[RESOLVED] infected with Trotux brouwser hijacker... think need some help :(

[sitew]

Sory to disturb you ppl from Virtualdr.com
but yesterday i got the trotux hijacker here in my pc...

so wat i did so far :

downloaded the program rkill and let it run on the txt file ad the end from the cleaning proces it show a log file in there it say that i have 3250 files in my host file all starting with 0.0.0.0. (are they now blocked or not ?)
i can't change this host file , i can write in it with notepad but i can't safe the file as host.

then i used Zemana antimal ware scanner
then i used Adwcleaner

but now i when i restart the computer windows make a sound and on the right side where this little square is from the messages is standing a number 1 , only when i click on it it won't go open so i can't see wat message it is .
also my speaker icon is gone ...

can someone help me please ?

thanks in advance

[fink]

rkill and adwcleaner are advanced cleaning programs and really should only be used following instructions from an experienced malware expert like Broni in our Intensive care forum.

I will move this thread to that forum
http://discussions.virtualdr.com/for...e-Care-Unit&s=

and then you can follow the instructions here..
http://discussions.virtualdr.com/sho...ted-3-21-2015)

and copy/paste the results of the scanner log files below.

[sitew]

thank you Sir for the fast help
here is the Rkill log

Rkill 2.8.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/29/2016 11:49:48 AM in x64 mode.
Windows Version: Windows 10 Pro

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* agp440 [Missing Service]
* gagp30kx [Missing Service]
* IEEtwCollectorService [Missing Service]
* IoQos [Missing Service]
* nv_agp [Missing Service]
* TimeBroker [Missing Service]
* uagp35 [Missing Service]
* uliagpkx [Missing Service]
* WcsPlugInService [Missing Service]
* wpcfltr [Missing Service]
* WSService [Missing Service]

* AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath]
* WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath]

* vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
* vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:


0.0.0.0 vortex.data.microsoft.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 apps.skype.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 ac3.msn.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 b.rad.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.msn.com
0.0.0.0 cdn.atdmt.com
0.0.0.0 cds26.ams9.msecn.net
0.0.0.0 c.atdmt.com
0.0.0.0 db3aqu.atdmt.com
0.0.0.0 ec.atdmt.com
0.0.0.0 flex.msn.com
0.0.0.0 g.msn.com

20 out of 3841 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 10/29/2016 11:54:45 AM
Execution time: 0 hours(s), 4 minute(s), and 56 seconds(s)

and here from adwcleaner

# AdwCleaner v6.030 - Logbestand aangemaakt 29/10/2016 op 12:43:20
# *Updated on 19/10/2016 by Malwarebytes
# Gebruik lokale database : 2016-10-28.2 [*Server]
# Besturingssysteem : Windows 10 Pro (X64)
# Gebruikersnaam : Site - DESKTOP-C38E2HK
# Gestart vanuit : C:\Users\Site\Desktop\adwcleaner_6.030.exe
# Verwijderen
# Ondersteuning : hxxps://www.malwarebytes.com/support



***** [ *Services ] *****



***** [ Mappen ] *****

[!] *Folder not deleted: C:\Program Files (x86)\Uninstall Nexus
[!] *Folder not deleted: C:\Users\Site\AppData\Local\app


***** [ Bestanden ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Snelkoppelingen ] *****



***** [ Geplande taken ] *****



***** [ Register ] *****

[-] hersteldHKU\S-1-5-21-3199363119-606788724-3210624172-1001\Software\Video Player
[#] *Key deleted on reboot: HKCU\Software\Video Player
[-] hersteldHKLM\SOFTWARE\wondershare
[#] *Key deleted on reboot: [x64] HKCU\Software\Video Player
[-] hersteldHKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\filesharefanatic.dl.myway.com
[-] hersteldHKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\myway.com
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\filesharefanatic.dl.myway.com
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\myway.com


***** [ Internetbrowser scannen ... ] *****



*************************

:: "Tracing" sleutels verwijderd
:: Winsock instellingen gereset

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2591 bytes] - [29/10/2016 02:57:12]
C:\AdwCleaner\AdwCleaner[C2].txt - [1689 bytes] - [29/10/2016 12:43:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [3951 bytes] - [28/10/2016 19:30:23]
C:\AdwCleaner\AdwCleaner[S1].txt - [2273 bytes] - [29/10/2016 00:44:08]
C:\AdwCleaner\AdwCleaner[S2].txt - [2401 bytes] - [29/10/2016 00:58:30]
C:\AdwCleaner\AdwCleaner[S3].txt - [2419 bytes] - [29/10/2016 02:56:14]
C:\AdwCleaner\AdwCleaner[S4].txt - [2145 bytes] - [29/10/2016 12:40:29]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2127 bytes] ##########

thanks in advance for the help Sir

[sitew]

i did forgot to tell that,
on the right side from screen on desktop we have a messenger that gives messages in windows 10 ,
now i hear these (dingdong sound) but the screen from messenger is not openning..
can you help me with that one also Sir ?

here is the first part from addition.txt

Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 29-10-2016
Gestart door Site (29-10-2016 17:18:50)
Gestart vanaf C:\Users\Site\Desktop
Windows 10 Pro Versie 1607 (X64) (2016-10-01 12:09:29)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3199363119-606788724-3210624172-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3199363119-606788724-3210624172-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3199363119-606788724-3210624172-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-3199363119-606788724-3210624172-501 - Limited - Disabled)
Site (S-1-5-21-3199363119-606788724-3210624172-1001 - Administrator - Enabled) => C:\Users\Site

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: COMODO Antivirus (Enabled - Up to date) {D0CC7563-ABD2-DEBE-138E-FDD553335AF2}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}

==================== Geïnstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
7-Zip 16.03 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1603-000001000000}) (Version: 16.03.00.0 - Igor Pavlov)
Adblock Plus voor IE (32-bit en 64-bit) (HKLM\...\{EAB6B77C-0E46-48EF-8660-7ABA400F7FB4}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.18 - Adobe Systems)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Photoshop (HKLM-x32\...\Adobe Photoshop7.0) (Version: 7.0 - Computer Kings Quetta)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF02}) (Version: 17.0 - Adobe Systems Incorporated)
Ample Guitar M Lite II version 2.3.1 (HKLM-x32\...\{548F88E8-79D2-441F-B87B-E71754257651}_is1) (Version: 2.3.1 - Ample Sound Technology Co., Ltd.)
ARIA Engine v1.9.0.2 (HKLM\...\ARIA Engine_is1) (Version: v1.9.0.2 - Plogue Art et Technologie, Inc)
Ashampoo Photo Card v.1.0.0 (HKLM-x32\...\{C92AB6F1-EC2E-85C8-C6D7-5BB8C2F89C7F}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Video Styler v.1.0.1 (HKLM-x32\...\{91B33C97-3197-5D05-4176-1BD0B43C7AD8}_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Automatic Duck Media Copy v4.0.2 (HKLM-x32\...\{EEB9D606-93C0-4995-BCF0-4B4A02091470}_is1) (Version: 4.0.2 - Red Giant, LLC)
BurnAware Professional 9.5 (HKLM-x32\...\BurnAware Professional_is1) (Version: - Burnaware)
CGS17_Setup_x64 (Version: 17.2 - Corel Corporation) Hidden
Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer Generals (x32 Version: 0.50.0000 - Electronic Arts) Hidden
Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Command and ConquerTM Generals Zero Hour (x32 Version: 1.00.0000 - Electronic Arts) Hidden
COMODO Internet Security Premium (HKLM\...\{0BC63E80-F9DE-40B2-AE07-EFAD9C82E06E}) (Version: 8.2.0.4978 - COMODO Security Solutions Inc.)
Contents64 (Version: 19.2.0.4 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden
Corel Painter 2017 - Content (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - Core (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - Corex64 (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - CT (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - DE (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - EN (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - FR (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - IPM (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - IPM Content (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 - JP (Version: 16.0 - Corel Corporation) Hidden
Corel Painter 2017 (HKLM\...\_{0EB4382B-8422-4059-8027-3403DE8E8C3F}) (Version: 16.0.0.400 - Corel Corporation)
Corel Update Manager (Version: 2.3.77 - Corel corporation) Hidden
Corel VideoStudio Pro Title Pack (x32 Version: 1.00.0000 - Uw bedrijfsnaam) Hidden
Corel VideoStudio Ultimate X9 (HKLM-x32\...\_{EE80DAA0-0071-475C-A222-F1782888FC55}) (Version: 19.5.0.35 - Corel Corporation)
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CS (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CT (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CZ (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - DE (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - ES (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FR (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IT (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - JP (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - NL (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PL (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - RU (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.2.0.688 - Corel Corporation)
CuteFTP 9 (HKLM-x32\...\{89B9E358-75C6-4C6B-BD38-803FF156CC4B}) (Version: 9.0.5 - Globalscape)
CyberLink PhotoDirector 8 (HKLM-x32\...\{80986AB6-3CB0-49db-AB48-1600844D6374}) (Version: 8.0.2031.0 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd)
DVD and CD Cover Print (HKLM-x32\...\DVD and CD Cover Print) (Version: 3.0 - North Cardinal Software)
Electra2 full (HKLM\...\Tone2 Electra2 full_is1) (Version: 2.1.0 - Tone2)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Firebird v2.1 (HKLM-x32\...\Tone2 Firebird_is1) (Version: - Tone2)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Flame Painter 1.2 (HKLM-x32\...\Flame Painter_is1) (Version: 1.1 - Peter Blaskovic)
Fotostory 2016 Deluxe Update (Version: 15.0.4.115 - MAGIX Software GmbH) Hidden
Fotostory 2016 Deluxe Update (Version: 15.0.5.119 - MAGIX Software GmbH) Hidden
Gladiator full (HKLM-x32\...\Tone2 Gladiator full_is1) (Version: 2.5.0 - Tone2)
Glary Utilities 5.62 (HKLM-x32\...\Glary Utilities 5) (Version: 5.62.0.83 - Glarysoft Ltd)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.107 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Heroes of Might and Magic® III Complete (HKLM-x32\...\Heroes of Might and Magic® III) (Version: - )
ICA (x32 Version: 19.2.0.4 - Corel Corporation) Hidden
IconHandler 64 bit (Version: 2.0 - Corel Corporation) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IncrediMail (x32 Version: 6.6.0.5328 - IncrediMail) Hidden
IncrediMail 2.5 (HKLM-x32\...\IncrediMail) (Version: 6.6.0.5328 - IncrediMail Ltd.)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
IPM_VS_Pro64 (Version: 19.0 - Corel Corporation) Hidden
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Kibisis 1.0 (HKLM-x32\...\Kibisis_1.0) (Version: - )
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Lethality V1.1.2 Retail version 1.1.2 (HKLM-x32\...\Lethality V1.1.2 Retail_is1) (Version: 1.1.2 - )
Luxonix Purity VSTi v1.1.2 (HKLM-x32\...\Luxonix Purity VSTi_is1) (Version: - )
Macromedia Flash MX 2004 (HKLM-x32\...\{2F353D44-73BB-4971-B31D-F7642E9E9531}) (Version: 7.2 - Macromedia)
Magic Bullet Suite v12.1.6 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 12.1.6 - Red Giant, LLC)
Magic Flare 1.0 (HKLM-x32\...\MagicFlare_1.0) (Version: - )
MAGIX Photostory 2016 Deluxe (HKLM\...\MX.{8F50B146-0656-4FA6-B0E1-94F76B6C5D7A}) (Version: 15.0.2.108 - MAGIX Software GmbH)
MAGIX Photostory 2016 Deluxe (movie templates 3) (HKLM\...\MX.{4F95E873-3C77-4164-888B-B1602059E70B}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Photostory 2016 Deluxe (movie templates 3) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photostory 2016 Deluxe (movie templates 4) (HKLM\...\MX.{8B23EDAE-7D52-4B32-A8C8-2821D2B6144A}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Photostory 2016 Deluxe (movie templates 4) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photostory 2016 Deluxe (movie templates 5) (HKLM\...\MX.{472E95A2-99F0-4BA6-AFB8-11E41E43D02A}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Photostory 2016 Deluxe (movie templates 5) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photostory 2016 Deluxe (movie templates 6) (HKLM\...\MX.{10CEF801-0C65-40FF-B7E4-73C4C782B651}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Photostory 2016 Deluxe (movie templates 6) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photostory 2016 Deluxe (Version: 15.0.2.108 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{6D987A58-8C03-4ED5-8572-A12574033E2F}) (Version: 7.0.1.27 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden
Malware Hunter 1.22.0.39 (HKLM-x32\...\Malware Hunter) (Version: 1.22.0.39 - Glarysoft Ltd)
Malwarebytes Anti-Malware versie 1.80.2.1012 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.80.2.1012 - Malwarebytes Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Middle-earth - Shadow of Mordor GOTY (HKLM-x32\...\Middle-earth - Shadow of Mordor GOTY_is1) (Version: - )
MKV Player 2.0 (HKLM-x32\...\MKV Player_is1) (Version: - vsevensoft.com)
Mozilla Firefox 49.0.2 (x86 nl) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 nl)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MyDVD Content Pack 1 (HKLM-x32\...\{ADCF7AE3-8E36-4B80-9460-66B74B56927F}) (Version: 1.00.0000 - Corel Corporation)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.0.0.86 - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.5.2.880 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments)
Native Instruments Pro-53 (HKLM-x32\...\Native Instruments Pro-53) (Version: - )
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.7.0.797 - Native Instruments)
Need for Speed™ Most Wanted (HKLM-x32\...\{ADE91A13-434D-4229-00BC-182BAD607303}) (Version: - )
NVIDIA 3D Vision stuurprogramma 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.54 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Painter 2017 - Setup Files (Version: 16.0 - Corel Corporation) Hidden
ParticleShop - Core (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM Content (Version: 1.3 - Corel Corporation) Hidden
ParticleShop (HKLM\...\_{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.3.0.570 - Corel Corporation)
ParticleShop (Version: 1.3 - Corel Corporation) Hidden
Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version: 3.04 - NCH Software)
Plogue sforzando v1.877 (HKLM\...\__ARIA_1014___is1) (Version: v1.877 - Plogue)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.7 - Power Software Ltd)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.9.8 - Red Giant, LLC)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
Setup (x32 Version: 19.2.0.4 - Corel Corporation) Hidden
Share64 (Version: 19.2.0.4 - Corel Corporation) Hidden
SiteSpinner V2 (HKLM-x32\...\{01ADD994-DF5D-4AC6-83EE-D40EF5EDDBFF}) (Version: 2.92.17 - Virtual Mechanics)
StartIsBack++ (HKLM-x32\...\StartIsBack) (Version: 1.3.3 - startisback.com)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
Sylenth1 v2.20 (HKLM-x32\...\Sylenth1_is1) (Version: - )
TBS Cover Editor 2.1 (HKLM-x32\...\{0F99457D-9D88-4CB8-8E7D-5B7C464CA8CE}}_is1) (Version: 2.1 - trueboxshot.com)
The Settlers IV GOLD (HKLM-x32\...\GOGPACKSETTLERS4GOLD_is1) (Version: 2.0.0.4 - GOG.com)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
Topaz Glow (HKLM\...\Topaz Glow) (Version: 1.0.1 - Topaz Labs, LLC)
Tropico 5 - Complete Collection (HKLM-x32\...\Tropico 5 - Complete Collection_is1) (Version: - )
UnHackMe 8.30 (HKLM-x32\...\UnHackMe_is1) (Version: - Greatis Software, LLC.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_ENTERPRISE_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_ENTERPRISE_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_ENTERPRISE_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{92EC7530-9175-11E6-A34B-F4A5ED4DBF67}) (Version: 14.0.178 - VEGAS)
VideoStudio MyDVD (HKLM-x32\...\{91345797-EF07-41D2-85F4-BFF200B6A0A3}) (Version: 1.0 - Corel)
VideoStudio MyDVD (x32 Version: 1.0.129 - Uw bedrijfsnaam) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VSClassic64 (Version: 19.2.0.4 - Corel Corporation) Hidden
VSO ConvertXToDVD 6 (HKLM-x32\...\{8FC36FA6-C508-44FB-B137-1CB46D8258B2}_is1) (Version: 6.0.0.39 - VSO Software)
VSUltimate64 (Version: 19.2.0.4 - Corel Corporation) Hidden
Windows Desktop Gadgets (HKLM\...\Windows Desktop Gadgets_is1) (Version: 2.0 - hxxp://gadgetsrevived.com)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinX HD Video Converter Deluxe 5.9.6 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.)
WinX YouTube Downloader 4.0.5 (HKLM-x32\...\WinX YouTube Downloader_is1) (Version: - Digiarty Software, Inc.)
Wondershare Video Editor(Build 3.5.1) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: - Wondershare Software)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.50.133 - Zemana Ltd.)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

CustomCLSID: HKU\S-1-5-21-3199363119-606788724-3210624172-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Site\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {048A230E-B09E-485F-843B-9A3B9CFE606D} - System32\Tasks\{490C9170-91A1-46E4-98D9-8375CF63ACC7} => pcalua.exe -a "H:\VST Plugins\Native instruments PRO 53 vst\Pro-53 3.0.5 Setup.exe" -d "H:\VST Plugins\Native instruments PRO 53 vst"
Task: {0BE0AC52-769B-4EF5-9F57-5C9C0E034503} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {0ED69DFD-47B2-417C-A096-135607EF37EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {1BB751E8-5BD1-4469-85D3-1C4EAB096B7B} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-10-05] (COMODO)
Task: {1D35C49B-7866-449A-8FEE-9E1F75A79BF6} - System32\Tasks\{EFB2DDDE-B847-4F8B-8BDB-AB4E4FCFB9F7} => pcalua.exe -a "C:\[MW_Rival]\Software\Ulead Systems\Ulead VideoStudio\vstudio.exe" -d "C:\[MW_Rival]\Software\Ulead Systems\Ulead VideoStudio"
Task: {290A866D-7C62-44F3-950B-5AD551780060} - System32\Tasks\{566E50C7-4811-4EF4-8E37-8F7760BBCD59} => pcalua.exe -a "D:\Wave programs\daemon tools\daemon347.exe" -d "D:\Wave programs\daemon tools"
Task: {2E58583F-F58A-412D-A9D4-18D1B1C0190F} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-10-05] (COMODO)
Task: {36D1D90B-C4A5-4C78-985A-F1A79DC38EAC} - System32\Tasks\{F73976DA-7689-46F0-8431-CCE4E79027BC} => pcalua.exe -a "C:\Program Files (x86)\IncrediMail\Bin\ImSetup.exe" -c /uninstallProduct /addon:incredimail
Task: {39ED909D-7C95-418F-8207-0305EAE4E4D7} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {49603CB8-689C-4A2D-A34D-D7608CC180CC} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2016-10-26] (Glarysoft Ltd)
Task: {49ECF5C2-A8A9-41E2-8B4A-57F45B36031C} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-10-17] (Corel Corporation)
Task: {4A0068AD-B840-4D5A-AEC3-D38BFC6AE0BE} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-C38E2HK-Site => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {4B49259B-DF7E-45B5-9AAB-A78B0AF54068} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {6D90DA22-3819-4C84-A43B-3ECEB4789C1E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-02] (Google Inc.)
Task: {7045E815-81A8-42BD-BE8D-7EAD57B6A8CE} - System32\Tasks\SUPERAntiSpyware Scheduled Task b4a6a5bb-a9b7-423b-8004-aa8f975dcb57 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {7785BEB6-0D0A-41BC-B2D4-A679F723E328} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2016-10-26] (Glarysoft Ltd)
Task: {8FE03CC3-002E-4C09-AB8B-A28E9904FDE9} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-11-30] (@ByELDI)
Task: {AC9DD2F4-C072-4586-8137-61A76DA9B462} - System32\Tasks\GMHSkipUAC => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe [2016-10-26] (Glarysoft Ltd)
Task: {BE6A40B9-B356-4293-BFCB-918458563947} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {C7AB6C16-ABFD-4F7A-9852-4A670F68ADF1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {D23AEE8C-8DFE-407A-9A28-48506AD97457} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-10-04] (COMODO)
Task: {DC2CE452-3703-40D3-A33E-80F14CD0EE1B} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [2016-10-13] (Greatis Software)
Task: {E19B06AB-5965-4EC1-B8DE-7921D46750AB} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-10-04] (COMODO)
Task: {E2D9654D-85F6-49CF-9E41-8EB2F22F4442} - System32\Tasks\StartIsBack health check => C:\Program Files (x86)\StartIsBack\startscreen.exe [2016-08-14] (www.startisback.com)
Task: {E492EF6D-8383-4642-996C-98BC8D6D230C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-02] (Google Inc.)
Task: {E4DB0724-8E84-42EB-8EB0-C5195E476071} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-10-05] (COMODO)

(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b4a6a5bb-a9b7-423b-8004-aa8f975dcb57.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

==================== Snelkoppelingen =============================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

Shortcut: C:\Users\Site\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.html

ShortcutWithArgument: C:\Users\Site\programmas\Corel VideoStudio X9 Ultimate\VideoStudio X9 Training.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.studiobacklot.tv/videostudioX9

[fink]

The first thing to do is clean the infection then fix the problems it may have caused. Broni will have a look at the log file soon. Pls read the sticky at the top of the page.

[sitew]

ok second part from addition.txt

==================== Geladen Modules (gefilterd) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-10-02 12:48 - 2016-09-15 19:25 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-10-01 14:14 - 2015-07-13 19:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-16 10:25 - 2016-03-16 10:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2016-10-02 12:48 - 2016-09-15 19:25 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-10-01 14:13 - 2016-10-01 14:13 - 00959168 _____ () C:\Users\Site\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-10-29 01:24 - 2016-10-29 01:24 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2012-09-23 20:44 - 2012-09-23 20:44 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\nl_nl\acrotray.nld
2016-10-28 16:27 - 2016-10-28 16:27 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-10-01 14:13 - 2016-10-01 14:13 - 00679624 _____ () C:\Users\Site\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-10-01 13:10 - 2016-10-01 13:10 - 00031744 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\nl_nl\AcroIEFavClient.NLD
2016-10-13 16:24 - 2016-10-13 16:23 - 00009216 _____ () C:\Program Files (x86)\UnHackMe\WINSPOOL.DRV

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)

AlternateDataStreams: C:\autoexec.bat:$CmdTcID [64]
AlternateDataStreams: C:\Windows\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\iun506.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\iun6002.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\splwow64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aadtb.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ActionCenterCPL.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AdobePDF.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AdobePDFUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AppointmentApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\apprepapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apprepsync.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appwiz.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AppXDeploymentClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AppXDeploymentExtensions.desktop.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AppXDeploymentExtensions.onecore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AppXDeploymentServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AppxPackaging.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEndpointBuilder.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSrvPolicyManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AuthBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\autoplay.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AzureSettingSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BingMaps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BluetoothApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BthRadioMedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cdd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cdpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cdpusersvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CertEnroll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Chakra.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\chartv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ChatApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ClipUp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cloudAP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CloudExperienceHost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CloudExperienceHostBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CloudExperienceHostCommon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmifw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\combase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ContactApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\credprovs.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cscui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d11.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3D12.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_47.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_33.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dafBth.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DataSenseHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\daxexec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DeviceCensus.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DevicePairing.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DevicePairingFolder.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dhcpcore6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dialclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Display.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DolbyDecMFT.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drvstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dsreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\edgehtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EditionUpgradeHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EditionUpgradeManagerObj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\efsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\efswrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EmailApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\energy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ErrorDetails.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\esent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\esentutl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fhcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FlightSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fontdrvhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fontext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FrameServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FSClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\GamePanel.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gameux.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\GdiPlus.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Geolocation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hevcdecoder.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hgcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\HttpsDataSource.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IdCtrls.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\InstallAgent.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iphlpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iscsiwmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\JpMapControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ListSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\LocationFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\LockAppBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MapControlCore.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MapsStore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MCRecvSrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MDMAppInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFCaptureEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfksproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFMediaEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfmp4srcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfnetcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfsensorgroup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfsvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mispace.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\moshostcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msdtctm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msinfo32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mspaint.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msvproc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MusNotification.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MusUpdateHandlers.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ncsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\NetworkDesktopSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ngcsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\NlsData0009.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\NlsLexicons0009.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\NMAA.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\NotificationController.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntshrui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\offreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OnDemandConnRouteHelper.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\partizan.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\powercfg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PresentationNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\prm0009.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RemoteNaturalLanguage.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SettingsHandlers_Bluetooth.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SettingsHandlers_Flights.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SettingsHandlers_nt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ShareHost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shdocvw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\smartscreen.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SndVolSSO.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sppobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sppsvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sppwinob.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\stobject.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\StoreAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sud.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SyncCenter.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\SystemSettingsAdminFlows.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\taskbarcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\themecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TpmTasks.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSWorkspace.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsWpfWrp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\twinapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\twinui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\twinui.pcshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UIRibbonRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\updatepolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usercpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UserDeviceRegistration.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UserDeviceRegistration.Ngc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UserMgrProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usocore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vorbis.acm:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wbiosrvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wc_storage.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\weretw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\win32kbase.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\win32kfull.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\win32spl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.ApplicationModel.Store.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.ApplicationModel.Wallet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.Data.Pdf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.Devices.AllJoyn.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Windows.Devices.Sensors.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.Devices.WiFi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.Media.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll:$CmdTcID [64]

[sitew]

Next part from addition.txt

AlternateDataStreams: C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Windows.Media.Speech.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.Networking.Connectivity.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.Networking.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.Networking.HostName.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.StateRepository.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.StateRepositoryBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.StateRepositoryClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.UI.Immersive.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.UI.Logon.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Windows.UI.Search.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.UI.Xaml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.UI.Xaml.Resources.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Windows.Web.Diagnostics.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.Web.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Windows.Web.Http.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winlogon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinTypes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpdxm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpeffects.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpAXHolder.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpcWebFilter.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpncore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpnprv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wscsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsp_fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsp_health.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuuhext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\zipfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aadtb.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ActionCenterCPL.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AppointmentApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apprepapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apprepsync.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AppXDeploymentClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AppxPackaging.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AuthBroker.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\autoplay.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AzureSettingSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BingMaps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BluetoothApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\btn32a20.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Btn32d20.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CertEnroll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Chakra.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Chakradiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\chartv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ChatApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CloudExperienceHostCommon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cmifw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ColorBox.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\combase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ConfigureExpandedStorage.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ContactApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\credprovs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\csXImage.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d11.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3D12.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_47.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\daxexec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\DevicePairing.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dhcpcore6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dialclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\DolbyDecMFT.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drvstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dsreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dtdump.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\edgehtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\efsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\efswrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EmailApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\esent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\esentutl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EZGif.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EZJpeg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EZPdf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EZPng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EZTiff.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Eztwain3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fontdrvhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fontext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FSClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fximg50g.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fxlbl50g.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fxtls532.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gameux.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\GdiPlus.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Geolocation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\hevcdecoder.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\hgcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\InstallAgent.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\InstallAgentUserBroker.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iscsiwmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\JpMapControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\LockAppBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MapControlCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MCRecvSrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFC71ESP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfksproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFMediaEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfmp4srcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfnetcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfnetsrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfsensorgroup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfsvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mispace.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSINET.OCX:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msinfo32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mspaint.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msvproc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\netshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NlsData0009.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NlsLexicons0009.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NMAA.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntshrui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\offreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\olepro32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\picn20.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\PolarZIPLight.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\powercfg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\PresentationNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RemoteNaturalLanguage.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\richtx32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ShareHost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\SndVolSSO.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\stobject.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\StoreAgent.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\sud.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\SYNSOEMU.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\systemcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\themecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\TsWpfWrp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\twinapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\twinui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UIRibbonRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UNWISE.EXE:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\updatepolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\usercpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UserDataAccountApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UserDeviceRegistration.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UserDeviceRegistration.Ngc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UserMgrProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\vorbis.acm:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\weretw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\win32kfull.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Data.Pdf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Devices.Sensors.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Devices.WiFi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Media.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Media.Speech.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Networking.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Networking.HostName.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.StateRepository.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.UI.Immersive.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.UI.Logon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.UI.Search.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.UI.Xaml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Web.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Windows.Web.Http.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WinTypes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WISPTIS.EXE:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpdxm.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wmpeffects.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WpcWebFilter.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManHTTPConfig.exe:$CmdTcID [64]

[sitew]

last part from addition.txt

AlternateDataStreams: C:\Windows\SysWOW64\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsp_fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsp_health.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_10.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\zipfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\afd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ahcache.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\capimg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\crashdmp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\dam.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\dfsc.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\dumpsd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\dxgkrnl.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\dxgmms1.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\dxgmms2.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\FWPKCLNT.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hidclass.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\MegaSas2i.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ndis.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\NIWinCDEmu.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\pci.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\sdbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\spaceport.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\storport.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpip.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tm.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\xboxgip.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Site\Desktop\adwcleaner_6.030.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Site\Desktop\adwcleaner_6.030.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Site\Desktop\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Site\Desktop\FRST64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Site\Desktop\rkill.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Site\Desktop\rkill.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Site\Downloads\9D8FBD8Y.json.f50tk8z.partial:$CmdTcID [130]
AlternateDataStreams: C:\Users\Site\Downloads\CRL_pntr_v16.rar.yoqywdf.partial:$CmdTcID [64]
AlternateDataStreams: C:\Users\Site\AppData\Roaming\inst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Site\Documents\mediaplayerclassic_setup [1].exe:$CmdTcID [64]

==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)


==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)


==================== Hosts inhoud: ===============================

(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)

2016-07-16 13:47 - 2016-10-29 14:03 - 00000019 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-3199363119-606788724-3210624172-1001\Control Panel\Desktop\\Wallpaper -> H:\illusions forum pictures photoshop TUTorials\freya en kurt sloebertje flavie glasbol aan zee.jpg
DNS Servers: 195.130.130.5 - 195.130.131.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

HKLM\...\StartupApproved\Run32: => "GrooveMonitor"

==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{146D3A59-DAE1-4FD5-860F-42C70D5BA10F}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{CD5E262B-1712-4913-88A7-BF9D285083F1}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{E8AC9E8B-17FC-4C5C-81CB-CED400B5CF22}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{488F363C-9D51-4E9A-8ADF-DFF48F47941B}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [TCP Query User{D55D9E8F-1810-4508-96EF-60F6CC6C1BDC}I:\tptb downloads 2014\games\pc_borderlands.2.game.of.the.year.edition.rip.-tptb\borderlands 2 game of the year edition\binaries\win32\borderlands2.exe] => (Allow) I:\tptb downloads 2014\games\pc_borderlands.2.game.of.the.year.edition.rip.-tptb\borderlands 2 game of the year edition\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{19AD046B-7CD6-42CA-BA0D-15374E97C3C4}I:\tptb downloads 2014\games\pc_borderlands.2.game.of.the.year.edition.rip.-tptb\borderlands 2 game of the year edition\binaries\win32\borderlands2.exe] => (Allow) I:\tptb downloads 2014\games\pc_borderlands.2.game.of.the.year.edition.rip.-tptb\borderlands 2 game of the year edition\binaries\win32\borderlands2.exe
FirewallRules: [{18F8F295-1B19-4111-9F21-6AFB1232819D}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2015.5\Photoshop.exe
FirewallRules: [{71CE0437-7D3C-4D84-9E40-9DDFB5F6C87B}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2015.5\Photoshop.exe
FirewallRules: [{4A7FC120-BEED-4967-89DA-6A3142B1CCBE}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2015.5\Photoshop.exe
FirewallRules: [{C29E4071-B73C-4C4B-B6FE-33704726C990}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2015.5\Photoshop.exe
FirewallRules: [{6ED6EF6B-FF6E-48F3-9EDA-B5955F397E2F}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{BCD6818B-27BD-46A0-B88F-C15CF1664EB7}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{ECDBA0EA-EEE6-4C90-A0DC-13ADD8C2BFEF}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{A5E9663A-6247-4854-8295-E3A1DF7087F6}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{C3DD1041-F0A5-4544-8E09-1F9D935CDD85}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{6C96F0DF-3896-4715-887B-F7A2685B24ED}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{8F6308B2-E8B3-432E-8CFE-953D44145E29}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{965A5B8E-DAB3-42BB-ADBC-41E74D750137}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{C119F9FE-4019-40B3-9F84-FE87090D2173}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{58756AF8-01D4-4BD3-B225-9C693AE55933}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{38F22126-D78C-4772-A71D-0FC808D6E844}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [TCP Query User{F3DCA21E-5D79-41CD-9DD1-3A95BF2261DF}I:\tptb downloads 2014\games\farcry.4.gold.edition.v1.0.0-tptb\tptb-frc4\far cry 4\bin\farcry4.exe] => (Allow) I:\tptb downloads 2014\games\farcry.4.gold.edition.v1.0.0-tptb\tptb-frc4\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{3E44893D-DC11-4E92-8B44-41DA5B62CA2B}I:\tptb downloads 2014\games\farcry.4.gold.edition.v1.0.0-tptb\tptb-frc4\far cry 4\bin\farcry4.exe] => (Allow) I:\tptb downloads 2014\games\farcry.4.gold.edition.v1.0.0-tptb\tptb-frc4\far cry 4\bin\farcry4.exe
FirewallRules: [{19B069D8-4265-42AB-ADD4-050AC7AF5A54}] => (Block) %SystemRoot%\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
FirewallRules: [{B1C48D94-DA92-4505-B34B-CA9E795EB778}] => (Block) %SystemRoot%\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
FirewallRules: [{7124F9D3-9859-4BD8-8902-74EC6FC1B5E3}] => (Block) %SystemRoot%\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
FirewallRules: [{F4837E3A-E834-43E7-93E7-1050A38A09D2}] => (Allow) C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe
FirewallRules: [{AEA94FB1-78F3-4CF0-83E7-4B1087DE8B41}] => (Allow) C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe
FirewallRules: [{BC67F6D8-D582-46A1-9536-98BB481E1533}] => (Allow) C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe
FirewallRules: [{F09AAA96-0353-45F9-BC8B-8ED74FBD06E7}] => (Allow) C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe
FirewallRules: [{A644DD4A-4B83-4EB9-A658-E612A462099F}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe
FirewallRules: [{3F32E85A-5895-469A-8D15-38D293A59A05}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe
FirewallRules: [{4CD0D6B2-412F-4D76-AFEE-DAEBAECF7208}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe
FirewallRules: [{8A00EE9D-68A9-4A5B-8A6E-335B090B66D1}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe
FirewallRules: [TCP Query User{BDF61B5E-842C-443B-A164-F39B25EC2743}C:\program files\red giant\automatic duck\media copy\mediacopy.exe] => (Allow) C:\program files\red giant\automatic duck\media copy\mediacopy.exe
FirewallRules: [UDP Query User{FD82FCA2-9815-425D-A2CD-94B3B4B987C4}C:\program files\red giant\automatic duck\media copy\mediacopy.exe] => (Allow) C:\program files\red giant\automatic duck\media copy\mediacopy.exe
FirewallRules: [{4CB05453-8931-4E8E-ACCD-62959578E166}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2BD3AD21-E158-4D37-801E-E4C9ECE9F3B1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Herstelpunten =========================

17-10-2016 18:19:23 Installed Banished v1.0.0 32-bit
20-10-2016 20:49:04 Installed Agisoft PhotoScan Professional
22-10-2016 01:44:11 Removed Banished v1.0.0 32-bit
25-10-2016 20:41:20 Removed Movie Studio Platinum 13.0 (64-bit)
26-10-2016 23:44:26 Removed Agisoft PhotoScan Professional
28-10-2016 18:01:29 Installed ImageGlue .NET 7.4 x64

==================== Defecte Apparaatbeheer Apparaten =============

Name: Microsoft-muis (PS/2)
Description: Microsoft-muis (PS/2)
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standaard PS/2-toetsenbord
Description: Standaard PS/2-toetsenbord
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (standaardtoetsenbord)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (10/29/2016 05:07:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-C38E2HK)
Description: Het activeren van de app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (10/29/2016 05:07:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: ShellExperienceHost.exe, versie: 10.0.14393.187, tijdstempel: 0x57cf9d73
Naam van module met fout: ShellExperienceHost.exe, versie: 10.0.14393.187, tijdstempel: 0x57cf9d73
Uitzonderingscode: 0xc000027b
Foutmarge: 0x0000000000022e37
Id van proces met fout: 0x1380
Starttijd van toepassing met fout: 0x01d231f62d433fb6
Pad naar toepassing met fout: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pad naar module met fout: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Rapport-id: 8e549507-da7d-44da-a60e-24ba4198846d
Volledige pakketnaam met fout: Microsoft.Windows.ShellExperienceHost_10.0.14393.206_neutral_neutral_cw5n1h2txyewy
Relatieve toepassings-id van pakket met fout: App

Error: (10/29/2016 04:41:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-C38E2HK)
Description: Het activeren van de app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (10/29/2016 04:40:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-C38E2HK)
Description: Het activeren van de app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (10/29/2016 04:40:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: ShellExperienceHost.exe, versie: 10.0.14393.187, tijdstempel: 0x57cf9d73
Naam van module met fout: ShellExperienceHost.exe, versie: 10.0.14393.187, tijdstempel: 0x57cf9d73
Uitzonderingscode: 0xc000027b
Foutmarge: 0x0000000000022e37
Id van proces met fout: 0x1bb0
Starttijd van toepassing met fout: 0x01d231f269055647
Pad naar toepassing met fout: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pad naar module met fout: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Rapport-id: c254a9f7-4675-4b22-b048-588b34ed4b28
Volledige pakketnaam met fout: Microsoft.Windows.ShellExperienceHost_10.0.14393.206_neutral_neutral_cw5n1h2txyewy
Relatieve toepassings-id van pakket met fout: App

Error: (10/29/2016 04:26:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-C38E2HK)
Description: Het activeren van de app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (10/29/2016 04:26:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DESKTOP-C38E2HK)
Description: App Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI is niet gestart binnen de toegewezen tijd.

Error: (10/29/2016 04:24:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-C38E2HK)
Description: Het activeren van de app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (10/29/2016 04:24:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DESKTOP-C38E2HK)
Description: App Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI is niet gestart binnen de toegewezen tijd.

Error: (10/29/2016 04:22:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-C38E2HK)
Description: Het activeren van de app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.


Systeemfouten:
=============
Error: (10/29/2016 05:07:36 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-C38E2HK)
Description: De server App heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (10/29/2016 04:41:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-C38E2HK)
Description: De server App.AppXwdcgcprz1jmf2x5501am32bsggn1cgpt.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (10/29/2016 04:40:37 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-C38E2HK)
Description: De server App heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (10/29/2016 04:26:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-C38E2HK)
Description: De server CortanaUI heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (10/29/2016 04:24:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-C38E2HK)
Description: De server CortanaUI heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (10/29/2016 04:22:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-C38E2HK)
Description: De server CortanaUI heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (10/29/2016 04:20:16 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-C38E2HK)
Description: De server CortanaUI heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (10/29/2016 04:18:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-C38E2HK)
Description: De server CortanaUI heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (10/29/2016 04:16:12 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-C38E2HK)
Description: De server CortanaUI heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (10/29/2016 04:15:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-C38E2HK)
Description: De server CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.


CodeIntegrity:
===================================
Date: 2016-10-29 17:02:10.024
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-10-29 16:40:33.904
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-10-29 16:40:33.740
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-10-29 16:38:27.076
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-10-29 16:38:24.776
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-10-29 16:36:54.477
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-10-29 16:36:53.978
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-10-29 16:10:06.696
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-10-29 16:09:37.713
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-10-29 15:58:09.280
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Geheugen info ===========================

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage geheugen in gebruik: 18%
Totaal fysiek RAM-geheugen: 16366.63 MB
Beschikbaar fysiek RAM-geheugen: 13409.82 MB
Totaal Virtueel geheugen: 17390.63 MB
Beschikbaar Virtual geheugen: 14373.1 MB

==================== Schijven ================================

Drive c: () (Fixed) (Total:491.96 GB) (Free:194.12 GB) NTFS
Drive d: () (Fixed) (Total:74.51 GB) (Free:14.94 GB) FAT32
Drive e: () (Fixed) (Total:74.51 GB) (Free:29.26 GB) FAT32
Drive f: () (Fixed) (Total:439.45 GB) (Free:72.86 GB) NTFS
Drive h: (Elements) (Fixed) (Total:2794.49 GB) (Free:1161.9 GB) NTFS
Drive i: (My Book) (Fixed) (Total:1862.98 GB) (Free:281.9 GB) NTFS
Drive k: (H3_disk2) (CDROM) (Total:0.51 GB) (Free:0 GB) CDFS

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: 12E4A931)
Partition 1: (Active) - (Size=74.5 GB) - (Type=0C)

========================================================
Disk: 1 (Size: 74.5 GB) (Disk ID: C033C033)
Partition 1: (Active) - (Size=74.5 GB) - (Type=0C)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6170FDBE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=492 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=439.5 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 3.

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 00021365)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Eind van Addition.txt ============================

[sitew]

now the FRST.txt

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 29-10-2016
Gestart door Site (Beheerder) op DESKTOP-C38E2HK (29-10-2016 17:17:43)
Gestart vanaf C:\Users\Site\Desktop
Geladen Profielen: Site (Beschikbare Profielen: defaultuser0 & Site)
Platform: Windows 10 Pro Versie 1607 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Edge)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Greatis Software) C:\Program Files (x86)\UnHackMe\hackmon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(IncrediMail Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(IncrediMail Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe


==================== Register (gefilterd) ====================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795728 2015-07-13] (NVIDIA Corporation)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-10-04] (COMODO)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [Corel Update Helper] => C:\Program Files\Corel\Corel VideoStudio X9\pua.exe [2012104 2016-10-25] (Corel Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13823216 2016-10-29] (Zemana Ltd.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2016-10-03] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1156824 2016-10-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-10-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-10-25] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2016-10-28] (Wondershare)
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-10-21] (SUPERAntiSpyware)
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [DIMDownloading your update...1300677038363] => "C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe" "c:\programdata\corel\downloads\540215253_410003\1300677038363\dim_params.xml" -Launch=3 -uibase="c:\programdata\corel\messa (de data item heeft 47 mee tekens).
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-10-05] (Disc Soft Ltd)
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [IncrediMail] => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [444424 2016-10-10] (IncrediMail Ltd.)
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-10-26] (Glarysoft Ltd)
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\...\MountPoints2: {3fae64fd-8a81-11e6-8a40-d0278867429d} - "K:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-18\...\Run: [] => 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2016-10-19]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
BootExecute: autocheck autochk * Partizan

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 195.130.130.5 195.130.131.5
Tcpip\..\Interfaces\{be4723c1-e50a-407f-8b6b-99a3697d0962}: [DhcpNameServer] 195.130.130.5 195.130.131.5

Internet Explorer:
==================
HKU\S-1-5-21-3199363119-606788724-3210624172-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.artevent2005.tk/
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-10-02] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-25] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-10-02] (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-10-02] (Google Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-10-02] (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3199363119-606788724-3210624172-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-10-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-3199363119-606788724-3210624172-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1475520139629

FireFox:
========
FF DefaultProfile: l9c0o6db.default
FF ProfilePath: C:\Users\Site\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\l9c0o6db.default\Profiles\l9c0o6db.default [niet gevonden]
FF ProfilePath: C:\Users\Site\AppData\Roaming\Mozilla\Firefox\Profiles\l9c0o6db.default [2016-10-29]
FF NewTab: Mozilla\Firefox\Profiles\l9c0o6db.default ->
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\l9c0o6db.default -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\l9c0o6db.default ->
FF Homepage: Mozilla\Firefox\Profiles\l9c0o6db.default -> hxxp://www.artevent2005.tk/
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\Site\AppData\Roaming\Mozilla\Firefox\Profiles\l9c0o6db.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2016-10-25]
FF Extension: (FlashToggle) - C:\Users\Site\AppData\Roaming\Mozilla\Firefox\Profiles\l9c0o6db.default\Extensions\jid0-YDAKXmNpT5o9cU0xOQm54Z8IMwo@jetpack [2016-10-29]
FF Extension: (Emoji Cheatsheet for GitHub, Basecamp etc.) - C:\Users\Site\AppData\Roaming\Mozilla\Firefox\Profiles\l9c0o6db.default\Extensions\jid1-Xo5SuA6qc1DFpw@jetpack.xpi [2016-10-25]
FF Extension: (uBlock Origin) - C:\Users\Site\AppData\Roaming\Mozilla\Firefox\Profiles\l9c0o6db.default\Extensions\uBlock0@raymondhill.net.xpi [2016-10-25]
FF Extension: (YouTube™ toggle Flash and HTML Players) - C:\Users\Site\AppData\Roaming\Mozilla\Firefox\Profiles\l9c0o6db.default\Extensions\{0ff9ce27-4b4a-4323-8690-d7b30ad496dc}.xpi [2016-10-25]
FF Extension: (YouTube™ No Buffer (Stop Auto-playing)) - C:\Users\Site\AppData\Roaming\Mozilla\Firefox\Profiles\l9c0o6db.default\Extensions\{551f032e-353d-4d10-b186-b0026b1a666d}.xpi [2016-10-29]
FF Extension: (Video DownloadHelper) - C:\Users\Site\AppData\Roaming\Mozilla\Firefox\Profiles\l9c0o6db.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-29] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-29] ()

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-10-01]

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817256 2016-10-05] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-10-05] (COMODO)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-10-05] (Disc Soft Ltd)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2016-10-20] (MAGIX AG) [Bestand niet getekend]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2016-10-20] (MAGIX®) [Bestand niet getekend]
S3 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [69632 2016-10-02] (Macromedia) [Bestand niet getekend]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [452576 2016-02-09] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [901088 2016-02-09] (Malwarebytes Corporation)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2016-10-03] (arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [741056 2015-11-30] (@ByELDI) [Bestand niet getekend]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13823216 2016-10-29] (Zemana Ltd.)

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [40960 2016-09-08] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [862648 2016-09-08] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [54336 2016-09-08] (COMODO)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-10-01] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-10-01] (Disc Soft Ltd)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2016-10-26] (Glarysoft Ltd)
S3 GUMHFilters; C:\Program Files (x86)\Glarysoft\Malware Hunter\Native\winxp_x64\GUMHFilter.sys [37688 2016-10-21] (GlarySoft Ltd)
R1 GUSBootStartup; C:\Windows\System32\drivers\GUSBootStartup.sys [20160 2016-10-26] (Glarysoft Ltd)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [147304 2016-09-08] (COMODO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-02-09] (Malwarebytes Corporation)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64352 2016-10-12] (Avago Technologies)
R1 MpKsla6500586; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{217E40C2-880B-49D0-84D6-DA4CF8A86F0E}\MpKsla6500586.sys [44928 2016-10-29] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NIWinCDEmu; C:\Windows\System32\drivers\NIWinCDEmu.sys [112408 2016-10-05] ()
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2016-10-13] (Greatis Software)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [12464 2016-10-02] (Macrovision Europe Ltd) [Bestand niet getekend]
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-10-29] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-10-29] (Zemana Ltd.)

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2016-10-29 17:17 - 2016-10-29 17:18 - 00017644 _____ C:\Users\Site\Desktop\FRST.txt
2016-10-29 17:17 - 2016-10-29 17:17 - 00000000 ____D C:\FRST
2016-10-29 17:16 - 2016-10-29 17:14 - 02408448 _____ (Farbar) C:\Users\Site\Desktop\FRST64.exe
2016-10-29 15:57 - 2016-10-29 15:57 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-10-29 15:57 - 2016-10-29 15:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-29 15:56 - 2016-10-29 15:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-29 13:28 - 2016-10-29 14:04 - 00000000 ____D C:\ProgramData\HitmanPro
2016-10-29 13:28 - 2016-10-29 13:28 - 00054736 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2016-10-29 13:08 - 2016-10-29 13:08 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2016-10-29 12:53 - 2016-10-29 12:53 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\3BE268FD.sys
2016-10-29 12:50 - 2016-10-29 12:50 - 00002218 _____ C:\Users\Site\Desktop\AdwCleaner[C2].txt
2016-10-29 12:39 - 2016-10-29 00:56 - 03910208 _____ C:\Users\Site\Desktop\adwcleaner_6.030.exe
2016-10-29 01:24 - 2016-10-29 17:17 - 00842790 _____ C:\Windows\ZAM.krnl.trace
2016-10-29 01:24 - 2016-10-29 17:17 - 00112731 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-10-29 01:24 - 2016-10-29 02:59 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-10-29 01:24 - 2016-10-29 01:24 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2016-10-29 01:24 - 2016-10-29 01:24 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2016-10-29 01:24 - 2016-10-29 01:24 - 00001145 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-10-29 01:24 - 2016-10-29 01:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-10-29 01:23 - 2016-10-29 01:23 - 00000000 ____D C:\Users\Site\AppData\Local\Zemana
2016-10-29 01:18 - 2016-10-29 11:54 - 00004644 _____ C:\Users\Site\Desktop\Rkill.txt
2016-10-29 01:18 - 2016-10-29 01:18 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Site\Desktop\rkill.exe
2016-10-28 19:50 - 2016-10-28 19:50 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\51BC59D0.sys
2016-10-28 19:41 - 2016-10-29 14:52 - 00000254 _____ C:\Windows\SysWOW64\PARTIZAN.TXT
2016-10-28 19:28 - 2016-10-29 12:43 - 00000000 ____D C:\AdwCleaner
2016-10-28 19:26 - 2016-10-28 19:26 - 00000088 _____ C:\Windows\system32\Partizan.RRI
2016-10-28 19:26 - 2016-10-28 19:26 - 00000000 ____D C:\@RestoreQuarantine
2016-10-28 19:10 - 2016-10-28 19:10 - 00000000 _____ C:\autoexec.bat
2016-10-28 19:06 - 2016-10-28 19:12 - 00000000 ____D C:\ProgramData\RegRun
2016-10-28 18:40 - 2016-10-28 19:57 - 00000000 ____D C:\Users\Site\AppData\Local\app
2016-10-28 18:39 - 2016-10-28 18:39 - 00000000 ____D C:\Users\Site\AppData\Roaming\Misertain
2016-10-28 18:39 - 2016-10-28 18:39 - 00000000 ____D C:\Users\Site\AppData\Local\Rerpetsuutain
2016-10-28 18:25 - 2016-10-28 18:25 - 00000000 ____D C:\Users\Site\AppData\Local\Ashampoo Movie Studio
2016-10-28 18:23 - 2016-10-28 18:40 - 00000000 ____D C:\Program Files (x86)\Ashampoo Movie Studio v1.0.4.3 Registered [TezZ]
2016-10-28 18:18 - 2016-10-28 18:22 - 00000000 ____D C:\Users\Site\AppData\Local\Ashampoo Video Styler
2016-10-28 17:53 - 2016-10-28 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-10-28 17:52 - 2016-10-28 18:18 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2016-10-28 17:52 - 2016-10-28 18:07 - 00000000 ____D C:\ProgramData\Ashampoo
2016-10-28 16:56 - 2016-10-28 16:56 - 00001243 _____ C:\Users\Site\Desktop\LineageII.exe - Snelkoppeling.lnk
2016-10-28 16:50 - 2016-10-28 16:50 - 00000000 ____D C:\Users\Site\AppData\Local\SmartGuard
2016-10-28 16:27 - 2016-10-28 16:27 - 00000000 ____D C:\Users\Site\AppData\Local\Wondershare
2016-10-28 16:26 - 2016-10-28 16:28 - 00000000 ____D C:\Users\Site\Documents\Wondershare Video Editor
2016-10-28 16:26 - 2016-10-28 16:28 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-10-28 16:26 - 2016-10-28 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-10-28 16:21 - 2016-10-28 18:48 - 00000540 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b4a6a5bb-a9b7-423b-8004-aa8f975dcb57.job
2016-10-28 16:21 - 2016-10-28 16:21 - 00003696 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task b4a6a5bb-a9b7-423b-8004-aa8f975dcb57
2016-10-27 23:48 - 2016-10-27 23:30 - 07468032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-10-27 23:48 - 2016-10-27 23:30 - 01880576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-10-27 23:48 - 2016-10-27 23:30 - 01557808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2016-10-27 23:48 - 2016-10-27 23:30 - 01263848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-10-27 23:48 - 2016-10-27 23:29 - 01424488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2016-10-27 23:48 - 2016-10-27 23:29 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-10-27 23:48 - 2016-10-27 23:29 - 00747008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2016-10-27 23:48 - 2016-10-27 23:29 - 00555008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-10-27 23:48 - 2016-10-27 23:29 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2016-10-27 23:48 - 2016-10-27 23:29 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-10-27 23:48 - 2016-10-27 23:28 - 20969928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-27 23:48 - 2016-10-27 23:28 - 01323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2016-10-27 23:48 - 2016-10-27 23:28 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2016-10-27 23:48 - 2016-10-27 23:28 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-10-27 23:48 - 2016-10-27 23:28 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmifw.dll
2016-10-27 23:48 - 2016-10-27 23:28 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-10-27 23:48 - 2016-10-27 23:27 - 02999808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2016-10-27 23:48 - 2016-10-27 23:27 - 02748928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-10-27 23:48 - 2016-10-27 23:27 - 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
2016-10-27 23:48 - 2016-10-27 23:27 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-10-27 23:48 - 2016-10-27 23:26 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-10-27 23:48 - 2016-10-27 23:26 - 05685760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-10-27 23:48 - 2016-10-27 23:26 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-27 23:48 - 2016-10-27 23:26 - 02256896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-27 23:48 - 2016-10-27 23:26 - 02256592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-27 23:48 - 2016-10-27 23:26 - 01969912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2016-10-27 23:48 - 2016-10-27 23:26 - 01595392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-27 23:48 - 2016-10-27 23:26 - 00549376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
2016-10-27 23:48 - 2016-10-27 23:26 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esentutl.exe
2016-10-27 23:48 - 2016-10-27 23:26 - 00102912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll
2016-10-27 23:48 - 2016-10-27 23:26 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-27 23:48 - 2016-10-27 23:25 - 02458112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-10-27 23:48 - 2016-10-27 23:25 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-10-27 23:48 - 2016-10-27 23:25 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-27 23:48 - 2016-10-27 23:25 - 00632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2016-10-27 23:48 - 2016-10-27 23:25 - 00580608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-10-27 23:48 - 2016-10-27 23:25 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2016-10-27 23:48 - 2016-10-27 23:25 - 00422400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2016-10-27 23:48 - 2016-10-27 23:25 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-10-27 23:48 - 2016-10-27 23:25 - 00348672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2016-10-27 23:48 - 2016-10-27 23:25 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-10-27 23:48 - 2016-10-27 23:25 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2016-10-27 23:48 - 2016-10-27 23:25 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoplay.dll
2016-10-27 23:48 - 2016-10-27 23:25 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2016-10-27 23:48 - 2016-10-27 23:24 - 04612608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-10-27 23:48 - 2016-10-27 23:24 - 01509376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-27 23:48 - 2016-10-27 23:24 - 01435896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-10-27 23:48 - 2016-10-27 23:24 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2016-10-27 23:48 - 2016-10-27 23:24 - 00884224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-27 23:48 - 2016-10-27 23:24 - 00712192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-10-27 23:48 - 2016-10-27 23:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-10-27 23:48 - 2016-10-27 23:24 - 00687936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2016-10-27 23:48 - 2016-10-27 23:24 - 00636928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-10-27 23:48 - 2016-10-27 23:24 - 00410112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2016-10-27 23:48 - 2016-10-27 23:24 - 00272720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-27 23:47 - 2016-10-27 23:30 - 12174848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-27 23:47 - 2016-10-27 23:29 - 00749920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2016-10-27 23:47 - 2016-10-27 23:29 - 00576400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-10-27 23:47 - 2016-10-27 23:29 - 00471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 23:47 - 2016-10-27 23:29 - 00470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 23:47 - 2016-10-27 23:29 - 00459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 23:47 - 2016-10-27 23:29 - 00186424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2016-10-27 23:47 - 2016-10-27 23:29 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2016-10-27 23:47 - 2016-10-27 23:28 - 01993216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-10-27 23:47 - 2016-10-27 23:28 - 00455040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2016-10-27 23:47 - 2016-10-27 23:28 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsensorgroup.dll
2016-10-27 23:47 - 2016-10-27 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmi.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 13868544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 12349440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 06108672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 05376000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 02708992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 01570680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 00772608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 00760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 00465920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 00198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FSClient.dll
2016-10-27 23:47 - 2016-10-27 23:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfksproxy.dll
2016-10-27 23:47 - 2016-10-27 23:26 - 04311736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-27 23:47 - 2016-10-27 23:26 - 00715264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-10-27 23:47 - 2016-10-27 23:26 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-10-27 23:47 - 2016-10-27 23:26 - 00310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-10-27 23:47 - 2016-10-27 23:26 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll
2016-10-27 23:47 - 2016-10-27 23:26 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chartv.dll
2016-10-27 23:47 - 2016-10-27 23:26 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efsext.dll
2016-10-27 23:47 - 2016-10-27 23:25 - 02484736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-10-27 23:47 - 2016-10-27 23:25 - 02005504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-27 23:47 - 2016-10-27 23:25 - 00959112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-10-27 23:47 - 2016-10-27 23:25 - 00896512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll
2016-10-27 23:47 - 2016-10-27 23:25 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 19418112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 19416576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 04423680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 03892352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 03307520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 02276736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 02166232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 01853776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 01556712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 01123368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 00952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\indexeddbserver.dll
2016-10-27 23:47 - 2016-10-27 23:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.exe
2016-10-27 23:47 - 2016-10-27 23:23 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2016-10-27 23:47 - 2016-10-27 23:23 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-27 23:47 - 2016-10-27 23:23 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-27 23:47 - 2016-10-15 06:00 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdole2.tlb
2016-10-27 23:44 - 2016-10-27 23:28 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2016-10-27 23:44 - 2016-10-27 23:27 - 02186896 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2016-10-27 23:44 - 2016-10-27 23:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-10-27 23:43 - 2016-10-27 23:43 - 00000000 _____ C:\Users\Site\Downloads\9D8FBD8Y.json.f50tk8z.partial
2016-10-27 23:43 - 2016-10-27 23:30 - 22224480 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-27 23:43 - 2016-10-27 23:30 - 08075776 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-10-27 23:43 - 2016-10-27 23:30 - 03617792 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-10-27 23:43 - 2016-10-27 23:30 - 01418312 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-10-27 23:43 - 2016-10-27 23:30 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-27 23:43 - 2016-10-27 23:29 - 01461200 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-10-27 23:43 - 2016-10-27 23:29 - 00691080 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2016-10-27 23:43 - 2016-10-27 23:29 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-10-27 23:43 - 2016-10-27 23:29 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-10-27 23:43 - 2016-10-27 23:29 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-10-27 23:43 - 2016-10-27 23:28 - 09131008 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-10-27 23:43 - 2016-10-27 23:28 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-10-27 23:43 - 2016-10-27 23:28 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2016-10-27 23:43 - 2016-10-27 23:28 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-10-27 23:43 - 2016-10-27 23:28 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-10-27 23:43 - 2016-10-27 23:27 - 03287552 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-10-27 23:43 - 2016-10-27 23:27 - 02716672 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-27 23:43 - 2016-10-27 23:27 - 02512384 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-10-27 23:43 - 2016-10-27 23:27 - 02315264 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-10-27 23:43 - 2016-10-27 23:27 - 01980416 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-10-27 23:43 - 2016-10-27 23:27 - 01913344 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2016-10-27 23:43 - 2016-10-27 23:27 - 01726976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-10-27 23:43 - 2016-10-27 23:27 - 01554944 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2016-10-27 23:43 - 2016-10-27 23:27 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll
2016-10-27 23:43 - 2016-10-27 23:27 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-10-27 23:43 - 2016-10-27 23:27 - 00341936 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-27 23:43 - 2016-10-27 23:27 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-27 23:43 - 2016-10-27 23:26 - 02688512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-10-27 23:43 - 2016-10-27 23:26 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-10-27 23:43 - 2016-10-27 23:26 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-10-27 23:43 - 2016-10-27 23:26 - 00509280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-10-27 23:43 - 2016-10-27 23:26 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2016-10-27 23:43 - 2016-10-27 23:26 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-10-27 23:43 - 2016-10-27 23:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-10-27 23:43 - 2016-10-27 23:25 - 02537824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-10-27 23:43 - 2016-10-27 23:25 - 01694712 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2016-10-27 23:43 - 2016-10-27 23:25 - 01512960 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-10-27 23:43 - 2016-10-27 23:25 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-10-27 23:43 - 2016-10-27 23:25 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-10-27 23:43 - 2016-10-27 23:25 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-10-27 23:43 - 2016-10-27 23:24 - 00584032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-10-27 23:43 - 2016-10-27 23:24 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-10-27 23:43 - 2016-10-27 23:24 - 00409952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-10-27 23:43 - 2016-10-27 23:24 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2016-10-27 23:43 - 2016-10-27 23:24 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2016-10-27 23:42 - 2016-10-27 23:30 - 06285312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-10-27 23:42 - 2016-10-27 23:30 - 04129928 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-10-27 23:42 - 2016-10-27 23:30 - 01990648 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-10-27 23:42 - 2016-10-27 23:30 - 01472536 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-27 23:42 - 2016-10-27 23:30 - 01062480 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-10-27 23:42 - 2016-10-27 23:30 - 00244816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll

[sitew]

part2 from FRST.txt

2016-10-27 23:42 - 2016-10-27 23:29 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Bluetooth.dll
2016-10-27 23:42 - 2016-10-27 23:28 - 07817568 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-27 23:42 - 2016-10-27 23:28 - 04749312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-10-27 23:42 - 2016-10-27 23:28 - 03400192 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2016-10-27 23:42 - 2016-10-27 23:28 - 01883784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-27 23:42 - 2016-10-27 23:28 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2016-10-27 23:42 - 2016-10-27 23:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-10-27 23:42 - 2016-10-27 23:28 - 00773712 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-10-27 23:42 - 2016-10-27 23:28 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2016-10-27 23:42 - 2016-10-27 23:28 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2016-10-27 23:42 - 2016-10-27 23:28 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll
2016-10-27 23:42 - 2016-10-27 23:28 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-10-27 23:42 - 2016-10-27 23:28 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Flights.dll
2016-10-27 23:42 - 2016-10-27 23:28 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-10-27 23:42 - 2016-10-27 23:28 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-10-27 23:42 - 2016-10-27 23:27 - 13441024 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-27 23:42 - 2016-10-27 23:27 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2016-10-27 23:42 - 2016-10-27 23:27 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2016-10-27 23:42 - 2016-10-27 23:27 - 00292872 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2016-10-27 23:42 - 2016-10-27 23:27 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2016-10-27 23:42 - 2016-10-27 23:27 - 00130560 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2016-10-27 23:42 - 2016-10-27 23:27 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.exe
2016-10-27 23:42 - 2016-10-27 23:27 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\OnDemandConnRouteHelper.dll
2016-10-27 23:42 - 2016-10-27 23:26 - 05622088 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-10-27 23:42 - 2016-10-27 23:26 - 01600632 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-10-27 23:42 - 2016-10-27 23:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2016-10-27 23:42 - 2016-10-27 23:26 - 00882680 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2016-10-27 23:42 - 2016-10-27 23:26 - 00742704 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-10-27 23:42 - 2016-10-27 23:26 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 23:42 - 2016-10-27 23:26 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 23:42 - 2016-10-27 23:26 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 23:42 - 2016-10-27 23:26 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2016-10-27 23:42 - 2016-10-27 23:26 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
2016-10-27 23:42 - 2016-10-27 23:25 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2016-10-27 23:42 - 2016-10-27 23:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2016-10-27 23:42 - 2016-10-27 23:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2016-10-27 23:42 - 2016-10-27 23:24 - 00983040 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2016-10-27 23:42 - 2016-10-27 23:24 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2016-10-27 23:42 - 2016-10-15 05:59 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\stdole2.tlb
2016-10-27 23:41 - 2016-10-27 23:30 - 13081600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-27 23:41 - 2016-10-27 23:30 - 03778560 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-10-27 23:41 - 2016-10-27 23:30 - 00982528 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-27 23:41 - 2016-10-27 23:30 - 00628040 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-10-27 23:41 - 2016-10-27 23:30 - 00498952 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2016-10-27 23:41 - 2016-10-27 23:29 - 00811416 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2016-10-27 23:41 - 2016-10-27 23:29 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\energy.dll
2016-10-27 23:41 - 2016-10-27 23:28 - 04673304 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-27 23:41 - 2016-10-27 23:28 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2016-10-27 23:41 - 2016-10-27 23:28 - 00629248 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-10-27 23:41 - 2016-10-27 23:28 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2016-10-27 23:41 - 2016-10-27 23:28 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2016-10-27 23:41 - 2016-10-27 23:27 - 03054080 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-10-27 23:41 - 2016-10-27 23:27 - 02611200 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-10-27 23:41 - 2016-10-27 23:27 - 00908640 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2016-10-27 23:41 - 2016-10-27 23:27 - 00682816 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-10-27 23:41 - 2016-10-27 23:27 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2016-10-27 23:41 - 2016-10-27 23:27 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2016-10-27 23:41 - 2016-10-27 23:27 - 00238056 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2016-10-27 23:41 - 2016-10-27 23:27 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2016-10-27 23:41 - 2016-10-27 23:26 - 07792640 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-10-27 23:41 - 2016-10-27 23:26 - 07654912 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-10-27 23:41 - 2016-10-27 23:26 - 04708864 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-27 23:41 - 2016-10-27 23:26 - 01492480 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-27 23:41 - 2016-10-27 23:26 - 00619368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-10-27 23:41 - 2016-10-27 23:26 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\esentutl.exe
2016-10-27 23:41 - 2016-10-27 23:26 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\cmifw.dll
2016-10-27 23:41 - 2016-10-27 23:26 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 23680000 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 02750384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 02670592 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 01779712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-10-27 23:41 - 2016-10-27 23:25 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 00936448 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 00905216 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 00690176 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 00658272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-10-27 23:41 - 2016-10-27 23:25 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-10-27 23:41 - 2016-10-27 23:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\mfsensorgroup.dll
2016-10-27 23:41 - 2016-10-27 23:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\efsext.dll
2016-10-27 23:41 - 2016-10-27 23:24 - 22568960 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-10-27 23:41 - 2016-10-27 23:24 - 02190688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-10-27 23:41 - 2016-10-27 23:24 - 01790464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-10-27 23:41 - 2016-10-27 23:24 - 01637888 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-27 23:41 - 2016-10-27 23:24 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-10-27 23:41 - 2016-10-27 23:24 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2016-10-27 23:41 - 2016-10-27 23:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-10-27 23:41 - 2016-10-27 23:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\FSClient.dll
2016-10-27 23:41 - 2016-10-27 23:23 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-27 23:40 - 2016-10-27 23:29 - 02290176 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-10-27 23:40 - 2016-10-27 23:29 - 01608896 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2016-10-27 23:40 - 2016-10-27 23:29 - 01274712 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-10-27 23:40 - 2016-10-27 23:28 - 17188352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-10-27 23:40 - 2016-10-27 23:28 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2016-10-27 23:40 - 2016-10-27 23:28 - 00567296 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2016-10-27 23:40 - 2016-10-27 23:28 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2016-10-27 23:40 - 2016-10-27 23:28 - 00063328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2016-10-27 23:40 - 2016-10-27 23:27 - 01637728 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-27 23:40 - 2016-10-27 23:27 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2016-10-27 23:40 - 2016-10-27 23:27 - 00595296 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-27 23:40 - 2016-10-27 23:27 - 00272384 _____ (Microsoft Corporation) C:\Windows\system32\mfksproxy.dll
2016-10-27 23:40 - 2016-10-27 23:27 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll
2016-10-27 23:40 - 2016-10-27 23:27 - 00137568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-27 23:40 - 2016-10-27 23:27 - 00079200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2016-10-27 23:40 - 2016-10-27 23:27 - 00078688 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-27 23:40 - 2016-10-27 23:26 - 07216640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-10-27 23:40 - 2016-10-27 23:26 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2016-10-27 23:40 - 2016-10-27 23:26 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-27 23:40 - 2016-10-27 23:26 - 01267504 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-10-27 23:40 - 2016-10-27 23:26 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-10-27 23:40 - 2016-10-27 23:26 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2016-10-27 23:40 - 2016-10-27 23:26 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2016-10-27 23:40 - 2016-10-27 23:26 - 00329216 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2016-10-27 23:40 - 2016-10-27 23:26 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\chartv.dll
2016-10-27 23:40 - 2016-10-27 23:25 - 02913104 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-10-27 23:40 - 2016-10-27 23:25 - 02827864 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-10-27 23:40 - 2016-10-27 23:25 - 01851696 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-27 23:40 - 2016-10-27 23:25 - 01005568 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2016-10-27 23:40 - 2016-10-27 23:25 - 00283488 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2016-10-27 23:40 - 2016-10-27 23:25 - 00265728 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-10-27 23:40 - 2016-10-27 23:25 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2016-10-27 23:40 - 2016-10-27 23:25 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll
2016-10-27 23:40 - 2016-10-27 23:25 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2016-10-27 23:40 - 2016-10-27 23:24 - 02476544 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-27 23:40 - 2016-10-27 23:24 - 00160096 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2016-10-27 23:39 - 2016-10-27 23:29 - 01051112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-27 23:39 - 2016-10-27 23:29 - 00894088 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-10-27 23:39 - 2016-10-27 23:29 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2016-10-27 23:39 - 2016-10-27 23:28 - 01354320 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-27 23:39 - 2016-10-27 23:28 - 01173496 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-10-27 23:39 - 2016-10-27 23:28 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2016-10-27 23:39 - 2016-10-27 23:28 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-10-27 23:39 - 2016-10-27 23:28 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\capimg.sys
2016-10-27 23:39 - 2016-10-27 23:27 - 01235296 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-27 23:39 - 2016-10-27 23:27 - 00584032 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-27 23:39 - 2016-10-27 23:27 - 00322912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-27 23:39 - 2016-10-27 23:27 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys
2016-10-27 23:39 - 2016-10-27 23:27 - 00232800 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-27 23:39 - 2016-10-27 23:27 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2016-10-27 23:39 - 2016-10-27 23:26 - 01356352 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2016-10-27 23:39 - 2016-10-27 23:26 - 00942080 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-27 23:39 - 2016-10-27 23:26 - 00881664 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-27 23:39 - 2016-10-27 23:26 - 00590960 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-27 23:39 - 2016-10-27 23:26 - 00500064 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-27 23:39 - 2016-10-27 23:26 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2016-10-27 23:39 - 2016-10-27 23:26 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2016-10-27 23:39 - 2016-10-27 23:25 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-10-27 23:39 - 2016-10-27 23:25 - 01690112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2016-10-27 23:39 - 2016-10-27 23:25 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2016-10-27 23:39 - 2016-10-27 23:25 - 00631296 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2016-10-27 23:39 - 2016-10-27 23:25 - 00534096 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-27 23:39 - 2016-10-27 23:25 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-10-27 23:39 - 2016-10-27 23:25 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-10-27 23:39 - 2016-10-27 23:25 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2016-10-27 23:39 - 2016-10-27 23:24 - 00557408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-10-27 23:39 - 2016-10-27 23:24 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\AudioSrvPolicyManager.dll
2016-10-27 23:39 - 2016-10-27 23:24 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-10-27 15:19 - 2016-10-27 15:19 - 00000000 ____D C:\Lethal_Samples_Retail
2016-10-26 22:58 - 2016-10-26 22:58 - 00000000 ____D C:\Users\Site\Documents\CyberLink
2016-10-26 22:58 - 2016-10-26 22:58 - 00000000 ____D C:\Users\Public\CyberLink
2016-10-26 22:52 - 2016-10-26 22:52 - 00002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 8 (64-bit).lnk
2016-10-26 22:52 - 2016-10-26 22:52 - 00000000 ____D C:\Program Files (x86)\CyberLink
2016-10-26 22:50 - 2016-10-26 22:50 - 00000000 ____D C:\ProgramData\install_backup
2016-10-26 22:50 - 2016-10-26 22:50 - 00000000 ____D C:\Program Files\CyberLink
2016-10-26 22:31 - 2016-10-26 22:31 - 00000196 _____ C:\Windows\ulead32.ini
2016-10-26 22:26 - 2016-10-26 22:26 - 00003414 _____ C:\Windows\System32\Tasks\{EFB2DDDE-B847-4F8B-8BDB-AB4E4FCFB9F7}
2016-10-26 22:26 - 2016-10-26 22:26 - 00000000 ____D C:\Users\Site\Documents\Ulead VideoStudio
2016-10-26 22:25 - 2016-10-26 22:25 - 00000000 ____D C:\ProgramData\Ulead Systems
2016-10-26 21:11 - 2016-10-26 21:11 - 00000000 ____D C:\Users\Site\AppData\Local\Cyberlink
2016-10-26 21:10 - 2016-10-26 22:52 - 00000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2016-10-26 21:07 - 2016-10-26 22:58 - 00000000 ____D C:\ProgramData\CyberLink
2016-10-26 21:07 - 2016-10-26 22:53 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2016-10-26 21:07 - 2016-10-26 22:50 - 00000000 ____D C:\ProgramData\install_clap
2016-10-26 20:58 - 2016-10-26 20:58 - 00000000 ____D C:\Users\Site\AppData\Local\Downloaded Installations
2016-10-26 19:34 - 2016-10-26 19:34 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsigne45878c50ac91d53
2016-10-26 19:34 - 2016-10-26 19:34 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign12456d13902ed860
2016-10-26 13:43 - 2016-10-26 13:43 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign79c7d911032fc2e7
2016-10-26 13:43 - 2016-10-26 13:43 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign3702307976cdd8cd
2016-10-26 13:39 - 2016-10-26 13:39 - 00000000 ____D C:\Users\Site\AppData\Local\Topaz Labs
2016-10-26 13:38 - 2016-10-26 13:38 - 00000000 ____D C:\Program Files\Topaz Labs
2016-10-26 13:22 - 2016-10-26 13:22 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsignd202d9f406ec1a00
2016-10-26 13:22 - 2016-10-26 13:22 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsigncc5d05817e4fd622
2016-10-26 13:19 - 2016-10-26 13:19 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsignbc3736228989f29e
2016-10-26 13:19 - 2016-10-26 13:19 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsignb73faf82a7d1e441
2016-10-26 13:10 - 2016-10-26 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KPT Collection
2016-10-26 13:10 - 2016-10-26 13:10 - 00000000 ____D C:\Windows\Corel
2016-10-26 12:42 - 2016-10-26 12:42 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign9317c4765b039db3
2016-10-26 12:42 - 2016-10-26 12:42 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign48e623a90adbff8b
2016-10-26 12:23 - 2016-10-26 12:37 - 00000539 _____ C:\Windows\PowerReg.dat
2016-10-26 12:23 - 2016-10-26 12:23 - 00000000 ____D C:\Windows\MetaCreations
2016-10-26 01:30 - 2016-10-26 01:30 - 00002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Painter 2017.lnk
2016-10-26 01:08 - 2016-10-26 01:14 - 00000000 ____D C:\ProgramData\Glarysoft
2016-10-26 01:08 - 2016-10-26 01:08 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUSBootStartup.sys
2016-10-26 01:08 - 2016-10-26 01:08 - 00003060 _____ C:\Windows\System32\Tasks\GMHSkipUAC
2016-10-26 01:08 - 2016-10-26 01:08 - 00001297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malware Hunter.lnk
2016-10-26 01:08 - 2016-10-26 01:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2016-10-26 01:07 - 2016-10-26 19:54 - 00000000 ____D C:\Users\Site\AppData\Roaming\GlarySoft
2016-10-26 01:07 - 2016-10-26 01:07 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2016-10-26 01:07 - 2016-10-26 01:07 - 00003384 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2016-10-26 01:07 - 2016-10-26 01:07 - 00003040 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2016-10-26 01:07 - 2016-10-26 01:07 - 00001208 _____ C:\GUDownLoaddebug.txt
2016-10-26 01:07 - 2016-10-26 01:07 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2016-10-26 01:07 - 2016-10-26 01:07 - 00000000 ____D C:\Users\Site\AppData\Roaming\DiskDefrag
2016-10-26 01:07 - 2016-10-26 01:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2016-10-26 01:07 - 2016-10-26 01:07 - 00000000 ____D C:\Program Files (x86)\Glarysoft
2016-10-26 01:06 - 2016-10-26 23:09 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2016-10-25 23:27 - 2016-10-25 23:27 - 00000000 _____ C:\Users\Site\Downloads\CRL_pntr_v16.rar.yoqywdf.partial
2016-10-25 21:55 - 2016-10-25 21:55 - 00000000 ____D C:\Users\Site\AppData\Roaming\Roxio
2016-10-25 21:55 - 2016-10-25 21:55 - 00000000 ____D C:\Users\Site\AppData\Local\Corel
2016-10-25 21:48 - 2016-10-25 21:48 - 00000000 ____D C:\ProgramData\Uninstall
2016-10-25 21:48 - 2016-10-25 21:48 - 00000000 ____D C:\ProgramData\Roxio
2016-10-25 21:48 - 2016-10-25 21:48 - 00000000 ____D C:\ProgramData\MyDVD
2016-10-25 21:47 - 2016-10-25 21:48 - 00000000 ____D C:\Program Files (x86)\VideoStudio MyDVD X9
2016-10-25 21:47 - 2016-10-25 21:47 - 00000000 ____D C:\ProgramData\Roxio Log Files
2016-10-25 21:38 - 2016-10-25 22:42 - 00000000 ____D C:\Users\Site\Documents\Corel VideoStudio Pro
2016-10-25 21:37 - 2016-10-26 22:26 - 00000000 ____D C:\Users\Site\AppData\Roaming\Ulead Systems
2016-10-25 21:34 - 2016-10-25 21:35 - 00000000 ____D C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2016-10-25 21:34 - 2016-10-25 21:34 - 00000000 ____D C:\Program Files (x86)\Haali
2016-10-25 21:29 - 2016-10-25 21:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio X9
2016-10-25 20:10 - 2016-10-28 18:07 - 00000000 ____D C:\ProgramData\rgt
2016-10-25 20:10 - 2016-10-25 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2016-10-25 20:10 - 2016-10-25 20:23 - 00000000 ____D C:\Program Files\Red Giant
2016-10-25 20:10 - 2016-10-25 20:10 - 00003748 _____ C:\Windows\System32\Tasks\Red Giant Link
2016-10-25 20:10 - 2016-10-25 20:10 - 00000000 ____D C:\Users\Site\AppData\Roaming\Red Giant
2016-10-25 20:10 - 2016-10-25 20:10 - 00000000 ____D C:\ProgramData\Red Giant
2016-10-25 20:10 - 2016-10-25 20:10 - 00000000 ____D C:\Program Files\Common Files\OFX
2016-10-25 20:10 - 2016-10-25 20:10 - 00000000 ____D C:\Program Files (x86)\Red Giant Link
2016-10-25 20:10 - 2016-10-25 20:10 - 00000000 ____D C:\Program Files (x86)\LooksBuilder
2016-10-25 20:10 - 2016-06-17 16:44 - 43070464 _____ (Red Giant LLC) C:\Windows\system32\MBLooksUI_x64.dll
2016-10-25 20:09 - 2016-10-25 20:23 - 00000000 ____D C:\Program Files (x86)\Red Giant
2016-10-25 20:07 - 2016-10-25 20:07 - 00000000 ____D C:\Users\Site\AppData\Roaming\VEGAS
2016-10-25 20:07 - 2016-10-25 20:07 - 00000000 ____D C:\Users\Site\AppData\Roaming\Publish Providers
2016-10-25 20:07 - 2016-10-25 20:07 - 00000000 ____D C:\ProgramData\VEGAS Pro
2016-10-25 20:06 - 2016-10-25 20:07 - 00000000 ____D C:\Users\Site\AppData\Local\Sony
2016-10-25 20:06 - 2016-10-25 20:06 - 00000000 ____D C:\Users\Site\AppData\Roaming\VEGAS Pro
2016-10-25 20:06 - 2016-10-25 20:06 - 00000000 ____D C:\Users\Site\AppData\Local\VEGAS Pro
2016-10-25 20:02 - 2016-10-25 23:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2016-10-25 20:02 - 2016-10-25 21:07 - 00000000 ____D C:\Program Files\VEGAS
2016-10-25 20:02 - 2016-10-25 20:42 - 00000000 ____D C:\ProgramData\VEGAS
2016-10-25 20:02 - 2016-10-25 20:02 - 00000000 ____D C:\Users\Site\AppData\Local\VEGAS
2016-10-25 20:02 - 2016-10-25 20:02 - 00000000 ____D C:\Program Files (x86)\VEGAS
2016-10-25 20:00 - 2016-10-25 20:33 - 00000000 ____D C:\Users\Site\AppData\Roaming\Sony
2016-10-25 19:55 - 2016-10-25 19:55 - 00000000 ____D C:\ProgramData\RedGiant
2016-10-25 15:03 - 2016-10-25 15:03 - 00000000 ____D C:\Users\Site\AppData\Roaming\Sun
2016-10-25 15:03 - 2016-10-25 15:03 - 00000000 ____D C:\Users\Site\AppData\LocalLow\Sun
2016-10-25 15:03 - 2016-10-25 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-10-25 15:03 - 2016-10-25 15:02 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-10-25 15:02 - 2016-10-25 15:03 - 00000000 ____D C:\ProgramData\Oracle
2016-10-25 15:02 - 2016-10-25 15:02 - 00000000 ____D C:\Program Files (x86)\Java
2016-10-25 15:00 - 2016-10-25 15:00 - 00000000 ____D C:\Users\Site\AppData\Roaming\VOS
2016-10-24 22:43 - 2016-10-24 22:43 - 00003456 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTaskCore
2016-10-24 22:42 - 2016-10-25 21:34 - 00000000 ____D C:\Program Files (x86)\Corel
2016-10-24 22:42 - 2016-10-24 22:42 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign199e01803dbd2b3c
2016-10-24 22:38 - 2016-10-24 22:38 - 00000000 ____D C:\ProgramData\UniqueId
2016-10-24 22:28 - 2016-10-24 22:28 - 00000000 ____D C:\ProgramData\Protexis64
2016-10-24 15:55 - 2016-10-24 15:55 - 00000000 ____D C:\Users\Site\Documents\Adobe
2016-10-24 14:07 - 2016-10-24 14:07 - 00001615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-10-23 12:56 - 2016-10-23 12:56 - 00000000 ____D C:\Users\Site\AppData\Roaming\Plogue Art et Technologie, Inc
2016-10-23 12:56 - 2016-10-23 12:56 - 00000000 ____D C:\Users\Site\AppData\Roaming\Plogue
2016-10-23 12:55 - 2016-10-23 12:56 - 00000000 ____D C:\Program Files\Plogue
2016-10-23 12:55 - 2016-10-23 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plogue
2016-10-21 17:51 - 2016-10-21 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tone2 Gladiator full
2016-10-21 17:26 - 2016-10-21 17:27 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-10-21 00:27 - 2016-10-21 00:27 - 00286720 _____ (Indigo Rose Corporation) C:\Windows\iun506.exe
2016-10-21 00:27 - 2016-10-21 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Flare
2016-10-21 00:27 - 2016-10-21 00:27 - 00000000 ____D C:\Program Files (x86)\Magic Flare
2016-10-21 00:21 - 2016-10-21 00:21 - 00720896 _____ (Indigo Rose Corporation) C:\Windows\iun6002.exe
2016-10-21 00:21 - 2016-10-21 00:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kibisis
2016-10-21 00:20 - 2016-10-21 00:21 - 00000000 ____D C:\Program Files (x86)\Kibisis
2016-10-21 00:20 - 2016-10-21 00:20 - 00000000 ____D C:\Windows\SysWOW64\data
2016-10-21 00:19 - 2016-10-21 00:21 - 00009171 _____ C:\Windows\Kibisis Setup Log.txt
2016-10-21 00:00 - 2016-10-21 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flame Painter
2016-10-20 23:59 - 2016-10-21 00:00 - 00000000 ____D C:\Program Files (x86)\Flame Painter
2016-10-20 23:57 - 2016-10-20 23:57 - 00000000 ____D C:\Users\Site\AppData\Local\WMTools Downloaded Files
2016-10-20 23:55 - 2016-10-20 23:55 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
2016-10-20 23:55 - 2016-10-20 23:55 - 00000000 ____D C:\Program Files (x86)\Movie Maker 2.6
2016-10-20 23:40 - 2016-10-27 00:04 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2016-10-20 23:40 - 2016-10-27 00:03 - 00001255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoStage Slideshow Producer.lnk
2016-10-20 23:40 - 2016-10-20 23:41 - 00000000 ____D C:\Users\Site\AppData\Roaming\NCH Software
2016-10-20 23:40 - 2016-10-20 23:40 - 00000000 ____D C:\ProgramData\NCH Software
2016-10-20 23:40 - 2016-10-20 23:40 - 00000000 ____D C:\Program Files (x86)\NCH Software
2016-10-20 23:01 - 2016-10-20 23:15 - 00000000 ____D C:\Users\Site\Documents\MAGIX downloads
2016-10-20 22:56 - 2016-10-20 22:56 - 00001756 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Story 3 for Windows.lnk
2016-10-20 22:56 - 2016-10-20 22:56 - 00000000 ____D C:\Program Files (x86)\Photo Story 3 for Windows
2016-10-20 22:34 - 2016-10-25 20:07 - 00000000 ____D C:\Users\Site\AppData\Roaming\MAGIX
2016-10-20 22:34 - 2016-10-20 22:34 - 00000000 ____D C:\Users\Site\Documents\MAGIX_MusicEditor
2016-10-20 22:34 - 2016-10-20 22:34 - 00000000 ____D C:\Users\Site\AppData\Local\Xara
2016-10-20 22:33 - 2016-10-20 22:33 - 00000000 ____D C:\Users\Public\Documents\MAGIX
2016-10-20 22:32 - 2016-10-20 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2016-10-20 22:32 - 2016-10-20 22:32 - 00000000 ____D C:\Program Files\Common Files\MAGIX Shared
2016-10-20 22:26 - 2016-10-20 22:26 - 00000000 ____D C:\Program Files\MAGIX
2016-10-20 22:26 - 2016-10-20 22:26 - 00000000 ____D C:\Program Files\Common Files\MAGIX Services
2016-10-20 22:25 - 2016-10-20 23:01 - 00000000 ___RD C:\Users\Site\Documents\MAGIX
2016-10-20 22:25 - 2016-10-20 22:25 - 00000000 ____D C:\Program Files (x86)\MAGIX
2016-10-20 22:24 - 2016-10-25 20:06 - 00000000 ____D C:\ProgramData\MAGIX
2016-10-20 22:24 - 2016-10-20 22:24 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-10-20 20:52 - 2016-10-20 20:52 - 00000000 ____D C:\Users\Site\AppData\Local\Agisoft
2016-10-20 20:50 - 2016-10-20 20:57 - 00000000 ____D C:\Users\Site\AppData\Roaming\Agisoft
2016-10-19 01:10 - 2016-10-19 01:10 - 00000732 _____ C:\Users\Site\Desktop\1602 - Snelkoppeling.lnk
2016-10-19 00:54 - 2016-10-19 00:54 - 00001245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.lnk
2016-10-19 00:54 - 2016-10-19 00:54 - 00001240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.lnk
2016-10-19 00:48 - 1998-10-09 15:36 - 00327168 _____ (InstallShield Software Corporation) C:\Windows\IsUn0413.exe
2016-10-19 00:41 - 1998-11-05 12:08 - 00087392 _____ (Twain Working Group) C:\Windows\twain.dll
2016-10-18 20:25 - 2016-10-18 20:25 - 00000000 ____D C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop
2016-10-18 20:13 - 2016-10-18 20:13 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsignb3ccc079bf1662ea
2016-10-18 20:13 - 2016-10-18 20:13 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign12f4b3be15b20b92
2016-10-18 20:10 - 2016-10-18 20:10 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign679d8c70f72914ea
2016-10-18 20:10 - 2016-10-18 20:10 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign088de515de3dadf7
2016-10-18 20:09 - 2016-10-18 20:09 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsignf562bc5e60e3292a
2016-10-18 20:09 - 2016-10-18 20:09 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign5cbae19174e68007
2016-10-18 20:08 - 2016-10-18 20:08 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign36d2ec4099853dd2
2016-10-18 20:08 - 2016-10-18 20:08 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign279869e2efe84a8e
2016-10-18 20:03 - 2016-10-18 20:03 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign8e7cb079387fe2f3
2016-10-18 20:03 - 2016-10-18 20:03 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign4c0fb3b291201015
2016-10-18 17:17 - 2016-10-29 15:03 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-10-18 16:51 - 2016-10-18 17:11 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2016-10-18 16:51 - 2016-10-18 17:11 - 00002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2016-10-18 16:51 - 2016-10-18 17:11 - 00002126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2016-10-18 16:29 - 2016-10-18 16:29 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign6d306d6f59ecd8de
2016-10-18 16:29 - 2016-10-18 16:29 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign4384e9e73d033817
2016-10-18 15:47 - 2016-10-18 15:48 - 00000000 ____D C:\Users\Site\AppData\Local\CoverEditor
2016-10-18 15:47 - 2016-10-18 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TBS Cover Editor
2016-10-18 15:46 - 2016-10-18 15:47 - 00000000 ____D C:\Program Files (x86)\TBS Cover Editor
2016-10-18 15:44 - 2016-10-18 15:44 - 01242112 _____ (Chestysoft) C:\Windows\SysWOW64\csXImage.ocx
2016-10-18 15:44 - 2016-10-18 15:44 - 00402848 _____ (FarPoint Technologies, Inc.) C:\Windows\SysWOW64\btn32a20.ocx
2016-10-18 15:44 - 2016-10-18 15:44 - 00266240 _____ (Dosadi (www.dosadi.com)) C:\Windows\SysWOW64\EZTiff.dll
2016-10-18 15:44 - 2016-10-18 15:44 - 00225280 _____ (FarPoint Technologies, Inc.) C:\Windows\SysWOW64\Btn32d20.dll
2016-10-18 15:44 - 2016-10-18 15:44 - 00204800 _____ (SaifSoft) C:\Windows\SysWOW64\ColorBox.ocx
2016-10-18 15:44 - 2016-10-18 15:44 - 00180224 _____ (Dosadi (www.dosadi.com)) C:\Windows\SysWOW64\Eztwain3.dll
2016-10-18 15:44 - 2016-10-18 15:44 - 00151552 _____ (Dosadi (www.dosadi.com)) C:\Windows\SysWOW64\EZPng.dll
2016-10-18 15:44 - 2016-10-18 15:44 - 00106496 _____ (Dosadi (www.dosadi.com)) C:\Windows\SysWOW64\EZJpeg.dll
2016-10-18 15:44 - 2016-10-18 15:44 - 00049152 _____ (Dosadi (www.dosadi.com)) C:\Windows\SysWOW64\EZPdf.dll
2016-10-18 15:44 - 2016-10-18 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD and CD Cover Print
2016-10-18 15:44 - 2016-10-18 15:44 - 00000000 ____D C:\Program Files (x86)\DVDCoverPrint
2016-10-18 15:43 - 2016-10-18 15:44 - 00118784 _____ (Dosadi (www.dosadi.com)) C:\Windows\SysWOW64\EZGif.dll
2016-10-18 15:43 - 2016-10-18 15:43 - 00307200 _____ (Polar sales@polarsoftware.com www.polarsoftware.com) C:\Windows\SysWOW64\PolarZIPLight.dll
2016-10-18 15:43 - 2016-10-18 15:43 - 00260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2016-10-18 15:43 - 2016-10-18 15:43 - 00238080 _____ (Pegasus Software LLC) C:\Windows\SysWOW64\fximg50g.ocx
2016-10-18 15:43 - 2016-10-18 15:43 - 00178688 _____ (Pegasus Software, LLC) C:\Windows\SysWOW64\fxlbl50g.ocx
2016-10-18 15:43 - 2016-10-18 15:43 - 00153088 _____ C:\Windows\SysWOW64\UNWISE.EXE
2016-10-18 15:43 - 2016-10-18 15:43 - 00122880 _____ (ImageFX) C:\Windows\SysWOW64\fxtls532.dll
2016-10-18 15:43 - 2016-10-18 15:43 - 00115920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSINET.OCX
2016-10-18 15:43 - 2016-10-18 15:43 - 00029184 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\picn20.dll
2016-10-18 15:43 - 1998-12-10 06:59 - 00047163 _____ C:\Windows\SysWOW64\picn1320.ssm
2016-10-18 15:43 - 1998-12-09 20:01 - 00059014 _____ C:\Windows\SysWOW64\picn1820.ssm
2016-10-18 15:43 - 1998-12-09 19:55 - 00016064 _____ C:\Windows\SysWOW64\picn8220.ssm
2016-10-18 13:46 - 2016-10-25 18:03 - 00000000 ____D C:\Users\Site\AppData\Local\Mozilla
2016-10-18 13:46 - 2016-10-18 13:46 - 00000000 ____D C:\Users\Site\AppData\Roaming\Mozilla
2016-10-17 18:25 - 2016-10-17 18:25 - 00000000 ____D C:\Users\Site\Documents\Banished
2016-10-17 14:31 - 2016-10-17 14:31 - 00000000 ____D C:\Users\Site\AppData\Roaming\PowerISO
2016-10-17 14:25 - 2016-10-18 14:04 - 00000000 ____D C:\Program Files (x86)\PowerISO
2016-10-17 14:25 - 2016-10-17 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2016-10-17 14:25 - 2016-10-02 02:50 - 00137280 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2016-10-17 14:21 - 2016-10-17 14:21 - 00000196 _____ C:\Users\Site\AppData\Roaming\burnaware.ini
2016-10-17 14:19 - 2016-10-17 14:20 - 00000000 ____D C:\Program Files (x86)\BurnAware Professional
2016-10-17 14:19 - 2016-10-17 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Professional
2016-10-16 19:01 - 2016-10-16 19:01 - 00000000 ____D C:\Users\Site\AppData\Local\Apps\2.0
2016-10-15 12:24 - 2016-10-26 13:41 - 00000000 ____D C:\Users\Site\Documents\My PSP8 Files
2016-10-15 12:24 - 2016-10-15 12:24 - 00000000 ____D C:\Users\Site\AppData\Roaming\Jasc Software Inc
2016-10-13 17:42 - 2016-10-26 12:36 - 00214912 _____ C:\Users\Site\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-13 16:27 - 2016-10-13 16:27 - 00040304 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
2016-10-13 16:23 - 2016-10-29 17:18 - 00000000 ____D C:\Users\Site\Documents\RegRun2
2016-10-13 16:23 - 2016-10-29 17:18 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2016-10-13 16:23 - 2016-10-13 16:25 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2016-10-13 16:23 - 2016-10-13 16:23 - 00049968 _____ (Greatis Software) C:\Windows\system32\partizan.exe
2016-10-13 16:23 - 2016-10-13 16:23 - 00015016 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
2016-10-13 16:23 - 2016-10-13 16:23 - 00003418 _____ C:\Windows\System32\Tasks\UnHackMe Task Scheduler
2016-10-13 16:23 - 2016-10-13 16:23 - 00000002 RSHOT C:\Windows\winstart.bat
2016-10-13 16:23 - 2016-10-13 16:23 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2016-10-13 16:23 - 2016-10-13 16:23 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2016-10-13 16:23 - 2016-10-13 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2016-10-13 12:48 - 2016-10-28 12:20 - 00000000 ____D C:\Users\Site\AppData\Roaming\Maize Sampler Player
2016-10-12 23:04 - 2016-10-28 00:29 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-12 23:04 - 2016-10-28 00:29 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-12 19:21 - 2016-10-12 19:21 - 00000000 ____D C:\Windows\system32\MpEngineStore
2016-10-12 15:59 - 2016-10-12 15:59 - 06474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2016-10-12 15:59 - 2016-10-12 15:59 - 02914304 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 02800128 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 02446696 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 01589248 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 01322848 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00873472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00480768 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\credprovs.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2016-10-12 15:59 - 2016-10-12 15:59 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 08126464 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 06043136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 04747776 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 03689984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 03667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 03105792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-10-12 15:58 - 2016-10-12 15:58 - 02682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 02646016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 02390016 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2016-10-12 15:58 - 2016-10-12 15:58 - 01859264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 01430720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00983040 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll

[sitew]

part3 FRST.txt

2016-10-12 15:58 - 2016-10-12 15:58 - 00858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00640000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00590848 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-10-12 15:58 - 2016-10-12 15:58 - 00360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-10-12 15:58 - 2016-10-12 15:58 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-12 15:58 - 2016-10-12 15:58 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovs.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-12 15:58 - 2016-10-12 15:58 - 00064352 _____ (Avago Technologies) C:\Windows\system32\Drivers\MegaSas2i.sys
2016-10-12 15:58 - 2016-10-12 15:58 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 03496960 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 03369984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 02356736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 02213248 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 01705976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 01360456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 01112928 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 01022304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00998912 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00980824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00837632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2016-10-12 15:57 - 2016-10-12 15:57 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00508416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.HostName.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-12 15:57 - 2016-10-12 15:57 - 00128864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2016-10-12 15:57 - 2016-10-12 15:57 - 00116576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-12 15:57 - 2016-10-12 15:57 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2016-10-12 15:57 - 2016-10-05 02:01 - 00446124 _____ C:\Windows\system32\ApnDatabase.xml
2016-10-12 15:56 - 2016-10-12 15:56 - 06664192 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2016-10-12 15:56 - 2016-10-12 15:56 - 04136960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 01980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 01456640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 01181536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-10-12 15:56 - 2016-10-12 15:56 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 01071728 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 01013760 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 00936960 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 00279904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-10-12 15:56 - 2016-10-12 15:56 - 00187232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2016-10-12 15:56 - 2016-10-12 15:56 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.HostName.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2016-10-12 15:56 - 2016-10-12 15:56 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConfigureExpandedStorage.dll
2016-10-12 14:02 - 2016-10-25 23:01 - 00005632 _____ C:\Users\Site\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-12 12:59 - 2016-10-12 12:59 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2016-10-12 12:58 - 2016-10-12 12:58 - 00169464 _____ (Gracenote) C:\Windows\SysWOW64\CddbLangRU.dll
2016-10-12 12:58 - 2016-10-12 12:58 - 00103928 _____ (Gracenote) C:\Windows\SysWOW64\CddbLangFR.dll
2016-10-12 12:58 - 2016-10-12 12:58 - 00103928 _____ (Gracenote) C:\Windows\SysWOW64\CddbLangES.dll
2016-10-12 12:58 - 2016-10-12 12:58 - 00103928 _____ (Gracenote) C:\Windows\SysWOW64\CddbLangDE.dll
2016-10-12 12:58 - 2016-10-12 12:58 - 00083448 _____ (Gracenote) C:\Windows\SysWOW64\CddbLangJA.dll
2016-10-11 17:15 - 2016-10-11 17:15 - 06354944 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2016-10-11 17:15 - 2016-10-11 17:15 - 05739008 _____ (Microsoft Corporation) C:\Windows\system32\prm0009.dll
2016-10-11 17:15 - 2016-10-11 17:15 - 05489664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0009.dll
2016-10-11 17:15 - 2016-10-11 17:15 - 02629120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0009.dll
2016-10-11 17:15 - 2016-10-11 17:15 - 02629120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2016-10-11 17:15 - 2016-10-11 17:15 - 00001047 _____ C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionele onderdelen.lnk
2016-10-10 19:09 - 2016-10-10 19:09 - 00001995 _____ C:\Users\Site\Desktop\FarCry4 - Snelkoppeling.lnk
2016-10-10 15:37 - 2016-10-10 15:37 - 00000000 __HDC C:\ProgramData\{6892BB60-7478-4368-9A33-70A3FAD05F53}
2016-10-10 15:33 - 2016-10-10 15:33 - 00000000 __HDC C:\ProgramData\{90D8CE90-3E6B-4034-A281-BC9F19B60A5B}
2016-10-10 12:23 - 2016-10-10 12:23 - 00003342 _____ C:\Windows\System32\Tasks\{F73976DA-7689-46F0-8431-CCE4E79027BC}
2016-10-10 12:21 - 2016-10-10 12:33 - 00002098 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
2016-10-10 12:21 - 2016-10-10 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
2016-10-10 12:21 - 2016-10-10 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-09 18:57 - 2016-10-09 18:57 - 00000000 ____D C:\Users\Site\Documents\WB Games
2016-10-09 18:48 - 2016-10-09 18:48 - 00001531 _____ C:\Users\Public\Desktop\Middle-earth - Shadow of Mordor GOTY.lnk
2016-10-09 18:48 - 2016-10-09 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WB Games
2016-10-09 18:09 - 2016-10-09 18:09 - 00000000 ____D C:\Program Files (x86)\WB Games
2016-10-08 19:24 - 2016-10-08 19:25 - 00000000 ____D C:\ProgramData\IM
2016-10-08 19:24 - 2016-10-08 19:24 - 00000000 ____D C:\ProgramData\IncrediMail
2016-10-08 19:24 - 2016-10-08 19:24 - 00000000 ____D C:\Program Files (x86)\IncrediMail
2016-10-08 01:11 - 2016-10-08 01:11 - 00001717 _____ C:\Users\Public\Desktop\The Settlers IV GOLD.lnk
2016-10-08 01:11 - 2016-10-08 01:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Settlers IV GOLD [GOG.com]
2016-10-07 21:51 - 2016-10-07 21:51 - 00001920 _____ C:\Users\Site\Desktop\CoJGunslinger - Snelkoppeling.lnk
2016-10-07 21:51 - 2016-10-07 21:51 - 00000000 ____D C:\ProgramData\RELOADED
2016-10-07 18:30 - 2016-10-07 18:30 - 00000000 ____D C:\Users\Site\AppData\Local\SKIDROW
2016-10-07 17:33 - 2016-10-07 17:33 - 00000000 __HDC C:\ProgramData\{C2A88E6D-FA3D-462B-BDFF-A09B1EFA8FBE}
2016-10-07 17:12 - 2016-10-18 16:55 - 00000000 ____D C:\Users\Site\AppData\LocalLow\Adobe
2016-10-07 17:11 - 2016-10-07 17:11 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsignc046029d5d3fd452
2016-10-07 17:11 - 2016-10-07 17:11 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsign514c693615bdc4d6
2016-10-07 16:43 - 2016-10-24 14:08 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-10-07 16:43 - 2016-10-07 16:43 - 00003630 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-C38E2HK-Site
2016-10-07 16:43 - 2016-10-07 16:43 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsignfb766c570b8bf618
2016-10-07 16:43 - 2016-10-07 16:43 - 00000000 ____D C:\Users\Site\AppData\Local\Tempzxpsignd4bb675ae97f83d2
2016-10-07 16:40 - 2016-10-07 16:40 - 00001101 _____ C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5.lnk
2016-10-07 16:36 - 2016-10-26 19:32 - 00000000 ____D C:\Program Files\Adobe
2016-10-07 16:36 - 2016-10-07 16:36 - 00001389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5 (32 Bit).lnk
2016-10-07 16:32 - 2016-10-18 20:25 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-10-07 16:29 - 2016-10-08 02:15 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-10-07 16:25 - 2016-10-26 20:38 - 00000000 ____D C:\ProgramData\Adobe
2016-10-07 16:24 - 2016-10-29 02:06 - 00000000 ____D C:\Users\Site\AppData\Local\Adobe
2016-10-07 00:26 - 2016-10-07 00:26 - 00002426 _____ C:\Users\Site\Desktop\Borderlands2 - Snelkoppeling.lnk
2016-10-07 00:24 - 2016-10-10 19:10 - 00000000 ____D C:\Users\Site\Documents\My Games
2016-10-07 00:24 - 2016-10-07 00:24 - 00000000 ____D C:\ProgramData\Steam
2016-10-06 23:42 - 2016-10-06 23:42 - 00002048 _____ C:\Users\Public\Desktop\Heroes of Might and Magic III Complete.lnk
2016-10-06 23:42 - 2016-10-06 23:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3DO
2016-10-06 23:41 - 2016-10-06 23:42 - 00000000 ____D C:\Program Files (x86)\3DO
2016-10-06 23:41 - 2002-03-14 14:15 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2016-10-06 22:09 - 2016-10-06 22:09 - 00001672 _____ C:\Users\Public\Desktop\Tropico 5 - Complete Collection.lnk
2016-10-06 22:09 - 2016-10-06 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media Digital
2016-10-06 22:07 - 2016-10-06 22:07 - 00000000 ____D C:\Program Files (x86)\Kalypso Media Digital
2016-10-06 20:37 - 2016-10-06 20:37 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2016-10-06 16:50 - 2016-10-06 16:52 - 00000000 ____D C:\Users\Site\AppData\Roaming\Digiarty
2016-10-06 16:50 - 2016-10-06 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
2016-10-06 16:50 - 2016-10-06 16:52 - 00000000 ____D C:\Program Files (x86)\Digiarty
2016-10-06 14:58 - 2016-10-06 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2016-10-05 23:53 - 2016-10-29 01:19 - 00000000 ____D C:\Users\Site\AppData\LocalLow\Adblock Plus for IE
2016-10-05 23:52 - 2016-10-05 23:53 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2016-10-05 19:18 - 2016-10-05 19:18 - 00000000 ____D C:\Users\Site\AppData\Local\ElevatedDiagnostics
2016-10-05 18:32 - 2016-10-24 16:09 - 00000000 ____D C:\Users\Site\Documents\Ample Sound
2016-10-05 18:32 - 2016-10-05 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ample Sound
2016-10-05 18:31 - 2016-10-24 16:09 - 00000000 ____D C:\Users\Site\AppData\Roaming\Ample Sound
2016-10-05 18:31 - 2016-10-05 18:32 - 00000000 ____D C:\Program Files\Ample Sound
2016-10-05 17:56 - 2016-10-05 17:56 - 00000000 __HDC C:\ProgramData\{7952E1C9-0E4F-4E42-B47A-6EE81A04E775}
2016-10-05 17:06 - 2016-10-05 17:06 - 00000000 ___DC C:\ProgramData\{1DC78BF5-AFEA-45C8-9EFE-C64A1962F937}
2016-10-05 17:05 - 2016-10-05 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-10-05 17:04 - 2016-10-05 17:05 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-10-05 16:17 - 2016-10-05 16:17 - 00112408 _____ C:\Windows\system32\Drivers\NIWinCDEmu.sys
2016-10-05 16:07 - 2016-10-05 16:07 - 00000000 __HDC C:\ProgramData\{90EA2154-3F20-4AC1-9F62-B65FFBD11C50}
2016-10-05 16:06 - 2016-10-05 16:06 - 00000000 ____D C:\Program Files\Common Files\Avid
2016-10-05 00:21 - 2016-10-06 20:35 - 02891840 _____ C:\Windows\system32\Drivers\fvstore.dat
2016-10-05 00:21 - 2016-10-05 00:21 - 00003140 _____ C:\Windows\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2016-10-04 22:32 - 2016-10-07 16:12 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2016-10-04 22:32 - 2016-10-04 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2016-10-04 22:31 - 2016-10-04 22:31 - 00000000 ____D C:\Program Files\COMODO
2016-10-04 22:30 - 2016-10-04 22:30 - 00000000 ____D C:\ProgramData\Shared Space
2016-10-04 21:01 - 2016-10-04 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tone2 Firebird
2016-10-04 20:57 - 2016-10-04 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tone2 Electra2 full
2016-10-04 20:56 - 2016-10-04 20:56 - 00000000 ____D C:\Program Files\Steinberg
2016-10-04 18:56 - 2016-10-04 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LUXONIX
2016-10-04 18:56 - 2016-10-04 18:56 - 00000000 ____D C:\Program Files (x86)\Steinberg
2016-10-04 18:56 - 2016-10-04 18:56 - 00000000 ____D C:\Program Files (x86)\LUXONIX
2016-10-04 18:56 - 2005-03-24 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr80.dll
2016-10-04 18:26 - 2016-10-04 18:26 - 00000000 __HDC C:\ProgramData\{2EF924FC-80B9-43E9-BB00-5E4F302749D2}
2016-10-04 17:24 - 2016-10-04 17:24 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2008
2016-10-04 17:24 - 2016-10-04 17:24 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2008
2016-10-03 22:58 - 2016-10-03 22:58 - 01332224 _____ (AD © 2009) C:\Windows\SysWOW64\SYNSOEMU.DLL
2016-10-03 22:58 - 2016-10-03 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX
2016-10-03 22:58 - 2016-10-03 22:58 - 00000000 ____D C:\Program Files (x86)\Uninstall Nexus
2016-10-03 22:58 - 2016-10-03 22:58 - 00000000 ____D C:\Program Files (x86)\Manual
2016-10-03 22:31 - 2016-10-03 22:31 - 00000000 __HDC C:\ProgramData\{8CCB2911-37C0-42BF-A0A7-FE3CB2FBAC53}
2016-10-03 22:28 - 2016-10-10 15:33 - 00000000 ____D C:\Program Files\Native Instruments
2016-10-03 22:28 - 2016-10-10 15:33 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2016-10-03 22:28 - 2016-10-03 22:29 - 00000000 ____D C:\ProgramData\Native Instruments
2016-10-03 22:09 - 2016-10-03 22:09 - 00000000 ____D C:\Users\Site\Documents\Mijn paletten
2016-10-03 22:02 - 2016-10-03 22:02 - 00000000 ____D C:\Program Files\Common Files\Corel
2016-10-03 22:01 - 2016-10-03 22:01 - 00000000 ____D C:\Program Files\Common Files\Protexis
2016-10-03 21:59 - 2016-10-03 21:59 - 00000000 ____D C:\Users\Public\Documents\Corel
2016-10-03 21:58 - 2016-10-03 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
2016-10-03 21:57 - 2016-10-26 01:29 - 00000000 ____D C:\Program Files\Corel
2016-10-03 21:45 - 2016-10-03 21:45 - 00000000 ____D C:\Users\Site\Documents\My Palettes
2016-10-03 21:43 - 2016-10-26 01:36 - 00000000 ____D C:\Users\Site\AppData\Roaming\Corel
2016-10-03 21:43 - 2016-10-03 21:45 - 00000000 ____D C:\ProgramData\Protexis
2016-10-03 21:41 - 2016-10-03 22:10 - 00000000 ____D C:\Users\Site\Documents\Corel
2016-10-03 21:41 - 2016-10-03 21:41 - 00000000 ____D C:\Users\Site\Documents\Visual Studio 2008
2016-10-03 21:40 - 2016-10-03 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2016-10-03 21:40 - 2016-10-03 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-10-03 21:23 - 2016-10-29 17:07 - 00000000 ____D C:\Users\Site\AppData\Local\CrashDumps
2016-10-03 21:22 - 2016-10-26 01:30 - 00000000 ____D C:\ProgramData\Corel
2016-10-03 20:49 - 2016-10-07 16:43 - 00000000 ____D C:\Users\Site\AppData\Roaming\NVIDIA
2016-10-03 20:41 - 2016-10-03 20:42 - 00000000 ___HD C:\Windows\AxInstSV
2016-10-03 20:26 - 2016-10-10 15:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2016-10-03 20:26 - 2016-10-03 20:26 - 00000000 ____D C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments
2016-10-03 20:25 - 2016-10-05 16:17 - 00000000 ____D C:\Program Files (x86)\Native Instruments
2016-10-03 20:25 - 2016-10-03 20:25 - 00003396 _____ C:\Windows\System32\Tasks\{490C9170-91A1-46E4-98D9-8375CF63ACC7}
2016-10-03 19:15 - 2016-10-03 19:15 - 00000000 ____D C:\Users\Site\AppData\Roaming\Xfer
2016-10-03 19:15 - 2016-10-03 19:15 - 00000000 ____D C:\Users\Site\AppData\Roaming\Daichi
2016-10-03 19:11 - 2016-10-03 19:11 - 00000000 ____D C:\Users\Site\Documents\Nomad Factory
2016-10-03 19:11 - 2016-10-03 19:11 - 00000000 ____D C:\Users\Site\Documents\BBE Sound
2016-10-03 19:11 - 2016-10-03 19:11 - 00000000 ____D C:\Users\Site\AppData\Roaming\Nomad Factory
2016-10-03 19:08 - 2016-10-05 18:04 - 00000000 ____D C:\Users\Site\Documents\Native Instruments
2016-10-03 19:08 - 2016-10-05 17:22 - 00000000 ____D C:\Users\Site\AppData\Local\Native Instruments
2016-10-03 19:03 - 2016-10-23 12:55 - 00000000 ____D C:\Program Files\Common Files\VST2
2016-10-03 19:03 - 2016-10-03 23:17 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2016-10-03 19:03 - 2016-10-03 19:04 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2016-10-03 19:03 - 2016-10-03 19:03 - 00000000 ____D C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2016-10-03 19:03 - 2016-10-03 19:03 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2016-10-03 19:02 - 2016-10-24 01:46 - 00000000 ____D C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2016-10-03 19:02 - 2016-10-03 19:02 - 00000000 ____D C:\Users\Site\Documents\Image-Line
2016-10-03 19:02 - 2016-10-03 19:02 - 00000000 ____D C:\Users\Site\AppData\Roaming\Image-Line
2016-10-03 19:02 - 2016-10-03 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2016-10-03 19:02 - 2016-10-03 19:02 - 00000000 ____D C:\Program Files\Image-Line
2016-10-03 18:51 - 2016-10-03 19:04 - 00000000 ____D C:\Program Files (x86)\Image-Line
2016-10-03 18:06 - 2016-10-03 18:06 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-10-03 18:06 - 2016-10-03 18:06 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-10-03 17:54 - 2016-10-27 23:13 - 00000000 ____D C:\VST Plugins
2016-10-03 17:43 - 2016-10-03 17:43 - 00000000 ____D C:\Program Files (x86)\Realtek AC97
2016-10-03 16:54 - 2016-10-19 00:03 - 00000000 ____D C:\Users\Site\Documents\Command and Conquer Generals Zero Hour Data
2016-10-03 16:42 - 2016-10-03 16:42 - 00001942 _____ C:\Users\Public\Desktop\Command & Conquer Generals Zero Hour .lnk
2016-10-03 16:07 - 2016-10-03 16:08 - 00000000 ____D C:\Users\Site\Documents\NFS Most Wanted
2016-10-03 16:05 - 2016-10-03 16:05 - 00002254 _____ C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2016-10-02 23:48 - 2016-10-15 13:35 - 00000000 ____D C:\Users\Site\AppData\Roaming\vlc
2016-10-02 23:47 - 2016-10-02 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-10-02 23:46 - 2016-10-02 23:46 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-10-02 23:08 - 2016-10-02 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKV Player
2016-10-02 23:08 - 2016-10-02 23:08 - 00000000 ____D C:\Program Files (x86)\MKV Player
2016-10-02 22:59 - 2016-10-02 22:59 - 00000000 ____D C:\Users\Site\AppData\Roaming\MPC-HC
2016-10-02 22:52 - 2016-10-02 22:53 - 00000000 ____D C:\Users\Site\AppData\Roaming\Media Player Classic
2016-10-02 22:37 - 2016-10-02 22:37 - 12240456 _____ (MPC-HC Team ) C:\Users\Site\Documents\mediaplayerclassic_setup [1].exe
2016-10-02 22:35 - 2016-10-02 22:48 - 00000000 ____D C:\Users\Site\AppData\Roaming\mediaplayerclassic
2016-10-02 21:51 - 2016-10-05 00:20 - 00000000 ____D C:\Users\Site\Documents\Command and Conquer Generals Data
2016-10-02 21:48 - 2016-10-02 21:48 - 00012464 _____ (Macrovision Europe Ltd) C:\Windows\SysWOW64\Drivers\SECDRV.SYS
2016-10-02 21:47 - 2016-10-03 16:48 - 00000979 _____ C:\Windows\eReg.dat
2016-10-02 21:45 - 2016-10-03 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2016-10-02 21:45 - 2016-10-02 21:50 - 00001882 _____ C:\Users\Public\Desktop\Command & Conquer Generals.lnk
2016-10-02 21:28 - 2016-10-02 21:28 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00069448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-10-02 21:28 - 2016-10-02 21:28 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-10-02 21:28 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-10-02 21:28 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-10-02 21:28 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-10-02 21:28 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-10-02 21:28 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-10-02 21:27 - 2016-10-02 21:28 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-10-02 21:27 - 2016-10-02 21:28 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-10-02 21:27 - 2016-10-02 21:27 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-10-02 21:27 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-10-02 21:27 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll

[sitew]

part4 FRST.txt

2016-10-02 21:27 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-10-02 21:27 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-10-02 21:27 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-10-02 21:27 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-10-02 21:26 - 2016-10-02 21:26 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-10-02 21:26 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-10-02 21:26 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-10-02 21:26 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-10-02 21:26 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-10-02 21:26 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-10-02 21:26 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-10-02 21:26 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-10-02 21:26 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-10-02 21:26 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-10-02 21:25 - 2016-10-02 21:26 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-10-02 21:25 - 2016-10-02 21:26 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-10-02 21:25 - 2016-10-02 21:25 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-10-02 21:25 - 2016-10-02 21:25 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-10-02 21:25 - 2016-10-02 21:25 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-10-02 21:25 - 2016-10-02 21:25 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-10-02 21:25 - 2016-10-02 21:25 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-10-02 21:25 - 2016-10-02 21:25 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-10-02 21:23 - 2016-10-02 21:23 - 00002022 _____ C:\Users\Public\Desktop\The Witcher 3 - Wild Hunt.lnk
2016-10-02 21:13 - 2016-10-02 21:13 - 00000000 ____D C:\afbeeldingen van ie
2016-10-02 21:00 - 2016-10-02 21:00 - 00000000 ____D C:\ProgramData\Macromedia
2016-10-02 20:58 - 2016-10-02 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia
2016-10-02 20:58 - 2016-10-02 20:58 - 00000000 ____D C:\ProgramData\Macrovision
2016-10-02 20:57 - 2016-10-29 16:10 - 00000000 ____D C:\Users\Site\AppData\Local\Macromedia
2016-10-02 20:56 - 2016-10-02 20:56 - 00000000 ____D C:\Program Files (x86)\Macromedia
2016-10-02 20:50 - 2016-10-02 20:50 - 00099384 _____ C:\Users\Site\AppData\Roaming\inst.exe
2016-10-02 20:50 - 2016-10-02 20:50 - 00082816 _____ (VSO Software) C:\Users\Site\AppData\Roaming\pcouffin.sys
2016-10-02 20:50 - 2016-10-02 20:50 - 00007859 _____ C:\Users\Site\AppData\Roaming\pcouffin.cat
2016-10-02 20:50 - 2016-10-02 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2016-10-02 20:49 - 2016-10-02 20:49 - 00000000 ____D C:\Users\Site\Documents\ConvertXToDVD
2016-10-02 19:28 - 2016-10-04 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-10-02 19:27 - 2016-10-03 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-10-02 19:26 - 2016-10-02 19:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2016-10-02 19:21 - 2016-10-02 19:26 - 00000000 ____D C:\Windows\SHELLNEW
2016-10-02 19:19 - 2016-10-02 19:19 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-10-02 19:18 - 2016-10-02 19:27 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-10-02 19:18 - 2016-10-02 19:18 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-10-02 19:18 - 2016-10-02 19:18 - 00000000 ____D C:\Program Files\MSBuild
2016-10-02 19:14 - 2016-10-02 19:14 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2016-10-02 19:14 - 2016-10-02 19:14 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2016-10-02 19:14 - 2016-10-02 19:14 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-10-02 19:14 - 2016-10-02 19:14 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-10-02 19:14 - 2016-10-02 19:14 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-10-02 19:14 - 2016-10-02 19:14 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-10-02 19:04 - 2016-10-02 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-10-02 19:04 - 2016-10-02 19:04 - 00000000 ____D C:\Program Files\7-Zip
2016-10-02 18:48 - 2016-10-02 18:48 - 00000000 ____D C:\Program Files (x86)\uTorrent
2016-10-02 18:33 - 2016-10-02 18:33 - 00026662 _____ C:\Users\Site\Documents\cookies.txt
2016-10-02 18:33 - 2016-10-02 18:33 - 00000069 _____ C:\Users\Site\Documents\feeds.opml
2016-10-02 16:06 - 2016-10-04 19:30 - 00000082 _____ C:\Windows\wininit.ini
2016-10-02 15:51 - 2016-10-04 22:31 - 00000000 ____D C:\ProgramData\Comodo
2016-10-02 15:41 - 2016-10-02 16:07 - 00000000 ____D C:\Windows\system32\appmgmt
2016-10-02 15:40 - 2016-10-02 15:40 - 00000000 _____ C:\Windows\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2016-10-02 15:31 - 2016-10-28 00:22 - 00000000 ____D C:\Windows\System32\Tasks\COMODO
2016-10-02 15:21 - 2016-10-02 15:21 - 00002341 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteSpinner.lnk
2016-10-02 14:23 - 2016-10-12 19:20 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-02 14:10 - 2016-10-02 14:55 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-02 14:10 - 2016-10-02 14:55 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-02 14:10 - 2016-10-02 14:15 - 00004154 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-10-02 14:10 - 2016-10-02 14:15 - 00003922 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-10-02 14:10 - 2016-10-02 14:10 - 00000000 ____D C:\Program Files\Google
2016-10-02 13:52 - 2016-10-28 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-10-02 13:16 - 2016-10-06 15:39 - 00003654 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-10-02 13:16 - 2016-10-02 13:16 - 00003426 _____ C:\Windows\System32\Tasks\StartIsBack health check
2016-10-02 13:08 - 2016-10-26 11:58 - 00000000 ____D C:\Program Files\WinRAR
2016-10-02 13:08 - 2016-10-22 21:42 - 00000000 ____D C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-02 13:08 - 2016-10-22 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-02 13:00 - 2016-10-29 12:53 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-02 13:00 - 2016-10-02 13:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2016-10-02 13:00 - 2016-02-09 12:54 - 00027008 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2016-10-02 12:48 - 2016-09-15 19:40 - 00965472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2016-10-02 12:48 - 2016-09-15 19:33 - 00083120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-10-02 12:48 - 2016-09-15 19:30 - 00354264 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2016-10-02 12:48 - 2016-09-15 19:29 - 01117024 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2016-10-02 12:48 - 2016-09-15 19:29 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2016-10-02 12:48 - 2016-09-15 19:29 - 00512416 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2016-10-02 12:48 - 2016-09-15 19:27 - 00434528 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-10-02 12:48 - 2016-09-15 19:25 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2016-10-02 12:48 - 2016-09-15 19:23 - 00170960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-10-02 12:48 - 2016-09-15 19:22 - 00860512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2016-10-02 12:48 - 2016-09-15 19:21 - 01000288 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2016-10-02 12:48 - 2016-09-15 19:20 - 00634944 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-10-02 12:48 - 2016-09-15 19:18 - 00404832 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-02 12:48 - 2016-09-15 19:16 - 01292640 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2016-10-02 12:48 - 2016-09-15 19:16 - 00527808 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2016-10-02 12:48 - 2016-09-15 19:15 - 00218976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-10-02 12:48 - 2016-09-15 19:14 - 00119648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2016-10-02 12:48 - 2016-09-15 19:13 - 00113504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2016-10-02 12:48 - 2016-09-15 19:12 - 08158672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2016-10-02 12:48 - 2016-09-15 19:12 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-10-02 12:48 - 2016-09-15 19:06 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2016-10-02 12:48 - 2016-09-15 19:06 - 00387872 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2016-10-02 12:48 - 2016-09-15 19:03 - 00094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2016-10-02 12:48 - 2016-09-15 19:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TempSignedLicenseExchangeTask.dll
2016-10-02 12:48 - 2016-09-15 19:03 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2016-10-02 12:48 - 2016-09-15 19:01 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2016-10-02 12:48 - 2016-09-15 19:00 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BcastDVRHelper.dll
2016-10-02 12:48 - 2016-09-15 18:59 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovslegacy.dll
2016-10-02 12:48 - 2016-09-15 18:58 - 00491008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2016-10-02 12:48 - 2016-09-15 18:58 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlancfg.dll
2016-10-02 12:48 - 2016-09-15 18:57 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll
2016-10-02 12:48 - 2016-09-15 18:56 - 00265728 _____ C:\Windows\SysWOW64\Windows.Perception.Stub.dll
2016-10-02 12:48 - 2016-09-15 18:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2016-10-02 12:48 - 2016-09-15 18:56 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManagerApi.dll
2016-10-02 12:48 - 2016-09-15 18:55 - 01243136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2016-10-02 12:48 - 2016-09-15 18:55 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.CredDialogController.dll
2016-10-02 12:48 - 2016-09-15 18:55 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-10-02 12:48 - 2016-09-15 18:55 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2016-10-02 12:48 - 2016-09-15 18:54 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2016-10-02 12:48 - 2016-09-15 18:54 - 00461312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-10-02 12:48 - 2016-09-15 18:54 - 00431104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2016-10-02 12:48 - 2016-09-15 18:53 - 00466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2016-10-02 12:48 - 2016-09-15 18:53 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2016-10-02 12:48 - 2016-09-15 18:52 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2016-10-02 12:48 - 2016-09-15 18:51 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2016-10-02 12:48 - 2016-09-15 18:50 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-10-02 12:48 - 2016-09-15 18:49 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-10-02 12:48 - 2016-09-15 18:47 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-10-02 12:48 - 2016-09-15 18:47 - 00355328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll
2016-10-02 12:48 - 2016-09-15 18:46 - 00713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2016-10-02 12:48 - 2016-09-15 18:46 - 00558080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2016-10-02 12:48 - 2016-09-15 18:46 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\ffbroker.dll
2016-10-02 12:48 - 2016-09-15 18:43 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2016-10-02 12:48 - 2016-09-15 18:43 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll
2016-10-02 12:48 - 2016-09-15 18:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2016-10-02 12:48 - 2016-09-15 18:43 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
2016-10-02 12:48 - 2016-09-15 18:42 - 00545792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2016-10-02 12:48 - 2016-09-15 18:42 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2016-10-02 12:48 - 2016-09-15 18:41 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Printers.dll
2016-10-02 12:48 - 2016-09-15 18:41 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\NfcRadioMedia.dll
2016-10-02 12:48 - 2016-09-15 18:40 - 05061120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-10-02 12:48 - 2016-09-15 18:40 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2016-10-02 12:48 - 2016-09-15 18:40 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
2016-10-02 12:48 - 2016-09-15 18:40 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2016-10-02 12:48 - 2016-09-15 18:39 - 02740224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2016-10-02 12:48 - 2016-09-15 18:39 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll
2016-10-02 12:48 - 2016-09-15 18:39 - 00418304 _____ C:\Windows\system32\Windows.Perception.Stub.dll
2016-10-02 12:48 - 2016-09-15 18:39 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2016-10-02 12:48 - 2016-09-15 18:39 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2016-10-02 12:48 - 2016-09-15 18:38 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2016-10-02 12:48 - 2016-09-15 18:38 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-10-02 12:48 - 2016-09-15 18:38 - 00654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2016-10-02 12:48 - 2016-09-15 18:38 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2016-10-02 12:48 - 2016-09-15 18:38 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2016-10-02 12:48 - 2016-09-15 18:38 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\PrintWSDAHost.dll
2016-10-02 12:48 - 2016-09-15 18:37 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-10-02 12:48 - 2016-09-15 18:37 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2016-10-02 12:48 - 2016-09-15 18:37 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.dll
2016-10-02 12:48 - 2016-09-15 18:37 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\ConsoleLogon.dll
2016-10-02 12:48 - 2016-09-15 18:37 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2016-10-02 12:48 - 2016-09-15 18:36 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2016-10-02 12:48 - 2016-09-15 18:36 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2016-10-02 12:48 - 2016-09-15 18:36 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-10-02 12:48 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2016-10-02 12:48 - 2016-09-15 18:36 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\credprovslegacy.dll
2016-10-02 12:48 - 2016-09-15 18:35 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2016-10-02 12:48 - 2016-09-15 18:35 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2016-10-02 12:48 - 2016-09-15 18:35 - 01013248 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManager.dll
2016-10-02 12:48 - 2016-09-15 18:35 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2016-10-02 12:48 - 2016-09-15 18:35 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2016-10-02 12:48 - 2016-09-15 18:35 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2016-10-02 12:48 - 2016-09-15 18:35 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll
2016-10-02 12:48 - 2016-09-15 18:35 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2016-10-02 12:48 - 2016-09-15 18:35 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-10-02 12:48 - 2016-09-15 18:35 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2016-10-02 12:48 - 2016-09-15 18:35 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2016-10-02 12:48 - 2016-09-15 18:35 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\icsvc.dll
2016-10-02 12:48 - 2016-09-15 18:35 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-10-02 12:48 - 2016-09-15 18:34 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2016-10-02 12:48 - 2016-09-15 18:34 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-10-02 12:48 - 2016-09-15 18:34 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2016-10-02 12:48 - 2016-09-15 18:33 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2016-10-02 12:48 - 2016-09-15 18:32 - 01037312 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2016-10-02 12:48 - 2016-09-15 18:32 - 00361472 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-10-02 12:48 - 2016-09-15 18:30 - 01227264 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-10-02 12:48 - 2016-09-15 18:30 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll
2016-10-02 12:48 - 2016-09-15 18:30 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-10-02 12:48 - 2016-09-15 18:30 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\CastLaunch.dll
2016-10-02 12:48 - 2016-09-15 18:29 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2016-10-02 12:48 - 2016-09-15 18:29 - 01082368 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2016-10-02 12:48 - 2016-09-15 18:29 - 00715264 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2016-10-02 12:48 - 2016-09-15 18:28 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe
2016-10-02 12:48 - 2016-09-15 18:28 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
2016-10-02 12:48 - 2016-09-15 18:27 - 05111296 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2016-10-02 12:48 - 2016-09-15 18:27 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-10-02 12:48 - 2016-09-15 18:27 - 00883712 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-10-02 12:48 - 2016-09-15 18:27 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2016-10-02 12:48 - 2016-09-15 18:27 - 00582656 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2016-10-02 12:48 - 2016-09-15 18:27 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\fveui.dll
2016-10-02 12:48 - 2016-09-15 18:27 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\discan.dll
2016-10-02 12:48 - 2016-09-15 18:27 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
2016-10-02 12:48 - 2016-09-15 18:27 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\fvenotify.exe
2016-10-02 12:48 - 2016-09-15 18:27 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\Sens.dll
2016-10-02 12:48 - 2016-09-15 18:26 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2016-10-02 12:48 - 2016-09-15 18:26 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2016-10-02 12:48 - 2016-09-15 18:26 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerDeviceEncryption.exe
2016-10-02 12:48 - 2016-09-15 18:26 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\bdeui.dll
2016-10-02 12:48 - 2016-09-15 18:25 - 00947200 _____ (Microsoft Corporation) C:\Windows\system32\wsp_sr.dll
2016-10-02 12:48 - 2016-09-15 18:25 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2016-10-02 12:48 - 2016-09-15 18:25 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe
2016-10-02 12:48 - 2016-09-15 18:24 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Ocr.dll
2016-10-02 12:48 - 2016-09-15 18:23 - 03405824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-10-02 12:48 - 2016-09-15 18:23 - 00650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-10-02 12:48 - 2016-09-15 18:22 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-10-02 12:48 - 2016-09-15 18:22 - 00960000 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2016-10-02 12:48 - 2016-09-15 18:21 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-10-02 12:48 - 2016-09-15 18:21 - 02208768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2016-10-02 12:48 - 2016-09-15 18:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-10-02 12:48 - 2016-09-15 18:20 - 01535488 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll
2016-10-02 12:48 - 2016-09-15 18:20 - 01266176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2016-10-02 12:48 - 2016-09-15 18:20 - 00845824 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2016-10-02 12:48 - 2016-09-15 18:20 - 00691712 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2016-10-02 12:48 - 2016-09-15 18:20 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2016-10-02 12:48 - 2016-09-15 18:19 - 01130496 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-10-02 12:48 - 2016-09-15 18:19 - 00903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-10-02 12:48 - 2016-09-15 18:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-10-02 12:48 - 2016-09-15 18:16 - 01817088 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2016-10-02 12:48 - 2016-09-15 18:16 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2016-10-02 12:48 - 2016-09-15 18:16 - 00387072 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2016-10-02 12:48 - 2016-09-15 18:16 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\tspubwmi.dll
2016-10-02 12:48 - 2016-09-07 07:53 - 02481768 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-10-02 12:48 - 2016-09-07 07:34 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-10-02 12:48 - 2016-09-07 07:34 - 00584544 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-10-02 12:48 - 2016-09-07 07:34 - 00178528 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
2016-10-02 12:48 - 2016-09-07 07:29 - 00755656 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-02 12:48 - 2016-09-07 07:29 - 00595488 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-02 12:48 - 2016-09-07 07:29 - 00523712 _____ (Microsoft Corporation) C:\Windows\system32\DMRServer.dll
2016-10-02 12:48 - 2016-09-07 07:29 - 00118112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\EhStorTcgDrv.sys
2016-10-02 12:48 - 2016-09-07 07:13 - 00529928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-02 12:48 - 2016-09-07 07:12 - 00321792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-10-02 12:48 - 2016-09-07 07:07 - 00117240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-02 12:48 - 2016-09-07 07:04 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft-Windows-MosHost.dll
2016-10-02 12:48 - 2016-09-07 07:03 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\MosResource.dll
2016-10-02 12:48 - 2016-09-07 07:03 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft-Windows-MapControls.dll
2016-10-02 12:48 - 2016-09-07 07:03 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-10-02 12:48 - 2016-09-07 07:03 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft-Windows-MosTrace.dll
2016-10-02 12:48 - 2016-09-07 07:02 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-10-02 12:48 - 2016-09-07 07:02 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\nativemap.dll
2016-10-02 12:48 - 2016-09-07 07:02 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvcProxy.dll
2016-10-02 12:48 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-10-02 12:48 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\MapControlStringsRes.dll
2016-10-02 12:48 - 2016-09-07 07:00 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mapstoasttask.dll
2016-10-02 12:48 - 2016-09-07 06:59 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-10-02 12:48 - 2016-09-07 06:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-10-02 12:48 - 2016-09-07 06:59 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-10-02 12:48 - 2016-09-07 06:59 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExtrasXmlParser.dll
2016-10-02 12:48 - 2016-09-07 06:58 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-10-02 12:48 - 2016-09-07 06:58 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\POSyncServices.dll
2016-10-02 12:48 - 2016-09-07 06:58 - 00054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AddressParser.dll
2016-10-02 12:48 - 2016-09-07 06:58 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTypeHelperUtil.dll
2016-10-02 12:48 - 2016-09-07 06:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataLanguageUtil.dll
2016-10-02 12:48 - 2016-09-07 06:58 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccessRes.dll
2016-10-02 12:48 - 2016-09-07 06:58 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneutilRes.dll
2016-10-02 12:48 - 2016-09-07 06:58 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2016-10-02 12:48 - 2016-09-07 06:57 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2016-10-02 12:48 - 2016-09-07 06:57 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-02 12:48 - 2016-09-07 06:57 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-10-02 12:48 - 2016-09-07 06:56 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\XamlTileRender.dll
2016-10-02 12:48 - 2016-09-07 06:56 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-10-02 12:48 - 2016-09-07 06:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactActivation.dll
2016-10-02 12:48 - 2016-09-07 06:55 - 00820736 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2016-10-02 12:48 - 2016-09-07 06:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll

[sitew]

part 5 FRST.txt

2016-10-02 12:48 - 2016-09-07 06:54 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-10-02 12:48 - 2016-09-07 06:54 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-10-02 12:48 - 2016-09-07 06:54 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\NmaDirect.dll
2016-10-02 12:48 - 2016-09-07 06:54 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-10-02 12:48 - 2016-09-07 06:54 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2016-10-02 12:48 - 2016-09-07 06:54 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataPlatformHelperUtil.dll
2016-10-02 12:48 - 2016-09-07 06:53 - 02083840 _____ (Microsoft Corporation) C:\Windows\system32\DeviceFlows.DataModel.dll
2016-10-02 12:48 - 2016-09-07 06:53 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-10-02 12:48 - 2016-09-07 06:53 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BioFeedback.dll
2016-10-02 12:48 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2016-10-02 12:48 - 2016-09-07 06:53 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2016-10-02 12:48 - 2016-09-07 06:52 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2016-10-02 12:48 - 2016-09-07 06:50 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-02 12:48 - 2016-09-07 06:50 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2016-10-02 12:48 - 2016-09-07 06:49 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-10-02 12:48 - 2016-09-07 06:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Phoneutil.dll
2016-10-02 12:48 - 2016-09-07 06:47 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2016-10-02 12:48 - 2016-09-07 06:46 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-02 12:48 - 2016-09-07 06:45 - 05398016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2016-10-02 12:48 - 2016-09-07 06:43 - 00484352 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2016-10-02 12:48 - 2016-09-07 06:41 - 05511680 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2016-10-02 12:48 - 2016-09-07 06:41 - 03435008 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2016-10-02 12:48 - 2016-09-07 06:41 - 02947072 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2016-10-02 12:48 - 2016-09-07 06:41 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-02 12:48 - 2016-09-07 06:40 - 02852864 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-10-02 12:48 - 2016-09-07 06:40 - 01282048 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-10-02 12:48 - 2016-09-07 06:37 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-10-02 12:48 - 2016-09-07 06:37 - 02820096 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2016-10-02 12:48 - 2016-09-07 06:37 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-10-02 12:48 - 2016-09-07 06:34 - 04557824 _____ (Microsoft) C:\Windows\SysWOW64\dbgeng.dll
2016-10-02 12:48 - 2016-09-07 06:31 - 00461312 _____ (Microsoft) C:\Windows\SysWOW64\DbgModel.dll
2016-10-02 12:48 - 2016-08-27 06:43 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\encapi.dll
2016-10-02 12:48 - 2016-08-20 08:06 - 00108384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2016-10-02 12:48 - 2016-08-20 07:34 - 00136032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2016-10-02 12:48 - 2016-08-20 07:20 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2016-10-02 12:48 - 2016-08-20 07:17 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerSvc.dll
2016-10-02 12:48 - 2016-08-20 07:16 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2016-10-02 12:48 - 2016-08-20 07:14 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_G18030.DLL
2016-10-02 12:48 - 2016-08-20 07:14 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_IS2022.DLL
2016-10-02 12:48 - 2016-08-20 07:14 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\c_GSM7.DLL
2016-10-02 12:48 - 2016-08-20 07:12 - 00476672 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-02 12:48 - 2016-08-20 07:11 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll
2016-10-02 12:48 - 2016-08-20 07:07 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-10-02 12:48 - 2016-08-20 07:04 - 00592384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2016-10-02 12:48 - 2016-08-06 06:31 - 00041824 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
2016-10-02 12:48 - 2016-08-06 06:23 - 00168800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-02 12:48 - 2016-08-06 06:17 - 00790760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-02 12:48 - 2016-08-06 06:15 - 00408600 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2016-10-02 12:48 - 2016-08-06 06:13 - 00044472 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-02 12:48 - 2016-08-06 06:08 - 00313560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2016-10-02 12:48 - 2016-08-06 06:03 - 00036168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-02 12:48 - 2016-08-06 05:48 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2016-10-02 12:48 - 2016-08-06 05:48 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.exe
2016-10-02 12:48 - 2016-08-06 05:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-02 12:48 - 2016-08-06 05:48 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-02 12:48 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-02 12:48 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-02 12:48 - 2016-08-06 05:47 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2016-10-02 12:48 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-02 12:48 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-02 12:48 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-02 12:48 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-02 12:48 - 2016-08-06 05:46 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\dasHost.exe
2016-10-02 12:48 - 2016-08-06 05:46 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2016-10-02 12:48 - 2016-08-06 05:45 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\container.dll
2016-10-02 12:48 - 2016-08-06 05:45 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll
2016-10-02 12:48 - 2016-08-06 05:45 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2016-10-02 12:48 - 2016-08-06 05:45 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
2016-10-02 12:48 - 2016-08-06 05:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiougc.exe
2016-10-02 12:48 - 2016-08-06 05:44 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\deviceassociation.dll
2016-10-02 12:48 - 2016-08-06 05:43 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_WorkAccess.dll
2016-10-02 12:48 - 2016-08-06 05:43 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\ClipboardServer.dll
2016-10-02 12:48 - 2016-08-06 05:40 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2016-10-02 12:48 - 2016-08-06 05:40 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\dafpos.dll
2016-10-02 12:48 - 2016-08-06 05:40 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2016-10-02 12:48 - 2016-08-06 05:39 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2016-10-02 12:48 - 2016-08-06 05:38 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-10-02 12:48 - 2016-08-06 05:37 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-10-02 12:48 - 2016-08-06 05:36 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\das.dll
2016-10-02 12:48 - 2016-08-06 05:29 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2016-10-02 12:48 - 2016-08-06 05:29 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-10-02 12:48 - 2016-08-06 05:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-10-02 12:48 - 2016-08-06 05:21 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinelsa.dll
2016-10-02 12:48 - 2016-08-06 05:19 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2016-10-02 12:48 - 2016-08-05 11:14 - 01066328 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2016-10-02 12:48 - 2016-08-05 11:10 - 00939872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pidgenx.dll
2016-10-02 12:48 - 2016-08-05 11:05 - 00665768 _____ (Microsoft Corporation) C:\Windows\system32\GenValObj.exe
2016-10-02 12:48 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-10-02 12:48 - 2016-08-05 10:29 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2016-10-02 12:48 - 2016-08-05 10:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2016-10-02 12:48 - 2016-08-05 10:23 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2016-10-02 12:48 - 2016-08-05 10:22 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2016-10-02 12:48 - 2016-08-05 10:18 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2016-10-02 12:48 - 2016-08-05 10:08 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2016-10-02 12:48 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2016-10-02 12:48 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2016-10-02 12:47 - 2016-09-15 19:37 - 00496872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-10-02 12:47 - 2016-09-15 19:37 - 00402352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-10-02 12:47 - 2016-09-15 19:32 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-10-02 12:47 - 2016-09-15 19:30 - 00646136 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-10-02 12:47 - 2016-09-15 19:29 - 00218008 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2016-10-02 12:47 - 2016-09-15 19:29 - 00081760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2016-10-02 12:47 - 2016-09-15 19:29 - 00023392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cmimcext.sys
2016-10-02 12:47 - 2016-09-15 19:27 - 00128352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-10-02 12:47 - 2016-09-15 19:26 - 00090400 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-10-02 12:47 - 2016-09-15 19:25 - 00340320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-02 12:47 - 2016-09-15 19:25 - 00262960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2016-10-02 12:47 - 2016-09-15 19:24 - 00764936 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2016-10-02 12:47 - 2016-09-15 19:23 - 01503032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-10-02 12:47 - 2016-09-15 19:22 - 05722320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-10-02 12:47 - 2016-09-15 19:22 - 00975744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2016-10-02 12:47 - 2016-09-15 19:19 - 00361104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2016-10-02 12:47 - 2016-09-15 19:18 - 01201872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2016-10-02 12:47 - 2016-09-15 19:18 - 00856872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2016-10-02 12:47 - 2016-09-15 19:18 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2016-10-02 12:47 - 2016-09-15 19:16 - 07219672 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-10-02 12:47 - 2016-09-15 19:16 - 01738040 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-10-02 12:47 - 2016-09-15 19:16 - 01157000 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2016-10-02 12:47 - 2016-09-15 19:16 - 00206096 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-10-02 12:47 - 2016-09-15 19:15 - 00649568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-10-02 12:47 - 2016-09-15 19:15 - 00223584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-02 12:47 - 2016-09-15 19:15 - 00130912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2016-10-02 12:47 - 2016-09-15 19:14 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2016-10-02 12:47 - 2016-09-15 19:14 - 00988512 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2016-10-02 12:47 - 2016-09-15 19:14 - 00947552 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2016-10-02 12:47 - 2016-09-15 19:14 - 00811872 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2016-10-02 12:47 - 2016-09-15 19:14 - 00435040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-10-02 12:47 - 2016-09-15 19:00 - 00554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-10-02 12:47 - 2016-09-15 19:00 - 00518656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll
2016-10-02 12:47 - 2016-09-15 19:00 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2016-10-02 12:47 - 2016-09-15 18:58 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-10-02 12:47 - 2016-09-15 18:58 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.UserDeviceAssociation.dll
2016-10-02 12:47 - 2016-09-15 18:57 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2016-10-02 12:47 - 2016-09-15 18:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-10-02 12:47 - 2016-09-15 18:56 - 01300480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2016-10-02 12:47 - 2016-09-15 18:56 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll
2016-10-02 12:47 - 2016-09-15 18:56 - 00257536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DataExchange.dll
2016-10-02 12:47 - 2016-09-15 18:55 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-10-02 12:47 - 2016-09-15 18:55 - 00562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2016-10-02 12:47 - 2016-09-15 18:55 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetworkCollectionAgent.dll
2016-10-02 12:47 - 2016-09-15 18:55 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2016-10-02 12:47 - 2016-09-15 18:55 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2016-10-02 12:47 - 2016-09-15 18:54 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll
2016-10-02 12:47 - 2016-09-15 18:53 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2016-10-02 12:47 - 2016-09-15 18:52 - 01358336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2016-10-02 12:47 - 2016-09-15 18:52 - 00816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2016-10-02 12:47 - 2016-09-15 18:52 - 00525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2016-10-02 12:47 - 2016-09-15 18:52 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2016-10-02 12:47 - 2016-09-15 18:51 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2016-10-02 12:47 - 2016-09-15 18:50 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pwrshplugin.dll
2016-10-02 12:47 - 2016-09-15 18:49 - 00901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2016-10-02 12:47 - 2016-09-15 18:49 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2016-10-02 12:47 - 2016-09-15 18:49 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-10-02 12:47 - 2016-09-15 18:47 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2016-10-02 12:47 - 2016-09-15 18:47 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Energy.dll
2016-10-02 12:47 - 2016-09-15 18:45 - 02642944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-10-02 12:47 - 2016-09-15 18:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2016-10-02 12:47 - 2016-09-15 18:44 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAC3ENC.DLL
2016-10-02 12:47 - 2016-09-15 18:42 - 01220608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2016-10-02 12:47 - 2016-09-15 18:42 - 00719872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_sr.dll
2016-10-02 12:47 - 2016-09-15 18:42 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2016-10-02 12:47 - 2016-09-15 18:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2016-10-02 12:47 - 2016-09-15 18:41 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2016-10-02 12:47 - 2016-09-15 18:41 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Family.SyncEngine.dll
2016-10-02 12:47 - 2016-09-15 18:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2016-10-02 12:47 - 2016-09-15 18:41 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\Family.Client.dll
2016-10-02 12:47 - 2016-09-15 18:41 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Family.Authentication.dll
2016-10-02 12:47 - 2016-09-15 18:40 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-10-02 12:47 - 2016-09-15 18:40 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2016-10-02 12:47 - 2016-09-15 18:40 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.UserDeviceAssociation.dll
2016-10-02 12:47 - 2016-09-15 18:39 - 01232384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2016-10-02 12:47 - 2016-09-15 18:39 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-10-02 12:47 - 2016-09-15 18:39 - 01004544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2016-10-02 12:47 - 2016-09-15 18:39 - 00827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-10-02 12:47 - 2016-09-15 18:39 - 00408576 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnr.dll
2016-10-02 12:47 - 2016-09-15 18:39 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll
2016-10-02 12:47 - 2016-09-15 18:39 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2016-10-02 12:47 - 2016-09-15 18:38 - 00773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-10-02 12:47 - 2016-09-15 18:38 - 00691200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2016-10-02 12:47 - 2016-09-15 18:38 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\NetworkCollectionAgent.dll
2016-10-02 12:47 - 2016-09-15 18:38 - 00573952 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrGidsHandler.dll
2016-10-02 12:47 - 2016-09-15 18:38 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2016-10-02 12:47 - 2016-09-15 18:38 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.Phone.dll
2016-10-02 12:47 - 2016-09-15 18:38 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2016-10-02 12:47 - 2016-09-15 18:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SerialCommunication.dll
2016-10-02 12:47 - 2016-09-15 18:38 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-10-02 12:47 - 2016-09-15 18:37 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll
2016-10-02 12:47 - 2016-09-15 18:37 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\wlancfg.dll
2016-10-02 12:47 - 2016-09-15 18:37 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-10-02 12:47 - 2016-09-15 18:37 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2016-10-02 12:47 - 2016-09-15 18:36 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2016-10-02 12:47 - 2016-09-15 18:36 - 00686592 _____ (Microsoft Corporation) C:\Windows\system32\dsregcmd.exe
2016-10-02 12:47 - 2016-09-15 18:36 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-10-02 12:47 - 2016-09-15 18:36 - 00640000 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2016-10-02 12:47 - 2016-09-15 18:36 - 00448512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2016-10-02 12:47 - 2016-09-15 18:36 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-10-02 12:47 - 2016-09-15 18:36 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2016-10-02 12:47 - 2016-09-15 18:36 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.CredDialogController.dll
2016-10-02 12:47 - 2016-09-15 18:36 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-10-02 12:47 - 2016-09-15 18:36 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\setupugc.exe
2016-10-02 12:47 - 2016-09-15 18:35 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-10-02 12:47 - 2016-09-15 18:35 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\DataExchange.dll
2016-10-02 12:47 - 2016-09-15 18:35 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2016-10-02 12:47 - 2016-09-15 18:34 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.InkControls.dll
2016-10-02 12:47 - 2016-09-15 18:34 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\AccountsRt.dll
2016-10-02 12:47 - 2016-09-15 18:34 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2016-10-02 12:47 - 2016-09-15 18:34 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2016-10-02 12:47 - 2016-09-15 18:33 - 03753984 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll
2016-10-02 12:47 - 2016-09-15 18:33 - 01004032 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-10-02 12:47 - 2016-09-15 18:33 - 00963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2016-10-02 12:47 - 2016-09-15 18:33 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2016-10-02 12:47 - 2016-09-15 18:32 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-10-02 12:47 - 2016-09-15 18:30 - 01639424 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-10-02 12:47 - 2016-09-15 18:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\baaupdate.exe
2016-10-02 12:47 - 2016-09-15 18:29 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe
2016-10-02 12:47 - 2016-09-15 18:28 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2016-10-02 12:47 - 2016-09-15 18:28 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\fveprompt.exe
2016-10-02 12:47 - 2016-09-15 18:27 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-10-02 12:47 - 2016-09-15 18:26 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2016-10-02 12:47 - 2016-09-15 18:25 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2016-10-02 12:47 - 2016-09-15 18:25 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2016-10-02 12:47 - 2016-09-15 18:25 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\BackgroundMediaPolicy.dll
2016-10-02 12:47 - 2016-09-15 18:23 - 01361408 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-10-02 12:47 - 2016-09-15 18:23 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2016-10-02 12:47 - 2016-09-15 18:23 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2016-10-02 12:47 - 2016-09-15 18:23 - 00347648 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2016-10-02 12:47 - 2016-09-15 18:22 - 05611008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-10-02 12:47 - 2016-09-15 18:22 - 01709056 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2016-10-02 12:47 - 2016-09-15 18:22 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2016-10-02 12:47 - 2016-09-15 18:22 - 00770560 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-10-02 12:47 - 2016-09-15 18:22 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2016-10-02 12:47 - 2016-09-15 18:21 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-10-02 12:47 - 2016-09-15 18:20 - 02424320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll
2016-10-02 12:47 - 2016-09-15 18:20 - 02095616 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-02 12:47 - 2016-09-15 18:20 - 01710080 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2016-10-02 12:47 - 2016-09-15 18:20 - 01275392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2016-10-02 12:47 - 2016-09-15 18:19 - 03202048 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2016-10-02 12:47 - 2016-09-15 18:19 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2016-10-02 12:47 - 2016-09-15 18:19 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-10-02 12:47 - 2016-09-15 18:18 - 01369088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll
2016-10-02 12:47 - 2016-09-15 18:18 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-10-02 12:47 - 2016-09-15 18:17 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-10-02 12:47 - 2016-09-15 18:17 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll
2016-10-02 12:47 - 2016-09-15 18:16 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\spaceman.exe
2016-10-02 12:47 - 2016-09-07 07:48 - 02256224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-10-02 12:47 - 2016-09-07 07:48 - 00379744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-10-02 12:47 - 2016-09-07 07:46 - 00423776 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2016-10-02 12:47 - 2016-09-07 07:44 - 02049480 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-10-02 12:47 - 2016-09-07 07:33 - 00681304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys
2016-10-02 12:47 - 2016-09-07 07:33 - 00450392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-02 12:47 - 2016-09-07 07:32 - 02206496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-10-02 12:47 - 2016-09-07 07:29 - 00382272 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-10-02 12:47 - 2016-09-07 07:27 - 01362504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-10-02 12:47 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\PhoneServiceRes.dll
2016-10-02 12:47 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2016-10-02 12:47 - 2016-09-07 07:00 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-02 12:47 - 2016-09-07 06:59 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\tzautoupdate.dll
2016-10-02 12:47 - 2016-09-07 06:59 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2016-10-02 12:47 - 2016-09-07 06:58 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-10-02 12:47 - 2016-09-07 06:56 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2016-10-02 12:47 - 2016-09-07 06:56 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2016-10-02 12:47 - 2016-09-07 06:55 - 00781824 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2016-10-02 12:47 - 2016-09-07 06:55 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2016-10-02 12:47 - 2016-09-07 06:55 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2016-10-02 12:47 - 2016-09-07 06:54 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-02 12:47 - 2016-09-07 06:54 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
2016-10-02 12:47 - 2016-09-07 06:53 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2016-10-02 12:47 - 2016-09-07 06:53 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2016-10-02 12:47 - 2016-09-07 06:50 - 00866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2016-10-02 12:47 - 2016-09-07 06:49 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-02 12:47 - 2016-09-07 06:46 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2016-10-02 12:47 - 2016-09-07 06:46 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2016-10-02 12:47 - 2016-09-07 06:40 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\SensorDataService.exe
2016-10-02 12:47 - 2016-09-07 06:39 - 05384192 _____ (Microsoft) C:\Windows\system32\dbgeng.dll
2016-10-02 12:47 - 2016-09-07 06:39 - 03116544 _____ (Microsoft Corporation) C:\Windows\system32\MSAJApi.dll
2016-10-02 12:47 - 2016-09-07 06:38 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-10-02 12:47 - 2016-09-07 06:38 - 01232384 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-10-02 12:47 - 2016-09-07 06:37 - 02370048 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2016-10-02 12:47 - 2016-09-07 06:37 - 01349120 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2016-10-02 12:47 - 2016-09-07 06:37 - 00540160 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-10-02 12:47 - 2016-09-07 06:35 - 03299328 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-10-02 12:47 - 2016-09-07 06:35 - 00650240 _____ (Microsoft) C:\Windows\system32\DbgModel.dll
2016-10-02 12:47 - 2016-09-07 06:33 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-02 12:47 - 2016-09-07 06:31 - 01293312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-10-02 12:47 - 2016-08-27 06:58 - 00121368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-02 12:47 - 2016-08-27 06:44 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\encapi.dll
2016-10-02 12:47 - 2016-08-20 07:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\C_G18030.DLL
2016-10-02 12:47 - 2016-08-20 07:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\c_GSM7.DLL
2016-10-02 12:47 - 2016-08-20 07:20 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xinputhid.sys
2016-10-02 12:47 - 2016-08-20 07:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\C_IS2022.DLL
2016-10-02 12:47 - 2016-08-20 07:06 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-02 12:47 - 2016-08-20 07:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi_passthru.dll
2016-10-02 12:47 - 2016-08-20 07:04 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\delegatorprovider.dll
2016-10-02 12:47 - 2016-08-19 03:33 - 00162850 _____ C:\Windows\system32\C_932.NLS
2016-10-02 12:47 - 2016-08-06 06:29 - 00199008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2016-10-02 12:47 - 2016-08-06 06:18 - 00396168 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2016-10-02 12:47 - 2016-08-06 06:16 - 00073568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2016-10-02 12:47 - 2016-08-06 06:16 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-10-02 12:47 - 2016-08-06 06:16 - 00020320 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2016-10-02 12:47 - 2016-08-06 06:03 - 01343928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2016-10-02 12:47 - 2016-08-06 05:50 - 02755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-02 12:47 - 2016-08-06 05:48 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-02 12:47 - 2016-08-06 05:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-10-02 12:47 - 2016-08-06 05:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2016-10-02 12:47 - 2016-08-06 05:41 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudBackupSettings.dll
2016-10-02 12:47 - 2016-08-06 05:40 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncPolicy.dll
2016-10-02 12:47 - 2016-08-06 05:39 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\CloudBackupSettings.dll
2016-10-02 12:47 - 2016-08-06 05:38 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-10-02 12:47 - 2016-08-06 05:34 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\smphost.dll
2016-10-02 12:47 - 2016-08-06 05:33 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2016-10-02 12:47 - 2016-08-06 05:31 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2016-10-02 12:47 - 2016-08-06 05:23 - 00520192 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2016-10-02 12:47 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.UXRes.dll
2016-10-02 12:47 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2016-10-02 12:47 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2016-10-02 12:47 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-10-02 12:47 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2016-10-02 12:47 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2016-10-02 12:47 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-10-02 12:47 - 2016-07-22 03:25 - 00389000 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2016-10-02 12:47 - 2016-07-22 03:18 - 00297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll
2016-10-02 12:46 - 2016-09-15 19:29 - 00823136 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2016-10-02 12:46 - 2016-09-15 19:29 - 00704352 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2016-10-02 12:46 - 2016-09-15 19:29 - 00424640 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-10-02 12:46 - 2016-09-15 19:29 - 00169056 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2016-10-02 12:46 - 2016-09-15 19:29 - 00127328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppVStrm.sys
2016-10-02 12:46 - 2016-09-15 19:29 - 00074080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2016-10-02 12:46 - 2016-09-15 19:25 - 00280472 _____ (Microsoft Corporation) C:\Windows\system32\bdeunlock.exe
2016-10-02 12:46 - 2016-09-15 19:22 - 00433832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2016-10-02 12:46 - 2016-09-15 19:18 - 06654616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-10-02 12:46 - 2016-09-15 19:14 - 01415752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2016-10-02 12:46 - 2016-09-15 19:11 - 01300600 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2016-10-02 12:46 - 2016-09-15 19:11 - 00862064 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2016-10-02 12:46 - 2016-09-15 19:11 - 00725664 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2016-10-02 12:46 - 2016-09-15 19:07 - 01572768 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2016-10-02 12:46 - 2016-09-15 19:07 - 00128864 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2016-10-02 12:46 - 2016-09-15 19:06 - 00372440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2016-10-02 12:46 - 2016-09-15 19:01 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
2016-10-02 12:46 - 2016-09-15 18:59 - 00255488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2016-10-02 12:46 - 2016-09-15 18:59 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinRtTracing.dll
2016-10-02 12:46 - 2016-09-15 18:58 - 00291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-10-02 12:46 - 2016-09-15 18:58 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2016-10-02 12:46 - 2016-09-15 18:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SerialCommunication.dll
2016-10-02 12:46 - 2016-09-15 18:57 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll
2016-10-02 12:46 - 2016-09-15 18:57 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2016-10-02 12:46 - 2016-09-15 18:57 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ClipboardServer.dll
2016-10-02 12:46 - 2016-09-15 18:56 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2016-10-02 12:46 - 2016-09-15 18:56 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-10-02 12:46 - 2016-09-15 18:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll
2016-10-02 12:46 - 2016-09-15 18:55 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-10-02 12:46 - 2016-09-15 18:55 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2016-10-02 12:46 - 2016-09-15 18:55 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2016-10-02 12:46 - 2016-09-15 18:55 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2016-10-02 12:46 - 2016-09-15 18:55 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2016-10-02 12:46 - 2016-09-15 18:54 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-10-02 12:46 - 2016-09-15 18:54 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2016-10-02 12:46 - 2016-09-15 18:53 - 00819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2016-10-02 12:46 - 2016-09-15 18:53 - 00340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-02 12:46 - 2016-09-15 18:52 - 00500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2016-10-02 12:46 - 2016-09-15 18:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll
2016-10-02 12:46 - 2016-09-15 18:52 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-10-02 12:46 - 2016-09-15 18:48 - 01320448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-10-02 12:46 - 2016-09-15 18:46 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll
2016-10-02 12:46 - 2016-09-15 18:46 - 00343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2016-10-02 12:46 - 2016-09-15 18:44 - 02153984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-10-02 12:46 - 2016-09-15 18:44 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll

[sitew]

part 6 FRST.txt

2016-10-02 12:46 - 2016-09-15 18:43 - 03520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2016-10-02 12:46 - 2016-09-15 18:43 - 03196416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2016-10-02 12:46 - 2016-09-15 18:43 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll
2016-10-02 12:46 - 2016-09-15 18:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2016-10-02 12:46 - 2016-09-15 18:42 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BackgroundMediaPolicy.dll
2016-10-02 12:46 - 2016-09-15 18:41 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2016-10-02 12:46 - 2016-09-15 18:40 - 02138112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2016-10-02 12:46 - 2016-09-15 18:40 - 02026496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-02 12:46 - 2016-09-15 18:40 - 01656320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll
2016-10-02 12:46 - 2016-09-15 18:40 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-10-02 12:46 - 2016-09-15 18:40 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll
2016-10-02 12:46 - 2016-09-15 18:40 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2016-10-02 12:46 - 2016-09-15 18:40 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-10-02 12:46 - 2016-09-15 18:40 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-10-02 12:46 - 2016-09-15 18:38 - 00620544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-10-02 12:46 - 2016-09-15 18:38 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2016-10-02 12:46 - 2016-09-15 18:38 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\icsvcext.dll
2016-10-02 12:46 - 2016-09-15 18:38 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2016-10-02 12:46 - 2016-09-15 18:37 - 01507840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.FaceAnalysis.dll
2016-10-02 12:46 - 2016-09-15 18:37 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2016-10-02 12:46 - 2016-09-15 18:36 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-02 12:46 - 2016-09-15 18:36 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2016-10-02 12:46 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2016-10-02 12:46 - 2016-09-15 18:35 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-10-02 12:46 - 2016-09-15 18:35 - 00331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2016-10-02 12:46 - 2016-09-15 18:35 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\rshx32.dll
2016-10-02 12:46 - 2016-09-15 18:33 - 00966144 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-10-02 12:46 - 2016-09-15 18:33 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2016-10-02 12:46 - 2016-09-15 18:31 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\pwrshplugin.dll
2016-10-02 12:46 - 2016-09-15 18:30 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2016-10-02 12:46 - 2016-09-15 18:30 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-10-02 12:46 - 2016-09-15 18:30 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Energy.dll
2016-10-02 12:46 - 2016-09-15 18:29 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-10-02 12:46 - 2016-09-15 18:28 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2016-10-02 12:46 - 2016-09-15 18:27 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2016-10-02 12:46 - 2016-09-15 18:27 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
2016-10-02 12:46 - 2016-09-15 18:26 - 00361472 _____ (Microsoft Corporation) C:\Windows\system32\bdechangepin.exe
2016-10-02 12:46 - 2016-09-15 18:25 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2016-10-02 12:46 - 2016-09-15 18:24 - 04596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2016-10-02 12:46 - 2016-09-15 18:24 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-10-02 12:46 - 2016-09-15 18:24 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2016-10-02 12:46 - 2016-09-15 18:24 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2016-10-02 12:46 - 2016-09-15 18:23 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2016-10-02 12:46 - 2016-09-15 18:23 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2016-10-02 12:46 - 2016-09-15 18:20 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2016-10-02 12:46 - 2016-09-15 18:16 - 00531456 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2016-10-02 12:46 - 2016-09-07 07:54 - 00133472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-02 12:46 - 2016-09-07 07:41 - 00172528 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-02 12:46 - 2016-09-07 07:24 - 00057400 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-02 12:46 - 2016-09-07 07:17 - 00782176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-10-02 12:46 - 2016-09-07 07:17 - 00509792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-10-02 12:46 - 2016-09-07 07:13 - 00640976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-02 12:46 - 2016-09-07 07:03 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccessRes.dll
2016-10-02 12:46 - 2016-09-07 07:02 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTypeHelperUtil.dll
2016-10-02 12:46 - 2016-09-07 07:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\UserDataLanguageUtil.dll
2016-10-02 12:46 - 2016-09-07 07:02 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\ExtrasXmlParser.dll
2016-10-02 12:46 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\PhoneutilRes.dll
2016-10-02 12:46 - 2016-09-07 07:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wificonnapi.dll
2016-10-02 12:46 - 2016-09-07 07:01 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\AddressParser.dll
2016-10-02 12:46 - 2016-09-07 07:01 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\POSyncServices.dll
2016-10-02 12:46 - 2016-09-07 07:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-10-02 12:46 - 2016-09-07 07:00 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft-Windows-MosHost.dll
2016-10-02 12:46 - 2016-09-07 06:59 - 00409088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosResource.dll
2016-10-02 12:46 - 2016-09-07 06:59 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\ExSMime.dll
2016-10-02 12:46 - 2016-09-07 06:59 - 00110080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft-Windows-MapControls.dll
2016-10-02 12:46 - 2016-09-07 06:59 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\UserDataPlatformHelperUtil.dll
2016-10-02 12:46 - 2016-09-07 06:59 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\ContactActivation.dll
2016-10-02 12:46 - 2016-09-07 06:59 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlStringsRes.dll
2016-10-02 12:46 - 2016-09-07 06:58 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll
2016-10-02 12:46 - 2016-09-07 06:58 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll
2016-10-02 12:46 - 2016-09-07 06:58 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-10-02 12:46 - 2016-09-07 06:58 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-10-02 12:46 - 2016-09-07 06:56 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2016-10-02 12:46 - 2016-09-07 06:56 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2016-10-02 12:46 - 2016-09-07 06:56 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-02 12:46 - 2016-09-07 06:56 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentActivation.dll
2016-10-02 12:46 - 2016-09-07 06:56 - 00116224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-10-02 12:46 - 2016-09-07 06:55 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2016-10-02 12:46 - 2016-09-07 06:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-10-02 12:46 - 2016-09-07 06:54 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2016-10-02 12:46 - 2016-09-07 06:54 - 00315904 _____ (Microsoft Corporation) C:\Windows\system32\Phoneutil.dll
2016-10-02 12:46 - 2016-09-07 06:52 - 00605184 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-10-02 12:46 - 2016-09-07 06:52 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2016-10-02 12:46 - 2016-09-07 06:52 - 00331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-10-02 12:46 - 2016-09-07 06:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NmaDirect.dll
2016-10-02 12:46 - 2016-09-07 06:52 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-10-02 12:46 - 2016-09-07 06:50 - 01755136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceFlows.DataModel.dll
2016-10-02 12:46 - 2016-09-07 06:50 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-10-02 12:46 - 2016-09-07 06:46 - 00755200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-02 12:46 - 2016-09-07 06:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-10-02 12:46 - 2016-09-07 06:41 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-10-02 12:46 - 2016-09-07 06:41 - 01891328 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2016-10-02 12:46 - 2016-09-07 06:39 - 00895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-10-02 12:46 - 2016-09-07 06:36 - 02423296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAJApi.dll
2016-10-02 12:46 - 2016-09-07 06:36 - 02360832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2016-10-02 12:46 - 2016-09-07 06:35 - 02107392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2016-10-02 12:46 - 2016-09-07 06:34 - 00860672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-10-02 12:46 - 2016-09-07 06:34 - 00444416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-10-02 12:46 - 2016-08-20 07:22 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-10-02 12:46 - 2016-08-20 07:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
2016-10-02 12:46 - 2016-08-20 07:20 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2016-10-02 12:46 - 2016-08-20 07:20 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll
2016-10-02 12:46 - 2016-08-20 07:19 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2016-10-02 12:46 - 2016-08-20 07:19 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
2016-10-02 12:46 - 2016-08-20 07:18 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2016-10-02 12:46 - 2016-08-20 07:18 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2016-10-02 12:46 - 2016-08-20 07:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2016-10-02 12:46 - 2016-08-20 07:15 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2016-10-02 12:46 - 2016-08-20 07:14 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
2016-10-02 12:46 - 2016-08-20 07:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\DscCoreConfProv.dll
2016-10-02 12:46 - 2016-08-20 07:07 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2016-10-02 12:46 - 2016-08-20 07:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\Windows\SysWOW64\DscCoreConfProv.dll
2016-10-02 12:46 - 2016-08-20 06:58 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi_passthru.dll
2016-10-02 12:46 - 2016-08-20 06:56 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\delegatorprovider.dll
2016-10-02 12:46 - 2016-08-06 06:26 - 01176664 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-02 12:46 - 2016-08-06 06:13 - 01847048 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2016-10-02 12:46 - 2016-08-06 06:13 - 01453992 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-10-02 12:46 - 2016-08-06 05:48 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2016-10-02 12:46 - 2016-08-06 05:48 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2016-10-02 12:46 - 2016-08-06 05:47 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-02 12:46 - 2016-08-06 05:47 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WiFiConfigSP.dll
2016-10-02 12:46 - 2016-08-06 05:46 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModelOOBE.exe
2016-10-02 12:46 - 2016-08-06 05:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2016-10-02 12:46 - 2016-08-06 05:45 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-02 12:46 - 2016-08-06 05:45 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\StorageUsage.dll
2016-10-02 12:46 - 2016-08-06 05:45 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-02 12:46 - 2016-08-06 05:44 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-02 12:46 - 2016-08-06 05:44 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceassociation.dll
2016-10-02 12:46 - 2016-08-06 05:43 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2016-10-02 12:46 - 2016-08-06 05:41 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2016-10-02 12:46 - 2016-08-06 05:41 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2016-10-02 12:46 - 2016-08-06 05:41 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2016-10-02 12:46 - 2016-08-06 05:41 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncPolicy.dll
2016-10-02 12:46 - 2016-08-06 05:39 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\wifiprofilessettinghandler.dll
2016-10-02 12:46 - 2016-08-06 05:35 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll
2016-10-02 12:46 - 2016-08-06 05:33 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smphost.dll
2016-10-02 12:46 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2016-10-02 12:46 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-02 12:46 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2016-10-02 12:29 - 2016-10-28 13:58 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-02 01:22 - 2016-10-22 00:06 - 00000000 ____D C:\Users\Site\Documents\The Witcher 3
2016-10-02 01:00 - 2016-10-02 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anno 1602 - Creation of a New World [GOG.com]
2016-10-02 00:38 - 2016-10-02 00:38 - 00000000 ____D C:\Users\Site\Documents\Criterion Games
2016-10-02 00:21 - 2016-10-02 00:21 - 00000000 ____D C:\Users\Site\AppData\Roaming\Performix LLC
2016-10-02 00:21 - 2016-10-02 00:21 - 00000000 ____D C:\Users\Default\AppData\Roaming\Performix LLC
2016-10-02 00:21 - 2016-10-02 00:21 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Performix LLC
2016-10-01 23:06 - 2016-10-02 13:22 - 00000000 ____D C:\Program Files (x86)\Adguard
2016-10-01 23:06 - 2016-10-02 12:02 - 00000000 ____D C:\ProgramData\Adguard
2016-10-01 23:06 - 2016-10-01 23:06 - 00000255 _____ C:\ProgramData\fontcacheev1.dat
2016-10-01 22:20 - 2016-10-02 13:22 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-10-01 22:00 - 2016-10-03 16:42 - 00000000 ____D C:\Program Files (x86)\EA Games
2016-10-01 21:43 - 2016-10-01 21:43 - 00000000 ____D C:\Users\Site\AppData\Roaming\WinRAR
2016-10-01 21:24 - 2016-10-27 22:21 - 00000000 ____D C:\Users\Site\AppData\Roaming\Tropico 5
2016-10-01 21:24 - 2016-10-01 21:24 - 00000000 ____D C:\Users\Site\AppData\Roaming\Kalypso Media
2016-10-01 21:23 - 2016-10-01 21:23 - 00000000 ____D C:\Users\Site\Documents\SkidRow
2016-10-01 21:13 - 2016-10-10 15:32 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-01 21:12 - 2016-10-02 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 - Wild Hunt [GOG.com]
2016-10-01 20:52 - 2016-10-08 01:10 - 00000000 ____D C:\GOG Games
2016-10-01 18:50 - 2016-10-01 18:50 - 00000000 ____D C:\Windows\PCHEALTH
2016-10-01 18:46 - 2016-10-02 19:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-10-01 18:46 - 2016-10-01 18:46 - 00000000 ____D C:\Program Files\Microsoft Office
2016-10-01 18:45 - 2016-10-03 19:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-01 18:45 - 2016-10-01 18:45 - 00000000 __RHD C:\MSOCache
2016-10-01 18:45 - 2016-10-01 18:45 - 00000000 ____D C:\Users\Site\AppData\Local\Microsoft Help
2016-10-01 18:43 - 2016-10-01 18:43 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-10-01 18:25 - 2016-10-01 18:25 - 00000000 ____D C:\Users\Site\AppData\Local\Globalscape
2016-10-01 18:25 - 2016-10-01 18:25 - 00000000 ____D C:\ProgramData\Globalscape
2016-10-01 17:54 - 2016-10-26 22:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-10-01 17:54 - 2016-10-01 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlobalSCAPE
2016-10-01 17:54 - 2016-10-01 17:54 - 00000000 ____D C:\Program Files (x86)\GlobalSCAPE
2016-10-01 17:52 - 2016-10-01 17:52 - 00000000 ____D C:\Users\Site\AppData\Roaming\GlobalSCAPE
2016-10-01 17:22 - 2016-10-01 17:22 - 00000000 ____D C:\Users\Site\AppData\Local\PeerDistRepub
2016-10-01 17:20 - 2016-10-29 17:18 - 00000000 ____D C:\Users\Site\AppData\Roaming\uTorrent
2016-10-01 17:16 - 2016-10-02 20:50 - 00000000 ____D C:\Users\Site\AppData\Roaming\Vso
2016-10-01 17:16 - 2016-10-01 17:16 - 00000000 ____D C:\Users\Site\Documents\PcSetup
2016-10-01 17:15 - 2016-10-02 20:49 - 00000000 ____D C:\Program Files (x86)\VSO
2016-10-01 17:15 - 2016-10-01 17:17 - 00000000 ____D C:\ProgramData\VSO
2016-10-01 17:08 - 2016-10-23 17:34 - 00000000 ____D C:\Users\Site\AppData\Local\GZWO
2016-10-01 17:04 - 2016-10-12 19:20 - 00000000 ____D C:\Windows\system32\MRT
2016-10-01 16:58 - 2016-10-02 15:23 - 00000000 ____D C:\Users\Site\Documents\My IMS Projects
2016-10-01 16:58 - 2016-10-02 15:21 - 00000000 ____D C:\Users\Site\AppData\Roaming\Virtual Mechanics
2016-10-01 16:58 - 2016-10-01 16:58 - 00000000 ____D C:\ProgramData\Virtual Mechanics
2016-10-01 16:57 - 2016-10-02 15:21 - 00000000 ____D C:\Program Files (x86)\Virtual Mechanics
2016-10-01 16:18 - 2016-10-16 23:29 - 00000000 ____D C:\Users\Site\AppData\Local\IM
2016-10-01 16:18 - 2016-10-02 13:22 - 00000000 ____D C:\Program Files (x86)\Photo Notifier and Animation Creator
2016-10-01 16:18 - 2016-10-01 16:18 - 00000000 ____D C:\ProgramData\Photo Notifier and Animation Creator
2016-10-01 16:14 - 2016-10-02 15:49 - 00000000 ____D C:\Users\Site\AppData\Local\Google
2016-10-01 16:14 - 2016-10-01 16:15 - 00000000 ____D C:\Users\Site\AppData\Roaming\Google
2016-10-01 16:13 - 2016-10-02 14:10 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-01 16:13 - 2016-10-01 16:14 - 00000000 ____D C:\ProgramData\Google
2016-10-01 16:08 - 2016-10-26 11:58 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-10-01 16:08 - 2016-10-01 16:08 - 00000000 ____D C:\Users\Site\AppData\Roaming\SUPERAntiSpyware.com
2016-10-01 16:08 - 2016-10-01 16:08 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-10-01 16:04 - 2016-10-02 13:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2016-10-01 16:04 - 2016-10-01 16:04 - 00000000 ____D C:\Users\Site\AppData\Roaming\Malwarebytes
2016-10-01 16:04 - 2016-10-01 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-01 15:52 - 2016-10-28 17:54 - 00000000 ____D C:\Users\Site\programmas
2016-10-01 15:49 - 2016-10-02 13:14 - 00000000 ____D C:\Program Files (x86)\StartIsBack
2016-10-01 15:42 - 2016-10-22 21:42 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-10-01 15:36 - 2016-10-02 13:22 - 00000000 ____D C:\Users\Site\AppData\Local\Disc_Soft_Ltd
2016-10-01 15:34 - 2016-10-01 21:17 - 00000000 ____D C:\Users\Site\AppData\Roaming\DAEMON Tools Lite
2016-10-01 15:34 - 2016-10-01 15:34 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2016-10-01 15:34 - 2016-10-01 15:34 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-10-01 15:34 - 2016-10-01 15:34 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-10-01 15:33 - 2016-10-01 15:33 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-10-01 15:32 - 2016-10-29 17:07 - 00000000 ____D C:\utorrentdownload
2016-10-01 15:32 - 2016-10-01 15:32 - 00000000 ____D C:\Windows\Downloaded Installations
2016-10-01 15:31 - 2016-10-01 15:31 - 00003318 _____ C:\Windows\System32\Tasks\{566E50C7-4811-4EF4-8E37-8F7760BBCD59}
2016-10-01 14:49 - 2016-10-01 13:53 - 00000000 ____D C:\Windows\Panther
2016-10-01 14:40 - 2016-10-02 21:02 - 00000000 ____D C:\Users\Site\AppData\Roaming\Macromedia
2016-10-01 14:38 - 2016-10-29 16:54 - 00004196 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D20F559A-B73D-4BA0-B837-52F19354B9E8}
2016-10-01 14:29 - 2016-10-02 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2016-10-01 14:29 - 2016-10-01 14:29 - 00003584 _____ C:\Windows\SECOH-QAD.dll
2016-10-01 14:29 - 2016-10-01 14:29 - 00003474 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2016-10-01 14:29 - 2010-12-06 04:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2016-10-01 14:28 - 2016-10-06 15:55 - 00000000 ____D C:\Program Files\KMSpico
2016-10-01 14:28 - 2016-10-01 14:28 - 00000000 ____D C:\Users\Site\AppData\LocalLow\Temp
2016-10-01 14:26 - 2016-10-01 14:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-10-01 14:20 - 2016-10-01 14:20 - 00000000 ____D C:\Users\Site\AppData\Local\Comms
2016-10-01 14:19 - 2016-10-01 14:19 - 00000000 ____D C:\Users\Site\AppData\Local\NVIDIA
2016-10-01 14:19 - 2016-10-01 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-10-01 14:15 - 2016-10-05 15:21 - 00000000 ____D C:\Users\Site\AppData\Local\MicrosoftEdge
2016-10-01 14:14 - 2016-10-29 14:52 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-01 14:14 - 2016-10-01 14:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-10-01 14:14 - 2015-07-13 20:45 - 00112784 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-10-01 14:14 - 2015-07-13 19:37 - 06873744 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-10-01 14:14 - 2015-07-13 19:37 - 03493008 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-10-01 14:14 - 2015-07-13 19:37 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-10-01 14:14 - 2015-07-13 19:37 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-10-01 14:14 - 2015-07-13 19:37 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-10-01 14:14 - 2015-07-13 19:37 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-10-01 14:14 - 2015-07-13 19:17 - 00572048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-10-01 14:14 - 2015-07-13 18:28 - 05096627 _____ C:\Windows\system32\nvcoproc.bin
2016-10-01 14:13 - 2016-10-01 14:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-01 14:12 - 2016-10-01 14:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-10-01 14:12 - 2016-10-01 14:13 - 00002380 _____ C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-10-01 14:12 - 2016-10-01 14:13 - 00000000 ___RD C:\Users\Site\OneDrive
2016-10-01 14:12 - 2016-10-01 14:12 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-10-01 14:11 - 2016-10-01 14:11 - 00000000 ____D C:\Users\Site\AppData\Local\Publishers
2016-10-01 14:10 - 2016-10-29 16:15 - 00000000 ____D C:\Users\Site
2016-10-01 14:10 - 2016-10-28 12:02 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-01 14:10 - 2016-10-24 22:42 - 00000000 ____D C:\Users\Site\AppData\Roaming\Adobe
2016-10-01 14:10 - 2016-10-24 01:36 - 00000000 ____D C:\Users\Site\AppData\Local\VirtualStore
2016-10-01 14:10 - 2016-10-15 22:52 - 00000000 ____D C:\Users\Site\AppData\Local\Packages
2016-10-01 14:10 - 2016-10-01 14:19 - 00000000 ____D C:\Users\Site\AppData\Local\ConnectedDevicesPlatform
2016-10-01 14:10 - 2016-10-01 14:10 - 00000020 ___SH C:\Users\Site\ntuser.ini
2016-10-01 14:10 - 2016-10-01 14:10 - 00000000 _SHDL C:\Users\Site\Sjablonen
2016-10-01 14:10 - 2016-10-01 14:10 - 00000000 _SHDL C:\Users\Site\Netwerkprinteromgeving
2016-10-01 14:10 - 2016-10-01 14:10 - 00000000 _SHDL C:\Users\Site\Mijn documenten
2016-10-01 14:10 - 2016-10-01 14:10 - 00000000 _SHDL C:\Users\Site\Menu Start
2016-10-01 14:10 - 2016-10-01 14:10 - 00000000 _SHDL C:\Users\Site\Documents\Mijn video's
2016-10-01 14:10 - 2016-10-01 14:10 - 00000000 _SHDL C:\Users\Site\Documents\Mijn muziek
2016-10-01 14:10 - 2016-10-01 14:10 - 00000000 _SHDL C:\Users\Site\Documents\Mijn afbeeldingen
2016-10-01 14:10 - 2016-10-01 14:10 - 00000000 _SHDL C:\Users\Site\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2016-10-01 14:10 - 2016-10-01 14:10 - 00000000 _SHDL C:\Users\Site\AppData\Local\Geschiedenis
2016-10-01 14:10 - 2016-10-01 14:10 - 00000000 ____D C:\Users\Site\AppData\Local\TileDataLayer
2016-10-01 14:09 - 2016-10-01 14:09 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\VirtualStore
2016-10-01 14:09 - 2016-10-01 14:09 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\TileDataLayer
2016-10-01 14:09 - 2016-10-01 14:09 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2016-10-01 14:09 - 2016-10-01 14:09 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform
2016-10-01 13:59 - 2016-10-15 16:57 - 02750800 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-01 13:56 - 2016-10-01 13:56 - 00000000 ____D C:\Windows\CSC
2016-10-01 13:56 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-10-01 13:55 - 2016-10-02 13:22 - 00000000 ____D C:\Users\defaultuser0
2016-10-01 13:55 - 2016-10-01 13:55 - 00000020 ___SH C:\Users\defaultuser0\ntuser.ini
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Public\Documents\Mijn video's
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Public\Documents\Mijn muziek
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Public\Documents\Mijn afbeeldingen
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\defaultuser0\Sjablonen
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\defaultuser0\Netwerkprinteromgeving
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\defaultuser0\Mijn documenten
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\defaultuser0\Menu Start
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\defaultuser0\Documents\Mijn video's
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\defaultuser0\Documents\Mijn muziek
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\defaultuser0\Documents\Mijn afbeeldingen
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\defaultuser0\AppData\Local\Geschiedenis
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Default\Sjablonen
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Default\Netwerkprinteromgeving
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Default\Mijn documenten
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Default\Menu Start
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Default\Documents\Mijn video's
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Default\Documents\Mijn muziek
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Default\Documents\Mijn afbeeldingen
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Default\AppData\Local\Geschiedenis
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Default User\Documents\Mijn video's
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Default User\Documents\Mijn muziek
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Default User\Documents\Mijn afbeeldingen
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Geschiedenis
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\ProgramData\Sjablonen
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programma's
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\ProgramData\Menu Start
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\ProgramData\Documenten
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\ProgramData\Bureaublad
2016-10-01 13:55 - 2016-10-01 13:55 - 00000000 _SHDL C:\Documents and Settings
2016-10-01 13:51 - 2016-10-01 13:51 - 00000000 ____D C:\ProgramData\USOShared
2016-10-01 13:50 - 2016-10-29 15:38 - 00000000 ____D C:\Windows\system32\SleepStudy
2016-10-01 13:50 - 2016-10-29 14:52 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-01 13:50 - 2016-10-01 13:50 - 00000000 ____D C:\Windows\ServiceProfiles
2016-10-01 13:49 - 2016-10-29 00:17 - 00726832 _____ C:\Windows\system32\FNTCACHE.DAT

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2016-10-29 16:09 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-29 16:09 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-29 13:11 - 2016-07-16 08:04 - 00262144 _____ C:\Windows\system32\config\BBI
2016-10-28 18:37 - 2016-07-16 13:47 - 00103713 _____ C:\Windows\system32\Drivers\etc\hosts.hitmanpro
2016-10-28 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\registration
2016-10-28 12:14 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2016-10-28 12:04 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2016-10-28 02:11 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-10-28 02:11 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-10-28 02:11 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\oobe
2016-10-28 02:11 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-28 02:11 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-10-28 02:09 - 2016-07-16 13:47 - 00015425 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2016-10-28 00:31 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2016-10-26 20:20 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Help
2016-10-18 16:52 - 2012-09-23 20:43 - 00055432 _____ (Adobe Systems Inc) C:\Windows\system32\AdobePDF.dll
2016-10-18 16:52 - 2012-09-23 20:43 - 00026768 _____ (Adobe Systems Inc.) C:\Windows\system32\AdobePDFUI.dll
2016-10-18 16:50 - 2012-09-23 20:43 - 00068744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL
2016-10-15 22:52 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-15 17:45 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SchCache
2016-10-15 16:57 - 2016-07-17 00:15 - 04564390 _____ C:\Windows\system32\perfh013.dat
2016-10-15 16:57 - 2016-07-17 00:15 - 01491518 _____ C:\Windows\system32\perfc013.dat
2016-10-13 17:18 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2016-10-12 22:56 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-10-12 22:56 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\migwiz
2016-10-12 22:56 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2016-10-12 22:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-12 22:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-12 15:43 - 2016-07-16 13:43 - 00783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2016-10-12 15:43 - 2016-07-16 13:42 - 00177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-11 17:39 - 2016-07-17 00:15 - 00000000 ____D C:\Windows\SysWOW64\winrm
2016-10-11 17:39 - 2016-07-17 00:15 - 00000000 ____D C:\Windows\SysWOW64\WCN
2016-10-11 17:39 - 2016-07-17 00:15 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2016-10-11 17:39 - 2016-07-17 00:15 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2016-10-11 17:39 - 2016-07-17 00:15 - 00000000 ____D C:\Windows\system32\winrm
2016-10-11 17:39 - 2016-07-17 00:15 - 00000000 ____D C:\Windows\system32\WCN
2016-10-11 17:39 - 2016-07-17 00:15 - 00000000 ____D C:\Windows\system32\slmgr
2016-10-11 17:39 - 2016-07-17 00:15 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-10-11 17:39 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\F12
2016-10-11 17:39 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2016-10-11 17:39 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\system32\F12
2016-10-11 17:39 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-10-11 17:37 - 2016-07-17 00:20 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-10-11 17:37 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\MiracastView
2016-10-11 17:37 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-10-11 17:37 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-10-11 17:37 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\servicing
2016-10-11 17:15 - 2016-07-17 00:15 - 00000000 ____D C:\Windows\OCR
2016-10-07 16:30 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-10-06 23:25 - 2016-07-16 13:43 - 00471040 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2016-10-06 23:25 - 2016-07-16 13:43 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2016-10-06 23:25 - 2016-07-16 13:43 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2016-10-06 23:25 - 2016-07-16 13:43 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2016-10-06 23:25 - 2016-07-16 13:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2016-10-06 23:25 - 2016-07-16 13:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2016-10-06 23:25 - 2016-07-16 13:43 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2016-10-06 23:25 - 2016-07-16 13:43 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2016-10-06 23:25 - 2016-07-16 13:43 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2016-10-06 23:25 - 2016-07-16 13:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2016-10-06 23:25 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2016-10-06 23:25 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2016-10-06 23:25 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2016-10-06 23:25 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2016-10-06 23:25 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2016-10-06 23:25 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2016-10-06 23:25 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2016-10-06 23:25 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2016-10-05 14:53 - 2016-07-16 08:04 - 00032768 _____ C:\Windows\system32\config\ELAM
2016-10-04 22:53 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-10-04 22:53 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-10-03 20:42 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\Downloaded Program Files
2016-10-03 20:00 - 2016-07-16 13:47 - 00000167 _____ C:\Windows\win.ini
2016-10-03 19:02 - 2015-03-11 11:47 - 01470976 _____ (HMS hxxp://hp.vector.co.jp/authors/VA012897/) C:\Windows\system32\vorbis.acm
2016-10-03 19:01 - 2015-03-11 11:47 - 01554944 _____ (HMS hxxp://hp.vector.co.jp/authors/VA012897/) C:\Windows\SysWOW64\vorbis.acm
2016-10-02 19:27 - 2006-10-26 13:45 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WISPTIS.EXE
2016-10-02 19:19 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-10-02 19:19 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\MUI
2016-10-02 14:52 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\system32\dsc
2016-10-02 14:52 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\setup
2016-10-02 14:52 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\setup
2016-10-02 14:52 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\lv-LV
2016-10-02 14:52 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\lt-LT
2016-10-02 14:52 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\et-EE
2016-10-02 14:52 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\es-MX
2016-10-02 14:52 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\en-GB
2016-10-02 14:52 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Provisioning
2016-10-02 14:52 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\bcastdvr
2016-10-02 14:52 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-02 14:52 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\system32\Sysprep
2016-10-02 14:52 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\system32\Dism
2016-10-02 13:22 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\Nui
2016-10-02 13:22 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\Configuration
2016-10-02 13:22 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\system32\Nui
2016-10-02 13:22 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\system32\Configuration
2016-10-02 13:22 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\WinMetadata
2016-10-02 13:22 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2016-10-02 13:22 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2016-10-02 13:22 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\et-EE
2016-10-02 13:22 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\es-MX
2016-10-02 13:22 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2016-10-02 13:22 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\WinMetadata
2016-10-02 13:22 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\DDFs
2016-10-02 13:22 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\L2Schemas
2016-10-02 13:22 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Globalization
2016-10-02 13:22 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\SysWOW64\downlevel
2016-10-02 13:22 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\system32\downlevel
2016-10-02 13:15 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\appcompat
2016-10-02 12:29 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2016-10-01 14:48 - 2016-07-16 13:47 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-10-01 13:56 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\spool
2016-10-01 13:56 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-10-01 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-10-01 13:52 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-01 13:51 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\PrintDialog
2016-10-01 13:51 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate

==================== Bestanden in de root van sommige mappen =======

2016-10-17 14:21 - 2016-10-17 14:21 - 0000196 _____ () C:\Users\Site\AppData\Roaming\burnaware.ini
2016-10-02 20:50 - 2016-10-02 20:50 - 0099384 _____ () C:\Users\Site\AppData\Roaming\inst.exe
2016-10-02 20:50 - 2016-10-02 20:50 - 0007859 _____ () C:\Users\Site\AppData\Roaming\pcouffin.cat
2016-10-02 20:50 - 2016-10-02 20:50 - 0001167 _____ () C:\Users\Site\AppData\Roaming\pcouffin.inf
2016-10-01 17:16 - 2016-10-02 20:50 - 0000055 _____ () C:\Users\Site\AppData\Roaming\pcouffin.log
2016-10-02 20:50 - 2016-10-02 20:50 - 0082816 _____ (VSO Software) C:\Users\Site\AppData\Roaming\pcouffin.sys
2016-10-12 14:02 - 2016-10-25 23:01 - 0005632 _____ () C:\Users\Site\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-01 23:06 - 2016-10-01 23:06 - 0000255 _____ () C:\ProgramData\fontcacheev1.dat

Bestanden om te verplaatsen of verwijderen:
====================
C:\ProgramData\fontcacheev1.dat


Sommige bestanden in TEMP:
====================
C:\Users\Site\AppData\Local\Temp\libeay32.dll
C:\Users\Site\AppData\Local\Temp\msvcr120.dll
C:\Users\Site\AppData\Local\Temp\sqlite3.dll
C:\Users\Site\AppData\Local\Temp\utt6146.tmp.exe


==================== Bamital & volsnap ======================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend


LastRegBack: 2016-10-26 14:48

==================== Eind van FRST.txt ============================

[sitew]

i have done that Sir i have scan my computer with comodo (i have the security premium running here )
and i have with windows 10 the windows defender + malewareBytes corporate +SuperAntiSpyware 6.0 is all running nice in the background

i did yesterday with all a scan it took me 16 hours , and they found alot from this trotux hijacker and removed it also

but to be sertend it is better to ask a pro to check if everything is back normal aggain
and that's why i come here to you ppl (the pro's from the internet )