Hey,
Ik heb een pc die dienst doet als server (windows 10 )
als ik met een andere pc ( windows 10 ) in het netwerk iets wil openen duurt dat minstens 30 seconden
Kan iemand mij helpen
Hieronder een logje
Logfile of random's system information tool 1.10 (written by random/random)
Run by Martine at 2016-11-23 14:48:25
Microsoft Windows 10 Home
System drive C: has 205 GB (86%) free of 238 GB
Total RAM: 3965 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:48:35, on 23-11-2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Martine.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://ift.tt/WF6d6i
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ift.tt/1072LSF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://ift.tt/WF6d6i
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://ift.tt/WF6d6i
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ift.tt/1072LSF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Martine\AppData\Local\Microsoft\OneDrive\ 17.3.6390.0509\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martine\AppData\Local\Microsoft\OneDrive \17.3.6390.0509\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.Sta ndardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.Standa rdCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8017 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a038f8bf-c1bb-41e1-9018-0fbd6f88e2e0 -SystemEventPortName:HostProcess-5086ec21-31e4-4694-9cb0-67c927c8be27 -IoCancelEventPortName:HostProcess-65edb448-204c-4c5e-97c1-d1916d9c848b -NonStateChangingEventPortName:HostProcess-3c8602bd-c6a5-4d92-805c-f03ed4b761d7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:db2fdc44-037b-4265-86dc-e93caec312f4 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
dashost.exe {3b6c41dd-0635-47d6-b651b77d64cbe90c}
C:\WINDOWS\System32\svchost.exe -k utcsvc
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2 txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3 t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_c w5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m 3btvepj.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x6 4__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\AUDIODG.EXE 0x314
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3848 CREDAT:75009 /prefetch:2
"C:\Program Files\Windows Defender\\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey A6CA52A3-000E-1BEE-D329-B6578C40BBD8 -Reinvoke
"fontdrvhost.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3848 CREDAT:206082 /prefetch:2
"C:\Windows\System32\Macromed\Flash\FlashUtil_Acti veX.exe" -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3848 CREDAT:206089 /prefetch:2
taskhostw.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{133EAC4F-5891-4D04-BADA-D84870380A80}
"C:\Users\Martine\AppData\Local\Microsoft\Windows\ INetCache\IE\4KTLG9ZX\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrs vc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 644 648 656 8192 652
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-30 214216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-30 2850608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\ Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-30 151240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\ Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-30 1931056]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2016-10-17 631808]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-11-15 9105112]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\RunOnce]
"Uninstall C:\Users\Martine\AppData\Local\Microsoft\OneDrive\ 17.3.6390.0509\amd64"=C:\WINDOWS\system32\cmd.exe [2016-07-16 232960]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-23 14:48:25 ----D---- C:\rsit
2016-11-23 14:48:25 ----D---- C:\Program Files\trend micro
2016-11-23 14:35:59 ----D---- C:\Program Files\CCleaner
2016-11-15 09:25:52 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-15 09:25:51 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2016-11-15 09:25:50 ----A---- C:\WINDOWS\system32\wer.dll
2016-11-15 09:25:50 ----A---- C:\WINDOWS\system32\usercpl.dll
2016-11-15 09:25:50 ----A---- C:\WINDOWS\system32\oleaut32.dll
2016-11-15 09:25:50 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-15 09:25:50 ----A---- C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-15 09:25:49 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-15 09:25:49 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-15 09:25:49 ----A---- C:\WINDOWS\system32\weretw.dll
2016-11-15 09:25:49 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-15 09:25:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-11-15 09:25:48 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-15 09:25:48 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-15 09:25:48 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-11-15 09:25:48 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-11-15 09:25:48 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2016-11-15 09:25:48 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-15 09:25:48 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-15 09:25:48 ----A---- C:\WINDOWS\system32\ubpm.dll
2016-11-15 09:25:48 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin. dll
2016-11-15 09:25:48 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-15 09:25:47 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2016-11-15 09:25:47 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-11-15 09:25:47 ----A---- C:\WINDOWS\SYSWOW64\NPSM.dll
2016-11-15 09:25:47 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-15 09:25:47 ----A---- C:\WINDOWS\system32\WpcTok.exe
2016-11-15 09:25:47 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-15 09:25:47 ----A---- C:\WINDOWS\system32\ddraw.dll
2016-11-15 09:25:46 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-11-15 09:25:46 ----A---- C:\WINDOWS\SYSWOW64\chartv.dll
2016-11-15 09:25:46 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandle r.dll
2016-11-15 09:25:46 ----A---- C:\WINDOWS\system32\TSpkg.dll
2016-11-15 09:25:46 ----A---- C:\WINDOWS\system32\netplwiz.dll
2016-11-15 09:25:46 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-15 09:25:46 ----A---- C:\WINDOWS\system32\ActionCenter.dll
2016-11-15 09:25:45 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2016-11-15 09:25:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandle r.dll
2016-11-15 09:25:45 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-15 09:25:44 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayR eady.dll
2016-11-15 09:25:43 ----A---- C:\WINDOWS\system32\wmp.dll
2016-11-15 09:25:43 ----A---- C:\WINDOWS\system32\chartv.dll
2016-11-15 09:25:41 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-11-15 09:25:41 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-15 09:25:41 ----A---- C:\WINDOWS\system32\twinapi.dll
2016-11-15 09:25:41 ----A---- C:\WINDOWS\system32\authui.dll
2016-11-15 09:25:40 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-11-15 09:25:39 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-11-15 09:25:39 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-11-15 09:25:39 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockS creen.dll
2016-11-15 09:25:38 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2016-11-15 09:25:38 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-15 09:25:38 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-11-15 09:25:38 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2016-11-15 09:25:38 ----A---- C:\WINDOWS\system32\ListSvc.dll
2016-11-15 09:25:38 ----A---- C:\WINDOWS\system32\comdlg32.dll
2016-11-15 09:25:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2016-11-15 09:25:37 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2016-11-15 09:25:37 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2016-11-15 09:25:37 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-11-15 09:25:37 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-15 09:25:37 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-11-15 09:25:37 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-11-15 09:25:37 ----A---- C:\WINDOWS\system32\rdpcore.dll
2016-11-15 09:25:37 ----A---- C:\WINDOWS\system32\efsext.dll
2016-11-15 09:25:37 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-15 09:25:36 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2016-11-15 09:25:36 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2016-11-15 09:25:36 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2016-11-15 09:25:36 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2016-11-15 09:25:36 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2016-11-15 09:25:36 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2016-11-15 09:25:36 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2016-11-15 09:25:35 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-11-15 09:25:35 ----A---- C:\WINDOWS\SYSWOW64\fontext.dll
2016-11-15 09:25:35 ----A---- C:\WINDOWS\SYSWOW64\AuthExt.dll
2016-11-15 09:25:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayR eady.dll
2016-11-15 09:25:30 ----A---- C:\WINDOWS\system32\themecpl.dll
2016-11-15 09:25:30 ----A---- C:\WINDOWS\system32\sud.dll
2016-11-15 09:25:30 ----A---- C:\WINDOWS\system32\stobject.dll
2016-11-15 09:25:30 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-11-15 09:25:30 ----A---- C:\WINDOWS\system32\AudioEng.dll
2016-11-15 09:25:29 ----A---- C:\WINDOWS\system32\zipfldr.dll
2016-11-15 09:25:29 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-15 09:25:29 ----A---- C:\WINDOWS\system32\hgcpl.dll
2016-11-15 09:25:29 ----A---- C:\WINDOWS\system32\fontext.dll
2016-11-15 09:25:29 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-11-15 09:25:29 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-11-15 09:25:29 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-15 09:25:28 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHan dlers.dll
2016-11-15 09:25:28 ----A---- C:\WINDOWS\system32\gameux.dll
2016-11-15 09:25:28 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2016-11-15 09:25:28 ----A---- C:\WINDOWS\explorer.exe
2016-11-15 09:25:27 ----A---- C:\WINDOWS\system32\twinui.dll
2016-11-15 09:25:27 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-15 09:25:27 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-11-15 09:25:24 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-11-15 09:25:23 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2016-11-15 09:25:23 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-15 09:25:22 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-11-15 09:25:22 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2016-11-15 09:25:22 ----A---- C:\WINDOWS\system32\winload.exe
2016-11-15 09:25:22 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-15 09:25:21 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-11-15 09:25:21 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2016-11-15 09:25:21 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2016-11-15 09:25:21 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-11-15 09:25:21 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-15 09:25:21 ----A---- C:\WINDOWS\system32\Windows.Security.Authenticatio n.OnlineId.dll
2016-11-15 09:25:21 ----A---- C:\WINDOWS\system32\NPSM.dll
2016-11-15 09:25:21 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-11-15 09:25:20 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2016-11-15 09:25:20 ----A---- C:\WINDOWS\SYSWOW64\msinfo32.exe
2016-11-15 09:25:20 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-15 09:25:20 ----A---- C:\WINDOWS\system32\msinfo32.exe
2016-11-15 09:25:20 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-15 09:25:20 ----A---- C:\WINDOWS\system32\DeviceCenter.dll
2016-11-15 09:25:17 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-15 09:25:16 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-15 09:25:15 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-11-15 09:25:15 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-15 09:25:15 ----A---- C:\WINDOWS\system32\FSClient.dll
2016-11-15 09:25:15 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-11-15 09:25:13 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-15 09:25:13 ----A---- C:\WINDOWS\system32\FrameServer.dll
2016-11-15 09:25:13 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-15 09:25:12 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-15 09:25:11 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-11-15 09:25:10 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-15 09:25:10 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-11-15 09:25:09 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-15 09:25:09 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-15 09:25:09 ----A---- C:\WINDOWS\system32\cdp.dll
2016-11-15 09:25:09 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-11-15 09:25:08 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-11-15 09:25:07 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-11-15 09:25:07 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-15 09:25:07 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-15 09:25:07 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2016-11-15 09:25:06 ----A---- C:\WINDOWS\system32\shell32.dll
2016-11-15 09:25:05 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-15 09:25:05 ----A---- C:\WINDOWS\system32\shdocvw.dll
2016-11-15 09:25:05 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-15 09:25:05 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-15 09:25:04 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-15 09:25:03 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-15 09:25:02 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-15 09:25:01 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-15 09:25:01 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.oneco re.dll
2016-11-15 09:25:00 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-11-15 09:24:59 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.deskt op.dll
2016-11-15 09:24:58 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-15 09:24:58 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-11-15 09:24:57 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-15 09:24:57 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterface Device.dll
2016-11-15 09:24:57 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-11-15 09:24:56 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2016-11-15 09:24:56 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2016-11-15 09:24:56 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2016-11-15 09:24:56 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2016-11-15 09:24:56 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-15 09:24:56 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2016-11-15 09:24:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2016-11-15 09:24:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authenticatio n.OnlineId.dll
2016-11-15 09:24:54 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-11-15 09:24:54 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-15 09:24:54 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-15 09:24:54 ----A---- C:\WINDOWS\system32\mstsc.exe
2016-11-15 09:24:53 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-15 09:24:53 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-11-15 09:24:53 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-15 09:24:53 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2016-11-15 09:24:53 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-11-15 09:24:53 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-15 09:24:53 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-11-15 09:24:53 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-11-15 09:24:52 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2016-11-15 09:24:52 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-15 09:24:52 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2016-11-15 09:24:52 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetailsUpdate.dll
2016-11-15 09:24:52 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll
2016-11-15 09:24:52 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-11-15 09:24:52 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-15 09:24:52 ----A---- C:\WINDOWS\SYSWOW64\ActionCenterCPL.dll
2016-11-15 09:24:52 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-11-15 09:24:52 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-15 09:24:52 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-15 09:24:52 ----A---- C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-15 09:24:52 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-15 09:24:52 ----A---- C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-15 09:24:51 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-15 09:24:51 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2016-11-15 09:24:51 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-15 09:24:51 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2016-11-15 09:24:51 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-15 09:24:51 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-11-15 09:24:51 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-11-15 09:24:50 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-11-15 09:24:50 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-11-15 09:24:50 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-15 09:24:50 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-15 09:24:50 ----A---- C:\WINDOWS\system32\d3d9.dll
2016-11-15 09:24:49 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-15 09:24:49 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-11-15 09:24:49 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-15 09:24:49 ----A---- C:\WINDOWS\system32\gdi32full.dll
2016-11-15 09:24:48 ----A---- C:\WINDOWS\system32\winresume.exe
2016-11-15 09:24:47 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-11-15 09:24:46 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-11-15 09:24:46 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-11-15 09:24:46 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-11-15 09:24:46 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2016-11-15 09:24:45 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-15 09:24:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-11-15 09:24:45 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-15 09:24:45 ----A---- C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-15 09:24:45 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2016-11-15 09:24:44 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-15 09:24:44 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-11-15 09:24:44 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-15 09:24:44 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-15 09:24:44 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-15 09:24:44 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-15 09:24:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterface Device.dll
2016-11-15 09:24:43 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-15 09:24:43 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2016-11-15 09:24:43 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2016-11-15 09:24:43 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2016-11-15 09:24:43 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2016-11-15 09:24:43 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-11-15 09:24:43 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-15 09:24:43 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-15 09:24:43 ----A---- C:\WINDOWS\system32\drivers\iorate.sys
2016-11-15 09:24:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockS creen.dll
2016-11-15 09:24:42 ----A---- C:\WINDOWS\SYSWOW64\efsext.dll
2016-11-15 09:24:42 ----A---- C:\WINDOWS\SYSWOW64\ddraw.dll
2016-11-15 09:24:42 ----A---- C:\WINDOWS\SYSWOW64\d3d8.dll
2016-11-15 09:24:42 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-11-15 09:24:42 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-11-15 09:24:42 ----A---- C:\WINDOWS\system32\input.dll
2016-11-15 09:24:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-11-15 09:24:41 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-11-15 09:24:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2016-11-15 09:24:40 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRHelper.dll
2016-11-15 09:24:40 ----A---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2016-11-15 09:24:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2016-11-15 09:24:39 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-10-31 12:48:03 ----A---- C:\WINDOWS\SECOH-QAD.exe
2016-10-31 11:48:38 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-31 11:48:36 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2016-10-31 11:48:36 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-10-31 11:48:32 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-10-31 11:48:32 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-31 11:48:31 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2016-10-31 11:48:31 ----A---- C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-31 11:48:31 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-10-31 11:48:31 ----A---- C:\WINDOWS\system32\energy.dll
2016-10-31 11:48:31 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-10-31 11:48:30 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2016-10-31 11:48:30 ----A---- C:\WINDOWS\system32\usocore.dll
2016-10-31 11:48:30 ----A---- C:\WINDOWS\system32\user32.dll
2016-10-31 11:48:30 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2016-10-31 11:48:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPl ayer.dll
2016-10-31 11:48:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.Backgro undMediaPlayer.dll
2016-10-31 11:48:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaP layback.dll
2016-10-31 11:48:29 ----A---- C:\WINDOWS\SYSWOW64\drvstore.dll
2016-10-31 11:48:29 ----A---- C:\WINDOWS\system32\winsrv.dll
2016-10-31 11:48:29 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-10-31 11:48:29 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-10-31 11:48:29 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-31 11:48:28 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-10-31 11:48:25 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-31 11:48:20 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2016-10-31 11:48:20 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2016-10-31 11:48:19 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-10-31 11:48:19 ----A---- C:\WINDOWS\system32\wpnprv.dll
2016-10-31 11:48:19 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-10-31 11:48:19 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivit y.dll
2016-10-31 11:48:19 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-31 11:48:18 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2016-10-31 11:48:18 ----A---- C:\WINDOWS\system32\wscsvc.dll
2016-10-31 11:48:18 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-31 11:48:18 ----A---- C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-31 11:48:18 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-31 11:48:18 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2016-10-31 11:48:18 ----A---- C:\WINDOWS\system32\drivers\capimg.sys
2016-10-31 11:48:18 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-31 11:48:17 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2016-10-31 11:48:17 ----A---- C:\WINDOWS\SYSWOW64\cmifw.dll
2016-10-31 11:48:17 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-10-31 11:48:17 ----A---- C:\WINDOWS\system32\powercfg.exe
2016-10-31 11:48:17 ----A---- C:\WINDOWS\system32\fhcpl.dll
2016-10-31 11:48:17 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-10-31 11:48:17 ----A---- C:\WINDOWS\system32\Display.dll
2016-10-31 11:48:17 ----A---- C:\WINDOWS\system32\autoplay.dll
2016-10-31 11:48:16 ----A---- C:\WINDOWS\system32\taskbarcpl.dll
2016-10-31 11:48:16 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-31 11:48:16 ----A---- C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-31 11:48:14 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-10-31 11:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-10-31 11:48:13 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-10-31 11:48:12 ----A---- C:\WINDOWS\system32\mispace.dll
2016-10-31 11:48:11 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-10-31 11:48:11 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2016-10-31 11:48:11 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2016-10-31 11:48:10 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-10-31 11:48:10 ----A---- C:\WINDOWS\system32\wsp_health.dll
2016-10-31 11:48:10 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2016-10-31 11:48:10 ----A---- C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-31 11:48:10 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-10-31 11:48:10 ----A---- C:\WINDOWS\system32\esent.dll
2016-10-31 11:48:10 ----A---- C:\WINDOWS\system32\devinv.dll
2016-10-31 11:48:10 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-31 11:48:10 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-10-31 11:48:09 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2016-10-31 11:48:09 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-10-31 11:48:09 ----A---- C:\WINDOWS\system32\qmgr.dll
2016-10-31 11:48:09 ----A---- C:\WINDOWS\system32\invagent.dll
2016-10-31 11:48:09 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-10-31 11:48:09 ----A---- C:\WINDOWS\system32\aepic.dll
2016-10-31 11:48:08 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-10-31 11:48:08 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-10-31 11:48:08 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-10-31 11:48:08 ----A---- C:\WINDOWS\system32\wintrust.dll
2016-10-31 11:48:08 ----A---- C:\WINDOWS\system32\mfksproxy.dll
2016-10-31 11:48:07 ----A---- C:\WINDOWS\SYSWOW64\wmpeffects.dll
2016-10-31 11:48:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2016-10-31 11:48:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-10-31 11:48:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivit y.dll
2016-10-31 11:48:07 ----A---- C:\WINDOWS\SYSWOW64\mfksproxy.dll
2016-10-31 11:48:07 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-10-31 11:48:07 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-10-31 11:48:07 ----A---- C:\WINDOWS\system32\wmpeffects.dll
2016-10-31 11:48:07 ----A---- C:\WINDOWS\system32\pcasvc.dll
2016-10-31 11:48:07 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-10-31 11:48:07 ----A---- C:\WINDOWS\system32\drvstore.dll
2016-10-31 11:48:07 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2016-10-31 11:48:07 ----A---- C:\WINDOWS\system32\drivers\crashdmp.sys
2016-10-31 11:48:07 ----A---- C:\WINDOWS\system32\cmifw.dll
2016-10-31 11:48:06 ----A---- C:\WINDOWS\SYSWOW64\wmpdxm.dll
2016-10-31 11:48:06 ----A---- C:\WINDOWS\system32\wmpshell.dll
2016-10-31 11:48:06 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2016-10-31 11:48:06 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2016-10-31 11:48:04 ----A---- C:\WINDOWS\SYSWOW64\wmpshell.dll
2016-10-31 11:48:04 ----A---- C:\WINDOWS\SYSWOW64\Geolocation.dll
2016-10-31 11:48:04 ----A---- C:\WINDOWS\SYSWOW64\esentutl.exe
2016-10-31 11:48:04 ----A---- C:\WINDOWS\system32\wups.dll
2016-10-31 11:48:04 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-10-31 11:48:04 ----A---- C:\WINDOWS\system32\esentutl.exe
2016-10-31 11:48:04 ----A---- C:\WINDOWS\splwow64.exe
2016-10-31 11:48:02 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-10-31 11:48:01 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-31 11:48:01 ----A---- C:\WINDOWS\system32\ClipUp.exe
2016-10-31 11:48:00 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-10-31 11:48:00 ----A---- C:\WINDOWS\system32\mos.dll
2016-10-31 11:47:58 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-10-31 11:47:57 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2016-10-31 11:47:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-10-31 11:47:56 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-10-31 11:47:55 ----A---- C:\WINDOWS\system32\wpncore.dll
2016-10-31 11:47:55 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-10-31 11:47:55 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-10-31 11:47:55 ----A---- C:\WINDOWS\system32\FntCache.dll
2016-10-31 11:47:55 ----A---- C:\WINDOWS\system32\D3D12.dll
2016-10-31 11:47:55 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-10-31 11:47:55 ----A---- C:\WINDOWS\system32\combase.dll
2016-10-31 11:47:54 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2016-10-31 11:47:54 ----A---- C:\WINDOWS\SYSWOW64\WSManHTTPConfig.exe
2016-10-31 11:47:54 ----A---- C:\WINDOWS\system32\wc_storage.dll
2016-10-31 11:47:54 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-10-31 11:47:54 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-10-31 11:47:54 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-10-31 11:47:54 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-31 11:47:54 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-10-31 11:47:54 ----A---- C:\WINDOWS\system32\daxexec.dll
2016-10-31 11:47:54 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-31 11:47:54 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2016-10-31 11:47:54 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2016-10-31 11:47:54 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2016-10-31 11:47:53 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-10-31 11:47:53 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPl ayer.dll
2016-10-31 11:47:53 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.Backgro undMediaPlayer.dll
2016-10-31 11:47:53 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaP layback.dll
2016-10-31 11:47:53 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-31 11:47:53 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2016-10-31 11:47:53 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-10-31 11:47:53 ----A---- C:\WINDOWS\system32\CPFilters.dll
2016-10-31 11:47:53 ----A---- C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-31 11:47:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFi.dll
2016-10-31 11:47:52 ----A---- C:\WINDOWS\SYSWOW64\dtdump.exe
2016-10-31 11:47:52 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2016-10-31 11:47:52 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-10-31 11:47:52 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-10-31 11:47:52 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-31 11:47:52 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-10-31 11:47:48 ----A---- C:\WINDOWS\SYSWOW64\systemcpl.dll
2016-10-31 11:47:48 ----A---- C:\WINDOWS\SYSWOW64\autoplay.dll
2016-10-31 11:47:48 ----A---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-31 11:47:48 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2016-10-31 11:47:47 ----A---- C:\WINDOWS\system32\EncDec.dll
2016-10-31 11:47:41 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-31 11:47:41 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2016-10-31 11:47:41 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-10-31 11:47:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-10-31 11:47:40 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-10-31 11:47:40 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2016-10-31 11:47:40 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2016-10-31 11:47:40 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-10-31 11:47:40 ----A---- C:\WINDOWS\system32\DWrite.dll
2016-10-31 11:47:39 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-10-31 11:47:39 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2016-10-31 11:47:39 ----A---- C:\WINDOWS\system32\winmde.dll
2016-10-31 11:47:39 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2016-10-31 11:47:39 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2016-10-31 11:47:38 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2016-10-31 11:47:38 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-10-31 11:47:38 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-10-31 11:47:38 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-10-31 11:47:38 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2016-10-31 11:47:38 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2016-10-31 11:47:38 ----A---- C:\WINDOWS\system32\NotificationController.dll
2016-10-31 11:47:38 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-31 11:47:38 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-10-31 11:47:38 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-10-31 11:47:38 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-10-31 11:47:38 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2016-10-31 11:47:37 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-10-31 11:47:37 ----A---- C:\WINDOWS\SYSWOW64\SndVolSSO.dll
2016-10-31 11:47:37 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2016-10-31 11:47:37 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-31 11:47:37 ----A---- C:\WINDOWS\system32\Geolocation.dll
2016-10-31 11:47:37 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2016-10-31 11:47:37 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2016-10-31 11:47:37 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-10-31 11:47:37 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-31 11:47:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-10-31 11:47:35 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2016-10-31 11:47:35 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-10-31 11:47:35 ----A---- C:\WINDOWS\system32\cdd.dll
2016-10-31 11:47:35 ----A---- C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-31 11:47:34 ----A---- C:\WINDOWS\SYSWOW64\powercfg.exe
2016-10-31 11:47:34 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
======List of files/folders modified in the last 1 month======
2016-11-23 14:48:32 ----D---- C:\WINDOWS\Prefetch
2016-11-23 14:48:25 ----RD---- C:\Program Files
2016-11-23 14:48:22 ----D---- C:\WINDOWS\Temp
2016-11-23 14:46:06 ----D---- C:\WINDOWS\System32
2016-11-23 14:46:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-23 14:44:51 ----SD---- C:\Users\Martine\AppData\Roaming\Microsoft
2016-11-23 14:42:00 ----D---- C:\Windows
2016-11-23 14:41:28 ----D---- C:\WINDOWS\system32\sru
2016-11-23 14:39:32 ----D---- C:\WINDOWS\AppReadiness
2016-11-23 14:39:02 ----HD---- C:\Program Files\WindowsApps
2016-11-23 14:37:46 ----DC---- C:\WINDOWS\Panther
2016-11-23 14:37:46 ----D---- C:\WINDOWS\INF
2016-11-23 14:37:46 ----D---- C:\WINDOWS\debug
2016-11-23 14:36:07 ----D---- C:\WINDOWS\system32\Tasks
2016-11-22 15:34:03 ----D---- C:\WINDOWS\LiveKernelReports
2016-11-22 14:04:03 ----D---- C:\WINDOWS\system32\config
2016-11-22 13:53:57 ----RD---- C:\WINDOWS\Microsoft.NET
2016-11-22 11:01:11 ----AD---- C:\Program Files\KMSpico
2016-11-22 10:48:19 ----D---- C:\Program Files (x86)\AVG
2016-11-22 10:48:04 ----SHD---- C:\WINDOWS\Installer
2016-11-22 10:48:04 ----SHD---- C:\Config.Msi
2016-11-22 10:47:24 ----RD---- C:\Program Files (x86)
2016-11-22 10:47:24 ----D---- C:\Program Files\Common Files
2016-11-22 10:47:24 ----D---- C:\Program Files (x86)\Common Files
2016-11-22 10:47:21 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2016-11-22 10:47:05 ----HD---- C:\ProgramData
2016-11-22 10:46:17 ----AD---- C:\Program Files (x86)\Microsoft Office
2016-11-22 10:45:40 ----D---- C:\WINDOWS\system32\drivers
2016-11-22 10:45:40 ----D---- C:\ProgramData\MFAData
2016-11-22 10:44:24 ----HD---- C:\$AVG
2016-11-22 10:43:26 ----D---- C:\WINDOWS\system32\catroot2
2016-11-22 10:43:24 ----SHD---- C:\System Volume Information
2016-11-17 17:03:20 ----D---- C:\WINDOWS\system32\SleepStudy
2016-11-17 11:00:01 ----D---- C:\WINDOWS\WinSxS
2016-11-17 11:00:01 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-15 12:07:27 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2016-11-15 12:07:27 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-15 12:07:27 ----D---- C:\WINDOWS\SysWOW64
2016-11-15 12:07:26 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-11-15 12:07:26 ----D---- C:\WINDOWS\system32\oobe
2016-11-15 12:07:26 ----D---- C:\WINDOWS\system32\nl-NL
2016-11-15 12:07:26 ----D---- C:\WINDOWS\system32\migwiz
2016-11-15 12:07:26 ----D---- C:\WINDOWS\system32\migration
2016-11-15 12:07:26 ----D---- C:\WINDOWS\system32\Boot
2016-11-15 12:07:24 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-11-15 12:07:24 ----D---- C:\WINDOWS\ShellExperiences
2016-11-15 12:07:24 ----D---- C:\WINDOWS\bcastdvr
2016-11-15 12:07:24 ----D---- C:\WINDOWS\AppPatch
2016-11-15 11:59:24 ----D---- C:\WINDOWS\CbsTemp
2016-11-15 11:47:32 ----D---- C:\WINDOWS\system32\MRT
2016-11-15 11:46:00 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-10-31 12:46:52 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-10-31 12:46:51 ----D---- C:\WINDOWS\system32\wbem
2016-10-31 12:46:51 ----D---- C:\WINDOWS\system32\en-US
2016-10-31 12:46:51 ----D---- C:\WINDOWS\system32\appraiser
2016-10-31 12:46:49 ----RSD---- C:\WINDOWS\Fonts
2016-10-31 12:46:49 ----D---- C:\Program Files\Windows Media Player
2016-10-31 12:46:49 ----D---- C:\Program Files (x86)\Windows Media Player
2016-10-31 12:13:00 ----D---- C:\WINDOWS\rescache
2016-10-31 12:11:59 ----D---- C:\WINDOWS\Logs
2016-10-31 11:25:38 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-10-29 00:56:11 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-24 10:14:38 ----D---- C:\WINDOWS\Tasks
2016-10-24 10:02:27 ----D---- C:\WINDOWS\system32\WDI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt .sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuene rgydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosf lt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2012-03-23 10627744]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Re altek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-07-16 589824]
R3 RtlWlanu;@netrtwlanu.inf,%RtlWlanu.DeviceDesc.Disp Name%;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\System32\drivers\rtwlanu.sys [2016-07-16 5195776]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 A38CCID;CCID USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\a38ccid.sys [2015-08-19 82480]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcD esc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.Servi ceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcD esc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice .sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-10-17 73568]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_G PIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.S VCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\Indirec tKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mella nox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkD irect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc% ;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2016-07-16 95744]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [2016-07-16 108544]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2016-07-16 50688]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2016-07-16 45568]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2016-07-16 263008]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceN ame%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2016-07-16 96608]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceN ame%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-07-16 137056]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceN ame%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2016-07-16 28512]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2016-07-16 57696]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceN ame%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2016-07-16 27488]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsof t USB Serial Driver; C:\WINDOWS\System32\drivers\usbser.sys [2016-07-16 69120]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\WINDOWS\System32\drivers\vhf.sys [2016-07-16 32256]
S3 vmgid;@wvmgid.inf,%VmGid.SVCDESC%;Microsoft Hyper-V Guest Infrastructure Driver; C:\WINDOWS\System32\drivers\vmgid.sys [2016-07-16 10240]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_21125;CDPUserSvc_21125; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 ClickToRunSvc;Klik-en-klaar-service van Microsoft Office; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-10-30 3294912]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\core messaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 OneSyncSvc_21125;Host synchroniseren_21125; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjser ver.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 LicenseManager;@%SystemRoot%\system32\licensemanag ersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 PimIndexMaintenanceSvc_21125;Contact Data_21125; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.sta terepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer. dll,-1001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 UnistoreSvc_21125;User Data Storage_21125; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 UserDataSvc_21125;User Data Access_21125; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-12 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [2015-08-14 5132888]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBrok er.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemR oot%\system32\DiagSvcs\DiagnosticsHub.StandardColl ector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.Standa rdCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Int ernal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushs vc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesv c.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll ,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-12 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll ,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingS ervice.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_21125;MessagingService_21125; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll ,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-10-30 209104]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dl l,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\User DataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDat aService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-10-17 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice .dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 TieringEngineService;@%SystemRoot%\system32\Tierin gEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2016-07-16 287744]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessR es.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessR es.dll,-14001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.A ccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.d ll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.10 2016-11-23 14:48:37
======MBR======
0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450 681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2 F1CD1888560055C6461105C6461000B441BBAA55CD135D720F 81FB55AA7509F7C101007403FE46106660807E100074266668 0000000066FF760868000068007C680100681000B4428A5600 8BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E 028A6E03CD136661731CFE4E11750C807E00800F848A00B280 EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E8 8D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E875 00FBB800BBCD1A6623C0753B6681FB54435041753281F90201 722C666807BB00006668000200006668080000006653665366 556668000000006668007C0000666168000007CD1A5A32F6EA 007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078B F0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB0024 02E0F82402C3496E76616C696420706172746974696F6E2074 61626C65004572726F72206C6F6164696E67206F7065726174 696E672073797374656D004D697373696E67206F7065726174 696E672073797374656D000000637B9AEB46D4210000802021 0007DF130C000800000020030000DF140C07FEFFFF00280300 00180B1D00FEFFFF27FEFFFF00400E1D00100E000000000000 000000000000000000000055AA
======Uninstall list======
Adobe Acrobat Reader DC - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AC0F074E4100}
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824205020}
Belgium e-ID middleware 4.1.18 (build 1730)-->MsiExec.exe /I{DB942AEA-93D6-4FE4-8862-180D35A71730}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\Insta ller\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
KMSpico-->"C:\Program Files\KMSpico\unins000.exe"
Microsoft .NET Framework 4.5.2-->MsiExec.exe /X{26784146-6E05-3FF9-9335-786C7C0FB5BE}
Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_ ~_8wekyb3d8bbwe (x64)-->MsiExec.exe /I{25E80DAA-FD87-DCE5-202C-CC02F6673002}
Microsoft Office Professional Plus 2016 - nl-nl-->"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" scenario=install scenariosubtype=ARP sourcetype=None productstoremove=ProPlusRetail.16_nl-nl_x-none culture=nl-nl version.16=16.0
Office 16 Click-to-Run Extensibility Component 64-bit Registration-->MsiExec.exe /X{90160000-00DD-0000-1000-0000000FF1CE}
Office 16 Click-to-Run Extensibility Component-->MsiExec.exe /X{90160000-008C-0000-0000-0000000FF1CE}
Office 16 Click-to-Run Licensing Component-->MsiExec.exe /I{90160000-008F-0000-1000-0000000FF1CE}
Office 16 Click-to-Run Localization Component-->MsiExec.exe /X{90160000-008C-0413-0000-0000000FF1CE}
Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5)-->rundll32.exe C:\PROGRA~1\DIFX\4CBAA6~1\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\System32\DriverStore\FileRepository\bei dmdrv.inf_amd64_434c3be66d9de384\beidmdrv.inf
Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484}
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
Windows 10-upgradeassistent-->"C:\Windows10Upgrade\Windows10UpgraderApp.exe" /Uninstall
Wings-->C:\Wings\UNWISE.EXE C:\Windows\System32\INSTALL.LOG
======System event log======
Computer Name: Martine-PC
Event Code: 26
Message: Er is een eenmalige opstartvolgorde gebruikt tijdens deze opstartactie.
Record Number: 5
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20161017095959.667433-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEM
Computer Name: Martine-PC
Event Code: 25
Message: Het opstartmenubeleid was 0x1.
Record Number: 4
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20161017095959.667368-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEM
Computer Name: Martine-PC
Event Code: 27
Message: Het opstarttype was 0x0.
Record Number: 3
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20161017095959.667368-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEM
Computer Name: Martine-PC
Event Code: 153
Message: De Virtualization Based Security (beleid: 0) is uitgeschakeld met status STATUS_SUCCESS.
Record Number: 2
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20161017095959.667210-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEM
Computer Name: Martine-PC
Event Code: 12
Message: Het besturingssysteem is gestart op systeemtijd 2016-10-17T09:59:59.488457500Z.
Record Number: 1
Source Name: Microsoft-Windows-Kernel-General
Time Written: 20161017095959.667158-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: Martine-PC
Event Code: 5617
Message: Subsystemen van de Windows Management Instrumentation-service zijn geïnitialiseerd
Record Number: 5
Source Name: Microsoft-Windows-WMI
Time Written: 20161017100135.612410-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEM
Computer Name: Martine-PC
Event Code: 4097
Message: De automatische update van het basiscertificaat (onderwerp: <CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE>) is voltooid. Sha1-vingerafdruk: <B1BC968BD4F49D622AA89A81F2150152A41D829C>.
Record Number: 4
Source Name: Microsoft-Windows-CAPI2
Time Written: 20161017100035.785492-000
Event Type: Informatie
User:
Computer Name: Martine-PC
Event Code: 5615
Message: De Windows Management Instrumentation-service is gestart
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20161017100035.511785-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEM
Computer Name: Martine-PC
Event Code: 1531
Message: De User Profile-service is gestart.
Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20161017100034.761863-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEM
Computer Name: MARTINE-PC
Event Code: 4625
Message: Het EventSystem-subsysteem onderdrukt gedurende 86400 seconden dubbele vermeldingen in het gebeurtenislogboek. De time-out voor onderdrukking kan worden ingesteld met de REG_DWORD-waarde SuppressDuplicateDuration in de volgende registersleutel: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20161017100034.769864-000
Event Type: Informatie
User:
=====Security event log=====
Computer Name: Martine-PC
Event Code: 4688
Message: Er is een nieuw proces gemaakt.
Onderwerp maker:
Beveiligings-id: S-1-5-18
Accountnaam: -
Accountdomein: -
Aanmeldings-id: 0x3E7
Doelonderwerp:
Beveiligings-id: S-1-0-0
Accountnaam: -
Accountdomein: -
Aanmeldings-id: 0x0
Procesgegevens:
Id van nieuw proces: 0x180
Naam van nieuw proces: C:\Windows\System32\smss.exe
Type tokenverhoging: %%1936
Verplicht label: S-1-16-16384
Proces-id van maker: 0x130
Procesnaam van maker: C:\Windows\System32\smss.exe
Opdrachtregel proces:
Type tokenverhoging geeft aan welk type token aan het nieuwe proces is toegewezen overeenkomstig het beleid van Gebruikersaccountbeheer.
Type 1 is een volledig token waarvoor geen bevoegdheden zijn verwijderd of groepen zijn uitgeschakeld. Een volledig token wordt alleen gebruikt als Gebruikersaccountbeheer is uitgeschakeld of als de gebruiker is aangemeld met de ingebouwde administratoraccount of een serviceaccount.
Type 2 is een verhoogd token waarvoor geen bevoegdheden zijn verwijderd of groepen zijn uitgeschakeld. Een verhoogd token wordt gebruikt wanneer Gebruikersaccountbeheer is ingeschakeld en de gebruiker ervoor kiest het programma te starten met: Als administrator uitvoeren. Een verhoogd token wordt ook gebruikt wanneer een toepassing alleen met administratorbevoegdheid of maximale bevoegdheid kan worden uitgevoerd en de gebruiker lid is van de groep Administrators.
Type 3 is een beperkt token waarvoor administratorbevoegdheden zijn verwijderd en administratorgroepen zijn uitgeschakeld. Het beperkte token wordt gebruikt wanneer Gebruikersaccountbeheer is ingeschakeld, de toepassing geen administratorbevoegdheid vereist en de gebruiker het programma niet start met: Als administrator uitvoeren.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161017100014.897801-000
Event Type: Controle geslaagd
User:
Computer Name: Martine-PC
Event Code: 4688
Message: Er is een nieuw proces gemaakt.
Onderwerp maker:
Beveiligings-id: S-1-5-18
Accountnaam: -
Accountdomein: -
Aanmeldings-id: 0x3E7
Doelonderwerp:
Beveiligings-id: S-1-0-0
Accountnaam: -
Accountdomein: -
Aanmeldings-id: 0x0
Procesgegevens:
Id van nieuw proces: 0x174
Naam van nieuw proces: C:\Windows\System32\setupcl.exe
Type tokenverhoging: %%1936
Verplicht label: S-1-16-16384
Proces-id van maker: 0x130
Procesnaam van maker: C:\Windows\System32\smss.exe
Opdrachtregel proces:
Type tokenverhoging geeft aan welk type token aan het nieuwe proces is toegewezen overeenkomstig het beleid van Gebruikersaccountbeheer.
Type 1 is een volledig token waarvoor geen bevoegdheden zijn verwijderd of groepen zijn uitgeschakeld. Een volledig token wordt alleen gebruikt als Gebruikersaccountbeheer is uitgeschakeld of als de gebruiker is aangemeld met de ingebouwde administratoraccount of een serviceaccount.
Type 2 is een verhoogd token waarvoor geen bevoegdheden zijn verwijderd of groepen zijn uitgeschakeld. Een verhoogd token wordt gebruikt wanneer Gebruikersaccountbeheer is ingeschakeld en de gebruiker ervoor kiest het programma te starten met: Als administrator uitvoeren. Een verhoogd token wordt ook gebruikt wanneer een toepassing alleen met administratorbevoegdheid of maximale bevoegdheid kan worden uitgevoerd en de gebruiker lid is van de groep Administrators.
Type 3 is een beperkt token waarvoor administratorbevoegdheden zijn verwijderd en administratorgroepen zijn uitgeschakeld. Het beperkte token wordt gebruikt wanneer Gebruikersaccountbeheer is ingeschakeld, de toepassing geen administratorbevoegdheid vereist en de gebruiker het programma niet start met: Als administrator uitvoeren.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161017100006.050897-000
Event Type: Controle geslaagd
User:
Computer Name: Martine-PC
Event Code: 4688
Message: Er is een nieuw proces gemaakt.
Onderwerp maker:
Beveiligings-id: S-1-5-18
Accountnaam: -
Accountdomein: -
Aanmeldings-id: 0x3E7
Doelonderwerp:
Beveiligings-id: S-1-0-0
Accountnaam: -
Accountdomein: -
Aanmeldings-id: 0x0
Procesgegevens:
Id van nieuw proces: 0x13c
Naam van nieuw proces: C:\Windows\System32\autochk.exe
Type tokenverhoging: %%1936
Verplicht label: S-1-16-16384
Proces-id van maker: 0x130
Procesnaam van maker: C:\Windows\System32\smss.exe
Opdrachtregel proces:
Type tokenverhoging geeft aan welk type token aan het nieuwe proces is toegewezen overeenkomstig het beleid van Gebruikersaccountbeheer.
Type 1 is een volledig token waarvoor geen bevoegdheden zijn verwijderd of groepen zijn uitgeschakeld. Een volledig token wordt alleen gebruikt als Gebruikersaccountbeheer is uitgeschakeld of als de gebruiker is aangemeld met de ingebouwde administratoraccount of een serviceaccount.
Type 2 is een verhoogd token waarvoor geen bevoegdheden zijn verwijderd of groepen zijn uitgeschakeld. Een verhoogd token wordt gebruikt wanneer Gebruikersaccountbeheer is ingeschakeld en de gebruiker ervoor kiest het programma te starten met: Als administrator uitvoeren. Een verhoogd token wordt ook gebruikt wanneer een toepassing alleen met administratorbevoegdheid of maximale bevoegdheid kan worden uitgevoerd en de gebruiker lid is van de groep Administrators.
Type 3 is een beperkt token waarvoor administratorbevoegdheden zijn verwijderd en administratorgroepen zijn uitgeschakeld. Het beperkte token wordt gebruikt wanneer Gebruikersaccountbeheer is ingeschakeld, de toepassing geen administratorbevoegdheid vereist en de gebruiker het programma niet start met: Als administrator uitvoeren.
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161017100004.109093-000
Event Type: Controle geslaagd
User:
Computer Name: Martine-PC
Event Code: 4688
Message: Er is een nieuw proces gemaakt.
Onderwerp maker:
Beveiligings-id: S-1-5-18
Accountnaam: -
Accountdomein: -
Aanmeldings-id: 0x3E7
Doelonderwerp:
Beveiligings-id: S-1-0-0
Accountnaam: -
Accountdomein: -
Aanmeldings-id: 0x0
Procesgegevens:
Id van nieuw proces: 0x130
Naam van nieuw proces: C:\Windows\System32\smss.exe
Type tokenverhoging: %%1936
Verplicht label: S-1-16-16384
Proces-id van maker: 0x4
Procesnaam van maker:
Opdrachtregel proces:
Type tokenverhoging geeft aan welk type token aan het nieuwe proces is toegewezen overeenkomstig het beleid van Gebruikersaccountbeheer.
Type 1 is een volledig token waarvoor geen bevoegdheden zijn verwijderd of groepen zijn uitgeschakeld. Een volledig token wordt alleen gebruikt als Gebruikersaccountbeheer is uitgeschakeld of als de gebruiker is aangemeld met de ingebouwde administratoraccount of een serviceaccount.
Type 2 is een verhoogd token waarvoor geen bevoegdheden zijn verwijderd of groepen zijn uitgeschakeld. Een verhoogd token wordt gebruikt wanneer Gebruikersaccountbeheer is ingeschakeld en de gebruiker ervoor kiest het programma te starten met: Als administrator uitvoeren. Een verhoogd token wordt ook gebruikt wanneer een toepassing alleen met administratorbevoegdheid of maximale bevoegdheid kan worden uitgevoerd en de gebruiker lid is van de groep Administrators.
Type 3 is een beperkt token waarvoor administratorbevoegdheden zijn verwijderd en administratorgroepen zijn uitgeschakeld. Het beperkte token wordt gebruikt wanneer Gebruikersaccountbeheer is ingeschakeld, de toepassing geen administratorbevoegdheid vereist en de gebruiker het programma niet start met: Als administrator uitvoeren.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161017100004.088087-000
Event Type: Controle geslaagd
User:
Computer Name: Martine-PC
Event Code: 4826
Message: Boot Configuration Data geladen.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: -
Accountdomein: -
Aanmeldings-id: 0x3E7
Algemene instellingen:
Laadopties: -
Geavanceerde opties: Nee
Configuratietoegangsbeleid: Standaard
Systeemgebeurtenislogboek: Nee
Kernel-foutopsporing: Nee
VSM-starttype: Uit
Instellingen voor handtekening:
Testondertekening: Nee
Flight-ondertekening: Nee
Integriteitscontroles uitschakelen: Nee
HyperVisor-instellingen:
HyperVisor-laadopties: -
HyperVisor-starttype: Uit
HyperVisor-foutopsporing: Nee
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161017100004.084782-000
Event Type: Controle geslaagd
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemR oot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPo werShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;. WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"FP_NO_HOST_CHECK"=NO
"PSModulePath"=%SystemRoot%\system32\WindowsPowerS hell\v1.0\Modules\
-----------------EOF-----------------
شارك عبر الماسنجر
