Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Sofia on wo 29-06-2016 at 16:38:31,27. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Sofia\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 29-6-2016 16:39:26 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Cisco deleted successfully C:\PROGRA~2\New Folder deleted successfully C:\Program Files\Common Files\Intel deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\Sofia\AppData\Local\ActiveSync deleted successfully C:\Users\Sofia\AppData\Local\EmieSiteList deleted successfully C:\Users\Sofia\AppData\Local\EmieUserList deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 9"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Cisco not found C:\PROGRA~2\New Folder not found C:\Program Files (x86)\IObit not found C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found C:\Users\Maarten Noë\AppData\Roaming\IObit not found C:\Er7CAUSMMaRdH0Qk not found "C:\WINDOWS\tasks\ASC9_SkipUac_Maarten Noë.job" not found "C:\WINDOWS\tasks\Uninstaller_SkipUac_Maarten_Noë.job" not found C:\windows\SysNative\Tasks\Lenovo App Services deleted C:\PROGRA~3\OneKey Optimizer deleted C:\WINDOWS\sysWoW64\config\systemprofile\.android deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-06-17 09:37:16 E15BEB03592BA12C5C99E2BA46146BDD 4515264 ----a-w- C:\WINDOWS\explorer.exe 2016-06-15 09:29:02 500A5C0839022A3EC32A9E79F78DBCEA 67156 ----a-w- C:\WINDOWS\Huawei ModemsUninstall.exe ====== C:\Users\Sofia\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-06-20 12:14:51 F18ED7DB109DFEF2D031BB8023583FD5 103424 ----a-w- C:\WINDOWS\SysWOW64\MyDIT_GenClassCoInst.dll 2016-06-17 09:37:50 F58B6B20BB45E99C99D0F2B73B9EE373 1372312 ----a-w- C:\WINDOWS\SysWOW64\gdi32.dll 2016-06-17 09:37:50 B004992A381FCE04934893BB7D9BDD19 504320 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2016-06-17 09:37:48 F62430C1C9A23E5BAD5C4A43A66F662B 87040 ----a-w- C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-06-17 09:37:48 73A58788F32A98E446220B5E48843967 349696 ----a-w- C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-06-17 09:37:48 688687C8D860657E6BFDD77B0FFE1DE4 59904 ----a-w- C:\WINDOWS\SysWOW64\MosStorage.dll 2016-06-17 09:37:48 20D8DBFB40E025C2E99F7146E48116CD 800768 ----a-w- C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-06-17 09:37:48 1C09B75EF1869E7790444928F89E3D3C 50176 ----a-w- C:\WINDOWS\SysWOW64\MosHostClient.dll 2016-06-17 09:37:47 CA90D72C7249D79017057F1F48FD1958 711680 ----a-w- C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-06-17 09:37:47 3C563003AFDD2E6CDC199C2EBDB07886 784896 ----a-w- C:\WINDOWS\SysWOW64\NMAA.dll 2016-06-17 09:37:47 105DE7AF1C9763E56D5322CECF3465EB 5205504 ----a-w- C:\WINDOWS\SysWOW64\BingMaps.dll 2016-06-17 09:37:46 21D80595A8427CB6F1DDC134E948AECE 6295552 ----a-w- C:\WINDOWS\SysWOW64\mos.dll 2016-06-17 09:37:45 B981A07C0A0CCE68BD90DF3E3EC520DE 1707520 ----a-w- C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-06-17 09:37:45 388077FF1642D94BF81F9D814F22BBA2 499712 ----a-w- C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-06-17 09:37:36 E391DD57E6965C8D2DB05A4A52F80EC8 546456 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-06-17 09:37:36 5922C03A67F868265E5AB176DB6D641D 316256 ----a-w- C:\WINDOWS\SysWOW64\atmfd.dll 2016-06-17 09:37:35 B09DFF7CD8E40EA77559C87F3BF310DE 703840 ----a-w- C:\WINDOWS\SysWOW64\WWAHost.exe 2016-06-17 09:37:30 92347FC58A8BD2A45F440239EA9A4F04 12128256 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-06-17 09:37:29 6D879552B32CCD2536F66F4F88F54800 19344384 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-06-17 09:37:28 FB68B81CBD3F79D09E3EA1D0DFB424B6 37376 ----a-w- C:\WINDOWS\SysWOW64\atmlib.dll 2016-06-17 09:37:27 DDE33C05D644CC57429340ACB2DA53C5 18674176 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-06-17 09:37:26 6762E4ACE8D11FCD80EA4011DD22B857 5660160 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-06-17 09:37:25 DCAC3EE469A3B0C0EC5660D730DF6BDF 9918976 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-06-17 09:37:24 9BD17D372080234722C1139DAC039C9D 93696 ----a-w- C:\WINDOWS\SysWOW64\fontsub.dll 2016-06-17 09:37:24 02ABF6A6775B745CCCEAEB4594AA6354 5323776 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-06-17 09:37:23 7823862FA05558EB61C72D8A5A163ADA 3664896 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2016-06-17 09:37:22 D8C44C34BC206902947E55E2C94E8D38 2921880 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2016-06-17 09:37:22 1E497317417C1C68B5453DD04721B16D 614400 ----a-w- C:\WINDOWS\SysWOW64\winhttp.dll 2016-06-17 09:37:20 A495EA4706387D12C00641D8C48BA527 890368 ----a-w- C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-06-17 09:37:19 C3BB1475ABDFBC0BB5A37D8BAF3DE733 687616 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2016-06-17 09:37:18 92A252E7DAF67D36BC81758A0F8596EB 2195632 ----a-w- C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-06-17 09:37:18 71DF6482300C802BB104514F34B460F0 91648 ----a-w- C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-06-17 09:37:17 B9AD8E15F6641E328C1543688B5EE2E8 2061824 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-06-17 09:37:17 7FFD756E7DD8BA83B4B4EF41F51B7DF5 1582080 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-06-17 09:37:16 836DF245362A9E09CC050EB107E85D74 467456 ----a-w- C:\WINDOWS\SysWOW64\AppContracts.dll 2016-06-17 09:37:15 A142F1D0FF07C172FA90075B7848CCD0 521728 ----a-w- C:\WINDOWS\SysWOW64\StructuredQuery.dll 2016-06-17 09:37:15 8162BC2EC9E529AA90F196A12D887308 4268880 ----a-w- C:\WINDOWS\SysWOW64\setupapi.dll 2016-06-17 09:37:15 56339962C1448BA2CF4C4D25C89938D2 521664 ----a-w- C:\WINDOWS\SysWOW64\dxgi.dll 2016-06-17 09:37:14 E724CB02012CEBF773DC9FE304DCD946 501600 ----a-w- C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-06-17 09:37:13 FBBE8B9147474379F54F8A1BACBF9748 388384 ----a-w- C:\WINDOWS\SysWOW64\ws2_32.dll 2016-06-17 09:37:13 B011360F95F911F025BC91CB17449798 1500160 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-06-17 09:37:12 FB8900191867C5B4AA61AF85B8DD1869 4074160 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2016-06-17 09:37:12 F07AE86B2CD1C2CF6AE7812C60299032 535040 ----a-w- C:\WINDOWS\SysWOW64\rastls.dll 2016-06-17 09:37:12 1B4F03A9F11169672067ED4FD7504AD6 1445888 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-06-17 09:37:11 0B2EB30A9E987E8F85C9B28BDE04F028 254656 ----a-w- C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-06-17 09:37:09 9BBE7D1B5B0FC534CBA0B2444BD05204 957608 ----a-w- C:\WINDOWS\SysWOW64\ole32.dll 2016-06-17 09:37:08 B503CB64CC62265B914DA10A5CF87B05 2230272 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-06-17 09:37:08 1F5B5642253FC9760EEACD81900C38DC 312160 ----a-w- C:\WINDOWS\SysWOW64\mswsock.dll 2016-06-17 09:37:08 110EE87B0F4E38609AD73E9075EF82A4 97096 ----a-w- C:\WINDOWS\SysWOW64\ncryptsslp.dll 2016-06-17 09:37:03 D93D6F9BC1EE3329A9DCF3B9591EB156 219136 ----a-w- C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-06-17 09:37:03 56DEB6F17F290B8C4AF8B2AA10097B55 88576 ----a-w- C:\WINDOWS\SysWOW64\olepro32.dll 2016-06-17 09:37:02 CD12A269274F2916A3661198E13CBBC4 799744 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll 2016-06-17 09:37:02 551624F398703A90CAFCC5777CEA99E8 450560 ----a-w- C:\WINDOWS\SysWOW64\SyncController.dll 2016-06-17 09:37:02 2FDF5001427D457AC43942FADC742404 360480 ----a-w- C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-06-17 09:37:01 A3B6AED415AEEA114597E5043F45FF18 415232 ----a-w- C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-06-17 09:37:01 8000FB1D40149AC05F6BDE9248A6B956 230400 ----a-w- C:\WINDOWS\SysWOW64\dhcpcore6.dll 2016-06-17 09:37:01 4DED20A327D15D69FB85310D14D67711 291328 ----a-w- C:\WINDOWS\SysWOW64\polstore.dll 2016-06-17 09:37:00 861D71E2284DCEA5E9309CDE8D920252 485888 ----a-w- C:\WINDOWS\SysWOW64\newdev.dll 2016-06-17 09:37:00 53BD5A0B7D0B027984D99BEDB945CEE6 84832 ----a-w- C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-06-17 09:36:59 4243F729D260C0D6C6A3B605F51FD518 103424 ----a-w- C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-06-17 09:36:58 88A3958213B43EED8402D4496149924A 64000 ----a-w- C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2016-06-17 09:36:58 4F34CCC76E60CCE8BA12663A747EC05B 57344 ----a-w- C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2016-06-17 09:36:57 CEF14DB231B344BBDBF7C04A12D8336B 293888 ----a-w- C:\WINDOWS\SysWOW64\dhcpcore.dll 2016-06-17 09:36:57 5DC9ED2C89D94C47892DF237D604BDC8 200192 ----a-w- C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2016-06-17 09:36:57 4C6145BBEFDD7092ABFA5F7614BA2E66 53760 ----a-w- C:\WINDOWS\SysWOW64\FwRemoteSvr.dll 2016-06-17 09:36:56 A9E193BE154B7145EF06FD0FD10232A0 151040 ----a-w- C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-06-17 09:36:55 69E1CFC67F4A4043F01AD3513A73ED02 161280 ----a-w- C:\WINDOWS\SysWOW64\InstallAgent.exe ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-06-20 09:41:50 4D96BEFF088BA6AB48FD3775F87C3438 708168 ----a-w- C:\WINDOWS\Sysnative\WinUSBCoInstaller.dll 2016-06-20 09:41:50 0E9AD2D3784A0996A5131512939C09C0 1490656 ----a-w- C:\WINDOWS\Sysnative\WdfCoInstaller01007.dll 2016-06-17 09:37:50 E7522EFA8A09808046F88BCF3F1B8827 1594416 ----a-w- C:\WINDOWS\Sysnative\gdi32.dll 2016-06-17 09:37:50 7A654D6E586FDE14C8B805BED03D74B7 45568 ----a-w- C:\WINDOWS\Sysnative\atmlib.dll 2016-06-17 09:37:50 6521E1FB66B3E1897C4EFDECC7C95D4C 606208 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2016-06-17 09:37:49 C1B13204994572C941C14A7FF410C4D6 24605696 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-06-17 09:37:48 730D45D8008EECC0BAD2CBEB48A5EA6F 853504 ----a-w- C:\WINDOWS\Sysnative\MapsStore.dll 2016-06-17 09:37:48 669A63116B94E259A6D583C099A6B48C 460800 ----a-w- C:\WINDOWS\Sysnative\MapConfiguration.dll 2016-06-17 09:37:48 3CF4B1B09166346F5CA6C3BFBEF2EB8C 1056256 ----a-w- C:\WINDOWS\Sysnative\JpMapControl.dll 2016-06-17 09:37:47 8E49ED08328FB7446228617B129DD377 7200256 ----a-w- C:\WINDOWS\Sysnative\BingMaps.dll 2016-06-17 09:37:46 EBE69568E527FD4EF37EDD0C62608B28 7977472 ----a-w- C:\WINDOWS\Sysnative\mos.dll 2016-06-17 09:37:46 E91AB87F7E533BA1566FDEC651347E07 988160 ----a-w- C:\WINDOWS\Sysnative\NMAA.dll 2016-06-17 09:37:46 4799A06F0BC0694E8D6FBF38110B7F65 939520 ----a-w- C:\WINDOWS\Sysnative\MapControlCore.dll 2016-06-17 09:37:45 CAB0FCF4F680E552329366614C83A808 630784 ----a-w- C:\WINDOWS\Sysnative\MessagingDataModel2.dll 2016-06-17 09:37:45 C49E5A83F5454A06A1306A8B1589B928 1996288 ----a-w- C:\WINDOWS\Sysnative\ActiveSyncProvider.dll 2016-06-17 09:37:44 2FEEF51C4A1DB9D1334D5B77DEC92865 22379008 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-06-17 09:37:39 FA2CDF42B3E9F53B12E506BA48BE16AA 72704 ----a-w- C:\WINDOWS\Sysnative\moshost.dll 2016-06-17 09:37:39 985F15F4F0922BD34BDD42AD2F5EC86A 89088 ----a-w- C:\WINDOWS\Sysnative\MapsCSP.dll 2016-06-17 09:37:39 77C9887E5E4A99F3A6F717DF24874E00 66560 ----a-w- C:\WINDOWS\Sysnative\MosHostClient.dll 2016-06-17 09:37:39 0C1F4E23E2E834C7EE795D23EC383205 28672 ----a-w- C:\WINDOWS\Sysnative\mapsupdatetask.dll 2016-06-17 09:37:39 0272C6FF9DB6902D9958AC108EB7F7C2 120320 ----a-w- C:\WINDOWS\Sysnative\MapsBtSvc.dll 2016-06-17 09:37:38 76A304EBFC5FF61C5F5B35259AA64EAE 269824 ----a-w- C:\WINDOWS\Sysnative\moshostcore.dll 2016-06-17 09:37:38 3704397D35001B56B371B3395BD8B876 123392 ----a-w- C:\WINDOWS\Sysnative\tdlrecover.exe 2016-06-17 09:37:38 224DC52AE777A1B23A6774B6C4C04853 2609664 ----a-w- C:\WINDOWS\Sysnative\NetworkMobileSettings.dll 2016-06-17 09:37:38 0DA05DFF1CFF34D421475DCEEB4F42A8 74752 ----a-w- C:\WINDOWS\Sysnative\MosStorage.dll 2016-06-17 09:37:37 F7A0927CE6772BD2B809DAB4C18F52F2 46784 ----a-w- C:\WINDOWS\Sysnative\CompatTelRunner.exe 2016-06-17 09:37:37 CE8A06FE15854BAEE15E5E87D1CB6EBA 1401024 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll 2016-06-17 09:37:36 AA2D40D4C045D014FD481BC17308A09A 118272 ----a-w- C:\WINDOWS\Sysnative\fontsub.dll 2016-06-17 09:37:36 5CE34C981833706A0B6051572AC5B6CE 379232 ----a-w- C:\WINDOWS\Sysnative\atmfd.dll 2016-06-17 09:37:36 05E07AE24F3BE69DEF01145C9BF99B8C 6973952 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll 2016-06-17 09:37:35 F0DF375130CF8A135D9BF5459BD7691D 636304 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe 2016-06-17 09:37:35 E53E383F2C47424BD793210CC3A17FE5 808288 ----a-w- C:\WINDOWS\Sysnative\WWAHost.exe 2016-06-17 09:37:34 9EDE32C8BEAF4E95CBCE3CA158984D2A 3585536 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsThresholdAdminFlowUI.dll 2016-06-17 09:37:34 26E32337D1525AE114645A53EBA9ECDE 13385728 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-06-17 09:37:32 80851FD6C1795071602244DDAC856C78 11545088 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-06-17 09:37:31 A68F4601A79556A0E912458703D30A1D 7832576 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-06-17 09:37:29 C9CF27CF340A5909B1C1953776957C87 567808 ----a-w- C:\WINDOWS\Sysnative\MBMediaManager.dll 2016-06-17 09:37:28 1CF69EF4E2844F9D297F309CF80122CB 2168320 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2016-06-17 09:37:26 D2A63D882C5A702C0E3081D4CC6855B0 3994624 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll 2016-06-17 09:37:25 5370350A591EC5A55801AA8378DFADCE 4896256 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2016-06-17 09:37:24 B89C353AFC8F56D961D07FF1FE7B4BCD 1339904 ----a-w- C:\WINDOWS\Sysnative\gpsvc.dll 2016-06-17 09:37:23 D4B30E23A3B373648F61290DAF432CB2 794624 ----a-w- C:\WINDOWS\Sysnative\winhttp.dll 2016-06-17 09:37:23 C3417E8791096AA0E211B201ACA66757 2582016 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2016-06-17 09:37:23 2C3C82F85556F91EC1621268DDCC7554 3675512 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2016-06-17 09:37:22 C39B97A8B3C193303D09A3C95AF46531 1322248 ----a-w- C:\WINDOWS\Sysnative\ole32.dll 2016-06-17 09:37:21 4B4439FE941574FDF7A757DF6E100705 3590144 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-06-17 09:37:21 2BB3FACF2648595E14FAD596DC68DB65 7474528 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-06-17 09:37:21 131547B1C1D2ABD355C5DFE945BCB9A4 693600 ----a-w- C:\WINDOWS\Sysnative\NetSetupEngine.dll 2016-06-17 09:37:20 DDA0A83CA083DC6CBFAB7015B10F5377 1716736 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll 2016-06-17 09:37:20 D56E06BE971D9AE99400D435D28D56ED 592896 ----a-w- C:\WINDOWS\Sysnative\AppContracts.dll 2016-06-17 09:37:20 BDF4623C41C0782EE640C2466510FDD7 784384 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2016-06-17 09:37:20 7ECACE6D0B4C2D323408EB00FD93C682 503808 ----a-w- C:\WINDOWS\Sysnative\tileobjserver.dll 2016-06-17 09:37:20 186F9035AEF7E15C4D3F15C3536AB24C 2548944 ----a-w- C:\WINDOWS\Sysnative\d3d10warp.dll 2016-06-17 09:37:19 CA2F55C653DEEEC99802103AD6C9E810 1797120 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Immersive.dll 2016-06-17 09:37:19 A8AFB8AD3E24134382BFA0EBE534F95C 290496 ----a-w- C:\WINDOWS\Sysnative\invagent.dll 2016-06-17 09:37:19 8D3AC00C88BC2A63D1D3CC320E0EAA19 2281472 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-06-17 09:37:19 729B7FF96EC3C2EC13EEBD12BBF15322 649792 ----a-w- C:\WINDOWS\Sysnative\dxgi.dll 2016-06-17 09:37:18 5AAB28A6AC2AAC9F66D4EAB6695D0474 963072 ----a-w- C:\WINDOWS\Sysnative\iphlpsvc.dll 2016-06-17 09:37:18 1A7C3451A5BD863F9FC4D7421D353374 982016 ----a-w- C:\WINDOWS\Sysnative\AppxPackaging.dll 2016-06-17 09:37:17 FA8E0A9C648035CA1B47C9DA77EDB7EA 380416 ----a-w- C:\WINDOWS\Sysnative\SystemEventsBrokerServer.dll 2016-06-17 09:37:17 A63889B4BCFDF67306AC239374F823B0 2066432 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2016-06-17 09:37:17 248EE89220C4B1156EDA5F295C9133D3 1730560 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-06-17 09:37:16 CD9F1B2F8D6FDDEB0501666542E31D96 990208 ----a-w- C:\WINDOWS\Sysnative\SharedStartModel.dll 2016-06-17 09:37:16 5B813FADEA5BE9195F01C83287F823F7 190464 ----a-w- C:\WINDOWS\Sysnative\wscsvc.dll 2016-06-17 09:37:15 57C88C15CEC97318F580D7F4327AAA46 163328 ----a-w- C:\WINDOWS\Sysnative\tetheringservice.dll 2016-06-17 09:37:14 F69610C2C741B025CE28BBAA7DA8A9EA 684544 ----a-w- C:\WINDOWS\Sysnative\StructuredQuery.dll 2016-06-17 09:37:14 F68AD4ACC7535D811F94A52233AE0457 430312 ----a-w- C:\WINDOWS\Sysnative\ws2_32.dll 2016-06-17 09:37:14 E3B8996D970DB8926A817A4BFC3DA5FD 285184 ----a-w- C:\WINDOWS\Sysnative\VEEventDispatcher.dll 2016-06-17 09:37:14 8DB6AE22A974739EB53C7FA3DBD7EAAA 1390080 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll 2016-06-17 09:37:14 3EAE04B6CBACAB9CF850A5009F02065E 730344 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Shell.Broker.dll 2016-06-17 09:37:13 F818A7A8BA20F9E20087248FFF1717C8 90624 ----a-w- C:\WINDOWS\Sysnative\DeviceEnroller.exe 2016-06-17 09:37:13 DD285F10B3AB2588FED953E559ABEADD 610816 ----a-w- C:\WINDOWS\Sysnative\rastls.dll 2016-06-17 09:37:13 BD5DD35352A6DEDBBF1472C06A123E27 965632 ----a-w- C:\WINDOWS\Sysnative\SRH.dll 2016-06-17 09:37:13 56622DFB0F03B7697B054F256C900A8E 303216 ----a-w- C:\WINDOWS\Sysnative\LockAppHost.exe 2016-06-17 09:37:13 4973B94DE96E78AF1128A557846E8411 4387680 ----a-w- C:\WINDOWS\Sysnative\setupapi.dll 2016-06-17 09:37:13 0D33D06EF42E3BC6A7BBC4F7F7517C25 368640 ----a-w- C:\WINDOWS\Sysnative\usocore.dll 2016-06-17 09:37:12 F3E636B2A747493206336114208918FB 173056 ----a-w- C:\WINDOWS\Sysnative\mdmmigrator.dll 2016-06-17 09:37:12 87F0A5CDFF9DE712B1F009EDBF8D9779 641536 ----a-w- C:\WINDOWS\Sysnative\enterprisecsps.dll 2016-06-17 09:37:12 861DE49C2ACE112CE1A83DF5E6A7AB97 239104 ----a-w- C:\WINDOWS\Sysnative\BrokerLib.dll 2016-06-17 09:37:12 2885631DD8DDB06C091310E6C837AFB0 92352 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll 2016-06-17 09:37:11 FFFDA814EE04E06DA9F0BADAA22ABBFD 145920 ----a-w- C:\WINDOWS\Sysnative\omadmclient.exe 2016-06-17 09:37:11 DF7A59E70F398EEB9FDCDD310987D8AE 1073152 ----a-w- C:\WINDOWS\Sysnative\RDXService.dll 2016-06-17 09:37:11 6DC05FFA78B5E1D34AFDBA08D00B1A8B 22561256 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2016-06-17 09:37:11 4F2621E187382D22045D0BC65B23858E 587776 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll 2016-06-17 09:37:10 BEE99FBB55E3BFFCF85D0C0A8D26261F 431296 ----a-w- C:\WINDOWS\Sysnative\bcryptprimitives.dll 2016-06-17 09:37:10 9547F6675FB25D558BB0F10F1EC9DDD8 591360 ----a-w- C:\WINDOWS\Sysnative\vpnike.dll 2016-06-17 09:37:09 75CC21C976BFF286E706AA2D133EB9D4 2755584 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-06-17 09:37:09 39231A451D553196A909D02C05945CED 428896 ----a-w- C:\WINDOWS\Sysnative\hal.dll 2016-06-17 09:37:08 2E6EBC6F331900D943EB5F58C1835AFB 417792 ----a-w- C:\WINDOWS\Sysnative\dmenrollengine.dll 2016-06-17 09:37:08 199298181CB86E5056D82BD1F86C8A97 357216 ----a-w- C:\WINDOWS\Sysnative\mswsock.dll 2016-06-17 09:37:07 4F99255A964A4009D434338D87A3610D 332288 ----a-w- C:\WINDOWS\Sysnative\polstore.dll 2016-06-17 09:37:05 6655228B16A6371BE3B45E7913B52250 111064 ----a-w- C:\WINDOWS\Sysnative\ncryptsslp.dll 2016-06-17 09:37:04 D67052BD0DA9C17BCBBF8AB5B6D354EE 392192 ----a-w- C:\WINDOWS\Sysnative\IPSECSVC.DLL 2016-06-17 09:37:03 FEAFB991662BF0AD233CC090E83E4FD3 131248 ----a-w- C:\WINDOWS\Sysnative\gpapi.dll 2016-06-17 09:37:03 9E79A2208A9ED205A7383CBC92C28053 79872 ----a-w- C:\WINDOWS\Sysnative\cryptsvc.dll 2016-06-17 09:37:03 9A293A4EE7C2283AD9689AB268B6CBA5 555520 ----a-w- C:\WINDOWS\Sysnative\SyncController.dll 2016-06-17 09:37:03 579BA42B70965456C170E98BD481E8F6 315392 ----a-w- C:\WINDOWS\Sysnative\RDXTaskFactory.dll 2016-06-17 09:37:02 D5F1729225B3D3B69F76A191320952C7 514752 ----a-w- C:\WINDOWS\Sysnative\devinv.dll 2016-06-17 09:37:02 6B585B45402B04EF80CB81969682DBE6 693760 ----a-w- C:\WINDOWS\Sysnative\internetmail.dll 2016-06-17 09:37:02 672694F7708B6531F7B3219D9FAE2845 199168 ----a-w- C:\WINDOWS\Sysnative\GnssAdapter.dll 2016-06-17 09:37:02 537CC506D45C691CD1FFF2D918E8C27C 174080 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_Privacy.dll 2016-06-17 09:37:01 D7C68ADAF1DA79072A44620CD3042E44 170848 ----a-w- C:\WINDOWS\Sysnative\NetworkUXBroker.exe 2016-06-17 09:37:01 D07172DFA6BD46545A7708DD78F02D14 1184960 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2016-06-17 09:37:01 83BF0EE2DB8AB8059B8979E7DF143AF1 26408 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2016-06-17 09:37:01 26E9FC9FFDEF863021D3C18A30B4373F 267264 ----a-w- C:\WINDOWS\Sysnative\dhcpcore6.dll 2016-06-17 09:37:00 EFE15754302A2188C933164CFF9AEFD1 111104 ----a-w- C:\WINDOWS\Sysnative\updatepolicy.dll 2016-06-17 09:37:00 D461D2BECEFA661291EB1B748A8D2CCB 355840 ----a-w- C:\WINDOWS\Sysnative\dhcpcore.dll 2016-06-17 09:37:00 C91D271837F2A7DE9875CF50068BF503 511488 ----a-w- C:\WINDOWS\Sysnative\newdev.dll 2016-06-17 09:37:00 A83B4BBA591A3243C61DB825201BA024 115040 ----a-w- C:\WINDOWS\Sysnative\NetSetupApi.dll 2016-06-17 09:37:00 38A4CE75D9E6FDC28393971ADFD6F9FB 218624 ----a-w- C:\WINDOWS\Sysnative\cdd.dll 2016-06-17 09:36:59 8561E653AEB0EFCAD88DE082C282E831 76800 ----a-w- C:\WINDOWS\Sysnative\ngcpopkeysrv.dll 2016-06-17 09:36:59 58BC9F0C8D92AD7E45F03596BE2E68B4 550912 ----a-w- C:\WINDOWS\Sysnative\StoreAgent.dll 2016-06-17 09:36:59 519E5DB2F227B7293EF94D18D5753738 157184 ----a-w- C:\WINDOWS\Sysnative\dmcertinst.exe 2016-06-17 09:36:58 FA0CCA622E2046BC47A81D9A2630F5E9 67072 ----a-w- C:\WINDOWS\Sysnative\dhcpcsvc6.dll 2016-06-17 09:36:58 3CFDA42F5C7914509CD660D1062A8E55 19456 ----a-w- C:\WINDOWS\Sysnative\httpprxp.dll 2016-06-17 09:36:58 201A90736B86C3478DD03FD238691944 1387520 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2016-06-17 09:36:58 163A6E3A267DBE416679A76D1FA57C4B 86016 ----a-w- C:\WINDOWS\Sysnative\dhcpcsvc.dll 2016-06-17 09:36:57 F605380B537201BD3BC0CDFB5AD53530 162816 ----a-w- C:\WINDOWS\Sysnative\enrollmentapi.dll 2016-06-17 09:36:57 E37D5E1BB9F53BD499125B3F0F27E94E 128512 ----a-w- C:\WINDOWS\Sysnative\httpprxm.dll 2016-06-17 09:36:57 E32F15E26724F3BB6423FB29FF3E2A8F 278016 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Management.dll 2016-06-17 09:36:57 47C395DAD8900E2E054FE3AE0FE7C345 406528 ----a-w- C:\WINDOWS\Sysnative\MusUpdateHandlers.dll 2016-06-17 09:36:57 265CCC1C1FEF749DC82458D114C2BE34 166400 ----a-w- C:\WINDOWS\Sysnative\MusNotification.exe 2016-06-17 09:36:57 0F98F18445707A9141F74B3C48F919A6 90112 ----a-w- C:\WINDOWS\Sysnative\FwRemoteSvr.dll 2016-06-17 09:36:57 003A0EA097767462F3417B7857DCE1CC 79360 ----a-w- C:\WINDOWS\Sysnative\adhsvc.dll 2016-06-17 09:36:56 D6DAEA66B2A9349DD38BFE528BBFAFA6 91136 ----a-w- C:\WINDOWS\Sysnative\browserbroker.dll 2016-06-17 09:36:56 3E10999029D3D2C13F8AAA204E7D5B5F 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2016-06-17 09:36:56 1F933CB5AECF7484A0589633A75132A2 176640 ----a-w- C:\WINDOWS\Sysnative\mdmregistration.dll 2016-06-17 09:36:55 E527156DDC1367CD795AD231C5C439C4 414720 ----a-w- C:\WINDOWS\Sysnative\bcastdvr.exe 2016-06-17 09:36:55 A3AA03C0C5002F3D89397637B770A1BA 207360 ----a-w- C:\WINDOWS\Sysnative\NetSetupSvc.dll 2016-06-17 09:36:55 A1E25DFE54E3D41CB528ACA5CE9480F7 199168 ----a-w- C:\WINDOWS\Sysnative\InstallAgent.exe 2016-06-17 09:36:55 6B7F0785FF5AA23B7005D969BED95DB2 86528 ----a-w- C:\WINDOWS\Sysnative\AppCapture.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2016-06-29 13:44:04 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\WINDOWS\Sysnative\drivers\636C2F22.sys 2016-06-29 13:14:24 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys 2016-06-29 13:13:37 898415AC0B5F1D2A9A48ABCB68A6DC4B 65408 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2016-06-29 13:13:37 78BFF5425E044086E74E78650A359FBB 27008 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2016-06-29 13:13:37 1239597BAB7EED2BB16D035AF87E65D9 140672 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2016-06-20 12:14:52 7FD2EAF88598CA9FCB19C97B8052D85F 478720 ----a-w- C:\WINDOWS\Sysnative\drivers\qcusbwwan.sys 2016-06-20 09:51:48 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_WinUSB_01007.Wdf 2016-06-20 09:41:51 65D32E9BBCC9FFD36F2BF38C595D283F 242688 ----a-w- C:\WINDOWS\Sysnative\drivers\qcusbser.sys 2016-06-20 09:41:51 5F47CA488F662B1E4EA3D0680BE55B17 35840 ----a-w- C:\WINDOWS\Sysnative\drivers\qcusbfilter.sys 2016-06-17 09:37:21 3996DF4D52FD6273750C7033D1447C0A 31744 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsdport.sys 2016-06-17 09:37:15 8B83335B6A86F39785FC7C9DE5F5B29F 1996640 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-06-17 09:37:12 425CFD45BDF5B9F8B790BEB20E0A8721 161632 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2016-06-17 09:37:12 2568B86F6A50D254324CB89022CA9EFC 690176 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2016-06-17 09:37:11 CF78AF126B00C1B0A6FF45BD838E8EFE 331616 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2016-06-17 09:37:11 C03E926B0E7D66D68994067231DC3246 278528 ----a-w- C:\WINDOWS\Sysnative\drivers\netbt.sys 2016-06-17 09:37:10 BE88248427A6AA548A904FD867667F70 406528 ----a-w- C:\WINDOWS\Sysnative\drivers\srv.sys 2016-06-17 09:37:10 3F7C80D9F16B94367646CBF8B8C052F4 604928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-06-17 09:37:09 8E9E48E4BC6EACB811FE6066ADACC7A5 577376 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-06-17 09:37:08 87B9ABB965F7AF987D52791F0DD1663D 211296 ----a-w- C:\WINDOWS\Sysnative\drivers\tpm.sys 2016-06-17 09:37:04 6E520D6B16EA8AE23D1F81C1194F00C8 237056 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2016-06-17 09:37:02 D330D74B5F99309B5CCA30AE41C57CDE 118624 ----a-w- C:\WINDOWS\Sysnative\drivers\partmgr.sys 2016-06-17 09:37:01 05DD22294A4F3F89E52351C7721E6D2C 258912 ----a-w- C:\WINDOWS\Sysnative\drivers\ufx01000.sys 2016-06-17 09:36:59 FFB773E4AA55E4F5FBBB084B41D7A86F 954368 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2016-06-17 09:36:59 883A36E2FF7FA3E1281CB575579FE3AF 124928 ----a-w- C:\WINDOWS\Sysnative\drivers\Ndu.sys 2016-06-17 09:36:58 020F3FD207AFEDAC8E05E4C567547A78 155136 ----a-w- C:\WINDOWS\Sysnative\drivers\hidclass.sys 2016-06-17 09:36:55 BE265ABFB467BBAC8C73A55AD94F4216 84992 ----a-w- C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS 2016-06-17 09:36:55 3C7DE7B7CAD633CD2DA07710BC17361C 112640 ----a-w- C:\WINDOWS\Sysnative\drivers\bthenum.sys 2016-06-15 09:29:13 4DA5DA193E0E4F86F6F8FD43EF25329A 1721576 ----a-w- C:\WINDOWS\Sysnative\drivers\WdfCoInstaller01009.dll 2016-06-15 09:29:12 E51C81A443BF5B4736DE632D54454533 30208 ----a-w- C:\WINDOWS\Sysnative\drivers\ew_juextctrl.sys 2016-06-15 09:29:12 CB0FDCC2A5A12E34FA4C96AF1FB85A37 22528 ----a-w- C:\WINDOWS\Sysnative\drivers\ew_hwupgrade.sys 2016-06-15 09:29:12 9B45CE94876F03F12720AAC363ACBB8A 91648 ----a-w- C:\WINDOWS\Sysnative\drivers\ew_jucdcacm.sys 2016-06-15 09:29:12 549674E074ED024482A43332A4B329D9 54784 ----a-w- C:\WINDOWS\Sysnative\drivers\ew_jucdcecm.sys 2016-06-15 09:29:12 4824408B3C4606AEBA8DC0431EDFF417 196608 ----a-w- C:\WINDOWS\Sysnative\drivers\ew_juwwanecm.sys 2016-06-15 09:29:12 09AF4D7563EFC283BEDDDAFE60FAF168 86016 ----a-w- C:\WINDOWS\Sysnative\drivers\ew_jubusenum.sys 2016-06-15 09:29:09 D83EB7ADE99D99A4CD6568AC1261D35E 256000 ----a-w- C:\WINDOWS\Sysnative\drivers\ewusbnet.sys 2016-06-15 09:29:09 6E05228393CD614B983568EC40C262C3 121600 ----a-w- C:\WINDOWS\Sysnative\drivers\ewusbmdm.sys 2016-06-15 09:29:09 55E0EDA185869F7EA67EA97FD0655B39 13952 ----a-w- C:\WINDOWS\Sysnative\drivers\ew_usbenumfilter.sys 2016-06-15 09:29:09 3047B186C71B082C031AEFCA783B329C 999936 ----a-w- C:\WINDOWS\Sysnative\drivers\mod7700.sys 2016-06-15 09:29:09 06691B7CB86444BE0F95ACEB700F8140 32768 ----a-w- C:\WINDOWS\Sysnative\drivers\ewdcsc.sys 2016-06-15 09:29:05 86F7951BBCEE4A86E79A97306BD14318 117248 ----a-w- C:\WINDOWS\Sysnative\drivers\ew_hwusbdev.sys 2016-06-09 08:59:58 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2016-06-29 12:44:37 -------- d-----w- C:\PROGRA~2\VideoLAN 2016-06-23 09:18:51 -------- d---a-w- C:\PROGRA~2\COMMON~1\DESIGNER 2016-06-20 12:14:51 -------- d---a-w- C:\PROGRA~2\D-Link Connection Manager 2016-06-15 09:29:02 -------- d-----w- C:\PROGRA~2\Huawei Modems ======= C: ===== ====== C:\Users\Sofia\AppData\Roaming ====== 2016-06-20 12:14:39 -------- d-----w- C:\Users\Sofia\AppData\Local\Programs 2016-06-20 09:24:04 -------- d-----w- C:\Users\Sofia\AppData\Local\Diagnostics ====== C:\Users\Sofia ====== 2016-06-29 14:22:30 52F4695C53B02ADA7D648F95F2E2F8B4 22851472 ----a-w- C:\Users\Sofia\Downloads\mbam-setup-2.2.1.1043 (1).exe 2016-06-29 14:12:57 D0EB45DEF6549458A9E3A23A953A036F 1610816 ----a-w- C:\Users\Sofia\Downloads\JRT.exe 2016-06-29 14:05:30 A6258C2552098043FF0DD04A72BD49BA 3703360 ----a-w- C:\Users\Sofia\Downloads\adwcleaner_5.200 (1).exe 2016-06-29 14:04:44 A6258C2552098043FF0DD04A72BD49BA 3703360 ----a-w- C:\Users\Sofia\Downloads\adwcleaner_5.200.exe 2016-06-29 13:12:52 52F4695C53B02ADA7D648F95F2E2F8B4 22851472 ----a-w- C:\Users\Sofia\Downloads\mbam-setup-2.2.1.1043.exe 2016-06-29 12:44:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-06-29 12:43:58 7B298EFA16AC68E6E9BB02C8D34B9114 30533688 ----a-w- C:\Users\Sofia\Downloads\vlc-2.2.4-win32.exe 2016-06-20 12:14:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link Connection Manager 2016-06-15 09:30:02 -------- d-----w- C:\ProgramData\Birdstep Technology ====== C: exe-files == 2016-06-29 14:22:30 52F4695C53B02ADA7D648F95F2E2F8B4 22851472 ----a-w- C:\Users\Sofia\Downloads\mbam-setup-2.2.1.1043 (1).exe 2016-06-29 14:13:06 2F9C7FDA92C346CB5AA32091536AE0CB 43520 ----a-w- C:\Users\Sofia\AppData\Local\Temp\jrt\nfo\nircmdc.exe 2016-06-29 14:12:57 D0EB45DEF6549458A9E3A23A953A036F 1610816 ----a-w- C:\Users\Sofia\Downloads\JRT.exe 2016-06-29 14:05:30 A6258C2552098043FF0DD04A72BD49BA 3703360 ----a-w- C:\Users\Sofia\Downloads\adwcleaner_5.200 (1).exe 2016-06-29 14:04:44 A6258C2552098043FF0DD04A72BD49BA 3703360 ----a-w- C:\Users\Sofia\Downloads\adwcleaner_5.200.exe 2016-06-29 13:38:09 26793BC0B998B3595F1FA5D7A0C16923 183816 ----a-w- C:\Windows\Temp\DPTF\esif_assist.exe 2016-06-29 13:12:52 52F4695C53B02ADA7D648F95F2E2F8B4 22851472 ----a-w- C:\Users\Sofia\Downloads\mbam-setup-2.2.1.1043.exe 2016-06-29 12:44:48 3731E07AC8D725175BBF00B5A85FB772 277763 ----a-w- C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe 2016-06-29 12:43:58 7B298EFA16AC68E6E9BB02C8D34B9114 30533688 ----a-w- C:\Users\Sofia\Downloads\vlc-2.2.4-win32.exe 2016-06-29 12:36:11 521E81D782593E5449788B41ED51AEA7 1248072 ----a-w- C:\Windows\Temp\CR_72928.tmp\setup.exe 2016-06-29 12:36:10 46EEE84B30C355A7CC926478936645E0 2943064 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\51.0.2704.106\51.0.2704.106_51.0.2704.103_chrome_updater.exe 2016-06-29 11:57:56 FD27716ADE6EDDFF9FD70A1B41845ED7 220 ----a-w- C:\$Recycle.Bin\S-1-5-21-1567188599-117826032-3191417159-1001\$IB7KSON.exe 2016-06-29 11:57:56 D67F64F29E86094747DEF2221E45C0A1 244 ----a-w- C:\$Recycle.Bin\S-1-5-21-1567188599-117826032-3191417159-1001\$IBOBMPZ.exe 2016-06-29 11:57:56 C2E5AE9CE51F8D311EBE1865E0B8DBE8 128 ----a-w- C:\$Recycle.Bin\S-1-5-21-1567188599-117826032-3191417159-1001\$IK5JCG1.exe 2016-06-29 11:57:56 AA139A5961A85492887D548660E5064B 142 ----a-w- C:\$Recycle.Bin\S-1-5-21-1567188599-117826032-3191417159-1001\$IM1E2PK.exe 2016-06-29 11:57:56 A63C446702A62B171E77BFD282C6BA71 116 ----a-w- C:\$Recycle.Bin\S-1-5-21-1567188599-117826032-3191417159-1001\$I23B88C.exe 2016-06-29 11:57:56 66EBE6B7386FD934861CAC9A4CE69F5B 104 ----a-w- C:\$Recycle.Bin\S-1-5-21-1567188599-117826032-3191417159-1001\$IR8JDTO.exe 2016-06-29 11:57:56 1CFC7593C947D54A4E965E619101E5FA 136 ----a-w- C:\$Recycle.Bin\S-1-5-21-1567188599-117826032-3191417159-1001\$IGVHS1H.exe 2016-06-29 11:57:56 1C186B1F39014F4B49E0FAD90532BE91 124 ----a-w- C:\$Recycle.Bin\S-1-5-21-1567188599-117826032-3191417159-1001\$I54ZPQH.exe 2016-06-29 10:31:30 4207BC35810FC297D913F2A47007DFA2 827568 ----a-w- C:\$Recycle.Bin\S-1-5-21-1567188599-117826032-3191417159-1001\$RB7KSON.exe 2016-06-29 10:23:08 FCB1F48FD4C2B0932FC43BFC55C387A9 2530304 ----a-w- C:\Users\Sofia\AppData\Roaming\uTorrent\updates\3.4.7_42330.exe 2016-06-29 10:23:08 D7B59C5C8C22101B50502AFB482A86FE 387072 ----a-w- C:\Users\Sofia\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe 2016-06-29 10:23:04 FCB1F48FD4C2B0932FC43BFC55C387A9 2530304 ----a-w- C:\Users\Sofia\AppData\Roaming\uTorrent\uTorrent.exe 2016-06-29 10:22:00 FCB1F48FD4C2B0932FC43BFC55C387A9 2530304 ----a-w- C:\$Recycle.Bin\S-1-5-21-1567188599-117826032-3191417159-1001\$RR8JDTO.exe === C: other files == 2016-06-29 13:44:04 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\System32\drivers\636C2F22.sys 2016-06-29 13:14:24 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2016-06-29 13:13:37 898415AC0B5F1D2A9A48ABCB68A6DC4B 65408 ----a-w- C:\Windows\System32\drivers\mwac.sys 2016-06-29 13:13:37 78BFF5425E044086E74E78650A359FBB 27008 ----a-w- C:\Windows\System32\drivers\mbam.sys 2016-06-29 13:13:37 1239597BAB7EED2BB16D035AF87E65D9 140672 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2016-06-29 11:57:56 C6140FCD9D34B08D5DBA8A7EEA003DB7 160 ----a-w- C:\$Recycle.Bin\S-1-5-21-1567188599-117826032-3191417159-1001\$IENEJV0.zip 2016-06-29 11:57:56 6890DC79BAFA928548C59E426CA86344 168 ----a-w- C:\$Recycle.Bin\S-1-5-21-1567188599-117826032-3191417159-1001\$I6ND0CV.zip 2016-06-29 11:57:56 53E01EB7A49B47671B0D16E14FBBBA7E 118 ----a-w- C:\$Recycle.Bin\S-1-5-21-1567188599-117826032-3191417159-1001\$I8DN9O4.zip 2016-06-29 10:22:13 8C53D2CD2A5250F535A670B8F57071E0 1140214 ----a-w- C:\Users\Sofia\AppData\Local\Temp\HYDE1DB.tmp.1467195733\HTA\install.1467195733.zip 2016-06-23 09:13:39 7F20C8F69AFE6E9CEA1D31E9DC50BAFE 4352490 ----a-w- C:\$Recycle.Bin\S-1-5-21-1567188599-117826032-3191417159-1001\$R8DN9O4.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-1567188599-117826032-3191417159-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Sofia\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HarmonyPicks"="C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe s" "HarmonySetting"="C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.HarmonySetting.exe s" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Sofia\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "ForteConfig"="C:\Program Files\Conexant\ForteConfig\fmapp.exe" "SmartAudio"="C:\Program Files\CONEXANT\SAII\SACpl.exe /t" "cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" "WavesSvc"="C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe" "LenovoUtility"="C:\Program Files\Lenovo\LenovoUtility\utility.exe" "AutoStartTransition"="C:\Program Files (x86)\Lenovo\LenovoTransition\TransitionServer.exe" "PhoneCompanion"="C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe" "OneKeyOptimizer"="C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe /run" "LMCSSTART1"="C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe /initsubsysproc:" "LMCSSTART2"="C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe /proxystart:" "LMCSSTART3"="C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe /setcamplusdrop:" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14-04-2016 19:28] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14-04-2016 19:28] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Dependency Package Auto Update" [C:\Program Files\Lenovo\iMController\AutoUpdate.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\Experience Improvement" ["C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64 35" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox" [26-05-2016 19:58] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions eahebamiopdhefndnmappcihfajigkka - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka[] Google Slides - Sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Kaspersky Protection - Sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka Google Sheets - Sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Sofia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage deleted successfully C:\Users\Sofia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{5F97CE88-28E6-4CF5-B973-C136EFF12767}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5F97CE88-28E6-4CF5-B973-C136EFF12767}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{5F97CE88-28E6-4CF5-B973-C136EFF12767}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{5F97CE88-28E6-4CF5-B973-C136EFF12767} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB HKLM\Wow6432Node\SearchScopes "DefaultScope"="{5F97CE88-28E6-4CF5-B973-C136EFF12767}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{5F97CE88-28E6-4CF5-B973-C136EFF12767} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC ==== Reset Google Chrome ====================== C:\Users\Sofia\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Sofia\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Sofia\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Sofia\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sofia\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Sofia\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Sofia\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Sofia\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Sofia\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=25 folders=18 78514111 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Sofia\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 29-06-2016 at 17:02:06,99 ======================