Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 05-02-2017 Gestart door mouch (Beheerder) op DESKTOP-OHO2HHD (06-02-2017 20:28:10) Gestart vanaf C:\Users\mouch\Downloads Geladen Profielen: mouch (Beschikbare Profielen: defaultuser0 & mouch) Platform: Windows 10 Home Versie 1607 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Edge) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (HP) C:\Windows\System32\hpservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (BitTorrent Inc.) C:\Users\mouch\AppData\Roaming\uTorrent\uTorrent.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe (Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (BitTorrent Inc.) C:\Users\mouch\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe (BitTorrent Inc.) C:\Users\mouch\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\HelpPane.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8506112 2015-07-09] (Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [317824 2016-01-18] () HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKU\S-1-5-21-3610571976-3903175460-2027010726-1001\...\Run: [uTorrent] => C:\Users\mouch\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-02-03] (BitTorrent Inc.) HKU\S-1-5-21-3610571976-3903175460-2027010726-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.) HKU\S-1-5-21-3610571976-3903175460-2027010726-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1091384 2016-11-02] (Apple Inc.) HKU\S-1-5-21-3610571976-3903175460-2027010726-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.) HKU\S-1-5-21-3610571976-3903175460-2027010726-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-01-17] (Apple Inc.) HKU\S-1-5-21-3610571976-3903175460-2027010726-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1906464 2016-12-09] (TomTom) HKU\S-1-5-21-3610571976-3903175460-2027010726-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett-Packard Development Company, LP) HKU\S-1-5-21-3610571976-3903175460-2027010726-1001\...\MountPoints2: {388dd983-d371-11e6-85da-3010b37f6ce5} - "E:\StorioSetup.exe" ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9156af4c-92f4-4f8f-8ce9-de7679451a5d}: [DhcpNameServer] 192.168.10.1 Tcpip\..\Interfaces\{c1c5fd03-6e1f-436b-803e-1c801befaa00}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-3610571976-3903175460-2027010726-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.be/ SearchScopes: HKU\S-1-5-21-3610571976-3903175460-2027010726-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3610571976-3903175460-2027010726-1001 -> {5B3651E4-F0FF-4D97-B2DD-8AE10E9C941D} URL = hxxp://www.google.com/search?q={searchTerms} FireFox: ======== FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2017-01-06] FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be FF Plugin HKU\S-1-5-21-3610571976-3903175460-2027010726-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\mouch\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife, LLP) ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [971160 2017-01-09] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2017-01-09] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2017-01-09] (AVG Technologies CZ, s.r.o.) R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP) R2 hpsrv; C:\Windows\system32\Hpservice.exe [38728 2016-10-12] (HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-09-09] (Intel Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-07-09] (Realtek Semiconductor) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269400 2016-10-05] (Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [56128 2016-10-12] (HP) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.) R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.) R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [42312 2016-10-12] (HP) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [79960 2016-10-05] (Synaptics Incorporated) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31656 2016-04-14] (HP) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-02-06 20:28 - 2017-02-06 20:29 - 00011915 _____ C:\Users\mouch\Downloads\FRST.txt 2017-02-06 20:28 - 2017-02-06 20:28 - 00000000 ____D C:\FRST 2017-02-06 20:27 - 2017-02-06 20:27 - 02421248 _____ (Farbar) C:\Users\mouch\Downloads\FRST64.exe 2017-02-05 20:28 - 2017-02-05 20:28 - 00002176 _____ C:\Users\mouch\Desktop\HP Photo Creations.lnk 2017-02-05 20:28 - 2017-02-05 20:28 - 00000000 ___RD C:\Users\mouch\Documents\RocketLifeNetwork 2017-02-05 20:28 - 2017-02-05 20:28 - 00000000 ____D C:\Users\mouch\AppData\Roaming\Visan 2017-02-05 20:28 - 2017-02-05 20:28 - 00000000 ____D C:\Users\mouch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP 2017-02-05 20:28 - 2017-02-05 20:28 - 00000000 ____D C:\Users\mouch\AppData\Roaming\HP Photo Creations 2017-02-05 20:28 - 2017-02-05 20:28 - 00000000 ____D C:\Users\mouch\AppData\Local\RLPlatform 2017-02-05 20:19 - 2017-02-05 20:19 - 00000000 ___RD C:\Users\mouch\3D Objects 2017-02-05 18:29 - 2017-02-05 18:36 - 00000000 ____D C:\zoek 2017-02-05 18:17 - 2017-02-05 18:36 - 00003685 _____ C:\runcheck.txt 2017-02-05 18:17 - 2017-02-05 18:17 - 01309184 _____ C:\Users\mouch\Downloads\zoek.exe 2017-02-04 21:16 - 2017-02-06 17:05 - 00000000 ____D C:\Users\mouch\AppData\LocalLow\uTorrent 2017-02-04 20:27 - 2017-02-04 20:27 - 00000000 ____D C:\rsit 2017-02-04 20:27 - 2017-02-04 20:27 - 00000000 ____D C:\Program Files\trend micro 2017-02-04 20:01 - 2017-02-04 20:04 - 04015056 _____ C:\Users\mouch\Downloads\adwcleaner_6.043.exe 2017-02-04 20:00 - 2017-02-04 20:00 - 00000000 ____D C:\Users\mouch\Downloads\adwcleaner_5.027 2017-02-04 19:59 - 2017-02-04 19:59 - 01728678 ____R C:\Users\mouch\Downloads\adwcleaner_5.027.zip 2017-02-04 19:54 - 2017-02-04 19:54 - 00000000 ____D C:\Users\mouch\AppData\Local\HP_Development_Company,_L 2017-02-04 19:49 - 2017-02-04 19:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\mouch\Downloads\HijackThis.exe 2017-02-04 19:47 - 2017-02-05 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2017-02-04 19:47 - 2017-02-04 19:47 - 00003742 _____ C:\Windows\System32\Tasks\HPCustParticipation HP ENVY 4520 series 2017-02-04 19:47 - 2017-02-04 19:47 - 00002260 _____ C:\Users\Public\Desktop\HP ENVY 4520 series.lnk 2017-02-04 19:47 - 2017-02-04 19:47 - 00001222 _____ C:\Users\Public\Desktop\Benodigdheden kopen - HP ENVY 4520 series.lnk 2017-02-04 19:47 - 2017-02-04 19:47 - 00000057 _____ C:\ProgramData\Ament.ini 2017-02-04 19:47 - 2017-02-04 19:47 - 00000000 ____D C:\Users\mouch\AppData\Roaming\HpUpdate 2017-02-04 19:47 - 2017-02-04 19:47 - 00000000 ____D C:\ProgramData\Visan 2017-02-04 19:47 - 2017-02-04 19:47 - 00000000 ____D C:\ProgramData\HP 2017-02-04 19:47 - 2017-02-04 19:47 - 00000000 ____D C:\Program Files\HP 2017-02-04 19:47 - 2015-03-09 14:44 - 00807432 ____N (Hewlett-Packard Development Company, LP) C:\Windows\system32\HPDiscoPMD711.dll 2017-02-04 19:46 - 2017-02-04 20:15 - 00000000 ____D C:\Users\mouch\AppData\Local\HP 2017-02-04 19:45 - 2017-02-06 11:32 - 00000364 _____ C:\Windows\Tasks\HPCeeScheduleFormouch.job 2017-02-04 19:45 - 2017-02-05 20:30 - 00003256 _____ C:\Windows\System32\Tasks\HPCeeScheduleFormouch 2017-02-04 19:37 - 2017-02-04 19:46 - 138897200 _____ C:\Users\mouch\Downloads\EN4520_72.exe 2017-02-04 19:35 - 2017-02-04 19:35 - 00000000 ____D C:\Users\mouch\AppData\Roaming\Hewlett-Packard 2017-02-04 19:35 - 2017-02-04 19:35 - 00000000 ____D C:\Users\mouch\AppData\Local\Hewlett-Packard 2017-02-04 19:32 - 2017-02-04 20:14 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2017-02-04 19:32 - 2017-02-04 19:32 - 00002311 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk 2017-02-04 19:32 - 2017-02-04 19:32 - 00000000 ____D C:\Users\mouch\AppData\Roaming\hpqLog 2017-02-04 19:32 - 2017-02-04 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2017-02-04 19:30 - 2017-02-04 20:15 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard 2017-02-04 19:29 - 2017-02-04 19:32 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2017-02-04 17:07 - 2017-02-04 17:07 - 00000518 _____ C:\Users\mouch\Downloads\Naamloze bijlage 00069.htm 2017-01-29 12:41 - 2017-01-29 12:42 - 00000000 ____D C:\Users\mouch\Downloads\Lion.2016.DVDScr.XVID.AC3.HQ.Hive-CM8 2017-01-29 12:36 - 2017-01-29 12:36 - 00000000 ____D C:\Users\mouch\Downloads\Billy.Lynns.Long.Halftime.Walk.2016.720p.BRRip.x264.AAC-ETRG 2017-01-28 21:10 - 2017-01-28 21:10 - 00024618 _____ C:\Users\mouch\Downloads\a-monster-calls_dutch-1487132.zip 2017-01-28 20:19 - 2017-01-28 20:19 - 00000000 ____D C:\Users\mouch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi 2017-01-28 20:18 - 2017-01-28 20:19 - 00000000 ____D C:\Program Files (x86)\Kodi 2017-01-28 20:16 - 2017-01-28 20:16 - 00003248 _____ C:\Windows\System32\Tasks\{85D313B2-84E3-4868-A0BD-609EA4644BAB} 2017-01-28 19:26 - 2017-01-28 19:58 - 83328731 _____ (XBMC-Foundation) C:\Users\mouch\Downloads\kodi-17.0-Krypton_rc3.exe 2017-01-28 16:46 - 2017-01-29 12:48 - 00000000 ____D C:\Users\mouch\Downloads\The Lone Ranger S01E04 10-06-1949- Legion of Old Timers 2017-01-28 16:44 - 2017-02-03 20:12 - 707793597 ____R C:\Users\mouch\Downloads\enter_the_lone_ranger.mp4 2017-01-28 16:36 - 2017-01-30 10:38 - 00000000 ____D C:\Users\mouch\Downloads\The Lone Ranger Season1 Ep016-Ep052 2017-01-28 14:37 - 2017-01-28 14:41 - 00000000 ____D C:\Users\mouch\Downloads\Now That's What I Call Music, Vol. 61 (2017) Mp3 320Kbps Groo 2017-01-28 14:32 - 2017-01-28 14:32 - 00000000 ____D C:\Users\mouch\Downloads\Lost.in.Florence.2017.HDRip.XViD-ETRG 2017-01-28 14:29 - 2017-01-28 14:30 - 00000000 ____D C:\Users\mouch\Downloads\War.on.Everyone.2016.BRRip.XviD.AC3-EVO 2017-01-28 14:28 - 2017-01-28 14:29 - 00000000 ____D C:\Users\mouch\Downloads\Allied.2016.DVDScr.XVID.AC3.HQ.Hive-CM8 2017-01-28 14:26 - 2017-01-28 14:26 - 00000000 ____D C:\Users\mouch\Downloads\Live.by.Night.2016.DVDScr.XVID.AC3.HQ.Hive-CM8 2017-01-26 06:45 - 2017-01-26 06:45 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk 2017-01-26 06:45 - 2017-01-26 06:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2017-01-26 06:44 - 2017-01-26 06:45 - 00000000 ____D C:\Program Files\iTunes 2017-01-26 06:44 - 2017-01-26 06:44 - 00000000 ____D C:\Program Files\iPod 2017-01-26 06:35 - 2017-01-26 06:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2017-01-25 20:13 - 2017-01-25 20:14 - 00000000 ____D C:\Users\mouch\Downloads\Dr.Strange.2016.DVDScr.XVID.AC3.HQ.Hive-CM8 2017-01-25 20:12 - 2017-01-25 20:12 - 00137530 _____ C:\Users\mouch\Downloads\4662BCB86393A0A1B4881E9C833567F23C532CE2.torrent 2017-01-25 20:11 - 2017-01-25 20:11 - 00000000 ____D C:\Users\mouch\AppData\Local\Apps\2.0 2017-01-25 08:02 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2017-01-25 08:02 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2017-01-24 20:08 - 2017-01-24 20:09 - 00002453 _____ C:\Users\Public\Documents\Global.sw2 2017-01-24 20:08 - 2017-01-24 20:08 - 00000000 ____H C:\Windows\SwSys2.bmp 2017-01-24 20:08 - 2017-01-24 20:08 - 00000000 ____H C:\Windows\SwSys1.bmp 2017-01-24 20:08 - 2017-01-24 20:08 - 00000000 ____D C:\Users\Public\Documents\Softwrap 2017-01-24 20:07 - 2017-01-24 20:07 - 07005388 _____ C:\Users\mouch\Downloads\BlubsterSetup.exe 2017-01-24 19:22 - 2017-01-24 19:22 - 03389035 _____ C:\Users\mouch\Downloads\eMule0.50a-Installer (2).exe 2017-01-24 19:15 - 2017-01-24 19:15 - 00000155 _____ C:\Windows\$PREFFILE 2017-01-24 19:09 - 2017-01-24 19:12 - 25662672 _____ C:\Users\mouch\Downloads\emule.exe 2017-01-23 19:27 - 2017-01-24 19:07 - 00000000 ____D C:\Users\mouch\.frostwire5 2017-01-23 19:27 - 2017-01-23 19:27 - 00000000 ____D C:\Users\mouch\Documents\FrostWire 2017-01-23 19:27 - 2017-01-23 19:27 - 00000000 ____D C:\ProgramData\Oracle 2017-01-23 19:05 - 2017-02-04 21:13 - 00007605 _____ C:\Users\mouch\AppData\Local\Resmon.ResmonCfg 2017-01-23 18:54 - 2017-01-24 20:02 - 00000000 ____D C:\Users\mouch\AppData\Local\eMule 2017-01-23 18:54 - 2017-01-23 18:54 - 03389035 _____ C:\Users\mouch\Downloads\eMule0.50a-Installer (1).exe 2017-01-23 18:49 - 2017-01-23 19:26 - 25073552 _____ (FrostWire LLC) C:\Users\mouch\Downloads\frostwire-6.4.3.windows.fusion.exe 2017-01-23 18:44 - 2017-01-23 18:44 - 00000000 ____D C:\Users\mouch\Downloads\eMule 2017-01-23 18:43 - 2017-01-23 18:43 - 03389035 _____ C:\Users\mouch\Downloads\eMule0.50a-Installer.exe 2017-01-19 21:35 - 2017-01-19 21:35 - 00000000 ____D C:\Users\mouch\Downloads\A.Monster.Calls.2016.DVDScr.XVID.AC3.HQ.Hive-CM8 2017-01-19 19:07 - 2017-01-19 19:07 - 00033952 _____ C:\Users\mouch\Downloads\hacksaw-ridge_dutch-1485111.zip 2017-01-19 19:07 - 2017-01-19 19:07 - 00000000 ____D C:\Users\mouch\Downloads\hacksaw-ridge_dutch-1485111 2017-01-18 16:10 - 2017-01-18 16:11 - 00000000 ____D C:\Users\mouch\Downloads\Hacksaw.Ridge.2016.DVDScr.XVID.AC3.HQ.Hive-CM8 2017-01-18 16:09 - 2017-01-18 16:09 - 00000000 ____D C:\Users\mouch\Downloads\Collateral.Beauty.2016.HDCAM.DE-WATERMARKED.700MB.x264-CAT 2017-01-18 16:08 - 2017-01-18 16:45 - 00000000 ____D C:\Users\mouch\Downloads\Sing 2016 NEW HD-TS x264-CPG 2017-01-18 16:07 - 2017-01-18 16:07 - 00000000 ____D C:\Users\mouch\Downloads\Moonlight.2016.DVDScr.XVID.AC3.HQ.Hive-CM8 2017-01-18 11:33 - 2017-01-18 11:33 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software 2017-01-18 11:33 - 2017-01-18 11:33 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software 2017-01-16 20:25 - 2017-01-16 20:25 - 00000988 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk 2017-01-16 20:25 - 2017-01-16 20:25 - 00000000 ____D C:\Users\mouch\AppData\Local\TomTom 2017-01-16 20:25 - 2017-01-16 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2017-01-16 20:25 - 2017-01-16 20:25 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V 2017-01-16 20:24 - 2017-01-16 20:24 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect 2017-01-15 12:56 - 2017-01-15 12:58 - 00000000 ____D C:\Users\mouch\Downloads\Unfriended.2014.HDRip.XViD-ETRG 2017-01-15 09:55 - 2017-01-15 10:07 - 35796928 _____ C:\Users\mouch\Downloads\Pangu_v1.2.1.exe 2017-01-14 19:17 - 2017-01-14 19:17 - 00000000 ____D C:\Users\mouch\AppData\Roaming\MPC-HC 2017-01-14 19:15 - 2017-01-14 19:15 - 00001752 _____ C:\Users\mouch\Desktop\MPC-HC x64.lnk 2017-01-14 19:15 - 2017-01-14 19:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64 2017-01-14 19:15 - 2017-01-14 19:15 - 00000000 ____D C:\Program Files\MPC-HC 2017-01-14 19:10 - 2017-01-14 19:10 - 00003232 _____ C:\Windows\System32\Tasks\klcp_update 2017-01-14 19:10 - 2017-01-14 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2017-01-14 19:09 - 2017-01-14 19:10 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2017-01-14 19:05 - 2017-01-14 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub 2017-01-14 19:05 - 2017-01-14 19:05 - 00000000 ____D C:\Program Files (x86)\VobSub 2017-01-14 19:02 - 2017-01-14 19:02 - 00019762 _____ C:\Users\mouch\Downloads\Ondertitel.com-40087-Before.I.Wake.2016.1080p.BluRay.x264.DD5.1-FGT.zip 2017-01-14 19:00 - 2017-01-14 21:34 - 00000000 ____D C:\Users\mouch\Downloads\Before.I.Wake.2016.BRRip.XViD-ETRG 2017-01-13 21:16 - 2017-02-04 20:10 - 00000000 ___RD C:\Users\mouch\iCloudDrive 2017-01-13 21:16 - 2017-01-30 10:42 - 00003504 _____ C:\Windows\System32\Tasks\Apple Diagnostics 2017-01-13 21:16 - 2017-01-13 21:16 - 00000000 ____D C:\Users\mouch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud 2017-01-13 21:16 - 2017-01-13 21:16 - 00000000 ____D C:\Users\mouch\AppData\Local\Apple Inc 2017-01-13 14:08 - 2017-01-13 14:09 - 00000000 ____D C:\Users\mouch\Downloads\Patriots.Day.2016.DVDSCREENER-P2P 2017-01-13 12:55 - 2017-01-13 13:12 - 135121720 _____ (Apple Inc.) C:\Users\mouch\Downloads\iCloudSetup.exe 2017-01-13 12:52 - 2017-01-13 21:16 - 00000000 ____D C:\Users\mouch\AppData\Roaming\Apple Computer 2017-01-13 12:52 - 2017-01-13 13:16 - 00000000 ____D C:\Users\mouch\AppData\Local\Apple Computer 2017-01-13 12:52 - 2017-01-13 12:52 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2017-01-13 12:51 - 2017-01-13 12:51 - 00000000 ____D C:\ProgramData\Apple Computer 2017-01-13 12:49 - 2017-01-26 06:44 - 00000000 ____D C:\Program Files\Common Files\Apple 2017-01-13 12:49 - 2017-01-13 21:16 - 00000000 ____D C:\Users\mouch\AppData\Local\Apple 2017-01-13 12:49 - 2017-01-13 12:49 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2017-01-13 12:49 - 2017-01-13 12:49 - 00000000 ____D C:\Windows\System32\Tasks\Apple 2017-01-13 12:49 - 2017-01-13 12:49 - 00000000 ____D C:\Program Files\Bonjour 2017-01-13 12:49 - 2017-01-13 12:49 - 00000000 ____D C:\Program Files (x86)\Bonjour 2017-01-13 12:49 - 2017-01-13 12:49 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2017-01-13 12:48 - 2017-01-13 12:49 - 00000000 ____D C:\ProgramData\Apple 2017-01-12 18:11 - 2017-01-12 18:11 - 00000000 ____D C:\Users\mouch\AppData\Roaming\WinRAR 2017-01-12 18:00 - 2017-02-04 20:13 - 00000000 ____D C:\AdwCleaner 2017-01-11 21:17 - 2017-01-11 21:18 - 00000000 ____D C:\Users\mouch\Downloads\Bad.Moms.2016.720p.BRRip.x264.AAC-ETRG 2017-01-11 21:17 - 2016-10-31 19:26 - 00821216 _____ C:\Users\mouch\Downloads\REBUG_TOOLBOX_02.02.10.pkg 2017-01-11 21:17 - 2016-10-31 19:20 - 00821216 _____ C:\Users\mouch\Downloads\REBUG_TOOLBOX_02.02.10.pkg.223.v02.02.10_brewology_com.pkg 2017-01-11 21:15 - 2017-01-11 21:19 - 00000000 ____D C:\Users\mouch\Downloads\The.Shallows.2016.HDRip.XviD.AC3-EVO 2017-01-11 21:15 - 2017-01-11 21:15 - 00000000 ____D C:\Users\mouch\Downloads\PS3 2017-01-11 21:15 - 2017-01-11 21:15 - 00000000 ____D C:\Users\mouch\Downloads\Lights.Out.2016.720p.WEBRip.x264.AAC-ETRG 2017-01-11 21:15 - 2017-01-11 21:15 - 00000000 ____D C:\Users\mouch\Downloads\Dont.Breathe.2016.720p.HDRip.X264.AC3-EVO 2017-01-11 20:15 - 2017-01-11 20:48 - 00000000 ____D C:\Users\mouch\Downloads\2Pac Discography [2007] 2017-01-11 20:14 - 2017-01-11 21:37 - 00000000 ____D C:\Users\mouch\Downloads\Nas 2017-01-11 20:12 - 2017-01-12 02:53 - 00000000 ____D C:\Users\mouch\Downloads\Eminem 2017-01-11 19:45 - 2017-01-11 19:45 - 00000000 ____D C:\Users\mouch\Downloads\kodi music 2017-01-11 19:42 - 2017-01-11 19:42 - 00000000 ____D C:\Users\mouch\Desktop\kodi music 2017-01-11 18:00 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll 2017-01-11 18:00 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll 2017-01-11 18:00 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2017-01-11 18:00 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2017-01-11 18:00 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll 2017-01-11 18:00 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll 2017-01-11 18:00 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2017-01-11 18:00 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2017-01-11 18:00 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll 2017-01-11 18:00 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll 2017-01-11 18:00 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2017-01-11 18:00 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2017-01-11 18:00 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll 2017-01-11 18:00 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2017-01-11 18:00 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2017-01-11 18:00 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2017-01-11 18:00 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-01-11 18:00 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll 2017-01-11 18:00 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll 2017-01-11 18:00 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2017-01-11 18:00 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2017-01-11 18:00 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-01-11 18:00 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll 2017-01-11 18:00 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll 2017-01-11 18:00 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2017-01-11 18:00 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-01-11 18:00 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BioFeedback.dll 2017-01-11 18:00 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll 2017-01-11 18:00 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe 2017-01-11 18:00 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe 2017-01-11 18:00 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll 2017-01-11 18:00 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2017-01-11 18:00 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-01-11 18:00 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll 2017-01-11 18:00 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVP9DEC.dll 2017-01-11 18:00 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll 2017-01-11 18:00 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2017-01-11 18:00 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2017-01-11 18:00 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2017-01-11 18:00 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2017-01-11 18:00 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll 2017-01-11 18:00 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll 2017-01-11 18:00 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2017-01-11 18:00 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2017-01-11 18:00 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll 2017-01-11 18:00 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2017-01-11 18:00 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.CredDialogController.dll 2017-01-11 18:00 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll 2017-01-11 18:00 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll 2017-01-11 18:00 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-01-11 18:00 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2017-01-11 18:00 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2017-01-11 18:00 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2017-01-11 18:00 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2017-01-11 18:00 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll 2017-01-11 18:00 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2017-01-11 18:00 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2017-01-11 18:00 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2017-01-11 18:00 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll 2017-01-11 17:59 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-01-11 17:59 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll 2017-01-11 17:59 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2017-01-11 17:59 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe 2017-01-11 17:59 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll 2017-01-11 17:59 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll 2017-01-11 17:59 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll 2017-01-11 17:59 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll 2017-01-11 17:59 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll 2017-01-11 17:59 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe 2017-01-11 17:59 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll 2017-01-11 17:59 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll 2017-01-11 17:59 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe 2017-01-11 17:59 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2017-01-11 17:59 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll 2017-01-11 17:59 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll 2017-01-11 17:59 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll 2017-01-11 17:59 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll 2017-01-11 17:59 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll 2017-01-11 17:59 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\fhsettingsprovider.dll 2017-01-11 17:59 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll 2017-01-11 17:59 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2017-01-11 17:59 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll 2017-01-11 17:59 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll 2017-01-11 17:59 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe 2017-01-11 17:59 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll 2017-01-11 17:59 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2017-01-11 17:59 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2017-01-11 17:59 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll 2017-01-11 17:59 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2017-01-11 17:59 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll 2017-01-11 17:59 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2017-01-11 17:59 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2017-01-11 17:59 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2017-01-11 17:59 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll 2017-01-11 17:59 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll 2017-01-11 17:59 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2017-01-11 17:59 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe 2017-01-11 17:59 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-01-11 17:59 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll 2017-01-11 17:59 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll 2017-01-11 17:59 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll 2017-01-11 17:59 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2017-01-11 17:59 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\indexeddbserver.dll 2017-01-11 17:59 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2017-01-11 17:59 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll 2017-01-11 17:59 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll 2017-01-11 17:59 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2017-01-11 17:59 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe 2017-01-11 17:59 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2017-01-11 17:59 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2017-01-11 17:59 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll 2017-01-11 17:59 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2017-01-11 17:59 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2017-01-11 17:59 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2017-01-11 17:59 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe 2017-01-11 17:59 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2017-01-11 17:59 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys 2017-01-11 17:59 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2017-01-11 17:59 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll 2017-01-11 17:59 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2017-01-11 17:59 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll 2017-01-11 17:59 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2017-01-11 17:59 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2017-01-11 17:59 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll 2017-01-11 17:59 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2017-01-11 17:59 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll 2017-01-11 17:59 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-01-11 17:59 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-01-11 17:59 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll 2017-01-11 17:59 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-11 17:59 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-01-11 17:59 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll 2017-01-11 17:59 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudBackupSettings.dll 2017-01-11 17:59 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll 2017-01-11 17:59 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll 2017-01-11 17:59 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.CredDialogController.dll 2017-01-11 17:59 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2017-01-11 17:59 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\CloudBackupSettings.dll 2017-01-11 17:59 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll 2017-01-11 17:59 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll 2017-01-11 17:59 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2017-01-11 17:59 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll 2017-01-11 17:59 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll 2017-01-11 17:59 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll 2017-01-11 17:59 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys 2017-01-11 17:59 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2017-01-11 17:59 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2017-01-11 17:59 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll 2017-01-11 17:59 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2017-01-11 17:59 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2017-01-11 17:59 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2017-01-11 17:59 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll 2017-01-11 17:59 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2017-01-11 17:59 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2017-01-11 17:59 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll 2017-01-11 17:58 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll 2017-01-11 17:58 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe 2017-01-11 17:58 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll 2017-01-11 17:58 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll 2017-01-11 17:58 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll 2017-01-11 17:58 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll 2017-01-11 17:58 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll 2017-01-11 17:58 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys 2017-01-11 17:58 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\ConsoleLogon.dll 2017-01-11 17:58 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-11 17:58 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-02-06 20:28 - 2017-01-06 10:23 - 00000000 ____D C:\Users\mouch\AppData\Roaming\uTorrent 2017-02-06 20:26 - 2017-01-04 22:13 - 00004200 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9EBF0812-BC59-4D7D-966A-72D384537637} 2017-02-06 20:22 - 2017-01-04 21:23 - 00000000 ____D C:\Windows\system32\SleepStudy 2017-02-06 17:20 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-02-06 17:20 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness 2017-02-06 17:10 - 2017-01-04 21:58 - 03535018 _____ C:\Windows\system32\PerfStringBackup.INI 2017-02-06 17:10 - 2016-07-16 23:15 - 01593234 _____ C:\Windows\system32\perfh013.dat 2017-02-06 17:10 - 2016-07-16 23:15 - 00411160 _____ C:\Windows\system32\perfc013.dat 2017-02-06 17:04 - 2017-01-04 22:06 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-02-06 17:04 - 2017-01-04 22:06 - 00000000 __SHD C:\Users\mouch\IntelGraphicsProfiles 2017-02-06 17:03 - 2017-01-04 22:49 - 00000000 ____D C:\ProgramData\MFAData 2017-02-06 17:03 - 2017-01-04 22:04 - 00000000 ____D C:\Users\mouch 2017-02-06 17:03 - 2017-01-04 21:23 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-02-05 21:00 - 2017-01-04 22:23 - 00003668 _____ C:\Windows\System32\Tasks\AVG EUpdate Task 2017-02-05 18:37 - 2016-07-16 07:04 - 00524288 _____ C:\Windows\system32\config\BBI 2017-02-05 18:30 - 2017-01-03 21:19 - 00000000 ____D C:\zoek_backup 2017-02-04 22:32 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\NDF 2017-02-04 21:16 - 2017-01-05 15:52 - 00000000 ____D C:\Users\mouch\AppData\Roaming\Kodi 2017-02-04 20:17 - 2017-01-04 22:06 - 00000000 ____D C:\Users\mouch\AppData\Local\Packages 2017-02-04 20:14 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF 2017-02-04 20:09 - 2017-01-04 21:23 - 00203408 _____ C:\Windows\system32\FNTCACHE.DAT 2017-02-04 19:50 - 2017-01-04 22:06 - 00000000 ____D C:\Users\mouch\AppData\Local\VirtualStore 2017-02-04 19:47 - 2017-01-04 22:12 - 00000000 ____D C:\Program Files (x86)\HP 2017-02-04 09:16 - 2017-01-04 21:53 - 00000000 ____D C:\Users\defaultuser0 2017-02-03 18:17 - 2016-07-16 07:04 - 00032768 _____ C:\Windows\system32\config\ELAM 2017-01-25 08:05 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp 2017-01-25 06:51 - 2017-01-04 22:06 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-01-18 11:33 - 2017-01-04 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2017-01-18 11:31 - 2017-01-04 22:21 - 00000000 ____D C:\Users\mouch\AppData\Local\Avg 2017-01-14 17:01 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\rescache 2017-01-12 21:02 - 2017-01-04 22:46 - 00000000 ____D C:\Windows\system32\MRT 2017-01-12 21:01 - 2017-01-04 22:45 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-01-12 17:48 - 2016-07-16 12:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2017-01-12 17:48 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\WinBioPlugIns 2017-01-12 17:48 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\oobe 2017-01-12 17:48 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\ShellExperiences 2017-01-12 17:48 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\Provisioning 2017-01-10 22:13 - 2017-01-04 22:11 - 00003290 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2017-01-10 22:13 - 2017-01-04 22:10 - 00002394 _____ C:\Users\mouch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-01-10 22:13 - 2017-01-04 22:10 - 00000000 ___RD C:\Users\mouch\OneDrive 2017-01-08 21:38 - 2017-01-04 22:06 - 00000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2017-01-07 21:07 - 2017-01-05 17:23 - 00000000 ____D C:\Users\mouch\AppData\Local\MicrosoftEdge ==================== Bestanden in de root van sommige mappen ======= 2017-01-23 19:05 - 2017-02-04 21:13 - 0007605 _____ () C:\Users\mouch\AppData\Local\Resmon.ResmonCfg 2017-02-04 19:47 - 2017-02-04 19:47 - 0000057 _____ () C:\ProgramData\Ament.ini ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\Windows\system32\winlogon.exe => Bestand is getekend C:\Windows\system32\wininit.exe => Bestand is getekend C:\Windows\explorer.exe => Bestand is getekend C:\Windows\SysWOW64\explorer.exe => Bestand is getekend C:\Windows\system32\svchost.exe => Bestand is getekend C:\Windows\SysWOW64\svchost.exe => Bestand is getekend C:\Windows\system32\services.exe => Bestand is getekend C:\Windows\system32\User32.dll => Bestand is getekend C:\Windows\SysWOW64\User32.dll => Bestand is getekend C:\Windows\system32\userinit.exe => Bestand is getekend C:\Windows\SysWOW64\userinit.exe => Bestand is getekend C:\Windows\system32\rpcss.dll => Bestand is getekend C:\Windows\system32\dnsapi.dll => Bestand is getekend C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-01-28 14:45 ==================== Eind van FRST.txt ============================