1. Deze website gebruikt cookies. Door deze website verder te gebruiken, gaat u akkoord met ons gebruik van cookies. Leer Meer.

Ben blijkbaar besmet met een backdoor trojan.

Discussie in 'Opgeloste / Inactieve HJT-logs' gestart door SaltaDoom, 3 jan 2017.

Topicstatus:
Niet open voor verdere reacties.
  1. SaltaDoom

    SaltaDoom Vaak hier

    Hoi Abraham54,

    Krijg van Eset de melding of ik de backdoor trojan mag doorlaten. Uiteraard zeg ik nee. Maar krijg die ook niet weg met een scan met Malwarebytes 3.0.5. "Win32/Fynloski" RegSves.exe.

    Hoe moet dit verwijderd worden, bedankt alvast.
     
    Laatst bewerkt: 3 jan 2017
  2. Abraham54

    Abraham54 Administrator Medewerker

    Download [​IMG] Farbar Recovery Scan Tool 32 of 64 bit van n van de onderstaande links
    Farbar Recovery Scan Tool 32 bit (x86)
    Farbar Recovery Scan Tool 64 bit (x64)
    Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen!
    Opmerkingen: Alle openstaande programma's en webpagina's dienen afgesloten te zijn.

    Antivirusprogramma en actieve malwarescanners dienen al voor je FRST.exe start gedeaktiveert zijn!
    Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    FRST opstarten:
    • Windows 2000 en Windows XP: dubbelklik op FRST.exe.
    • Windows Vista, Windows 7, Windows 8/8.1 en Windows 10: via rechtsklik op FRST.exe of FRST64.exe en kies voor "Als Administrator uitvoeren".

    FRST start op:
    • Wanneer het programma is geopend klik dan op de knop Yes bij de disclaimer.
    • Druk vervolgens op de Scan knop.
    • Aansluitend zal een logbestand - FRST.txt en Addition-txt aangemaakt worden en op het bureaublad opgeslagen worden.
    • Post de inhoud van beide logbestanden in jouw volgende bericht.
    .

    In geval de inhoud van een van de logs of van beide logs te groot is om te posten, kijk dan hier: Hoe een bijlage toevoegen?
     
  3. SaltaDoom

    SaltaDoom Vaak hier

    Hoi,

    Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 01-01-2017
    Gestart door Guy (Beheerder) op MD8805 (03-01-2017 20:35:18)
    Gestart vanaf C:\Users\Guy\Desktop
    Geladen Profielen: Guy (Beschikbare Profielen: Guy)
    Platform: Windows 10 Pro Versie 1607 (X64) Taal: Nederlands (Nederland)
    Internet Explorer Versie 11 (Standaardbrowser: Edge)
    Boot Modus: Normal
    Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processen (gefilterd) =================

    (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

    (ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
    (Alcohol Soft Development Team) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe
    (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
    (Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
    (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
    (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    (Yuna Software) C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
    (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
    (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Yuna Software) C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
    (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
    (Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
    (Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    (Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe
    () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
    () C:\Program Files (x86)\DFX\DFX.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
    () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
    (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
    (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
    (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
    (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
    (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
    (IObit) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\UninstMon\PubMonitor.exe
    () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
    (Microsoft Corporation) C:\Windows\System32\browser_broker.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (AutoIt Team) C:\Users\Guy\tqtfg\oxwdmtey.exe

    ==================== Register (gefilterd) ====================

    (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
    HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [531808 2015-11-26] (Acronis)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16776192 2016-12-13] (Realtek Semiconductor)
    HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
    HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
    HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
    HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1325240 2015-10-31] ()
    HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
    HKLM-x32\...\Run: [OmniPage Preload] => C:\Program Files (x86)\Nuance\OmniPage18\OmniPage18.exe [2987880 2011-07-28] (Nuance Communications, Inc.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM-x32\...\Run: [MessengerPlusForSkypeService] => C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [132096 2014-08-06] (Yuna Software)
    HKLM-x32\...\Run: [QuickFinder Scheduler] => c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\QFSCHD160.EXE [169416 2012-07-31] (Corel Corporation)
    HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2014-03-13] (Sony Corporation)
    HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
    HKLM-x32\...\Run: [Sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [877056 2014-11-24] (Creative Technology Ltd)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-06-13] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [651560 2015-11-10] (Acronis International GmbH)
    HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7211112 2015-11-26] ()
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-04-23] (Adobe Systems Inc.)
    HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2016-03-29] (RedFox)
    HKU\S-1-5-21-2708725008-4190612847-430239998-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [324976 2010-05-21] (Flexera Software, Inc.)
    HKU\S-1-5-21-2708725008-4190612847-430239998-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
    HKU\S-1-5-21-2708725008-4190612847-430239998-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
    HKU\S-1-5-21-2708725008-4190612847-430239998-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
    HKU\S-1-5-21-2708725008-4190612847-430239998-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [12541936 2016-11-08] (Plex, Inc.)
    HKU\S-1-5-21-2708725008-4190612847-430239998-1001\...\Policies\Explorer: [NoDesktopCleanupWizard] 0
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
    ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-11-11] (Acronis)
    ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-11-11] (Acronis)
    ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-11-11] (Acronis)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-10-29]
    ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-12-22]
    ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2015-10-29]
    ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-10-29]
    ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
    Startup: C:\Users\Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - .lnk [2014-01-11]
    ShortcutTarget: Inktwaarschuwingen controleren - .lnk -> C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
    Startup: C:\Users\Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 7520 series (netwerk).lnk [2014-01-08]
    ShortcutTarget: Inktwaarschuwingen controleren - HP Photosmart 7520 series (netwerk).lnk -> C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
    Startup: C:\Users\Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 7520 series.lnk [2017-01-03]
    ShortcutTarget: Inktwaarschuwingen controleren - HP Photosmart 7520 series.lnk -> C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
    Startup: C:\Users\Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HPD0991D (HP Photosmart 7520 series).lnk [2017-01-03]
    ShortcutTarget: Inktwaarschuwingen controleren - HPD0991D (HP Photosmart 7520 series).lnk -> C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
    Startup: C:\Users\Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk [2016-03-27]
    ShortcutTarget: Verzenden naar OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation)
    GroupPolicy: Restrictie <======= AANDACHT

    ==================== Internet (gefilterd) ====================

    (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

    Winsock: Catalog5-x64 07 C:\Windows\system32\wlidnsp.dll [66048 2016-07-16] (Microsoft Corporation)
    Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [66048 2016-07-16] (Microsoft Corporation)
    Hosts: Er zijn meer dan n item in Hosts. Zie Hosts deel van Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{035b70e4-d9a2-4493-891e-f3a06cf44c6d}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{7e3835d1-335d-4ed1-9c12-172c72cd2f15}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKU\S-1-5-21-2708725008-4190612847-430239998-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.be/?gws_rd=ssl
    HKU\S-1-5-21-2708725008-4190612847-430239998-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.seniorennet.be/
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-11-15] (Microsoft Corporation)
    BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
    BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
    BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
    BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
    BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
    BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
    Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
    Toolbar: HKU\S-1-5-21-2708725008-4190612847-430239998-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
    DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1449219670663
    DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
    DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
    DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
    Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

    FireFox:
    ========
    FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => niet gevonden
    FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
    FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-07-13]
    FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => niet gevonden
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-16] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-02] (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-02] (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-02] (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=3.0.0-git-20160602-0401 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-02] (VideoLAN)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-06-13] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-16] ()
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-09-19] (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [Geen bestand]
    FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-12-10] (Nero AG)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
    FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2014-03-13] (Sony Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-06-13] (Adobe Systems)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-09-19] (Microsoft Corporation)

    Chrome:
    =======
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-04-23]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (gefilterd) ====================

    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

    R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-06-09] (Adobe Systems Incorporated)
    S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
    R2 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [97704 2015-03-20] (Alcohol Soft Development Team)
    S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-05-30] (Creative Labs) [Bestand niet getekend]
    R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Bestand niet getekend]
    R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [122888 2016-12-01] (Creative Technology Ltd)
    R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2815520 2016-10-11] (ESET)
    R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-07-28] (Microsoft Corporation)
    S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
    S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
    R2 MsgPlusService; C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [132096 2014-08-06] (Yuna Software) [Bestand niet getekend]
    U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
    R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1897456 2016-11-08] (Plex, Inc.)
    R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1572056 2015-12-01] (Secunia)
    R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [839384 2015-12-01] (Secunia)
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
    S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-11-26] (Sony Corporation) [Bestand niet getekend]
    R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Bestand niet getekend]
    S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [139264 2016-07-27] (Microsoft Corporation) [Bestand niet getekend]
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

    ===================== Drivers (gefilterd) ======================

    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

    R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
    R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
    R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1074472 2016-12-01] (Creative Technology Ltd)
    R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [42792 2016-12-01] (Creative Technology Ltd)
    S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2012-08-29] (Windows (R) Win 7 DDK provider)
    R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [28344 2015-10-13] (Windows (R) Win 7 DDK provider)
    S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
    R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [232072 2016-10-13] (ESET)
    R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [212096 2016-10-13] (ESET)
    S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-08-26] (ESET)
    R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [177792 2016-10-13] (ESET)
    R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [48768 2016-10-13] (ESET)
    R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
    R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
    R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [76416 2016-10-13] (ESET)
    R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [91784 2016-10-13] (ESET)
    R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [339808 2015-12-24] (Acronis International GmbH)
    R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2016-12-01] (REALiX(tm))
    U5 iaStor; C:\Windows\System32\Drivers\iaStor.sys [557848 2011-04-26] (Intel Corporation)
    S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
    R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-01] (NVIDIA Corporation)
    S3 prl_virtual_sound; C:\WINDOWS\system32\DRIVERS\prl_virtual_sound.sys [46824 2014-09-11] (Parallels Holdings, Ltd. and its affiliates.)
    R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2015-12-01] (Secunia)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [946696 2016-12-01] (Realtek )
    R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [407768 2016-12-01] (Realsil Semiconductor Corporation)
    S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33008 2014-07-01] (Synaptics Incorporated)
    R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [162960 2015-09-24] (Duplex Secure Ltd)
    S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)
    R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1049432 2015-12-24] (Acronis International GmbH)
    R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [202592 2015-12-24] (Acronis International GmbH)
    S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [581464 2015-12-24] (Acronis International GmbH)
    R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [301408 2015-12-24] (Acronis International GmbH)
    S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
    S3 cpuz138; \??\C:\Users\Guy\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]

    ==================== NetSvcs (gefilterd) ===================

    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


    ==================== Een Maand Aangemaakt bestanden en mappen ========

    (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

    2017-01-03 20:35 - 2017-01-03 20:35 - 00029898 _____ C:\Users\Guy\Desktop\FRST.txt
    2017-01-03 20:32 - 2017-01-03 20:32 - 00000000 ____D C:\FRST
    2017-01-03 20:30 - 2017-01-03 20:32 - 02418176 _____ (Farbar) C:\Users\Guy\Desktop\FRST64.exe
    2017-01-03 20:30 - 2017-01-03 20:30 - 02418176 _____ (Farbar) C:\Users\Guy\Downloads\FRST64.exe
    2017-01-03 18:04 - 2017-01-03 18:05 - 00000000 ____D C:\Users\Guy\AppData\Roaming\dclogs
    2017-01-03 18:04 - 2016-07-16 12:44 - 00045216 ___SH (Microsoft Corporation) C:\Users\Guy\RegSvcs.exe
    2017-01-03 17:52 - 2017-01-03 17:52 - 06771840 _____ (ESET spol. s r.o.) C:\Users\Guy\Downloads\esetonlinescanner_enu.exe
    2017-01-03 11:15 - 2017-01-03 18:00 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
    2017-01-03 11:15 - 2017-01-03 17:59 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2017-01-03 11:15 - 2017-01-03 11:15 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
    2017-01-03 11:15 - 2017-01-03 11:15 - 00001915 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2017-01-03 11:15 - 2017-01-03 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-01-03 11:15 - 2017-01-03 11:15 - 00000000 ____D C:\Program Files\Malwarebytes
    2017-01-03 11:15 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
    2017-01-03 11:09 - 2017-01-03 18:00 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
    2017-01-03 11:09 - 2017-01-03 17:59 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2017-01-03 11:09 - 2017-01-03 11:15 - 00000000 ____D C:\ProgramData\Malwarebytes
    2017-01-03 10:14 - 2017-01-03 10:14 - 00003614 _____ C:\WINDOWS\System32\Tasks\tqtfg
    2017-01-03 10:14 - 2017-01-03 10:14 - 00000000 __SHD C:\Users\Guy\tqtfg
    2017-01-02 16:43 - 2017-01-02 20:18 - 00566128 _____ (Malwarebytes) C:\Users\Guy\Downloads\mbam-clean-2.3.0.1001.exe
    2017-01-02 13:51 - 2017-01-02 18:46 - 00004583 _____ C:\WINDOWS\system32\Drivers\etc\hosts.txt
    2016-12-31 19:38 - 2017-01-01 14:13 - 09233624 _____ (TorrentRover) C:\Users\Guy\Downloads\TorrentRoverSetup.exe
    2016-12-31 19:35 - 2017-01-01 14:27 - 04799888 _____ C:\Users\Guy\Downloads\cachm1003.exe
    2016-12-31 13:59 - 2016-12-31 14:29 - 00000000 ____D C:\Users\Guy\Documents\VirtualDJ
    2016-12-31 13:59 - 2016-12-31 13:59 - 00000000 ____D C:\Users\Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
    2016-12-31 13:59 - 2016-12-31 13:59 - 00000000 ____D C:\Program Files (x86)\VirtualDJ
    2016-12-31 00:09 - 2016-12-31 00:09 - 00026326 _____ C:\Users\Guy\Downloads\The_Beatles_-_Michelle.mid
    2016-12-31 00:04 - 2016-12-31 00:04 - 00025809 _____ C:\Users\Guy\Downloads\Louis_Armstrong_-_What_A_Wonderful_World.mid
    2016-12-31 00:00 - 2016-12-31 00:00 - 00030574 _____ C:\Users\Guy\Downloads\Tom_Jones_-_Delilah.mid
    2016-12-30 23:53 - 2016-12-30 23:53 - 00069743 _____ C:\Users\Guy\Downloads\ABBA_-_Dancing_Queen.mid
    2016-12-30 23:50 - 2016-12-30 23:50 - 00006951 _____ C:\Users\Guy\Downloads\The_Platters_-_Smoke_Gets_In_Your_Eyes.mid
    2016-12-30 23:48 - 2016-12-30 23:48 - 00038292 _____ C:\Users\Guy\Downloads\Frank_Sinatra_-_Strangers_in_the_Night.mid
    2016-12-29 16:20 - 2016-12-29 16:22 - 04498888 _____ (HTTrack ) C:\Users\Guy\Downloads\httrack_x64-3.48.22.exe
    2016-12-29 02:06 - 2016-12-29 02:06 - 01537536 _____ (Microsoft Corporation) C:\Users\Guy\AppData\Roaming\InstallWindows.exe
    2016-12-27 16:48 - 2016-12-27 16:48 - 00129872 _____ C:\Users\Guy\Downloads\Tante Nicole & Astrid met .jpg
    2016-12-26 16:48 - 2017-01-03 17:47 - 00060942 _____ C:\WINDOWS\PFRO.log
    2016-12-26 16:46 - 2017-01-03 17:59 - 00127127 ____H C:\Users\Guy\AppData\Local\IconCache.db
    2016-12-26 13:32 - 2017-01-03 17:59 - 00023040 _____ C:\WINDOWS\setupact.log
    2016-12-26 13:32 - 2016-12-26 13:32 - 00357016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2016-12-26 13:32 - 2016-12-26 13:32 - 00000000 _____ C:\WINDOWS\setuperr.log
    2016-12-26 11:59 - 2017-01-03 19:59 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
    2016-12-26 10:59 - 2016-12-26 11:00 - 00000000 ____D C:\Program Files\KoshyJohn.com
    2016-12-26 10:59 - 2016-12-26 10:59 - 00000000 ____D C:\Program Files (x86)\KoshyJohn.com
    2016-12-25 00:19 - 2016-12-25 10:11 - 00060680 _____ C:\Users\Guy\Downloads\Rita.ncd
    2016-12-25 00:19 - 2016-12-25 10:11 - 00000000 ____D C:\Users\Guy\Downloads\Rita.ncd.Files
    2016-12-24 19:37 - 2016-12-25 10:03 - 00010843 _____ C:\Users\Guy\Downloads\rita.nra
    2016-12-24 16:53 - 2016-12-24 16:53 - 73485287 _____ C:\Users\Guy\Documents\Bring Me The Horizon - Oh No (Official Video).mp4
    2016-12-23 19:56 - 2016-12-23 19:56 - 00057451 _____ C:\Users\Guy\Documents\MP3.nrj
    2016-12-23 19:55 - 2016-12-25 11:40 - 00065676 _____ C:\Users\Guy\Downloads\MP3.ncd
    2016-12-23 19:55 - 2016-12-25 11:40 - 00000000 ____D C:\Users\Guy\Downloads\MP3.ncd.Files
    2016-12-23 11:09 - 2016-12-23 11:09 - 00024855 _____ C:\Users\Guy\Desktop\nu.m3u
    2016-12-21 00:43 - 2016-12-26 10:59 - 01374432 _____ (KoshyJohn.com) C:\Users\Guy\Downloads\DiskMax.exe
    2016-12-21 00:42 - 2016-12-21 00:42 - 00195577 _____ C:\Users\Guy\Downloads\dmhelp.chm
    2016-12-21 00:40 - 2016-12-21 19:54 - 00989256 _____ (KoshyJohn.com) C:\Users\Guy\Downloads\neoSearch.exe
    2016-12-21 00:26 - 2016-12-26 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KoshyJohn.com
    2016-12-21 00:25 - 2016-12-21 00:26 - 00590208 _____ (KoshyJohn.com) C:\Users\Guy\Downloads\MemClean (1).exe
    2016-12-21 00:17 - 2016-12-26 11:00 - 00000000 ____D C:\Users\Guy\AppData\Roaming\KoshyJohn.com
    2016-12-21 00:17 - 2016-12-21 19:55 - 00000000 ____D C:\Users\Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KoshyJohn.com
    2016-12-20 19:47 - 2016-12-20 19:47 - 03750503 _____ C:\Users\Guy\Downloads\SA8005N_NED_CD-ROM_UG_v00 (1).pdf
    2016-12-20 19:47 - 2016-12-20 19:47 - 03368059 _____ C:\Users\Guy\Downloads\White Paper_Marantz_DAC_150316nl.pdf
    2016-12-20 19:47 - 2016-12-20 19:47 - 02977419 _____ C:\Users\Guy\Downloads\Marantz_Whitepaper_PC-Audio_NA-11S1.pdf
    2016-12-20 19:47 - 2016-12-20 19:47 - 01532292 _____ C:\Users\Guy\Downloads\SA8005N_NED_GettingStarted_UG_v00 (1).pdf
    2016-12-20 19:47 - 2016-12-20 19:47 - 01100774 _____ C:\Users\Guy\Downloads\SA8005_EN01_1.pdf
    2016-12-16 19:43 - 2016-12-17 19:53 - 00000940 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-12-16 19:43 - 2016-12-16 19:43 - 00003916 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2016-12-16 10:12 - 2016-12-16 10:12 - 00010378 _____ C:\Users\Guy\Downloads\Meterstanden zonnepannelen.xlsx
    2016-12-16 10:10 - 2016-12-16 10:10 - 00000991 _____ C:\Users\Guy\Downloads\ExportCertificaten.csv
    2016-12-15 16:43 - 2016-12-15 16:43 - 00000000 ____D C:\Users\Guy\Downloads\Windows Kits
    2016-12-15 16:41 - 2016-12-15 16:42 - 01179552 _____ (Microsoft Corporation) C:\Users\Guy\Downloads\SDKSETUP (1).EXE
    2016-12-15 08:39 - 2016-12-15 08:40 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
    2016-12-15 00:01 - 2016-12-15 00:01 - 00892416 _____ (Farbar) C:\Users\Guy\Downloads\MiniToolBox.exe
    2016-12-14 23:57 - 2016-12-14 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
    2016-12-14 23:57 - 2016-12-14 23:57 - 00000000 ____D C:\Program Files\Speccy
    2016-12-14 23:56 - 2016-12-14 23:56 - 06293184 _____ (Piriform Ltd) C:\Users\Guy\Downloads\spsetup130.exe
    2016-12-14 09:39 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
    2016-12-14 09:39 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
    2016-12-14 09:39 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2016-12-14 09:39 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2016-12-14 09:39 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
    2016-12-14 09:39 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2016-12-14 09:39 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2016-12-14 09:39 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2016-12-14 09:39 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2016-12-14 09:39 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2016-12-14 09:39 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
    2016-12-14 09:39 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
    2016-12-14 09:39 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2016-12-14 09:39 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
    2016-12-14 09:39 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
    2016-12-14 09:38 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2016-12-14 09:38 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
    2016-12-14 09:38 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
    2016-12-14 09:38 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2016-12-14 09:38 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
    2016-12-14 09:38 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2016-12-14 09:38 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2016-12-14 09:38 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2016-12-14 09:38 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
    2016-12-14 09:38 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
    2016-12-14 09:38 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
    2016-12-14 09:38 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
    2016-12-14 09:38 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2016-12-14 09:38 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2016-12-14 09:38 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
    2016-12-14 09:38 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2016-12-14 09:38 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2016-12-14 09:38 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2016-12-14 09:38 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2016-12-14 09:38 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2016-12-14 09:38 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
    2016-12-14 09:38 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
    2016-12-14 09:38 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
    2016-12-14 09:38 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
    2016-12-14 09:38 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
    2016-12-14 09:38 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
    2016-12-14 09:38 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2016-12-14 09:34 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-12-14 09:34 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
    2016-12-14 09:34 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2016-12-14 09:34 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2016-12-14 09:34 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2016-12-14 09:34 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2016-12-14 09:34 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2016-12-14 09:34 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2016-12-14 09:34 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2016-12-14 09:34 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2016-12-14 09:34 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
    2016-12-14 09:34 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2016-12-14 09:34 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2016-12-14 09:34 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-12-14 09:34 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2016-12-14 09:34 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2016-12-14 09:34 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2016-12-14 09:34 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2016-12-14 09:34 - 2016-09-15 17:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
    2016-12-14 09:33 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-12-14 09:33 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-12-14 09:33 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2016-12-14 09:33 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2016-12-14 09:33 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2016-12-14 09:33 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2016-12-14 09:33 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
    2016-12-14 09:33 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
    2016-12-14 09:33 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2016-12-14 09:33 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
    2016-12-14 09:33 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2016-12-14 09:33 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2016-12-14 09:33 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2016-12-14 09:33 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2016-12-14 09:33 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
    2016-12-14 09:33 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2016-12-14 09:33 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
    2016-12-14 09:33 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2016-12-14 09:33 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2016-12-14 09:33 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
    2016-12-14 09:33 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
    2016-12-14 09:33 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-12-14 09:33 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2016-12-14 09:33 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2016-12-14 09:33 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
    2016-12-14 09:33 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2016-12-14 09:33 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
    2016-12-14 09:33 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2016-12-14 09:33 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
    2016-12-14 09:33 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2016-12-14 09:33 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
    2016-12-14 09:33 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
    2016-12-14 09:33 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
    2016-12-14 09:33 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
    2016-12-14 09:33 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2016-12-14 09:33 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2016-12-14 09:33 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2016-12-14 09:33 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
    2016-12-14 09:33 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-12-14 09:33 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2016-12-14 09:33 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-12-14 09:33 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2016-12-14 09:33 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2016-12-14 09:33 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
    2016-12-14 09:33 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2016-12-14 09:33 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
    2016-12-14 09:33 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2016-12-14 09:33 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
    2016-12-14 09:33 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2016-12-14 09:33 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2016-12-14 09:33 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
    2016-12-14 09:33 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
    2016-12-14 09:33 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
    2016-12-14 09:33 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
    2016-12-14 09:33 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2016-12-13 16:24 - 2016-12-13 16:24 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
    2016-12-13 16:24 - 2016-12-13 16:24 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
    2016-12-13 16:24 - 2016-12-13 16:24 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437619.dll
    2016-12-13 16:24 - 2016-12-13 16:24 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437619.dll
    2016-12-13 16:24 - 2016-12-13 16:24 - 00683824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
    2016-12-13 16:24 - 2016-12-13 16:24 - 00573072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
    2016-12-13 16:22 - 2016-12-13 16:22 - 00000000 ____D C:\WINDOWS\system32\DAX3
    2016-12-13 16:22 - 2016-12-13 16:22 - 00000000 ____D C:\ProgramData\Audyssey Labs
    2016-12-13 16:21 - 2016-12-13 16:21 - 72520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
    2016-12-13 16:21 - 2016-12-13 16:21 - 23547544 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 23447352 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 17398616 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 15202032 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 14057248 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 13122576 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 12988336 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 10532048 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 07704619 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
    2016-12-13 16:21 - 2016-12-13 16:21 - 07172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 07096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 06264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 06198136 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 05793520 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 05593608 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 05347000 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 03299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 03295064 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 03204096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 03201376 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 03014144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
    2016-12-13 16:21 - 2016-12-13 16:21 - 02995000 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 02993712 _____ (Audyssey Labs) C:\WINDOWS\system32\AudysseyEfx.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 02828432 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 02706856 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 02444688 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 02291304 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 02201088 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 02190984 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 02110592 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 02050168 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01959592 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01921016 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
    2016-12-13 16:21 - 2016-12-13 16:21 - 01780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01615656 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01529136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01516896 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01422920 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01363096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01360512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01334376 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01213656 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01186816 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01166152 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01133584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01003856 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 01003320 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00999848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00965016 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00962120 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00931616 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00923736 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00873456 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00865912 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00859216 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00850400 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00785608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00721800 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00689872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00678176 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00618176 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00601144 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00588032 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00574752 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00571376 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00514520 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00500552 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00499152 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00447712 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00438688 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CAF64APO2.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00428224 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00426568 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00381400 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00378384 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00366120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00330560 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00203840 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00190928 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00158696 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00154360 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00118592 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00112488 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Caf64api.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00105304 _____ C:\WINDOWS\system32\audioLibVc.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
    2016-12-13 16:21 - 2016-12-13 16:21 - 00075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
    2016-12-10 19:12 - 2016-12-10 19:13 - 00000000 ____D C:\Users\Guy\Documents\TorrentRover
    2016-12-10 14:15 - 2017-01-01 14:18 - 00003055 _____ C:\Users\Guy\Desktop\TorrentRover.lnk
    2016-12-10 14:15 - 2017-01-01 14:18 - 00000000 ____D C:\Users\Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TorrentRover
    2016-12-10 14:15 - 2017-01-01 14:18 - 00000000 ____D C:\Program Files (x86)\TorrentRover
    2016-12-10 14:15 - 2016-12-10 14:15 - 00000000 ____D C:\Users\Guy\AppData\Local\TorrentRover
    2016-12-09 19:37 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2016-12-09 19:37 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
    2016-12-09 19:37 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2016-12-09 19:37 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
    2016-12-09 19:37 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
    2016-12-09 19:37 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2016-12-09 19:37 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2016-12-09 19:37 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2016-12-09 19:37 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
    2016-12-09 19:37 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
    2016-12-09 19:37 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
    2016-12-09 19:37 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
    2016-12-09 19:37 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2016-12-09 19:37 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2016-12-09 19:37 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2016-12-09 19:37 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
    2016-12-09 19:37 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
    2016-12-09 19:37 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2016-12-09 19:37 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
    2016-12-09 19:37 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
    2016-12-09 19:37 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2016-12-09 19:37 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
    2016-12-09 19:37 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2016-12-09 19:37 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2016-12-09 19:37 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
    2016-12-09 19:37 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
    2016-12-09 19:37 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2016-12-09 19:37 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
    2016-12-09 19:37 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2016-12-09 19:37 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
    2016-12-09 19:37 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
    2016-12-09 19:37 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
    2016-12-09 19:37 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
    2016-12-09 19:37 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2016-12-09 19:37 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
    2016-12-09 19:37 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2016-12-09 19:37 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
    2016-12-09 19:37 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
    2016-12-09 19:37 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
    2016-12-09 19:37 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2016-12-09 19:37 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
    2016-12-09 19:37 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
    2016-12-09 19:37 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
    2016-12-09 19:37 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
    2016-12-09 19:37 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
    2016-12-09 19:37 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
    2016-12-09 19:37 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
    2016-12-09 19:37 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2016-12-09 19:37 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2016-12-09 19:37 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
    2016-12-09 19:37 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
    2016-12-09 19:37 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2016-12-09 19:37 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
    2016-12-09 19:37 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
    2016-12-09 19:37 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2016-12-09 19:37 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
    2016-12-09 19:37 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
    2016-12-09 19:37 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
    2016-12-09 19:36 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
    2016-12-09 19:36 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
    2016-12-09 19:36 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2016-12-09 19:36 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
    2016-12-09 19:36 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2016-12-09 19:36 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
    2016-12-09 19:36 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
    2016-12-09 19:36 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
    2016-12-09 19:36 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
    2016-12-09 19:36 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
    2016-12-09 19:36 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
    2016-12-09 19:36 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2016-12-09 19:36 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2016-12-09 19:36 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2016-12-09 19:36 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
    2016-12-09 19:36 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2016-12-09 19:36 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2016-12-09 19:36 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2016-12-09 19:36 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
    2016-12-09 19:36 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
    2016-12-09 19:36 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
    2016-12-09 19:36 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2016-12-09 19:36 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
    2016-12-09 19:36 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
    2016-12-09 19:36 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2016-12-09 19:36 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
    2016-12-09 19:36 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
    2016-12-09 19:36 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
    2016-12-09 19:36 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
    2016-12-09 19:36 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
    2016-12-09 19:36 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
    2016-12-09 19:36 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
    2016-12-09 19:36 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
    2016-12-09 19:36 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
    2016-12-09 19:36 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
    2016-12-09 19:36 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
    2016-12-09 19:36 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
    2016-12-09 19:36 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
    2016-12-09 19:36 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
    2016-12-09 19:36 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
    2016-12-09 19:36 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
    2016-12-09 19:36 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
    2016-12-09 19:36 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
    2016-12-09 19:36 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
    2016-12-09 19:36 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
    2016-12-09 19:36 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
    2016-12-09 19:36 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
    2016-12-09 19:36 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
    2016-12-09 19:36 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
    2016-12-09 19:36 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
    2016-12-09 19:36 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
    2016-12-09 19:36 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2016-12-09 19:36 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
    2016-12-09 19:36 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
    2016-12-09 19:36 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
    2016-12-09 19:36 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-12-09 19:36 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
    2016-12-09 19:36 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
    2016-12-09 19:36 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
    2016-12-09 19:36 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
    2016-12-09 19:36 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
    2016-12-09 19:36 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2016-12-09 19:36 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
    2016-12-09 19:36 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
    2016-12-09 19:36 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
    2016-12-09 19:36 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
    2016-12-09 19:36 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
    2016-12-09 19:36 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
    2016-12-09 19:36 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
    2016-12-09 19:36 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
    2016-12-09 19:36 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2016-12-09 19:36 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2016-12-09 19:36 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
    2016-12-09 19:36 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2016-12-09 19:36 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
    2016-12-09 19:36 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
    2016-12-09 19:36 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
    2016-12-09 19:36 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2016-12-09 19:36 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
    2016-12-09 19:36 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2016-12-09 19:36 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
    2016-12-09 19:36 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
    2016-12-09 19:36 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
    2016-12-09 19:36 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2016-12-09 19:36 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
    2016-12-09 19:36 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2016-12-09 19:36 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
    2016-12-09 19:36 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
    2016-12-09 19:36 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
    2016-12-09 19:36 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
    2016-12-09 19:36 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2016-12-09 19:36 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2016-12-09 19:36 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2016-12-09 19:36 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2016-12-09 19:36 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2016-12-09 19:36 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
    2016-12-09 19:36 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
    2016-12-09 19:36 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2016-12-09 19:36 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2016-12-09 19:36 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2016-12-09 19:36 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2016-12-09 19:36 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
    2016-12-09 19:36 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
    2016-12-09 19:36 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
    2016-12-09 19:36 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2016-12-09 19:36 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
    2016-12-09 19:36 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
    2016-12-09 19:36 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
    2016-12-09 19:36 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2016-12-09 19:36 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
    2016-12-09 19:36 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2016-12-09 19:36 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
    2016-12-09 19:36 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
    2016-12-09 19:36 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
    2016-12-09 19:36 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
    2016-12-09 19:36 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
    2016-12-09 19:36 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
    2016-12-09 19:36 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
    2016-12-09 19:36 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
    2016-12-09 19:36 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
    2016-12-09 19:36 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
    2016-12-09 19:36 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
    2016-12-09 19:36 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2016-12-09 19:36 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
    2016-12-09 19:36 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
    2016-12-09 19:36 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2016-12-09 19:36 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
    2016-12-09 19:36 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
    2016-12-09 19:36 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
    2016-12-09 19:36 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
    2016-12-09 19:36 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2016-12-09 19:36 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
    2016-12-09 19:36 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
    2016-12-09 19:36 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
    2016-12-09 19:36 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
    2016-12-09 19:36 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
    2016-12-09 19:36 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
    2016-12-09 19:36 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
    2016-12-09 19:36 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
    2016-12-09 19:36 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
    2016-12-09 19:36 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
    2016-12-09 19:36 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2016-12-09 19:36 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
    2016-12-09 19:36 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
    2016-12-09 19:36 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2016-12-09 19:36 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
    2016-12-09 19:36 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2016-12-09 19:36 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
    2016-12-09 19:36 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
    2016-12-09 19:35 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2016-12-09 19:35 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2016-12-09 19:35 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2016-12-09 19:35 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
    2016-12-09 19:35 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
    2016-12-09 19:35 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
    2016-12-09 19:35 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
    2016-12-09 19:35 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
    2016-12-09 19:35 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
    2016-12-09 19:35 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
    2016-12-09 19:35 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
    2016-12-09 19:35 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
    2016-12-09 19:35 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2016-12-09 19:35 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
    2016-12-09 19:35 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
    2016-12-09 19:35 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2016-12-09 19:35 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
    2016-12-09 19:35 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2016-12-09 19:35 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
    2016-12-09 19:35 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
    2016-12-09 19:35 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2016-12-09 19:35 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
    2016-12-09 19:35 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
    2016-12-09 19:35 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
    2016-12-09 19:35 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
    2016-12-09 19:35 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2016-12-09 19:35 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2016-12-09 19:35 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
    2016-12-09 19:35 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
    2016-12-09 19:35 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
    2016-12-09 19:35 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2016-12-09 19:35 - 2016-11-11 10:07 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
    2016-12-09 19:35 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
    2016-12-09 19:35 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-12-09 19:35 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2016-12-09 19:35 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
    2016-12-09 19:35 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
    2016-12-09 19:35 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2016-12-09 19:35 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
    2016-12-09 19:35 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
    2016-12-09 19:35 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-12-09 19:35 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2016-12-09 19:35 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
    2016-12-09 19:35 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
    2016-12-09 19:35 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
    2016-12-09 19:35 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
    2016-12-09 19:35 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
    2016-12-09 19:35 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2016-12-09 19:35 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2016-12-09 19:35 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
    2016-12-09 19:35 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
    2016-12-09 19:35 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
    2016-12-09 19:35 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
    2016-12-09 19:35 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2016-12-09 19:35 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
    2016-12-09 19:35 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
    2016-12-09 19:35 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
    2016-12-09 19:35 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
    2016-12-09 19:35 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
    2016-12-09 19:35 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-12-09 19:35 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
    2016-12-09 19:35 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
    2016-12-08 14:06 - 2016-12-08 14:06 - 825371015 _____ C:\Users\Guy\Downloads\1905-2015 As of May-BOE-File.pdf
    2016-12-08 14:02 - 2016-12-08 14:02 - 10818216 _____ C:\Users\Guy\Downloads\dap10_dapff (1).exe
    2016-12-07 09:44 - 2016-12-07 09:44 - 30093887 _____ C:\Users\Guy\Documents\jw.org Jehovah's Getuigen opzettelijke aanpassingen door de Wachttoren.mp4

    ==================== Een Maand Gewijzigd bestanden en mappen ========

    (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

    2017-01-03 20:28 - 2014-01-08 18:47 - 00000000 ____D C:\Users\Guy\AppData\Roaming\Skype
    2017-01-03 20:12 - 2016-08-03 13:53 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
    2017-01-03 18:05 - 2016-12-01 15:41 - 00003012 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Guy)
    2017-01-03 18:05 - 2016-07-16 23:15 - 04325236 _____ C:\WINDOWS\system32\perfh013.dat
    2017-01-03 18:05 - 2016-07-16 23:15 - 01266850 _____ C:\WINDOWS\system32\perfc013.dat
    2017-01-03 18:05 - 2015-08-14 23:29 - 08972166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2017-01-03 18:04 - 2016-08-03 13:55 - 00000000 ____D C:\Users\Guy
    2017-01-03 17:59 - 2016-08-03 14:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2017-01-03 17:59 - 2016-08-03 13:54 - 00000000 ____D C:\ProgramData\NVIDIA
    2017-01-03 17:59 - 2016-07-16 07:04 - 01310720 _____ C:\WINDOWS\system32\config\BBI
    2017-01-03 17:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2017-01-03 11:23 - 2014-01-08 23:25 - 00000000 ____D C:\Program Files (x86)\DFX
    2017-01-03 11:12 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
    2017-01-03 11:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
    2017-01-03 10:06 - 2014-01-08 23:40 - 00000000 ____D C:\ProgramData\Spotnet
    2017-01-02 21:00 - 2016-10-09 18:00 - 00000000 ____D C:\Users\Guy\FOTO
    2017-01-02 20:53 - 2014-01-08 23:23 - 00000000 ____D C:\Users\Guy\AppData\Roaming\MiniLyrics
    2017-01-02 20:17 - 2014-01-10 21:19 - 00000000 ____D C:\Users\Guy\Documents\Outlook-bestanden
    2017-01-02 18:08 - 2015-09-21 09:10 - 00000000 ____D C:\Users\Guy\Desktop\Gereedschap
    2017-01-02 17:50 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
    2017-01-02 17:50 - 2014-01-09 10:48 - 00000000 ____D C:\Users\Guy\AppData\Roaming\uTorrent
    2017-01-02 17:48 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\registration
    2017-01-01 20:48 - 2014-01-18 13:37 - 00000000 ____D C:\ProgramData\PMS
    2017-01-01 14:27 - 2013-08-22 14:25 - 00000219 _____ C:\WINDOWS\system.ini
    2017-01-01 14:27 - 2012-07-26 06:26 - 00000167 _____ C:\WINDOWS\win.ini
    2017-01-01 10:57 - 2014-01-08 23:40 - 00000000 ____D C:\ProgramData\TEMP
    2017-01-01 10:57 - 2014-01-08 23:40 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
    2016-12-31 13:59 - 2014-01-08 21:16 - 00000000 ____D C:\Users\Guy\Documents
    2016-12-30 21:20 - 2014-01-08 23:25 - 00000000 ____D C:\Users\Guy\AppData\Roaming\vlc
    2016-12-30 21:06 - 2014-01-08 16:09 - 00000000 ___RD C:\Users\Guy\Music
    2016-12-30 20:53 - 2016-08-03 13:55 - 00000000 ____D C:\Users\Guy\AppData\Local\Microsoft
    2016-12-29 16:22 - 2016-01-02 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
    2016-12-29 16:22 - 2016-01-02 14:13 - 00000000 ____D C:\Program Files\WinHTTrack
    2016-12-28 15:08 - 2015-05-07 14:46 - 00002193 _____ C:\Users\Guy\Desktop\Spotnet.lnk
    2016-12-28 15:08 - 2015-05-07 14:46 - 00000000 ____D C:\Users\Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotnet
    2016-12-28 11:25 - 2014-01-08 16:09 - 00000000 ____D C:\Users\Guy\AppData\Local\Packages
    2016-12-27 17:17 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\config\RegBack
    2016-12-26 14:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\debug
    2016-12-26 11:32 - 2015-11-20 10:58 - 00000000 ____D C:\WINDOWS\pss
    2016-12-26 11:32 - 2015-08-22 15:18 - 00000000 ____D C:\Users\Guy\AppData\LocalLow\Temp
    2016-12-25 13:44 - 2014-01-08 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
    2016-12-25 11:39 - 2014-02-15 21:26 - 00000000 ____D C:\Users\Guy\Documents\Fax
    2016-12-25 09:55 - 2016-09-29 16:19 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-12-24 09:16 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-12-23 21:20 - 2014-01-09 13:46 - 00000000 ____D C:\Users\Guy\AppData\Local\Spotnet
    2016-12-22 16:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
    2016-12-22 14:08 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\config
    2016-12-21 20:31 - 2015-04-04 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
    2016-12-21 17:16 - 2014-02-09 10:38 - 00000000 ____D C:\Users\Guy\AppData\Local\ElevatedDiagnostics
    2016-12-21 14:52 - 2014-01-08 17:07 - 00040240 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
    2016-12-20 20:00 - 2014-01-10 22:22 - 00000000 ____D C:\Users\Guy\AppData\Local\Nero
    2016-12-19 18:15 - 2014-01-08 16:09 - 00000000 ____D C:\Users\Guy\AppData\LocalLow
    2016-12-19 17:55 - 2014-12-30 10:31 - 00000000 ____D C:\Users\Guy\AppData\Local\NewsBin
    2016-12-18 14:33 - 2016-08-13 16:11 - 00524288 ___SH C:\WINDOWS\system32\config\components{39c38343-6168-11e6-81ff-8c89a568aa4b}.TMContainer00000000000000000001.regtrans-ms
    2016-12-18 14:33 - 2016-08-13 16:11 - 00065536 ___SH C:\WINDOWS\system32\config\components{39c38343-6168-11e6-81ff-8c89a568aa4b}.TM.blf
    2016-12-18 14:33 - 2016-07-16 07:04 - 55574528 _____ C:\WINDOWS\system32\config\components
    2016-12-16 22:49 - 2016-08-03 14:05 - 00003604 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d091616a352297
    2016-12-16 22:49 - 2016-08-03 14:05 - 00003480 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d0bfbe28e32764
    2016-12-16 19:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2016-12-16 19:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
    2016-12-16 19:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
    2016-12-15 16:26 - 2016-12-01 15:41 - 00000000 ____D C:\ProgramData\IObit
    2016-12-15 08:41 - 2016-08-03 13:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2016-12-14 19:05 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\assembly
    2016-12-14 18:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\catroot2
    2016-12-14 17:50 - 2016-08-13 16:11 - 00524288 ___SH C:\WINDOWS\system32\config\components{39c38343-6168-11e6-81ff-8c89a568aa4b}.TMContainer00000000000000000002.regtrans-ms
    2016-12-14 17:27 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\WinSxS
    2016-12-14 16:01 - 2016-07-16 07:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT
    2016-12-14 16:00 - 2016-08-28 17:01 - 00524288 ___SH C:\WINDOWS\system32\config\drivers{a9c12edb-6d38-11e6-821e-8c89a568aa4b}.TMContainer00000000000000000001.regtrans-ms
    2016-12-14 16:00 - 2016-08-28 17:01 - 00065536 ___SH C:\WINDOWS\system32\config\drivers{a9c12edb-6d38-11e6-821e-8c89a568aa4b}.TM.blf
    2016-12-14 16:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
    2016-12-14 16:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\en-US
    2016-12-14 16:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot
    2016-12-14 16:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
    2016-12-14 16:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch
    2016-12-14 16:00 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\DriverStore
    2016-12-14 15:59 - 2016-07-16 12:47 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
    2016-12-14 10:04 - 2016-09-30 08:52 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-12-14 10:01 - 2014-01-08 16:37 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-12-14 09:59 - 2014-01-08 16:37 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-12-14 09:58 - 2014-01-08 19:19 - 00000000 ____D C:\ProgramData\Microsoft Help
    2016-12-14 00:02 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\CatRoot
    2016-12-13 16:22 - 2016-08-03 13:54 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2016-12-13 16:22 - 2016-08-03 13:54 - 00000000 ____D C:\WINDOWS\system32\DAX2
    2016-12-13 16:21 - 2016-12-01 16:04 - 05523456 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
    2016-12-13 16:21 - 2016-12-01 16:04 - 00023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
    2016-12-12 00:56 - 2016-11-09 16:13 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2016-12-12 00:56 - 2016-11-09 16:13 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2016-12-10 23:55 - 2016-08-28 17:01 - 00524288 ___SH C:\Users\Guy\ntuser.dat{a8b7daf2-6cf1-11e6-820b-8c89a568aa4b}.TMContainer00000000000000000001.regtrans-ms
    2016-12-10 19:24 - 2016-08-03 13:55 - 00000000 ___SD C:\Users\Guy\AppData\Roaming\Microsoft
    2016-12-10 09:34 - 2016-08-03 14:10 - 00000352 ___SH C:\Users\Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
    2016-12-10 09:34 - 2014-01-08 21:16 - 00000000 ___RD C:\Users\Guy\Favorites
    2016-12-10 09:34 - 2014-01-08 16:09 - 00000402 ___SH C:\Users\Guy\Documents\desktop.ini
    2016-12-10 09:34 - 2014-01-08 16:09 - 00000174 ___SH C:\Users\Guy\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
    2016-12-10 09:34 - 2014-01-08 16:09 - 00000000 __RHD C:\Users\Public\AccountPictures
    2016-12-10 09:34 - 2014-01-08 16:09 - 00000000 ___RD C:\Users\Guy\Videos
    2016-12-10 09:34 - 2014-01-08 16:09 - 00000000 ___RD C:\Users\Guy\Searches
    2016-12-10 09:34 - 2014-01-08 16:09 - 00000000 ___RD C:\Users\Guy\Saved Games
    2016-12-10 09:34 - 2014-01-08 16:09 - 00000000 ___RD C:\Users\Guy\Links
    2016-12-10 09:34 - 2014-01-08 16:09 - 00000000 ___RD C:\Users\Guy\Contacts
    2016-12-10 09:34 - 2014-01-08 16:09 - 00000000 ___RD C:\Users\Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    2016-12-09 23:40 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2016-12-09 23:40 - 2016-07-16 12:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2016-12-09 23:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
    2016-12-09 23:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2016-12-09 23:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
    2016-12-09 23:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
    2016-12-09 23:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\LogFiles
    2016-12-09 23:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
    2016-12-09 23:40 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Internet Explorer
    2016-12-09 23:40 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
    2016-12-09 23:40 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
    2016-12-09 23:40 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
    2016-12-09 23:40 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
    2016-12-09 23:40 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
    2016-12-09 11:42 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2016-12-08 20:55 - 2016-10-06 17:37 - 00000827 _____ C:\Users\Guy\Desktop\Orchestraal.txt
    2016-12-07 09:44 - 2015-12-05 19:33 - 00000000 ____D C:\ProgramData\YTD Video Downloader
    2016-12-05 10:07 - 2014-01-09 10:44 - 00000125 ___SH C:\ProgramData\.zreglib
    2016-12-05 09:31 - 2014-01-09 00:27 - 00000000 ____D C:\Users\Guy\AppData\Local\Diagnostics

    ==================== Bestanden in de root van sommige mappen =======

    2014-09-21 09:21 - 2014-09-21 09:21 - 0099384 _____ () C:\Users\Guy\AppData\Roaming\inst.exe
    2016-12-29 02:06 - 2016-12-29 02:06 - 1537536 _____ (Microsoft Corporation) C:\Users\Guy\AppData\Roaming\InstallWindows.exe
    2016-11-15 20:25 - 2016-11-15 20:34 - 0000617 _____ () C:\Users\Guy\AppData\Roaming\pacemaker.ini
    2016-11-15 20:25 - 2016-11-15 20:25 - 0000105 _____ () C:\Users\Guy\AppData\Roaming\pacemaker_songparams.txt
    2014-09-21 09:21 - 2014-09-21 09:21 - 0007859 _____ () C:\Users\Guy\AppData\Roaming\pcouffin.cat
    2014-09-21 09:21 - 2014-09-21 09:21 - 0001167 _____ () C:\Users\Guy\AppData\Roaming\pcouffin.inf
    2014-09-21 09:22 - 2014-09-21 09:22 - 0000034 _____ () C:\Users\Guy\AppData\Roaming\pcouffin.log
    2014-09-21 09:21 - 2014-09-21 09:21 - 0082816 _____ (VSO Software) C:\Users\Guy\AppData\Roaming\pcouffin.sys
    2013-02-26 13:03 - 2013-02-26 13:03 - 5263608 _____ () C:\Users\Guy\AppData\Roaming\SetupCloneDVD2931.exe
    2015-05-08 18:54 - 2015-05-08 18:54 - 182572846 _____ () C:\Users\Guy\AppData\Local\ACCCx3_0_1_87.zip.aamdownload
    2015-05-08 18:54 - 2015-05-08 18:54 - 0002194 _____ () C:\Users\Guy\AppData\Local\ACCCx3_0_1_87.zip.aamdownload.aamd
    2014-01-13 15:40 - 2014-02-06 20:24 - 0005632 _____ () C:\Users\Guy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2016-08-19 18:50 - 2016-08-19 20:07 - 0005546 _____ () C:\Users\Guy\AppData\Local\dsp_edcast_v3.log
    2016-08-19 18:50 - 2016-08-19 20:07 - 0002044 _____ () C:\Users\Guy\AppData\Local\dsp_edcast_v3_0.cfg
    2016-08-19 18:51 - 2016-08-19 20:07 - 0001619 _____ () C:\Users\Guy\AppData\Local\dsp_edcast_v3_1.cfg
    2016-08-19 18:51 - 2016-08-19 20:07 - 0196604 _____ () C:\Users\Guy\AppData\Local\dsp_edcast_v3_1.log
    2016-08-19 18:58 - 2016-08-19 19:48 - 0000406 _____ () C:\Users\Guy\AppData\Local\dsp_edcast_v3_2.log
    2015-06-23 17:39 - 2015-06-23 17:39 - 0000001 _____ () C:\Users\Guy\AppData\Local\llftool.4.25.agreement
    2015-12-30 21:05 - 2015-12-30 21:05 - 0000001 _____ () C:\Users\Guy\AppData\Local\llftool.4.40.agreement
    2015-06-23 17:43 - 2015-06-23 17:43 - 0000019 _____ () C:\Users\Guy\AppData\Local\llftool.license
    2015-01-05 10:51 - 2016-09-30 10:27 - 10355515 _____ () C:\Users\Guy\AppData\Local\parallels-pax.log
    2015-10-05 20:09 - 2015-10-05 20:10 - 0007597 _____ () C:\Users\Guy\AppData\Local\resmon.resmoncfg
    2014-01-09 10:44 - 2016-12-05 10:07 - 0000125 ___SH () C:\ProgramData\.zreglib
    2014-01-08 19:00 - 2014-01-08 19:00 - 0000057 _____ () C:\ProgramData\Ament.ini
    2016-08-03 13:54 - 2016-08-03 13:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    Bestanden om te verplaatsen of verwijderen:
    ====================
    C:\Users\Guy\RegSvcs.exe


    Sommige bestanden in TEMP:
    ====================
    C:\Users\Guy\AppData\Local\Temp\jna2203969083736640846.dll
    C:\Users\Guy\AppData\Local\Temp\jna4294437884182099659.dll


    ==================== Bamital & volsnap ======================

    (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

    C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
    C:\WINDOWS\system32\wininit.exe => Bestand is getekend
    C:\WINDOWS\explorer.exe => Bestand is getekend
    C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
    C:\WINDOWS\system32\svchost.exe => Bestand is getekend
    C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
    C:\WINDOWS\system32\services.exe => Bestand is getekend
    C:\WINDOWS\system32\User32.dll => Bestand is getekend
    C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
    C:\WINDOWS\system32\userinit.exe => Bestand is getekend
    C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
    C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
    C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
    C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
    C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend

    LastRegBack: 2016-12-27 17:17

    ==================== Eind van FRST.txt ============================

    --- Update ---

    Hoi,

    Hier tweede deel.

    Mvg
     

    Bijgevoegde bestanden:

  4. Abraham54

    Abraham54 Administrator Medewerker

    Waarschuwing: onderstaande bewerking is enkel voor deze computer bedoeld, het toepassen hiervan in een andere computer kan tot schade in Windows leiden.


    We gaan [​IMG]

    Farbar Recovery Scan Tool (FRST.exe) opnieuw gebruiken.

    Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programmas\Bureau-accessoires\Kladblok (of Notepad)".
    Kopieer en plak de volgende (blauwe tekst in het code-venster) in het lege kladblokvenster.

    Code:
    [B][color=#0000FF]
    start
    
    CreateRestorePoint:
    EmptyTemp:
    CloseProcesses:
    
    GroupPolicy: Restrictie <======= AANDACHT
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    C:\ProgramData\IObit
    C:\Users\Guy\RegSvcs.exe
    C:\Users\Guy\AppData\Local\Temp\jna220396908373664 0846.dll
    C:\Users\Guy\AppData\Local\Temp\jna429443788418209 9659.dll
    
    cmd: ipconfig /flushdns
    cmd: netsh winsock reset
    [/COLOR][/B]
    Sla nu dit kladblokbestand in de dezelfde locatie waar ook FRST.exe aanwezig is op als Fixlist.txt

    Farbar Recovery Scan Tool (FRST.exe) met de fixlist.txt gebruiken
    • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op FRST.exe en kies voor "Als Administrator uitvoeren".
    • Als het programma wordt gestart, klik dan op Ja in de popup.
    • Druk op de Fix knop.
    • Na de fix wordt een logbestand - Fixlog.txt - in dezelfde locatie aangemaakt van waaruit FRST.exe is gestart.
    • Post de inhoud van dit logbestand in jouw volgende bericht.
     
  5. SaltaDoom

    SaltaDoom Vaak hier

    Hoi,

    Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 01-01-2017
    Gestart door Guy (03-01-2017 21:10:47) Run:1
    Gestart vanaf C:\Users\Guy\Desktop
    Geladen Profielen: Guy (Beschikbare Profielen: Guy)
    Boot Modus: Normal
    ==============================================

    fixlist inhoud:
    *****************
    start

    CreateRestorePoint:
    EmptyTemp:
    CloseProcesses:

    GroupPolicy: Restrictie <======= AANDACHT
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    C:\ProgramData\IObit
    C:\Users\Guy\RegSvcs.exe
    C:\Users\Guy\AppData\Local\Temp\jna220396908373664 0846.dll
    C:\Users\Guy\AppData\Local\Temp\jna429443788418209 9659.dll

    cmd: ipconfig /flushdns
    cmd: netsh winsock reset
    *****************
     
  6. Abraham54

    Abraham54 Administrator Medewerker

    Dowload: [​IMG] Microsoft Safety Scanner (msert).

    Opmerking:
    • Microsoft Safety Scanner verloopt 10 dagen nadat het is gedownload.
    • Indien u opnieuw een scan wilt uitvoeren met de nieuwste definities ter voorkoming van schadelijke software,
      downloadt u Microsoft Safety Scanner opnieuw en voert u het opnieuw uit.
    Microsoft Safety Scanner opstarten:
    • Windows 2000 en Windows XP: start Microsoft's Safety Scanner middels dubbelklikken.
    • Windows Vista, Windows 7 en Windows 8: start Microsoft's Safety Scanner middels rechtsklikken en dan kiezen voor Als Administrator uitvoeren.
    • Zet vervolgens een vinkje bij "Ik accepteer de voorwaarden van de bovenstaande gebruiksovereenkomst".
    Scannen:
    • Na het opstarten van Microsoft Safety Scanner, klikt u op de knop "Volgende", vervolgens kies je voor 'Volledige scan'.
    • Het scannen duurt wel even, dus wees geduldig.
     
  7. SaltaDoom

    SaltaDoom Vaak hier

    Moest blijkbaar dit zijn, te snel gekopieerd.

    Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 01-01-2017
    Gestart door Guy (03-01-2017 21:10:47) Run:1
    Gestart vanaf C:\Users\Guy\Desktop
    Geladen Profielen: Guy (Beschikbare Profielen: Guy)
    Boot Modus: Normal
    ==============================================

    fixlist inhoud:
    *****************
    start

    CreateRestorePoint:
    EmptyTemp:
    CloseProcesses:

    GroupPolicy: Restrictie <======= AANDACHT
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand]
    C:\ProgramData\IObit
    C:\Users\Guy\RegSvcs.exe
    C:\Users\Guy\AppData\Local\Temp\jna220396908373664 0846.dll
    C:\Users\Guy\AppData\Local\Temp\jna429443788418209 9659.dll

    cmd: ipconfig /flushdns
    cmd: netsh winsock reset
    *****************

    Herstelpunt is succesvol gemaakt.
    Proces succesvol afgesloten.
    C:\WINDOWS\system32\GroupPolicy\Machine => is succesvol verplaatst.
    C:\WINDOWS\system32\GroupPolicy\GPT.ini => is succesvol verplaatst.
    C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => is succesvol verplaatst.
    HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2 => sleutel is succesvol verwijderd.
    HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3 => sleutel is succesvol verwijderd.
    HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5 => sleutel is succesvol verwijderd.
    HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0 => sleutel is succesvol verwijderd.
    HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1 => sleutel is succesvol verwijderd.
    HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2 => sleutel is succesvol verwijderd.
    HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.3 => sleutel is succesvol verwijderd.
    C:\ProgramData\IObit => is succesvol verplaatst.
    C:\Users\Guy\RegSvcs.exe => is succesvol verplaatst.
    "C:\Users\Guy\AppData\Local\Temp\jna220396908373664 0846.dll" => niet gevonden.
    "C:\Users\Guy\AppData\Local\Temp\jna429443788418209 9659.dll" => niet gevonden.

    ========= ipconfig /flushdns =========


    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========= Eind van CMD: =========


    ========= netsh winsock reset =========


    Sucessfully reset the Winsock Catalog.
    You must restart the computer in order to complete the reset.


    ========= Eind van CMD: =========


    =========== EmptyTemp: ==========

    BITS transfer queue => 4416531 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13316533 B
    Java, Flash, Steam htmlcache => 1471 B
    Windows/system/drivers => 274050 B
    Edge => 634653048 B
    Chrome => 0 B
    Firefox => 0 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Default => 6150 B
    Users => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 0 B
    systemprofile32 => 0 B
    LocalService => 714951 B
    NetworkService => 278516 B
    Guy => 117565829 B

    RecycleBin => 0 B
    EmptyTemp: => 735.5 MB tijdelijke gegevens verwijderd.

    ================================


    Het systeem moest herstart worden.

    ==== Eind van Fixlog 21:14:41 ====
     
  8. Abraham54

    Abraham54 Administrator Medewerker

    Doe dan nu de scan uit mijn vorige bericht.
     
  9. SaltaDoom

    SaltaDoom Vaak hier

    Dag Abraham54,

    Worden met de Microsoft Safety scanner de gevonden virussen automatisch gewist. Ik vraag dat maar omdat hier staat: "Nadat deze bewerking is voltooid, wordt een rapport met de gevonden virussen, spyware en mogelijk ongewenste software weergegeven".
    Nergens is er sprake van de verwijdering ervan.

    NB: Is momenteel aan het lopen, bijna twee uren en volgens de verloopbalk is het einde nog zeker niet in zicht. Hopelijk is dit normaal.

    Mvg,

    --- Update ---

    Dag Abraham54,

    De scan is voltooid en er zijn virussen en dergelijke opgeruimd. Maar probleem is nog niet opgelost. Telkens als ik op deze site kom krijg ik nu een soort reclame venster. Waar dit vandaan komt weet ik niet. Heb vervolgens met Malwarebytes 3.0.5 gescand. Dit is het resultaat.

    Malwarebytes
    www.malwarebytes.com

    -Logboekdetails-
    Scandatum: 04-01-17
    Scantijd: 08:58
    Logboekbestand:
    Beheerder: Ja

    -Software-informatie-
    Versie: 3.0.5.1299
    Versie componenten: 1.0.43
    Update pakketversie: 1.0.735
    Licentie: Premium

    -Systeeminformatie-
    Besturingssysteem: Windows 10
    Processor: x64
    Bestandssysteem: NTFS
    Gebruiker: MD8805\Guy

    -Scansamenvatting-
    Scantype: Bedreigingsscan
    Resultaat: Voltooid
    Objecten gescand: 536614
    Verstreken tijd: 8 min, 37 sec

    -Scanopties-
    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Ingeschakeld
    Heuristiek: Ingeschakeld
    POP: Ingeschakeld
    POA: Ingeschakeld

    -Scandetails-
    Proces: 0
    (Geen kwaadaardige items gedetecteerd)

    Module: 0
    (Geen kwaadaardige items gedetecteerd)

    Registersleutel: 0
    (Geen kwaadaardige items gedetecteerd)

    Registerwaarde: 0
    (Geen kwaadaardige items gedetecteerd)

    Gegevensstroom: 0
    (Geen kwaadaardige items gedetecteerd)

    Map: 1
    Trojan.StolenData, C:\USERS\GUY\APPDATA\ROAMING\DCLOGS, Verwijder-bij-herstart, [1354], [250094],1.0.735

    Bestand: 2
    Trojan.StolenData, C:\USERS\GUY\APPDATA\ROAMING\DCLOGS\2017-01-04-4.dc, Verwijder-bij-herstart, [1354], [250094],1.0.735
    Trojan.Agent, C:\USERS\GUY\REGSVCS.EXE, Verwijder-bij-herstart, [22], [352326],1.0.735

    Fysieke sector: 0
    (Geen kwaadaardige items gedetecteerd)

    (end)

    Maar komt blijkbaar altijd terug. Kunt u mij verder helpen a.u.b. Ook die vervelende zandloper is terug.

    Mvg,
     
    Laatst bewerkt: 4 jan 2017
  10. Abraham54

    Abraham54 Administrator Medewerker

    Wat in jouw map downloads ook aanwezig is duidt mogelijk op het gebruik van illegitieme software, gedownloaded via torrentnetwerken.
    Klopt dat?
    Zo ja - dan ben jij zelf de veroorzaker van de ongein in jouw Windows.


    Ga naar de site van de [​IMG] ESET Online Scanner
    • Klik op de knop ESET Online Scanner
    • Zet een vinkje bij YES, I accept the Terms of Use
    • Klik op Start
    • Sta het ActiveX control toe om te installeren.
      • Zet een vinkje bij de volgende opties:
      • Enable detection of potentially unwanted applications
      • Indien verborgen, open vervolgens Advanced Settings en vink ondervermelde instellingen aan
      • Enable detection of potentially unsafe applications
      • Enable detection of potentially suspicious applications
      • Scan archives
      • Enable Anti-Stealth technology
      • Clean threats automatically

      • Notabene: deaktiveer tijdelijk de eigen antivirus tijdens de scan, dan is de onlinescan sneller!
    • Klik op Start
    • De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.
    • is de scan klaar, sluit het Eset venster dan nog niet.

    [​IMG]


    • Zet nu vervolgens in dat venster links onder een vinkje bij Select all en klik dan aansluitend rechtsonder op Save to text file...
    • Er zal nu een kladblok document openen met alle inhoud die ook ook in het Eset scanvenster staat vermeld.
    • Sla nu dit logbestand op als Esetscan - desnoods met datum erbij en kies bij opslaan als bij voorkeur het bureaublad.
    • Selekteer, kopieer en plak dan de inhoud van dit Eset-log in je volgende bericht.

    Gebruik je een andere browser dan IE, dan download je een kleine webinstaller, esetsmartinstaller_enu.exe.
    De Eset Online scanner zal vervolgens in een kleiner venster opstarten, je markeert dan eerst de instelling zoals hierboven aangegeven.
    Klik daarna op de knop "Start" - vervolgens zal eerst de database worden gedownload en is dat gebeurd, start de scan.
     
  11. SaltaDoom

    SaltaDoom Vaak hier

    Hoi Abraham54,

    Heb ondertussen de handeling van het tool opnieuw uitgevoerd.

    Mvg,

    --- Update ---

    Oei, had uw reactie nog niet gezien. Ga eset online direct uitvoeren. Wil wel meegeven dat ik hier eset op de PC heb laten scannen en hij niets heeft gevonden. Ja dat klopt, heb willen een programma tijdelijk gebruiken op aangeven van een vriend. Dus zeer slechte raad, als ik dat had geweten zou ik dit niet hebben genstalleerd. Marr het kwaad is nu geschied.

    Mvg,
     

    Bijgevoegde bestanden:

    Laatst bewerkt: 4 jan 2017
  12. Abraham54

    Abraham54 Administrator Medewerker

    Ik wacht nu eerst de scan af.
    Dat jij al Eset gebruikt doet er niet toe; de online scanner scant echt alles.
     
Topicstatus:
Niet open voor verdere reacties.

Deel Deze Pagina