-06-15 18:04:10	E3B8996D970DB8926A817A4BFC3DA5FD	285184	----a-w-	C:\Windows\Sysnative\VEEventDispatcher.dll
2016-06-15 18:04:10	8DB6AE22A974739EB53C7FA3DBD7EAAA	1390080	----a-w-	C:\Windows\Sysnative\Windows.UI.Shell.dll
2016-06-15 18:04:10	3EAE04B6CBACAB9CF850A5009F02065E	730344	----a-w-	C:\Windows\Sysnative\Windows.Internal.Shell.Broker.dll
2016-06-15 18:04:10	3CF4B1B09166346F5CA6C3BFBEF2EB8C	1056256	----a-w-	C:\Windows\Sysnative\JpMapControl.dll
2016-06-15 18:04:09	BD5DD35352A6DEDBBF1472C06A123E27	965632	----a-w-	C:\Windows\Sysnative\SRH.dll
2016-06-15 18:04:09	56622DFB0F03B7697B054F256C900A8E	303216	----a-w-	C:\Windows\Sysnative\LockAppHost.exe
2016-06-15 18:04:09	4973B94DE96E78AF1128A557846E8411	4387680	----a-w-	C:\Windows\Sysnative\setupapi.dll
2016-06-15 18:04:09	0D33D06EF42E3BC6A7BBC4F7F7517C25	368640	----a-w-	C:\Windows\Sysnative\usocore.dll
2016-06-15 18:04:08	F818A7A8BA20F9E20087248FFF1717C8	90624	----a-w-	C:\Windows\Sysnative\DeviceEnroller.exe
2016-06-15 18:04:08	CAB0FCF4F680E552329366614C83A808	630784	----a-w-	C:\Windows\Sysnative\MessagingDataModel2.dll
2016-06-15 18:04:08	87F0A5CDFF9DE712B1F009EDBF8D9779	641536	----a-w-	C:\Windows\Sysnative\enterprisecsps.dll
2016-06-15 18:04:07	F3E636B2A747493206336114208918FB	173056	----a-w-	C:\Windows\Sysnative\mdmmigrator.dll
2016-06-15 18:04:07	861DE49C2ACE112CE1A83DF5E6A7AB97	239104	----a-w-	C:\Windows\Sysnative\BrokerLib.dll
2016-06-15 18:04:07	5B813FADEA5BE9195F01C83287F823F7	190464	----a-w-	C:\Windows\Sysnative\wscsvc.dll
2016-06-15 18:04:06	DF7A59E70F398EEB9FDCDD310987D8AE	1073152	----a-w-	C:\Windows\Sysnative\RDXService.dll
2016-06-15 18:04:06	BDF4623C41C0782EE640C2466510FDD7	784384	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2016-06-15 18:04:06	4F2621E187382D22045D0BC65B23858E	587776	----a-w-	C:\Windows\Sysnative\bisrv.dll
2016-06-15 18:04:06	2885631DD8DDB06C091310E6C837AFB0	92352	----a-w-	C:\Windows\Sysnative\acmigration.dll
2016-06-15 18:04:05	6DC05FFA78B5E1D34AFDBA08D00B1A8B	22561256	----a-w-	C:\Windows\Sysnative\shell32.dll
2016-06-15 18:04:04	BEE99FBB55E3BFFCF85D0C0A8D26261F	431296	----a-w-	C:\Windows\Sysnative\bcryptprimitives.dll
2016-06-15 18:04:04	9547F6675FB25D558BB0F10F1EC9DDD8	591360	----a-w-	C:\Windows\Sysnative\vpnike.dll
2016-06-15 18:04:04	77C9887E5E4A99F3A6F717DF24874E00	66560	----a-w-	C:\Windows\Sysnative\MosHostClient.dll
2016-06-15 18:04:04	76A304EBFC5FF61C5F5B35259AA64EAE	269824	----a-w-	C:\Windows\Sysnative\moshostcore.dll
2016-06-15 18:04:04	75CC21C976BFF286E706AA2D133EB9D4	2755584	----a-w-	C:\Windows\Sysnative\wininet.dll
2016-06-15 18:04:03	FA2CDF42B3E9F53B12E506BA48BE16AA	72704	----a-w-	C:\Windows\Sysnative\moshost.dll
2016-06-15 18:04:03	57C88C15CEC97318F580D7F4327AAA46	163328	----a-w-	C:\Windows\Sysnative\tetheringservice.dll
2016-06-15 18:04:03	39231A451D553196A909D02C05945CED	428896	----a-w-	C:\Windows\Sysnative\hal.dll
2016-06-15 18:04:03	1A7C3451A5BD863F9FC4D7421D353374	982016	----a-w-	C:\Windows\Sysnative\AppxPackaging.dll
2016-06-15 18:04:02	DD285F10B3AB2588FED953E559ABEADD	610816	----a-w-	C:\Windows\Sysnative\rastls.dll
2016-06-15 18:04:02	2E6EBC6F331900D943EB5F58C1835AFB	417792	----a-w-	C:\Windows\Sysnative\dmenrollengine.dll
2016-06-15 18:04:02	199298181CB86E5056D82BD1F86C8A97	357216	----a-w-	C:\Windows\Sysnative\mswsock.dll
2016-06-15 18:04:02	0272C6FF9DB6902D9958AC108EB7F7C2	120320	----a-w-	C:\Windows\Sysnative\MapsBtSvc.dll
2016-06-15 18:04:01	4F99255A964A4009D434338D87A3610D	332288	----a-w-	C:\Windows\Sysnative\polstore.dll
2016-06-15 18:03:59	0DA05DFF1CFF34D421475DCEEB4F42A8	74752	----a-w-	C:\Windows\Sysnative\MosStorage.dll
2016-06-15 18:03:58	D67052BD0DA9C17BCBBF8AB5B6D354EE	392192	----a-w-	C:\Windows\Sysnative\IPSECSVC.DLL
2016-06-15 18:03:58	6655228B16A6371BE3B45E7913B52250	111064	----a-w-	C:\Windows\Sysnative\ncryptsslp.dll
2016-06-15 18:03:57	FEAFB991662BF0AD233CC090E83E4FD3	131248	----a-w-	C:\Windows\Sysnative\gpapi.dll
2016-06-15 18:03:57	9E79A2208A9ED205A7383CBC92C28053	79872	----a-w-	C:\Windows\Sysnative\cryptsvc.dll
2016-06-15 18:03:57	579BA42B70965456C170E98BD481E8F6	315392	----a-w-	C:\Windows\Sysnative\RDXTaskFactory.dll
2016-06-15 18:03:56	9A293A4EE7C2283AD9689AB268B6CBA5	555520	----a-w-	C:\Windows\Sysnative\SyncController.dll
2016-06-15 18:03:56	6B585B45402B04EF80CB81969682DBE6	693760	----a-w-	C:\Windows\Sysnative\internetmail.dll
2016-06-15 18:03:56	537CC506D45C691CD1FFF2D918E8C27C	174080	----a-w-	C:\Windows\Sysnative\SettingsHandlers_Privacy.dll
2016-06-15 18:03:55	FFFDA814EE04E06DA9F0BADAA22ABBFD	145920	----a-w-	C:\Windows\Sysnative\omadmclient.exe
2016-06-15 18:03:55	D7C68ADAF1DA79072A44620CD3042E44	170848	----a-w-	C:\Windows\Sysnative\NetworkUXBroker.exe
2016-06-15 18:03:55	D5F1729225B3D3B69F76A191320952C7	514752	----a-w-	C:\Windows\Sysnative\devinv.dll
2016-06-15 18:03:55	D07172DFA6BD46545A7708DD78F02D14	1184960	----a-w-	C:\Windows\Sysnative\aeinv.dll
2016-06-15 18:03:55	672694F7708B6531F7B3219D9FAE2845	199168	----a-w-	C:\Windows\Sysnative\GnssAdapter.dll
2016-06-15 18:03:54	A83B4BBA591A3243C61DB825201BA024	115040	----a-w-	C:\Windows\Sysnative\NetSetupApi.dll
2016-06-15 18:03:54	83BF0EE2DB8AB8059B8979E7DF143AF1	26408	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2016-06-15 18:03:54	26E9FC9FFDEF863021D3C18A30B4373F	267264	----a-w-	C:\Windows\Sysnative\dhcpcore6.dll
2016-06-15 18:03:53	EFE15754302A2188C933164CFF9AEFD1	111104	----a-w-	C:\Windows\Sysnative\updatepolicy.dll
2016-06-15 18:03:53	D461D2BECEFA661291EB1B748A8D2CCB	355840	----a-w-	C:\Windows\Sysnative\dhcpcore.dll
2016-06-15 18:03:53	C91D271837F2A7DE9875CF50068BF503	511488	----a-w-	C:\Windows\Sysnative\newdev.dll
2016-06-15 18:03:53	38A4CE75D9E6FDC28393971ADFD6F9FB	218624	----a-w-	C:\Windows\Sysnative\cdd.dll
2016-06-15 18:03:52	8561E653AEB0EFCAD88DE082C282E831	76800	----a-w-	C:\Windows\Sysnative\ngcpopkeysrv.dll
2016-06-15 18:03:52	519E5DB2F227B7293EF94D18D5753738	157184	----a-w-	C:\Windows\Sysnative\dmcertinst.exe
2016-06-15 18:03:51	58BC9F0C8D92AD7E45F03596BE2E68B4	550912	----a-w-	C:\Windows\Sysnative\StoreAgent.dll
2016-06-15 18:03:51	201A90736B86C3478DD03FD238691944	1387520	----a-w-	C:\Windows\Sysnative\win32kbase.sys
2016-06-15 18:03:50	FA0CCA622E2046BC47A81D9A2630F5E9	67072	----a-w-	C:\Windows\Sysnative\dhcpcsvc6.dll
2016-06-15 18:03:50	E32F15E26724F3BB6423FB29FF3E2A8F	278016	----a-w-	C:\Windows\Sysnative\Windows.Internal.Management.dll
2016-06-15 18:03:50	47C395DAD8900E2E054FE3AE0FE7C345	406528	----a-w-	C:\Windows\Sysnative\MusUpdateHandlers.dll
2016-06-15 18:03:50	3CFDA42F5C7914509CD660D1062A8E55	19456	----a-w-	C:\Windows\Sysnative\httpprxp.dll
2016-06-15 18:03:50	163A6E3A267DBE416679A76D1FA57C4B	86016	----a-w-	C:\Windows\Sysnative\dhcpcsvc.dll
2016-06-15 18:03:49	E37D5E1BB9F53BD499125B3F0F27E94E	128512	----a-w-	C:\Windows\Sysnative\httpprxm.dll
2016-06-15 18:03:49	AA2D40D4C045D014FD481BC17308A09A	118272	----a-w-	C:\Windows\Sysnative\fontsub.dll
2016-06-15 18:03:49	985F15F4F0922BD34BDD42AD2F5EC86A	89088	----a-w-	C:\Windows\Sysnative\MapsCSP.dll
2016-06-15 18:03:49	265CCC1C1FEF749DC82458D114C2BE34	166400	----a-w-	C:\Windows\Sysnative\MusNotification.exe
2016-06-15 18:03:49	0C1F4E23E2E834C7EE795D23EC383205	28672	----a-w-	C:\Windows\Sysnative\mapsupdatetask.dll
2016-06-15 18:03:49	003A0EA097767462F3417B7857DCE1CC	79360	----a-w-	C:\Windows\Sysnative\adhsvc.dll
2016-06-15 18:03:48	F605380B537201BD3BC0CDFB5AD53530	162816	----a-w-	C:\Windows\Sysnative\enrollmentapi.dll
2016-06-15 18:03:48	D6DAEA66B2A9349DD38BFE528BBFAFA6	91136	----a-w-	C:\Windows\Sysnative\browserbroker.dll
2016-06-15 18:03:48	1F933CB5AECF7484A0589633A75132A2	176640	----a-w-	C:\Windows\Sysnative\mdmregistration.dll
2016-06-15 18:03:48	0F98F18445707A9141F74B3C48F919A6	90112	----a-w-	C:\Windows\Sysnative\FwRemoteSvr.dll
2016-06-15 18:03:47	A3AA03C0C5002F3D89397637B770A1BA	207360	----a-w-	C:\Windows\Sysnative\NetSetupSvc.dll
2016-06-15 18:03:47	A1E25DFE54E3D41CB528ACA5CE9480F7	199168	----a-w-	C:\Windows\Sysnative\InstallAgent.exe
2016-06-15 18:03:47	3E10999029D3D2C13F8AAA204E7D5B5F	764928	----a-w-	C:\Windows\Sysnative\Chakradiag.dll
2016-06-15 18:03:46	E527156DDC1367CD795AD231C5C439C4	414720	----a-w-	C:\Windows\Sysnative\bcastdvr.exe
2016-06-15 18:03:46	7A654D6E586FDE14C8B805BED03D74B7	45568	----a-w-	C:\Windows\Sysnative\atmlib.dll
2016-06-15 18:03:46	6B7F0785FF5AA23B7005D969BED95DB2	86528	----a-w-	C:\Windows\Sysnative\AppCapture.dll
2016-06-15 17:15:11	62C9B595108EB15D8FB9E6ADC61A45BE	2192512	----a-w-	C:\Windows\Sysnative\YamahaAE.dll
2016-06-15 17:15:11	183A78399C0F7F96224E41066A870773	3301352	----a-w-	C:\Windows\Sysnative\YamahaAE2.dll
2016-06-15 17:15:10	7A7FB9A9A66A5C87FF91D0AB1CD0821E	172584	----a-w-	C:\Windows\Sysnative\toseaeapo64.dll
2016-06-15 17:15:10	70820BE7D06A3F4AF1425A3765448AD8	890000	----a-w-	C:\Windows\Sysnative\tossaeapo64.dll
2016-06-15 17:15:10	41EBCE11AAC344D65AAC9A4677B2E440	225784	----a-w-	C:\Windows\Sysnative\tossaemaxapo64.dll
2016-06-15 17:15:10	10249490451745DD71626ACC4188B063	2112120	----a-w-	C:\Windows\Sysnative\WavesGUILib64.dll
2016-06-15 17:15:09	FE0DAA63E56ED677053B6621A8D6D178	166208	----a-w-	C:\Windows\Sysnative\SRSWOW64.dll
2016-06-15 17:15:09	FC18FFEBC925BEA76B9D68638FA166AA	1382240	----a-w-	C:\Windows\Sysnative\tosade.dll
2016-06-15 17:15:09	EC51AF1DA97BEFB72F454B271E6BBA64	874992	----a-w-	C:\Windows\Sysnative\tadefxapo264.dll
2016-06-15 17:15:09	E2B5EEEB7663CA3D7D8EAE910CB26FB7	597648	----a-w-	C:\Windows\Sysnative\tosasfapo64.dll
2016-06-15 17:15:09	BE6AE72C34AECB11CC29CE76D5DE82AC	223496	----a-w-	C:\Windows\Sysnative\SRSTSH64.dll
2016-06-15 17:15:09	B51DAF8AEBDFAA4154D73EE7AC4B792B	75544	----a-w-	C:\Windows\Sysnative\tepeqapo64.dll
2016-06-15 17:15:09	ADEF9EE04D8FD74B1D22955745E2F983	160224	----a-w-	C:\Windows\Sysnative\tadefxapo.dll
2016-06-15 17:15:09	4D6F674126064577175DAF7FABFF5D98	533904	----a-w-	C:\Windows\Sysnative\SRSTSX64.dll
2016-06-15 17:15:08	F8626B8CC2EA2FCB20156FD4A66453C4	211064	----a-w-	C:\Windows\Sysnative\SRSHP64.dll
2016-06-15 17:15:08	8537C97BA9A766CEDE9792DE8DABDBD2	382936	----a-w-	C:\Windows\Sysnative\SRCOM64.dll
2016-06-15 17:15:08	6BF09EC0265F52F53934032F022A1048	1436664	----a-w-	C:\Windows\Sysnative\SRRPTR64.dll
2016-06-15 17:15:08	46E2DECB6AC9A0BBF7B92C1639CD5C58	468688	----a-w-	C:\Windows\Sysnative\SRAPO64.dll
2016-06-15 17:15:08	2FC7EF5D9FE2F3CB1384C2B9DE84C664	342680	----a-w-	C:\Windows\Sysnative\SRCOM.dll
2016-06-15 17:15:07	4A201243DBBD6EA04C3A8FB4CDBE4151	259288	----a-w-	C:\Windows\Sysnative\slprp64.dll
2016-06-15 17:15:07	23EE2CE52FC9C294A5629F0565A5D3C9	751296	----a-w-	C:\Windows\Sysnative\sltech64.dll
2016-06-15 17:15:06	C9A9A887CD8EBD1A86FF0F0844437A4A	1122648	----a-w-	C:\Windows\Sysnative\slcnt64.dll
2016-06-15 17:15:06	C6EDB18BD5F75005BCCB4C6D3A712632	966552	----a-w-	C:\Windows\Sysnative\SFSS_APO.dll
2016-06-15 17:15:06	BF59FBEA5BD91430E0CBE08D9E26312D	962544	----a-w-	C:\Windows\Sysnative\sl3apo64.dll
2016-06-15 17:15:06	992A4255323B19BD36FD715DBCFDA8A8	233440	----a-w-	C:\Windows\Sysnative\SFNHK64.dll
2016-06-15 17:15:05	D334168E2B3FF77C8E267F909438C141	92448	----a-w-	C:\Windows\Sysnative\SFCOM64.dll
2016-06-15 17:15:05	B5A2B60EAE9624A257704585C56905A8	874736	----a-w-	C:\Windows\Sysnative\SEHDRA64.dll
2016-06-15 17:15:05	95DF4F6B0581332213605A52DB87F1B5	450104	----a-w-	C:\Windows\Sysnative\SEAPO64.dll
2016-06-15 17:15:05	731B6BB1EEC28FED5C374A66D833EFAF	88320	----a-w-	C:\Windows\Sysnative\SFAPO64.dll
2016-06-15 17:15:05	14FACDE0242216C4139AC3A0B215A120	700592	----a-w-	C:\Windows\Sysnative\SECOMN64.dll
2016-06-15 17:15:04	5BB45CF7A70A09F997B6076735867C7D	2999024	----a-w-	C:\Windows\Sysnative\RtPgEx64.dll
2016-06-15 17:15:04	4EA1996DFF380904D72D2BDEE5B37588	2711296	----a-w-	C:\Windows\Sysnative\RTSnMg64.cpl
2016-06-15 17:15:03	26DBA04AEF613D4575EA3A2DFA923976	343712	----a-w-	C:\Windows\Sysnative\RtlCPAPI64.dll
2016-06-15 17:15:02	8DE94733C16D88EDA8E53EB1D61001CD	23704	----a-w-	C:\Windows\Sysnative\RtkCoLDR64.dll
2016-06-15 17:15:02	8927926E177CA16B9B336C1B14684F78	3271912	----a-w-	C:\Windows\Sysnative\RtkApi64.dll
2016-06-15 17:15:02	2D35773FB196E029F813CA717C9681B5	387320	----a-w-	C:\Windows\Sysnative\RTEEP64A.dll
2016-06-15 17:15:02	1D7E2E3526EAB9F9DF7C06F542480BFE	195192	----a-w-	C:\Windows\Sysnative\RtkCfg64.dll
2016-06-15 17:15:01	F9021EC9DF3D6170F9832994DD8427B0	646984	----a-w-	C:\Windows\Sysnative\RtDataProc64.dll
2016-06-15 17:15:01	82415A619A896461A2196890EFC1F2C1	216360	----a-w-	C:\Windows\Sysnative\RTEED64A.dll
2016-06-15 17:15:01	6683036F6F97BCE9205E4198DF4CA999	88352	----a-w-	C:\Windows\Sysnative\RTEEG64A.dll
2016-06-15 17:15:01	479B48F853E6FAFE0F37DBB7A1FC4569	112512	----a-w-	C:\Windows\Sysnative\RTEEL64A.dll
2016-06-15 17:15:00	E39BA8B0A261B0A231F2DE38E16FD726	323240	----a-w-	C:\Windows\Sysnative\RP3DHT64.dll
2016-06-15 17:15:00	A1E499603AFA4FA47951F5DAD1D7B96D	1347816	----a-w-	C:\Windows\Sysnative\RTCOM64.dll
2016-06-15 17:15:00	0E81CC51822A0D75CD593B06127F4CD0	2986768	----a-w-	C:\Windows\Sysnative\RltkAPO64.dll
2016-06-15 17:15:00	0132E0395BDDA4B63CB3ABF1053CF492	323240	----a-w-	C:\Windows\Sysnative\RP3DAA64.dll
2016-06-15 17:14:58	C41A3AFC98B7B60A5E5160317CBE8DD7	1761024	----a-w-	C:\Windows\Sysnative\RCoInstII64.dll
2016-06-15 17:14:58	C3AF1B0AAF716EA5383472568FD35882	72123392	----a-w-	C:\Windows\Sysnative\RCoRes64.dat
2016-06-15 17:14:57	E0C1E1F38E2194B94CD7DCD46C380E77	7172920	----a-w-	C:\Windows\Sysnative\R4EEP64A.dll
2016-06-15 17:14:57	C761604F2AE3639F79796173AC759F7D	86144	----a-w-	C:\Windows\Sysnative\R4EEG64A.dll
2016-06-15 17:14:57	74FC8F94D09A239C732275828C3F8ADE	447728	----a-w-	C:\Windows\Sysnative\R4EED64A.dll
2016-06-15 17:14:57	0989586BB4DC64D781145319B24BDE64	135728	----a-w-	C:\Windows\Sysnative\R4EEA64A.dll
2016-06-15 17:14:57	06CDA074BBEC6CAD1DB57F8CC58BF218	151792	----a-w-	C:\Windows\Sysnative\R4EEL64A.dll
2016-06-15 17:14:56	A1C9966DCF94EB4502298EB3E286CA06	1003864	----a-w-	C:\Windows\Sysnative\NahimicAPONSControl.dll
2016-06-15 17:14:56	9E0B5E556737C8CD9D859E5A0EB1FDDB	5778720	----a-w-	C:\Windows\Sysnative\NAHIMICV2apo.dll
2016-06-15 17:14:56	6DC89FB568D915C8F2752907B09736D4	925264	----a-w-	C:\Windows\Sysnative\MISS_APO.dll
2016-06-15 17:14:56	106C9B816BD877885BB40DF129BF62D2	5289952	----a-w-	C:\Windows\Sysnative\NAHIMICAPOlfx.dll
2016-06-15 17:14:54	B12E5C7623D96D928DF1D72F1455DDC4	679200	----a-w-	C:\Windows\Sysnative\MaxxVolumeSDAPO.dll
2016-06-15 17:14:54	6811250730AC5A60858D47C7CBBB447A	12986528	----a-w-	C:\Windows\Sysnative\MaxxVoiceAPO4064.dll
2016-06-15 17:14:53	E762C76C8C9442A68DBD1C11F1903EAD	13120760	----a-w-	C:\Windows\Sysnative\MaxxVoiceAPO3064.dll
2016-06-15 17:14:53	AE441FA1CDD3A33EDE10D02E19D73701	998032	----a-w-	C:\Windows\Sysnative\MaxxVoiceAPO2064.dll
2016-06-15 17:14:53	596874285BC43C7240C1EF56CFA4792B	1324176	----a-w-	C:\Windows\Sysnative\MaxxSpeechAPO64.dll
2016-06-15 17:14:52	E33D27901206EB79A179B6E74EDC11F5	2050184	----a-w-	C:\Windows\Sysnative\MaxxAudioEQ64.dll
2016-06-15 17:14:52	80D0A5CEB7D8011A0CDC6449609917A3	933152	----a-w-	C:\Windows\Sysnative\MaxxAudioAPOShell64.dll
2016-06-15 17:14:52	0421F2155C5F29CD88FE5A39C57EEC57	14057256	----a-w-	C:\Windows\Sysnative\MaxxAudioRealtek64.dll
2016-06-15 17:14:51	E3F5F208B0FC2BE2F683F63AF3E44964	1165856	----a-w-	C:\Windows\Sysnative\MaxxAudioAPO4064.dll
2016-06-15 17:14:51	A6E1854353FCF098068B1270A03E9F50	2824800	----a-w-	C:\Windows\Sysnative\MaxxAudioAPO7064.dll
2016-06-15 17:14:51	8A55F421EB47DFECBD3AA220AE309706	1211840	----a-w-	C:\Windows\Sysnative\MaxxAudioAPO5064.dll
2016-06-15 17:14:51	6219F4CC55F62E77A06B05C2FF91AF55	678184	----a-w-	C:\Windows\Sysnative\MaxxAudioAPO30.dll
2016-06-15 17:14:51	4B985AC5736269793DD70C834F4CD383	1397280	----a-w-	C:\Windows\Sysnative\MaxxAudioAPO6064.dll
2016-06-15 17:14:51	28FB777AA8CA8475F9481A184A96E80B	330568	----a-w-	C:\Windows\Sysnative\MaxxAudioAPO20.dll
2016-06-15 17:14:50	C01E27B3ACDDA159B626AE95D0D09AC6	831344	----a-w-	C:\Windows\Sysnative\IntelSstCApoPropPage.dll
2016-06-15 17:14:50	BD51D0C68791E07E66647F29A765325C	5410272	----a-w-	C:\Windows\Sysnative\IntelSSTAPO.dll
2016-06-15 17:14:50	90431CDB4F9B51DD1276E6C1013B819D	340648	----a-w-	C:\Windows\Sysnative\ICEsoundAPO64.dll
2016-06-15 17:14:50	5F768E085C897F79A74AAEC317C6AD31	619712	----a-w-	C:\Windows\Sysnative\KAAPORT64.dll
2016-06-15 17:14:49	78DD728208F8CB89D27FDA7ED2FDCF7E	3233472	----a-w-	C:\Windows\Sysnative\FMAPO64.dll
2016-06-15 17:14:49	61BE5C33FD3A7F7CB50E64314B0E3F7C	358272	----a-w-	C:\Windows\Sysnative\HiFiDAX2API.dll
2016-06-15 17:14:48	C554EE4DD17AA737CF0A1B197ECDCF3E	709840	----a-w-	C:\Windows\Sysnative\DTSVoiceClarityDLL64.dll
2016-06-15 17:14:48	BDA2804F7B70DAE1379E462C62F645D1	727440	----a-w-	C:\Windows\Sysnative\DTSSymmetryDLL64.dll
2016-06-15 17:14:48	BC0EE509117AEF8E4DE6418E97AB8EBB	514528	----a-w-	C:\Windows\Sysnative\DTSU2PLFX64.dll
2016-06-15 17:14:48	517FD7B4D71680C75F9C5A71F4D5DEAB	500560	----a-w-	C:\Windows\Sysnative\DTSU2PGFX64.dll
2016-06-15 17:14:48	4BB0F69416D011794D80E1FFEEC83E45	429760	----a-w-	C:\Windows\Sysnative\DTSU2PREC64.dll
2016-06-15 17:14:47	EC70C0FA9431AF1FC64C214E7DC75CF1	253872	----a-w-	C:\Windows\Sysnative\DTSLFXAPO64.dll
2016-06-15 17:14:47	C2F89DA79CC7F479C18C67CD6D5AFC6B	253904	----a-w-	C:\Windows\Sysnative\DTSGFXAPO64.dll
2016-06-15 17:14:47	A93490DECDC898C374E5F8ABF7A63FAA	252880	----a-w-	C:\Windows\Sysnative\DTSGFXAPONS64.dll
2016-06-15 17:14:47	9B5664C92AEAA59B48DA8731C8290514	1591064	----a-w-	C:\Windows\Sysnative\DTSS2HeadphoneDLL64.dll
2016-06-15 17:14:47	4EEBC8DB3493D4C28874A8F790FF9EF4	504312	----a-w-	C:\Windows\Sysnative\DTSNeoPCDLL64.dll
2016-06-15 17:14:47	03365FD33570F0BF76C8B40AD257FE67	1780624	----a-w-	C:\Windows\Sysnative\DTSS2SpeakerDLL64.dll
2016-06-15 17:14:47	027CD78CF796D981106ACC3D3FC8CFD9	445400	----a-w-	C:\Windows\Sysnative\DTSLimiterDLL64.dll
2016-06-15 17:14:46	E819006750DC5255B58E9BE7671CAC02	2491640	----a-w-	C:\Windows\Sysnative\DolbyDAX2APOv211.dll
2016-06-15 17:14:46	39DF8EE406A727EDE4AF39B5363115BB	441272	----a-w-	C:\Windows\Sysnative\DTSGainCompensatorDLL64.dll
2016-06-15 17:14:46	23B846648D3F7CE4CA4ED9079B074C25	743968	----a-w-	C:\Windows\Sysnative\DTSBassEnhancementDLL64.dll
2016-06-15 17:14:46	1A8954B5500829258F6AD5C130105BA8	1508936	----a-w-	C:\Windows\Sysnative\DTSBoostDLL64.dll
2016-06-15 17:14:45	F2D7BF65CD7AD140AF1EE6F1BFB76AF6	362064	----a-w-	C:\Windows\Sysnative\DDPO64AF3.dll
2016-06-15 17:14:45	D256403464ADF9C2610E4827C636596A	2423480	----a-w-	C:\Windows\Sysnative\DolbyDAX2APOv201.dll
2016-06-15 17:14:45	B4E33AAF46BACC5E894DFC70B8404391	6266160	----a-w-	C:\Windows\Sysnative\DDPP64AF3.dll
2016-06-15 17:14:45	A327F7DF285C18A52647B65360925C5D	327464	----a-w-	C:\Windows\Sysnative\DDPO64A.dll
2016-06-15 17:14:45	4F7D6A9285753E1562A20EF968B60832	7097712	----a-w-	C:\Windows\Sysnative\DDPP64A.dll
2016-06-15 17:14:45	1A4DAFA6A4F37188F0D3EBE56D668B35	955248	----a-w-	C:\Windows\Sysnative\DolbyDAX2APOProp.dll
2016-06-15 17:14:44	F0AC9859FD92DAE7F540BD83530E7E98	274240	----a-w-	C:\Windows\Sysnative\DDPA64.dll
2016-06-15 17:14:44	C25D62EB3F60C2A7A11C54EB7B07B590	1965816	----a-w-	C:\Windows\Sysnative\DDPD64A.dll
2016-06-15 17:14:44	888A90655224ADFABA83880F18340C79	1959608	----a-w-	C:\Windows\Sysnative\DDPD64AF3.dll
2016-06-15 17:14:44	5F7C2270C13C199761D3185FABB84F98	310432	----a-w-	C:\Windows\Sysnative\DDPA64F3.dll
2016-06-15 17:14:44	0FD24FAB6AEC33A4E726BC971EC094CC	1601952	----a-w-	C:\Windows\Sysnative\CX64APO.dll
2016-06-15 17:14:43	BC8FC7558016E7F92458AFB1CBC3A737	106832	----a-w-	C:\Windows\Sysnative\audioLibVc.dll
2016-06-15 17:14:43	4721159293EDEF0E7C736583B2EE8B05	123848	----a-w-	C:\Windows\Sysnative\CONEQMSAPOGUILibrary.dll
2016-06-15 17:14:42	9A368ABEEC72BA0F1EAAE138076C5005	574760	----a-w-	C:\Windows\Sysnative\AERTAC64.dll
2016-06-15 17:14:42	3501A76C91CF15068A12CF33F032FAF6	118600	----a-w-	C:\Windows\Sysnative\AERTAR64.dll
2016-06-15 17:14:42	2D17ED53B9A5587213FCE69718DEBF52	120120	----a-w-	C:\Windows\Sysnative\AcpiServiceVnA64.dll
2016-06-03 11:05:39	93A799A7E1A7BA19A49C6B4CDE347B28	142482544	----a-w-	C:\Windows\Sysnative\MRT.exe
2016-06-03 08:03:38	4736827FD818C5BE482C188A7D27FA93	484008	------w-	C:\Windows\Sysnative\MpSigStub.exe
====== C:\Windows\Sysnative\drivers =====
2016-06-15 18:04:17	3996DF4D52FD6273750C7033D1447C0A	31744	----a-w-	C:\Windows\Sysnative\drivers\dumpsdport.sys
2016-06-15 18:04:11	8B83335B6A86F39785FC7C9DE5F5B29F	1996640	----a-w-	C:\Windows\Sysnative\drivers\dxgkrnl.sys
2016-06-15 18:04:06	CF78AF126B00C1B0A6FF45BD838E8EFE	331616	----a-w-	C:\Windows\Sysnative\drivers\pci.sys
2016-06-15 18:04:06	C03E926B0E7D66D68994067231DC3246	278528	----a-w-	C:\Windows\Sysnative\drivers\netbt.sys
2016-06-15 18:04:06	2568B86F6A50D254324CB89022CA9EFC	690176	----a-w-	C:\Windows\Sysnative\drivers\srv2.sys
2016-06-15 18:04:05	BE88248427A6AA548A904FD867667F70	406528	----a-w-	C:\Windows\Sysnative\drivers\srv.sys
2016-06-15 18:04:05	3F7C80D9F16B94367646CBF8B8C052F4	604928	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2016-06-15 18:04:03	8E9E48E4BC6EACB811FE6066ADACC7A5	577376	----a-w-	C:\Windows\Sysnative\drivers\dxgmms2.sys
2016-06-15 18:04:02	425CFD45BDF5B9F8B790BEB20E0A8721	161632	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2016-06-15 18:04:01	87B9ABB965F7AF987D52791F0DD1663D	211296	----a-w-	C:\Windows\Sysnative\drivers\tpm.sys
2016-06-15 18:03:57	6E520D6B16EA8AE23D1F81C1194F00C8	237056	----a-w-	C:\Windows\Sysnative\drivers\srvnet.sys
2016-06-15 18:03:56	D330D74B5F99309B5CCA30AE41C57CDE	118624	----a-w-	C:\Windows\Sysnative\drivers\partmgr.sys
2016-06-15 18:03:55	05DD22294A4F3F89E52351C7721E6D2C	258912	----a-w-	C:\Windows\Sysnative\drivers\ufx01000.sys
2016-06-15 18:03:52	883A36E2FF7FA3E1281CB575579FE3AF	124928	----a-w-	C:\Windows\Sysnative\drivers\Ndu.sys
2016-06-15 18:03:51	020F3FD207AFEDAC8E05E4C567547A78	155136	----a-w-	C:\Windows\Sysnative\drivers\hidclass.sys
2016-06-15 17:15:05	7D7FBC9504575D97885A858EA93684F5	5804772	----a-w-	C:\Windows\Sysnative\drivers\rtvienna.dat
2016-06-15 17:15:03	870DD4A82D6AF2D8A0A359351D620A2C	3200501	----a-w-	C:\Windows\Sysnative\drivers\rtkSSTsetting.dat
2016-06-15 17:15:03	28D20C717CA0170AB6AFAEE96E50BBDD	4609264	----a-w-	C:\Windows\Sysnative\drivers\RTKVHD64.sys
2016-06-15 17:15:00	4AEDEF75A1399FAB0880B142240D20B9	3653480	----a-w-	C:\Windows\Sysnative\drivers\RTAIODAT.DAT
2016-06-05 09:35:50	AAA8E68E685DB1B68747E3DF68F96368	129520	----a-r-	C:\Windows\Sysnative\drivers\acsock64.sys
2016-05-31 20:24:18	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-05-31 19:06:15	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2016-05-29 12:36:56	19BD8A88AAC580592668B070AC0727D9	2152280	----a-w-	C:\Windows\Sysnative\drivers\ntfs.sys
2016-05-29 12:36:54	083A727D784009F9CCFB120C7841B7AF	2403680	----a-w-	C:\Windows\Sysnative\drivers\tcpip.sys
2016-05-29 12:36:40	9E9D58F5E1702955B2F4D62996F80E8E	378208	----a-w-	C:\Windows\Sysnative\drivers\USBXHCI.SYS
2016-05-29 12:36:38	AA4CD20708B7E0412A5316D7E2875103	530432	----a-w-	C:\Windows\Sysnative\drivers\nwifi.sys
2016-05-29 12:36:38	63C3F74DC398A1C1A77E39DFB9C312CA	1089888	----a-w-	C:\Windows\Sysnative\drivers\http.sys
2016-05-29 12:36:36	935823F79CBEDB91637B63D37E3A5A36	148480	----a-w-	C:\Windows\Sysnative\drivers\dfsc.sys
2016-05-29 12:36:36	70148EFA9A562E7185B75BBE7D376BF7	578912	----a-w-	C:\Windows\Sysnative\drivers\afd.sys
2016-05-29 12:36:36	2BC2E99623119521EEF7910A11D0FDE0	694784	----a-w-	C:\Windows\Sysnative\drivers\WdiWiFi.sys
2016-05-29 12:36:35	B880BE37452AB1D4AA93845F58EF7960	95072	----a-w-	C:\Windows\Sysnative\drivers\sdport.sys
2016-05-29 12:36:35	91D3F2A6253EF83EFBD7903028F58C4D	118624	----a-w-	C:\Windows\Sysnative\drivers\tdx.sys
2016-05-29 12:36:34	F279536122B83FD0D8E158AA753E1B7C	238592	----a-w-	C:\Windows\Sysnative\drivers\xboxgip.sys
2016-05-29 12:36:34	BF6CA7EA5ECD6CF72D3D76652A9B8280	144384	----a-w-	C:\Windows\Sysnative\drivers\mrxdav.sys
2016-05-29 12:36:34	469441BAE3FF8A16826FC62C51EF5E18	563552	----a-w-	C:\Windows\Sysnative\drivers\acpi.sys
2016-05-29 12:36:33	DBBACE77DDE8CCFD85B37B114965C385	147968	----a-w-	C:\Windows\Sysnative\drivers\rmcast.sys
2016-05-29 12:36:31	B24408471C1BCB17FC44F5B47EA8DEA3	277856	----a-w-	C:\Windows\Sysnative\drivers\sdbus.sys
2016-05-29 12:36:31	0B3B0C1D86050355676640488FA897D3	430944	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2016-05-29 12:36:30	E582DA849A58524E645545FB68B6625D	1152864	----a-w-	C:\Windows\Sysnative\drivers\ndis.sys
2016-05-29 12:36:30	A4411C522D41707D5BCA817A5BB9E30B	114688	----a-w-	C:\Windows\Sysnative\drivers\bridge.sys
2016-05-29 12:36:30	357910142E9285B978689B1DB4EFA00A	393568	----a-w-	C:\Windows\Sysnative\drivers\dxgmms1.sys
2016-05-29 12:36:29	8359F776CA899E761852F2293B724EAE	185184	----a-w-	C:\Windows\Sysnative\drivers\dumpsd.sys
2016-05-29 12:36:28	1A490555FD330CA2764D89191177C867	285696	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2016-05-29 12:36:27	C330883C06E2D4CE4F6982F048265D37	335712	----a-w-	C:\Windows\Sysnative\drivers\fastfat.sys
2016-05-29 12:36:26	E7463CE8579A0418A98BE9BE42C647D7	534872	----a-w-	C:\Windows\Sysnative\drivers\USBHUB3.SYS
2016-05-29 12:36:26	DE6D7DC78D956928F59F7415A0F41E13	95072	----a-w-	C:\Windows\Sysnative\drivers\sdstor.sys
2016-05-29 12:36:26	C24C27FDF93B85A4EFCF25F830253AA2	117248	----a-w-	C:\Windows\Sysnative\drivers\capimg.sys
2016-05-29 12:36:25	EDDB0D726DBECDFC1DBCC6DB464E5A13	146272	----a-w-	C:\Windows\Sysnative\drivers\appid.sys
2016-05-29 12:36:25	50DFE05C698E9B0A63D95E3D669A105C	638816	----a-w-	C:\Windows\Sysnative\drivers\fvevol.sys
2016-05-29 12:36:24	8F2523C9D8F1448FF2156452AF60FA00	87552	----a-w-	C:\Windows\Sysnative\drivers\filecrypt.sys
2016-05-29 12:36:24	82D3B1F4D80057826AA649D78147DE36	63488	----a-w-	C:\Windows\Sysnative\drivers\UcmCx.sys
2016-05-29 12:36:24	67B9684B8272D5EBD1CCBB1DBD425EC8	99680	----a-w-	C:\Windows\Sysnative\drivers\pdc.sys
2016-05-29 12:36:24	2A87EA182EA333D79AA0B03833EA67F2	131424	----a-w-	C:\Windows\Sysnative\drivers\ufxsynopsys.sys
2016-05-29 12:36:23	8949F77132A4F8F3BA17C6727099F002	127840	----a-w-	C:\Windows\Sysnative\drivers\USBSTOR.SYS
2016-05-29 12:36:22	EF536C54AB9281FDC4E83B07279FCFC4	35680	----a-w-	C:\Windows\Sysnative\drivers\wimmount.sys
2016-05-29 12:36:20	4AAD6547953D373A1EB5B2DF583D868B	67072	----a-w-	C:\Windows\Sysnative\drivers\usbser.sys
2016-05-29 12:36:20	249A563C48DFD9E42A37587653E003BB	83968	----a-w-	C:\Windows\Sysnative\drivers\serial.sys
2016-05-29 12:36:10	E3C82823B22463BC38AA4F8ADA852624	104960	----a-w-	C:\Windows\Sysnative\drivers\rasl2tp.sys
2016-05-29 12:36:09	0731E8F4D8D3B8D3FD98A46A8ABFE0A0	333824	----a-w-	C:\Windows\Sysnative\drivers\portcls.sys
2016-05-29 12:35:59	DA0807D87A62D076C29C4E30F1E84F46	26112	----a-w-	C:\Windows\Sysnative\drivers\xinputhid.sys
====== C:\Windows\Tasks ======
2016-06-15 17:16:03	EC2DAFC8707F821CC226463831303B9D	3194	----a-w-	C:\Windows\Sysnative\Tasks\RTKCPL
2016-06-08 16:35:23	D86F4AA567165BEC8CE808954F7B3505	940	----a-w-	C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-08 16:35:23	C282DCE77DD8420206A94CCBDAD8E0F6	3926	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
2016-06-03 17:49:59	17ED77645ADA860D08DE9156EC90EDC3	3468	----a-w-	C:\Windows\Sysnative\Tasks\ESET Windows 10 upgrade – Refresh settings
2016-05-31 19:42:06	--------	d-----w-	C:\Windows\Sysnative\Tasks\Microsoft
====== C:\Windows\Temp ======
======= C:\Program Files =====
2016-06-15 17:55:07	--------	d-----w-	C:\Program Files\trend micro
2016-06-03 17:49:59	--------	d-----w-	C:\Program Files\Common Files\AV
2016-05-31 20:50:30	--------	d-----w-	C:\Program Files\Common Files\IBM
2016-05-31 20:49:37	--------	d-----w-	C:\Program Files\IBM
2016-05-31 20:43:58	--------	d-----w-	C:\Program Files\ESET
2016-05-31 20:39:03	--------	d---a-w-	C:\Program Files\Common Files\Nitro
2016-05-31 20:39:03	--------	d-----w-	C:\Program Files\Nitro
2016-05-31 20:36:12	--------	d---a-w-	C:\Program Files\KMSpico
2016-05-31 20:28:20	--------	d-----w-	C:\Program Files\Microsoft.NET
2016-05-31 20:28:01	--------	d---a-w-	C:\Program Files\Common Files\DESIGNER
2016-05-31 20:27:49	--------	d-----w-	C:\Program Files\Microsoft SQL Server
2016-05-31 20:26:34	--------	d-----w-	C:\Program Files\Microsoft Analysis Services
2016-05-31 20:26:11	--------	d---a-w-	C:\Program Files\Microsoft Office
2016-05-31 19:50:15	--------	d-----w-	C:\Program Files\Reference Assemblies
2016-05-31 19:50:15	--------	d-----w-	C:\Program Files\MSBuild
2016-05-31 19:42:07	174	--sha-w-	C:\Program Files\desktop.ini
2016-05-31 19:42:05	--------	d-sh--w-	C:\Program Files\Windows Sidebar
2016-05-31 19:42:05	--------	d-s---w-	C:\Program Files\WindowsPowerShell
2016-05-31 19:42:05	--------	d---a-w-	C:\Program Files\Common Files\microsoft shared
2016-05-31 19:42:05	--------	d-----w-	C:\Program Files\Windows Portable Devices
2016-05-31 19:42:05	--------	d-----w-	C:\Program Files\Windows Photo Viewer
2016-05-31 19:42:05	--------	d-----w-	C:\Program Files\Windows NT
2016-05-31 19:42:05	--------	d-----w-	C:\Program Files\Windows Multimedia Platform
2016-05-31 19:42:05	--------	d-----w-	C:\Program Files\Windows Media Player
2016-05-31 19:42:05	--------	d-----w-	C:\Program Files\Windows Mail
2016-05-31 19:42:05	--------	d-----w-	C:\Program Files\Windows Journal
2016-05-31 19:42:05	--------	d-----w-	C:\Program Files\Internet Explorer
2016-05-31 19:42:05	--------	d-----w-	C:\Program Files\Common Files\System
2016-05-31 19:42:05	--------	d-----w-	C:\Program Files\Common Files\Services
2016-05-31 19:20:32	--------	d-----w-	C:\Program Files\Common Files
2016-05-31 19:06:58	--------	d-----w-	C:\Program Files\Realtek
2016-05-31 19:06:23	--------	d-----w-	C:\Program Files\Intel
======= C:\PROGRA~2 =====
2016-06-05 09:35:48	--------	d-----w-	C:\PROGRA~2\Cisco
2016-06-03 08:00:57	--------	d---a-w-	C:\PROGRA~2\COMMON~1\Adobe
2016-05-31 20:39:03	--------	d-----w-	C:\PROGRA~2\Nitro
2016-05-31 20:27:53	--------	d-----w-	C:\PROGRA~2\Microsoft SQL Server
2016-05-31 20:26:34	--------	d-----w-	C:\PROGRA~2\Microsoft Analysis Services
2016-05-31 20:10:10	--------	d-----w-	C:\PROGRA~2\Mozilla Maintenance Service
2016-05-31 19:50:15	--------	d-----w-	C:\PROGRA~2\Reference Assemblies
2016-05-31 19:50:15	--------	d-----w-	C:\PROGRA~2\MSBuild
2016-05-31 19:42:07	174	--sha-w-	C:\PROGRA~2\desktop.ini
2016-05-31 19:42:05	--------	d-sh--w-	C:\PROGRA~2\Windows Sidebar
2016-05-31 19:42:05	--------	d-s---w-	C:\PROGRA~2\WindowsPowerShell
2016-05-31 19:42:05	--------	d---a-w-	C:\PROGRA~2\Microsoft.NET
2016-05-31 19:42:05	--------	d---a-w-	C:\PROGRA~2\COMMON~1\Microsoft Shared
2016-05-31 19:42:05	--------	d-----w-	C:\PROGRA~2\Windows Portable Devices
2016-05-31 19:42:05	--------	d-----w-	C:\PROGRA~2\Windows Photo Viewer
2016-05-31 19:42:05	--------	d-----w-	C:\PROGRA~2\Windows NT
2016-05-31 19:42:05	--------	d-----w-	C:\PROGRA~2\Windows Multimedia Platform
2016-05-31 19:42:05	--------	d-----w-	C:\PROGRA~2\Windows Media Player
2016-05-31 19:42:05	--------	d-----w-	C:\PROGRA~2\Windows Mail
2016-05-31 19:42:05	--------	d-----w-	C:\PROGRA~2\Internet Explorer
2016-05-31 19:42:05	--------	d-----w-	C:\PROGRA~2\COMMON~1\System
2016-05-31 19:42:05	--------	d-----w-	C:\PROGRA~2\COMMON~1\Services
2016-05-31 19:20:32	--------	d-----w-	C:\PROGRA~2\Common Files
2016-05-31 19:06:20	--------	d-----w-	C:\PROGRA~2\COMMON~1\Intel
2016-05-31 19:06:13	--------	d-----w-	C:\PROGRA~2\Intel
======= C: =====
2016-05-31 20:05:13	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Recovery.txt
====== C:\Users\Solange\AppData\Roaming ======
2016-06-15 17:34:46	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\ESET
2016-06-15 16:42:31	--------	d-----w-	C:\Users\Solange\AppData\Local\Spotify
2016-06-05 09:35:48	--------	d-----w-	C:\Users\Solange\AppData\Local\Cisco
2016-06-04 13:08:46	--------	d-----w-	C:\Users\Solange\AppData\Local\javasharedresources
2016-06-03 14:46:41	--------	d-----w-	C:\Users\Solange\AppData\Local\CEF
2016-06-03 08:24:46	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\DataSharing
2016-05-31 20:51:26	--------	d-----w-	C:\Users\Solange\AppData\Local\IBM
2016-05-31 20:45:17	--------	d-----w-	C:\Users\Solange\AppData\Local\ESET
2016-05-31 20:44:23	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\ESET
2016-05-31 20:36:12	--------	d-----w-	C:\Users\Solange\AppData\Local\Programs
2016-05-31 20:26:13	--------	d-----w-	C:\Users\Solange\AppData\Local\Microsoft Help
2016-05-31 20:19:10	--------	d-----w-	C:\Users\Solange\AppData\Local\Comms
2016-05-31 20:13:39	--------	d-----w-	C:\Users\Solange\AppData\Local\kingsoft
2016-05-31 20:10:17	--------	d-----w-	C:\Users\Solange\AppData\Local\Mozilla
2016-05-31 20:03:13	--------	d-s---w-	C:\Windows\serviceprofiles\networkservice\AppData\LocalLow
2016-05-31 20:02:31	--------	d-----w-	C:\Users\Solange\AppData\Local\Publishers
2016-05-31 20:02:26	--------	d-----r-	C:\Users\Solange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-05-31 20:02:26	--------	d-----r-	C:\Users\Solange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-05-31 20:02:23	--------	d-----w-	C:\Users\Solange\AppData\Local\VirtualStore
2016-05-31 20:02:21	--------	d-----w-	C:\Users\Solange\AppData\Local\TileDataLayer
2016-05-31 20:02:21	--------	d-----w-	C:\Users\Solange\AppData\Local\Packages
2016-05-31 20:02:11	--------	d-----w-	C:\Users\Solange\AppData\Local\Dropbox
2016-05-31 20:02:03	--------	d-s---r-	C:\Users\Solange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-05-31 20:02:03	--------	d-----w-	C:\Users\Solange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-05-31 20:02:03	--------	d-----w-	C:\Users\Solange\AppData\Roaming
2016-05-31 20:02:03	--------	d-----w-	C:\Users\Solange\AppData\LocalLow
2016-05-31 20:02:03	--------	d-----w-	C:\Users\Solange\AppData\Local\Temp
2016-05-31 20:02:03	--------	d-----w-	C:\Users\Solange\AppData\Local\Microsoft
2016-05-31 20:02:03	--------	d-----w-	C:\Users\Solange\AppData\Local
2016-05-31 20:02:03	--------	d-----r-	C:\Users\Solange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-05-31 20:02:03	--------	d-----r-	C:\Users\Solange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-05-31 20:02:03	--------	d-----r-	C:\Users\Solange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-05-31 20:02:03	--------	d-----r-	C:\Users\Solange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-05-31 19:42:06	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming
2016-05-31 19:42:06	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow
2016-05-31 19:42:06	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local
2016-05-31 19:42:06	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Roaming
2016-05-31 19:42:06	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\LocalLow
2016-05-31 19:42:06	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local
2016-05-31 19:42:05	--------	d-s---r-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-05-31 19:42:05	--------	d-s---r-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-05-31 19:42:05	--------	d-----w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-05-31 19:42:05	--------	d-----w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-05-31 19:42:05	--------	d-----w-	C:\Users\Default\AppData\Roaming
2016-05-31 19:42:05	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2016-05-31 19:42:05	--------	d-----w-	C:\Users\Default\AppData\Local\Microsoft
2016-05-31 19:42:05	--------	d-----w-	C:\Users\Default\AppData\Local
2016-05-31 19:42:05	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-05-31 19:42:05	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-05-31 19:42:05	--------	d-----w-	C:\Users\Default User\AppData\Roaming
2016-05-31 19:42:05	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2016-05-31 19:42:05	--------	d-----w-	C:\Users\Default User\AppData\Local\Microsoft
2016-05-31 19:42:05	--------	d-----w-	C:\Users\Default User\AppData\Local
2016-05-31 19:42:05	--------	d-----r-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-05-31 19:42:05	--------	d-----r-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-05-31 19:42:05	--------	d-----r-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-05-31 19:42:05	--------	d-----r-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-05-31 19:42:05	--------	d-----r-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-05-31 19:42:05	--------	d-----r-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-05-31 19:18:04	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\01d1bb7128240d20001895bb
2016-05-31 19:17:48	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages
2016-05-31 19:15:13	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2016-05-31 19:06:14	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Intel
2016-05-31 19:05:30	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Roaming
2016-05-31 19:05:30	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2016-05-31 19:05:30	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft
2016-05-31 19:05:30	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local
2016-05-31 19:05:30	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Roaming
2016-05-31 19:05:30	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2016-05-31 19:05:30	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft
2016-05-31 19:05:30	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local
2016-05-31 19:05:29	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft
====== C:\Users\Solange ======
2016-06-15 19:32:27	A6258C2552098043FF0DD04A72BD49BA	3703360	----a-w-	C:\Users\Solange\Desktop\adwcleaner_5.200.exe
2016-06-15 18:43:52	024622D3881C9D4FB724530715714BAA	2385920	----a-w-	C:\Users\Solange\Desktop\FRST64.exe
2016-06-15 17:53:27	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Solange\Downloads\RSITx64.exe
2016-06-05 09:35:49	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2016-06-05 09:35:48	--------	d-----w-	C:\ProgramData\Cisco
2016-06-04 13:08:51	--------	d-----w-	C:\Users\Solange\.spss
2016-06-03 08:00:46	--------	d-----w-	C:\ProgramData\Adobe
2016-05-31 20:51:24	--------	d-----w-	C:\ProgramData\SafeNet Sentinel
2016-05-31 20:51:20	--------	d-----w-	C:\ProgramData\SPSS
2016-05-31 20:51:20	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2016-05-31 20:43:58	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-05-31 20:43:58	--------	d-----w-	C:\ProgramData\ESET
2016-05-31 20:39:03	--------	d-----w-	C:\ProgramData\Nitro
2016-05-31 20:36:16	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2016-05-31 20:28:45	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-hulpprogramma's
2016-05-31 20:26:11	--------	d-----w-	C:\ProgramData\Microsoft Help
2016-05-31 20:04:18	--------	d-----r-	C:\Users\Solange\OneDrive
2016-05-31 20:04:16	--------	d-----r-	C:\Users\Solange\Dropbox
2016-05-31 20:03:10	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-31 20:02:26	--------	d-----r-	C:\Users\Solange\Searches
2016-05-31 20:02:25	--------	d-----r-	C:\Users\Solange\Contacts
2016-05-31 20:02:21	--------	d-sh--w-	C:\Users\Solange\IntelGraphicsProfiles
2016-05-31 20:02:03	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\Solange\ntuser.ini
2016-05-31 20:02:03	--------	d--h--w-	C:\Users\Solange\AppData
2016-05-31 20:02:03	--------	d-----r-	C:\Users\Solange\Videos
2016-05-31 20:02:03	--------	d-----r-	C:\Users\Solange\Saved Games
2016-05-31 20:02:03	--------	d-----r-	C:\Users\Solange\Pictures
2016-05-31 20:02:03	--------	d-----r-	C:\Users\Solange\Music
2016-05-31 20:02:03	--------	d-----r-	C:\Users\Solange\Links
2016-05-31 20:02:03	--------	d-----r-	C:\Users\Solange\Favorites
2016-05-31 20:02:03	--------	d-----r-	C:\Users\Solange\Downloads
2016-05-31 20:02:03	--------	d-----r-	C:\Users\Solange\Documents
2016-05-31 20:02:03	--------	d-----r-	C:\Users\Solange\Desktop
2016-05-31 20:01:52	--------	d-----w-	C:\ProgramData\USBChargerPlus
2016-05-31 20:01:51	--------	d-----w-	C:\ProgramData\ASUS Smart Gesture
2016-05-31 19:42:07	7220FAD57A4B3D9D9755C51198CC0386	174	--sha-w-	C:\Users\Public\desktop.ini
2016-05-31 19:42:06	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData
2016-05-31 19:42:06	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData
2016-05-31 19:42:05	--------	d-s---w-	C:\ProgramData\Microsoft
2016-05-31 19:42:05	--------	d--h--w-	C:\Users\Default\AppData
2016-05-31 19:42:05	--------	d--h--r-	C:\Users\Public\Libraries
2016-05-31 19:42:05	--------	d--h--r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
2016-05-31 19:42:05	--------	d---a-w-	C:\ProgramData\regid.1991-06.com.microsoft
2016-05-31 19:42:05	--------	d-----w-	C:\Users\Default\Saved Games
2016-05-31 19:42:05	--------	d-----w-	C:\ProgramData\USOPrivate
2016-05-31 19:42:05	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-05-31 19:42:05	--------	d-----r-	C:\Users\Default\Videos
2016-05-31 19:42:05	--------	d-----r-	C:\Users\Default\Pictures
2016-05-31 19:42:05	--------	d-----r-	C:\Users\Default\Music
2016-05-31 19:42:05	--------	d-----r-	C:\Users\Default\Links
2016-05-31 19:42:05	--------	d-----r-	C:\Users\Default\Favorites
2016-05-31 19:42:05	--------	d-----r-	C:\Users\Default\Downloads
2016-05-31 19:42:05	--------	d-----r-	C:\Users\Default\Documents
2016-05-31 19:42:05	--------	d-----r-	C:\Users\Default\Desktop
2016-05-31 19:42:05	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2016-05-31 19:42:05	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2016-05-31 19:42:05	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-05-31 19:42:05	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-05-31 19:42:05	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-05-31 19:11:31	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\winhttp
2016-05-31 19:07:04	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\ProgramData\DP45977C.lfl
2016-05-31 19:05:30	--------	d--h--w-	C:\Windows\serviceprofiles\networkservice\AppData
2016-05-31 19:05:30	--------	d--h--w-	C:\Windows\serviceprofiles\Localservice\AppData
2016-05-31 19:05:30	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\Saved Games
2016-05-31 19:05:30	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\Saved Games
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Videos
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Pictures
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Music
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Links
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Favorites
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Downloads
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Documents
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Desktop
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Videos
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Pictures
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Music
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Links
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Favorites
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Downloads
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Documents
2016-05-31 19:05:30	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Desktop

====== C: exe-files ==
2016-06-16 18:34:26	CEBBD45985EB8D30A37B6E8D22DCAB11	257192	----a-w-	C:\Windows\Temp\DPTF\esif_assist_64.exe
2016-06-15 19:59:53	4E95AB8BEB2C8FD53B348EF4AD5121C5	149184	----a-w-	C:\Users\Solange\AppData\Local\Temp\81EA72D7-9D72-441D-BD33-C68FF015FC75\DismHost.exe
2016-06-15 19:32:45	19AEB3BF8033FDC187C964CA8F08B162	120	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2826955982-1942645318-3047113444-1001\$IWSLC9I.exe
2016-06-15 19:32:27	A6258C2552098043FF0DD04A72BD49BA	3703360	----a-w-	C:\Users\Solange\Desktop\adwcleaner_5.200.exe
2016-06-15 19:26:27	A6258C2552098043FF0DD04A72BD49BA	3703360	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2826955982-1942645318-3047113444-1001\$RWSLC9I.exe
2016-06-15 19:25:41	DE7BC28EAE6A62BC35754D1DCA4ECF38	1107672	----a-w-	C:\Windows\Temp\6444803741739152279868190301670927991\AdobeARM.exe
2016-06-15 19:25:25	4E95AB8BEB2C8FD53B348EF4AD5121C5	149184	----a-w-	C:\Users\Solange\AppData\Local\Temp\35E7AB2A-CCA2-4449-A5C4-520E8F282C96\DismHost.exe
2016-06-15 18:43:52	024622D3881C9D4FB724530715714BAA	2385920	----a-w-	C:\Users\Solange\Desktop\FRST64.exe
2016-06-15 18:04:31	8B42614E97AA27347B3AD72C18FDDEDA	9371488	----a-w-	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
2016-06-15 18:04:30	FBD4813F17F954DDEE0822B47DC980F1	7344496	----a-w-	C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
2016-06-15 18:04:29	F7A0927CE6772BD2B809DAB4C18F52F2	46784	----a-w-	C:\Windows\System32\CompatTelRunner.exe
2016-06-15 18:04:23	3704397D35001B56B371B3395BD8B876	123392	----a-w-	C:\Windows\System32\tdlrecover.exe
2016-06-15 18:04:17	2BB3FACF2648595E14FAD596DC68DB65	7474528	----a-w-	C:\Windows\System32\ntoskrnl.exe
2016-06-15 18:04:15	71DF6482300C802BB104514F34B460F0	91648	----a-w-	C:\Windows\syswow64\tdlrecover.exe
2016-06-15 18:04:13	F0DF375130CF8A135D9BF5459BD7691D	636304	----a-w-	C:\Windows\System32\fontdrvhost.exe
2016-06-15 18:04:12	E53E383F2C47424BD793210CC3A17FE5	808288	----a-w-	C:\Windows\System32\WWAHost.exe
2016-06-15 18:04:12	E15BEB03592BA12C5C99E2BA46146BDD	4515264	----a-w-	C:\Windows\explorer.exe
2016-06-15 18:04:09	E391DD57E6965C8D2DB05A4A52F80EC8	546456	----a-w-	C:\Windows\syswow64\fontdrvhost.exe
2016-06-15 18:04:09	B09DFF7CD8E40EA77559C87F3BF310DE	703840	----a-w-	C:\Windows\syswow64\WWAHost.exe
2016-06-15 18:04:09	56622DFB0F03B7697B054F256C900A8E	303216	----a-w-	C:\Windows\System32\LockAppHost.exe
2016-06-15 18:04:08	FB8900191867C5B4AA61AF85B8DD1869	4074160	----a-w-	C:\Windows\syswow64\explorer.exe
2016-06-15 18:04:08	F818A7A8BA20F9E20087248FFF1717C8	90624	----a-w-	C:\Windows\System32\DeviceEnroller.exe
2016-06-15 18:04:07	A643BD18E1DAEB72F8AF22B3E3454EF0	578048	----a-w-	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe
2016-06-15 18:04:07	3B2D567D35BF74C4B19B64628784F7BD	219136	----a-w-	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
2016-06-15 18:04:06	0B2EB30A9E987E8F85C9B28BDE04F028	254656	----a-w-	C:\Windows\syswow64\LockAppHost.exe
2016-06-15 18:04:03	4180512B8E8E1F0CE1F8C546C090DB97	816320	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2016-06-15 18:04:03	257E403813627CF4BDBC9D936C151336	820416	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2016-06-15 18:03:58	3911E629284D79F9F73E9E1D6EF4A128	136704	----a-w-	C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
2016-06-15 18:03:55	FFFDA814EE04E06DA9F0BADAA22ABBFD	145920	----a-w-	C:\Windows\System32\omadmclient.exe
2016-06-15 18:03:55	D7C68ADAF1DA79072A44620CD3042E44	170848	----a-w-	C:\Windows\System32\NetworkUXBroker.exe
2016-06-15 18:03:54	83BF0EE2DB8AB8059B8979E7DF143AF1	26408	----a-w-	C:\Windows\System32\wuauclt.exe
2016-06-15 18:03:52	519E5DB2F227B7293EF94D18D5753738	157184	----a-w-	C:\Windows\System32\dmcertinst.exe
2016-06-15 18:03:50	68C5D0769C4A00B4EE8E6EC7323AF175	104448	----a-w-	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
2016-06-15 18:03:49	265CCC1C1FEF749DC82458D114C2BE34	166400	----a-w-	C:\Windows\System32\MusNotification.exe
2016-06-15 18:03:47	A1E25DFE54E3D41CB528ACA5CE9480F7	199168	----a-w-	C:\Windows\System32\InstallAgent.exe
2016-06-15 18:03:47	69E1CFC67F4A4043F01AD3513A73ED02	161280	----a-w-	C:\Windows\syswow64\InstallAgent.exe
2016-06-15 18:03:46	E527156DDC1367CD795AD231C5C439C4	414720	----a-w-	C:\Windows\System32\bcastdvr.exe
2016-06-15 17:55:07	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Solange.exe
2016-06-15 17:53:27	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Solange\Downloads\RSITx64.exe
2016-06-15 17:15:10	B59C24E5D4BF153B618C1E1CCEF94818	571544	----a-w-	C:\Program Files\Realtek\Audio\HDA\vncutil64.exe
2016-06-15 17:15:03	D571D47BBB0CD7A04D96CE772570DD46	1777408	----a-w-	C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe
2016-06-15 17:15:02	7CD89499F56B2B9104559BFC549E98E9	8521472	----a-w-	C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
2016-06-15 17:15:02	66F643D8D2806577C9B6B5EE549D817A	306944	----a-w-	C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
2016-06-15 17:14:58	2F314D421AA9A371AF3B5EA108E9F766	16405744	----a-w-	C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2016-06-15 17:14:57	E0D8F69B9C1902BE921709FCC34F7B4B	1403136	----a-w-	C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2016-06-15 17:14:49	F77F3D83DA82C73772B4FE11A0471F46	133696	----a-w-	C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2016-06-15 17:14:48	11B581F105EC156524F8FCF3DE0B0260	249328	----a-w-	C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
2016-06-15 17:14:46	B3A9825A96CACE70457DD9C95121C580	220296	----a-w-	C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
2016-06-15 17:14:44	7467E3A43E8FAE0A73F70D24C8CBD2D8	752856	----a-w-	C:\Program Files\Realtek\Audio\HDA\CXAPOAgent64.exe
2016-06-15 17:14:43	F626564F507F08412C0300F198CF231E	77040	----a-w-	C:\Program Files\Realtek\Audio\HDA\CreateRtkToastLnk.exe
2016-06-15 17:14:42	EC836737DB7F01E9037CC78739251273	108472	----a-w-	C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
2016-06-15 17:11:10	CE237AD67ACEAB9CEE0E291DF3AC9612	1193688	------w-	C:\Program Files (x86)\Realtek\Audio\Drivers\HDADrv\Setup.exe
2016-06-15 16:42:30	18455C5ADBDB27B7874DBAA9E6F37118	74352	----a-w-	C:\Users\Solange\AppData\Roaming\Spotify\wow_helper.exe
2016-06-15 16:42:29	E11775E9CC132A91A0918E3C8A536343	1552496	----a-w-	C:\Users\Solange\AppData\Roaming\Spotify\SpotifyWebHelper.exe
2016-06-15 16:42:29	7DFA19DBD58EEBD88069F8035948D767	189552	----a-w-	C:\Users\Solange\AppData\Roaming\Spotify\SpotifyLauncher.exe
2016-06-15 16:42:28	87FCC8E69FA0068B264159277D5CACCC	524912	----a-w-	C:\Users\Solange\AppData\Roaming\Spotify\SpotifyCrashService.exe
2016-06-15 16:42:19	D698C43D244DD4520BBABC381C0B8C21	6916208	----a-w-	C:\Users\Solange\AppData\Roaming\Spotify\Spotify.exe
=== C: other files ==
2016-06-15 18:04:18	4B4439FE941574FDF7A757DF6E100705	3590144	----a-w-	C:\Windows\System32\win32kfull.sys
2016-06-15 18:04:17	3996DF4D52FD6273750C7033D1447C0A	31744	----a-w-	C:\Windows\System32\drivers\dumpsdport.sys
2016-06-15 18:04:11	8B83335B6A86F39785FC7C9DE5F5B29F	1996640	----a-w-	C:\Windows\System32\drivers\dxgkrnl.sys
2016-06-15 18:04:06	CF78AF126B00C1B0A6FF45BD838E8EFE	331616	----a-w-	C:\Windows\System32\drivers\pci.sys
2016-06-15 18:04:06	C03E926B0E7D66D68994067231DC3246	278528	----a-w-	C:\Windows\System32\drivers\netbt.sys
2016-06-15 18:04:06	2568B86F6A50D254324CB89022CA9EFC	690176	----a-w-	C:\Windows\System32\drivers\srv2.sys
2016-06-15 18:04:05	BE88248427A6AA548A904FD867667F70	406528	----a-w-	C:\Windows\System32\drivers\srv.sys
2016-06-15 18:04:05	3F7C80D9F16B94367646CBF8B8C052F4	604928	----a-w-	C:\Windows\System32\drivers\cng.sys
2016-06-15 18:04:03	8E9E48E4BC6EACB811FE6066ADACC7A5	577376	----a-w-	C:\Windows\System32\drivers\dxgmms2.sys
2016-06-15 18:04:02	425CFD45BDF5B9F8B790BEB20E0A8721	161632	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2016-06-15 18:04:01	87B9ABB965F7AF987D52791F0DD1663D	211296	----a-w-	C:\Windows\System32\drivers\tpm.sys
2016-06-15 18:03:57	6E520D6B16EA8AE23D1F81C1194F00C8	237056	----a-w-	C:\Windows\System32\drivers\srvnet.sys
2016-06-15 18:03:56	D330D74B5F99309B5CCA30AE41C57CDE	118624	----a-w-	C:\Windows\System32\drivers\partmgr.sys
2016-06-15 18:03:55	05DD22294A4F3F89E52351C7721E6D2C	258912	----a-w-	C:\Windows\System32\drivers\ufx01000.sys
2016-06-15 18:03:52	883A36E2FF7FA3E1281CB575579FE3AF	124928	----a-w-	C:\Windows\System32\drivers\Ndu.sys
2016-06-15 18:03:51	201A90736B86C3478DD03FD238691944	1387520	----a-w-	C:\Windows\System32\win32kbase.sys
2016-06-15 18:03:51	020F3FD207AFEDAC8E05E4C567547A78	155136	----a-w-	C:\Windows\System32\drivers\hidclass.sys
2016-06-15 17:15:03	28D20C717CA0170AB6AFAEE96E50BBDD	4609264	----a-w-	C:\Windows\System32\drivers\RTKVHD64.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-2826955982-1942645318-3047113444-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Solange\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Spotify Web Helper"="C:\Users\Solange\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

[HKEY_USERS\S-1-5-21-2826955982-1942645318-3047113444-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Solange\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Solange\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup"
"Cisco AnyConnect Secure Mobility Agent for Windows"="C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe -minimized"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Solange\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Spotify Web Helper"="C:\Users\Solange\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Solange\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Solange\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [16-06-2016 21:02]
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [31-05-2016 22:02]
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [31-05-2016 22:02]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\ASUS Live Update1" [C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe]
"C:\Windows\SysNative\tasks\ASUS Live Update2" [C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe]
"C:\Windows\SysNative\tasks\ASUS Smart Gesture Launcher" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe]
"C:\Windows\SysNative\tasks\ASUS Splendid ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\Windows\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"]
"C:\Windows\SysNative\tasks\ATK Package 36D18D69AFC3" ["C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe"]
"C:\Windows\SysNative\tasks\ATK Package A22126881260" ["C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe"]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\RtHDVBg_ListenToDevice" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"]
"C:\Windows\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"]
"C:\Windows\SysNative\tasks\Update Checker" [C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe]
"C:\Windows\SysNative\tasks\ASUS\ASUS Product Register Service" [C:\Program Files (x86)\ASUS\APRP\aprp.exe]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2016-04-12 15:22:41	--------	d-----w-	C:\PROGRA~3\Microsoft OneDrive
2016-04-12 15:25:27	--------	d-----w-	C:\PROGRA~3\Intel
2016-04-12 15:31:14	--------	d-----w-	C:\PROGRA~3\AmUStor
2016-04-12 15:31:18	--------	d-----w-	C:\PROGRA~3\Qualcomm Atheros
2016-04-12 15:39:41	--------	d-----w-	C:\PROGRA~3\AVAST Software
2016-04-12 15:40:31	--------	d-----w-	C:\PROGRA~3\McAfee
2016-05-31 19:18:15	--------	d-sh--we	C:\PROGRA~3\Application Data
2016-05-31 19:18:15	--------	d-sh--we	C:\PROGRA~3\Bureaublad
2016-05-31 19:18:15	--------	d-sh--we	C:\PROGRA~3\Documenten
2016-05-31 19:18:15	--------	d-sh--we	C:\PROGRA~3\Menu Start
2016-05-31 19:18:15	--------	d-sh--we	C:\PROGRA~3\Sjablonen
2016-05-31 19:42:05	--------	d-----w-	C:\PROGRA~3\USOPrivate
2016-05-31 19:42:05	--------	d---a-w-	C:\PROGRA~3\regid.1991-06.com.microsoft
2016-05-31 19:42:05	--------	d-s---w-	C:\PROGRA~3\Microsoft
2016-05-31 20:01:51	--------	d-----w-	C:\PROGRA~3\ASUS Smart Gesture
2016-05-31 20:01:52	--------	d-----w-	C:\PROGRA~3\USBChargerPlus
2016-05-31 20:26:11	--------	d-----w-	C:\PROGRA~3\Microsoft Help
2016-05-31 20:39:03	--------	d-----w-	C:\PROGRA~3\Nitro
2016-05-31 20:43:58	--------	d-----w-	C:\PROGRA~3\ESET
2016-05-31 20:51:20	--------	d-----w-	C:\PROGRA~3\SPSS
2016-05-31 20:51:24	--------	d-----w-	C:\PROGRA~3\SafeNet Sentinel
2016-06-03 08:00:46	--------	d-----w-	C:\PROGRA~3\Adobe
2016-06-05 09:35:48	--------	d-----w-	C:\PROGRA~3\Cisco

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Solange\AppData\Roaming\Mozilla\Firefox\Profiles\vnkvsu09.default-1466101897360
05F4E9B3912EA16B04C5928758E8AA75	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll -	Shockwave Flash


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus15.msn.com/?pc=ASTE"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus15.msn.com/?pc=ASTE"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Solange\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Solange\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Solange\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Solange\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: avast! SecureLine.lnk = C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = uvt.nl
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = uvt.nl
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @oem17.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFDriverCreatorReadSpool10 (NitroDriverReadSpool10) - Nitro PDF Software - C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe
O23 - Service: NitroUpdateService - Unknown owner - C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine (SecureLine) - Unknown owner - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Solange\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Solange\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Solange\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Solange\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Solange\AppData\Local\Mozilla\Firefox\Profiles\vnkvsu09.default-1466101897360\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=23 folders=18 11782227 bytes)

==== Empty Temp Folders ======================

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Solange\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 16-06-2016 at 21:22:35,89 ======================