logje van RSIT - Privacy en beveiliging

zaterdag 19 maart 2016 17:53

Acties:

Topicstarter

hier een logje van RSIT, is alles ok?

Logfile of random's system information tool 1.10 (written by random/random)
Run by pot at 2016-03-20 02:48:22
Microsoft Windows 10 Home
System drive C: has 661 GB (95%) free of 699 GB
Total RAM: 7659 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 02:48:31, on 20-3-2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)
Boot mode: Normal

Running processes:
C:\Users\pot\AppData\Local\Microsoft\OneDrive\OneDrive.exe
F:\VirtualBox\Portable-VirtualBox\Portable-VirtualBox.exe
F:\VirtualBox\Portable-VirtualBox\Portable-VirtualBox.exe
C:\Program Files\trend micro\pot.exe
C:\WINDOWS\SysWOW64\DllHost.exe
C:\WINDOWS\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\pot\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6007 bytes

======Listing Processes======

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f05eda5f-d74d-4788-bfe4-a1750c736c24 -SystemEventPortName:HostProcess-acdeef1c-e8fe-4c6c-9a3b-52e1018c1f5e -IoCancelEventPortName:HostProcess-6db2e159-9df5-49c0-b181-4224fbd34e45 -NonStateChangingEventPortName:HostProcess-0e7ce91b-dc40-479e-91f6-3f5b71ed8ac7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6606a482-105b-414f-baae-b04fa2d12403 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
atieclxx
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\WINDOWS\system32\svchost.exe -k appmodel

"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"

taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\pot\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 6DFB8021-043A-1F20-954D-781C0829AB97 -Reinvoke
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"F:\VirtualBox\Portable-VirtualBox\Portable-VirtualBox.exe" !LinuxLive
"F:\VirtualBox\Portable-VirtualBox\app64\VBoxSVC.exe" -Embedding
C:\Windows\System32\InstallAgent.exe -Embedding

"F:\VirtualBox\Portable-VirtualBox\Portable-VirtualBox.exe" !LinuxLive
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 632 636 644 8192 640
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1749652486-3767782576-3318185682-10023_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1749652486-3767782576-3318185682-10023 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Users\pot\Downloads\RSITx64.exe"
atbroker.exe
"C:\WINDOWS\System32\osk.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{53362C32-A296-4F2D-A2F8-FD984D08340B}
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-29 3935912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\pot\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-19 551104]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-21 767176]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-03-20 02:48:23 ----D---- C:\Program Files\trend micro
2016-03-20 02:48:22 ----D---- C:\rsit
2016-03-19 23:50:37 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-03-19 23:44:36 ----D---- C:\WINDOWS\system32\MRT
2016-03-19 23:44:33 ----A---- C:\WINDOWS\system32\MRT.exe
2016-03-19 23:40:02 ----D---- C:\Program Files\ATI Technologies
2016-03-19 23:38:34 ----HD---- C:\$WINDOWS.~BT
2016-03-19 23:37:55 ----D---- C:\Program Files (x86)\LinuxLive USB Creator
2016-03-19 23:36:26 ----D---- C:\Users\pot\AppData\Roaming\Macromedia
2016-03-19 23:35:58 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll
2016-03-19 23:35:58 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll
2016-03-19 23:35:58 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll
2016-03-19 23:35:58 ----A---- C:\WINDOWS\SYSWOW64\detoured.dll
2016-03-19 23:35:58 ----A---- C:\WINDOWS\system32\mantleaxl64.dll
2016-03-19 23:35:58 ----A---- C:\WINDOWS\system32\mantle64.dll
2016-03-19 23:35:58 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll
2016-03-19 23:35:58 ----A---- C:\WINDOWS\system32\detoured.dll
2016-03-19 23:35:57 ----A---- C:\WINDOWS\system32\clinfo.exe
2016-03-19 23:35:52 ----A---- C:\WINDOWS\SYSWOW64\atiuxpag.dll
2016-03-19 23:35:52 ----A---- C:\WINDOWS\SYSWOW64\atiumdva.dll
2016-03-19 23:35:52 ----A---- C:\WINDOWS\SYSWOW64\atiumdag.dll
2016-03-19 23:35:52 ----A---- C:\WINDOWS\SYSWOW64\atiu9pag.dll
2016-03-19 23:35:52 ----A---- C:\WINDOWS\system32\atiumd6a.dll
2016-03-19 23:35:52 ----A---- C:\WINDOWS\system32\atiumd64.dll
2016-03-19 23:35:51 ----A---- C:\WINDOWS\SYSWOW64\atioglxx.dll
2016-03-19 23:35:51 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll
2016-03-19 23:35:51 ----A---- C:\WINDOWS\system32\atiu9p64.dll
2016-03-19 23:35:51 ----A---- C:\WINDOWS\system32\atitmm64.dll
2016-03-19 23:35:51 ----A---- C:\WINDOWS\system32\ATIODE.exe
2016-03-19 23:35:51 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2016-03-19 23:35:51 ----A---- C:\WINDOWS\system32\atio6axx.dll
2016-03-19 23:35:51 ----A---- C:\WINDOWS\system32\atimuixx.dll
2016-03-19 23:35:51 ----A---- C:\WINDOWS\system32\atimpc64.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\SYSWOW64\atiglpxx.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe
2016-03-19 23:35:50 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\SYSWOW64\aticalrt.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\SYSWOW64\aticaldd.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\SYSWOW64\aticalcl.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\SYSWOW64\atiadlxx.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\system32\atiglpxx.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\system32\atig6txx.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\system32\atig6pxx.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\system32\atieclxx.exe
2016-03-19 23:35:50 ----A---- C:\WINDOWS\system32\atieah64.exe
2016-03-19 23:35:50 ----A---- C:\WINDOWS\system32\aticalrt64.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\system32\aticaldd64.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\system32\aticalcl64.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2016-03-19 23:35:49 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2016-03-19 23:35:49 ----A---- C:\WINDOWS\SYSWOW64\amdxc32.dll
2016-03-19 23:35:49 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll
2016-03-19 23:35:49 ----A---- C:\WINDOWS\SYSWOW64\amdocl_ld32.exe
2016-03-19 23:35:49 ----A---- C:\WINDOWS\system32\OpenCL.dll
2016-03-19 23:35:49 ----A---- C:\WINDOWS\system32\amdxc64.dll
2016-03-19 23:35:49 ----A---- C:\WINDOWS\system32\amdpcom64.dll
2016-03-19 23:35:49 ----A---- C:\WINDOWS\system32\amdocl_ld64.exe
2016-03-19 23:35:48 ----A---- C:\WINDOWS\SYSWOW64\amdocl_as32.exe
2016-03-19 23:35:48 ----A---- C:\WINDOWS\system32\amdocl_as64.exe
2016-03-19 23:35:47 ----A---- C:\WINDOWS\system32\amdocl64.dll
2016-03-19 23:35:46 ----A---- C:\WINDOWS\SYSWOW64\amdocl12cl.dll
2016-03-19 23:35:46 ----A---- C:\WINDOWS\system32\amdocl12cl64.dll
2016-03-19 23:35:45 ----A---- C:\WINDOWS\SYSWOW64\amdocl.dll
2016-03-19 23:35:45 ----A---- C:\WINDOWS\SYSWOW64\amdmmcl.dll
2016-03-19 23:35:45 ----A---- C:\WINDOWS\SYSWOW64\amdmantle32.dll
2016-03-19 23:35:45 ----A---- C:\WINDOWS\SYSWOW64\amdlvr32.dll
2016-03-19 23:35:45 ----A---- C:\WINDOWS\SYSWOW64\amdhdl32.dll
2016-03-19 23:35:45 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll
2016-03-19 23:35:45 ----A---- C:\WINDOWS\system32\amdmmcl6.dll
2016-03-19 23:35:45 ----A---- C:\WINDOWS\system32\amdmiracast.dll
2016-03-19 23:35:45 ----A---- C:\WINDOWS\system32\amdmantle64.dll
2016-03-19 23:35:45 ----A---- C:\WINDOWS\system32\amdlvr64.dll
2016-03-19 23:35:45 ----A---- C:\WINDOWS\system32\amdhdl64.dll
2016-03-19 23:35:45 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll
2016-03-19 23:34:23 ----D---- C:\ProgramData\ATI
2016-03-19 23:34:02 ----SHD---- C:\Config.Msi
2016-03-19 23:29:01 ----A---- C:\WINDOWS\system32\ativce03.dat
2016-03-19 23:29:01 ----A---- C:\WINDOWS\system32\ativce02.dat
2016-03-19 23:28:57 ----A---- C:\WINDOWS\system32\atidemgy.dll
2016-03-19 23:28:57 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2016-03-19 23:28:50 ----A---- C:\WINDOWS\system32\amdicdxx.dat
2016-03-19 23:28:50 ----A---- C:\WINDOWS\system32\amde31a.dat
2016-03-19 07:21:00 ----D---- C:\Users\pot\AppData\Roaming\ATI
2016-03-19 07:20:53 ----D---- C:\ProgramData\Microsoft OneDrive
2016-03-19 07:18:11 ----D---- C:\Users\pot\AppData\Roaming\Adobe
2016-03-19 07:18:04 ----SD---- C:\Users\pot\AppData\Roaming\Microsoft
2016-03-19 07:16:36 ----D---- C:\WINDOWS\SoftwareDistribution
2016-03-19 02:35:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-19 02:31:18 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2016-03-19 02:30:20 ----D---- C:\ProgramData\USOShared
2016-03-19 02:29:46 ----D---- C:\ProgramData\AMD
2016-03-19 02:29:23 ----HD---- C:\Program Files\Uninstall Information
2016-03-19 02:28:58 ----SHD---- C:\ProgramData\Sjablonen
2016-03-19 02:28:58 ----SHD---- C:\ProgramData\Menu Start
2016-03-19 02:28:58 ----SHD---- C:\ProgramData\Documenten
2016-03-19 02:28:58 ----SHD---- C:\ProgramData\Bureaublad
2016-03-19 02:28:58 ----SHD---- C:\ProgramData\Application Data
2016-03-19 02:28:57 ----SHD---- C:\Documents and Settings
2016-03-19 02:28:48 ----SHD---- C:\Recovery
2016-03-19 02:25:25 ----ASH---- C:\hiberfil.sys
2016-03-19 02:20:13 ----AS---- C:\WINDOWS\bootstat.dat
2016-03-19 02:20:03 ----SHD---- C:\$RECYCLE.BIN
2016-03-19 02:20:00 ----D---- C:\Program Files\Common Files\ATI Technologies
2016-03-19 02:19:57 ----D---- C:\Program Files (x86)\ATI Technologies
2016-03-19 02:19:43 ----D---- C:\ProgramData\Package Cache
2016-03-19 02:19:04 ----D---- C:\AMD
2016-03-19 02:18:42 ----D---- C:\Program Files\AMD
2016-03-19 02:11:19 ----D---- C:\WINDOWS\ServiceProfiles
2016-03-19 02:10:58 ----SD---- C:\WINDOWS\system32\Microsoft
2016-03-19 02:10:40 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-19 02:08:37 ----ASH---- C:\swapfile.sys
2016-03-19 02:08:37 ----ASH---- C:\pagefile.sys
2016-03-18 17:08:06 ----A---- C:\Recovery.txt
2016-03-18 11:46:29 ----DC---- C:\WINDOWS\Panther
2016-03-18 11:46:16 ----D---- C:\Windows.old
2016-03-18 11:45:27 ----D---- C:\WINDOWS\InfusedApps
2016-03-18 11:45:01 ----D---- C:\Program Files\Synaptics
2016-03-18 11:43:48 ----D---- C:\WINDOWS\Setup
2016-03-18 11:27:02 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2016-03-18 11:27:02 ----D---- C:\WINDOWS\OCR
2016-03-18 11:27:01 ----D---- C:\Program Files\Reference Assemblies
2016-03-18 11:27:01 ----D---- C:\Program Files\MSBuild
2016-03-18 11:27:01 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-03-18 11:27:01 ----D---- C:\Program Files (x86)\MSBuild
2016-03-18 11:25:28 ----A---- C:\WINDOWS\system32\perfi013.dat
2016-03-18 11:25:28 ----A---- C:\WINDOWS\system32\perfh013.dat
2016-03-18 11:25:28 ----A---- C:\WINDOWS\system32\perfd013.dat
2016-03-18 11:25:28 ----A---- C:\WINDOWS\system32\perfc013.dat
2016-03-18 11:24:55 ----D---- C:\WINDOWS\SYSWOW64\winrm
2016-03-18 11:24:55 ----D---- C:\WINDOWS\SYSWOW64\WCN
2016-03-18 11:24:55 ----D---- C:\WINDOWS\SYSWOW64\sysprep
2016-03-18 11:24:55 ----D---- C:\WINDOWS\SYSWOW64\slmgr
2016-03-18 11:24:55 ----D---- C:\WINDOWS\SYSWOW64\Printing_Admin_Scripts
2016-03-18 11:24:54 ----D---- C:\WINDOWS\SYSWOW64\nl
2016-03-18 11:24:54 ----D---- C:\WINDOWS\SYSWOW64\en
2016-03-18 11:24:54 ----D---- C:\WINDOWS\SYSWOW64\drivers\UMDF
2016-03-18 11:24:54 ----D---- C:\WINDOWS\SYSWOW64\drivers\nl-NL
2016-03-18 11:24:54 ----D---- C:\WINDOWS\SYSWOW64\drivers\en-US
2016-03-18 11:24:54 ----D---- C:\WINDOWS\SYSWOW64\0409
2016-03-18 11:24:54 ----D---- C:\WINDOWS\system32\winrm
2016-03-18 11:24:54 ----D---- C:\WINDOWS\system32\WCN
2016-03-18 11:24:54 ----D---- C:\WINDOWS\system32\slmgr
2016-03-18 11:24:54 ----D---- C:\WINDOWS\system32\Printing_Admin_Scripts
2016-03-18 11:24:53 ----D---- C:\WINDOWS\system32\nl
2016-03-18 11:24:53 ----D---- C:\WINDOWS\system32\en
2016-03-18 11:24:52 ----D---- C:\WINDOWS\system32\drivers\nl-NL
2016-03-18 11:24:52 ----D---- C:\WINDOWS\system32\drivers\en-US
2016-03-18 11:24:52 ----D---- C:\WINDOWS\system32\0409
2016-03-18 11:24:52 ----D---- C:\WINDOWS\nl-NL
2016-03-18 11:24:52 ----D---- C:\WINDOWS\en-US
2016-03-18 11:24:52 ----D---- C:\WINDOWS\DigitalLocker
2016-03-18 11:20:41 ----A---- C:\WINDOWS\system32\perfi009.dat
2016-03-18 11:20:41 ----A---- C:\WINDOWS\system32\perfh009.dat
2016-03-18 11:20:41 ----A---- C:\WINDOWS\system32\perfd009.dat
2016-03-18 11:20:41 ----A---- C:\WINDOWS\system32\perfc009.dat
2016-03-18 11:20:13 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-03-18 11:18:07 ----A---- C:\WINDOWS\SYSWOW64\NOISE.DAT
2016-03-18 11:18:06 ----A---- C:\WINDOWS\SYSWOW64\msclmd.dll
2016-03-18 11:18:06 ----A---- C:\WINDOWS\SYSWOW64\dssec.dat
2016-03-18 11:17:53 ----A---- C:\WINDOWS\system32\NOISE.DAT
2016-03-18 11:17:53 ----A---- C:\WINDOWS\system32\msclmd.dll
2016-03-18 11:17:52 ----A---- C:\WINDOWS\system32\dssec.dat
2016-03-18 11:17:49 ----RSH---- C:\WINDOWS\fonts\StaticCache.dat
2016-03-18 11:17:49 ----A---- C:\WINDOWS\fonts\desktop.ini
2016-03-18 11:17:46 ----A---- C:\WINDOWS\win.ini
2016-03-18 11:17:46 ----A---- C:\WINDOWS\system.ini
2016-03-18 11:17:44 ----ASH---- C:\Program Files\desktop.ini
2016-03-18 11:17:44 ----ASH---- C:\Program Files (x86)\desktop.ini
2016-03-18 11:17:42 ----SD---- C:\WINDOWS\SYSWOW64\Nui
2016-03-18 11:17:42 ----SD---- C:\WINDOWS\SYSWOW64\F12
2016-03-18 11:17:42 ----SD---- C:\WINDOWS\SYSWOW64\DiagSvcs
2016-03-18 11:17:42 ----SD---- C:\WINDOWS\SYSWOW64\Configuration
2016-03-18 11:17:42 ----D---- C:\WINDOWS\Web
2016-03-18 11:17:42 ----D---- C:\WINDOWS\Vss
2016-03-18 11:17:42 ----D---- C:\WINDOWS\twain_32
2016-03-18 11:17:42 ----D---- C:\WINDOWS\tracing
2016-03-18 11:17:42 ----D---- C:\WINDOWS\Temp
2016-03-18 11:17:42 ----D---- C:\WINDOWS\Tasks
2016-03-18 11:17:42 ----D---- C:\WINDOWS\TAPI
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\zh-TW
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\zh-HK
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\WinMetadata
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\WindowsPowerShell
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\wbem
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\uk-UA
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\tr-TR
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\th-TH
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\Tasks
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\sv-SE
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\sru
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-RS
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-CS
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\sppui
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\spp
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\Speech_OneCore
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\Speech
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\SMI
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\sl-SI
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\setup
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\ro-RO
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\restore
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\Recovery
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\RasToast
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\ras
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\pt-PT
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\pt-BR
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\oobe
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\networklist
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\NDF
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\nb-NO
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\MUI
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\MsDtc
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\MSDRM
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\migwiz
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\lv-LV
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\LogFiles
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\Licenses
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\ko-KR
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\ja-JP
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\it-IT
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\Ipmi
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\InstallShield
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\InputMethod
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\inetsrv
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\IME
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\icsxml
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\hr-HR
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\he-IL
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicyUsers
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicy
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\FxsTmp
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\fr-FR
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\fr-CA
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\fi-FI
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\et-EE
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\es-MX
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\es-ES
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\el-GR
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\DriverStore
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\downlevel
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\de-DE
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\da-DK
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\config
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\Com
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\catroot
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\Bthprops
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\bg-BG
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\ar-SA
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\AppLocker
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SYSWOW64\AdvancedInstallers
2016-03-18 11:17:42 ----D---- C:\WINDOWS\syswow64
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SystemResources
2016-03-18 11:17:42 ----D---- C:\WINDOWS\SystemApps
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\zh-TW
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\zh-HK
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\zh-CN
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\WinMetadata
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\winevt
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\WinBioDatabase
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\wfp
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\WDI
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\wbem
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\uk-UA
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\tr-TR
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\th-TH
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\Tasks
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\sv-SE
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\sru
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2016-03-18 11:17:42 ----D---- C:\WINDOWS\system32\sppui
2016-03-18 11:17:41 ----SHD---- C:\WINDOWS\Installer
2016-03-18 11:17:41 ----SHD---- C:\Program Files\Windows Sidebar
2016-03-18 11:17:41 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2016-03-18 11:17:41 ----SD---- C:\WINDOWS\system32\Nui
2016-03-18 11:17:41 ----SD---- C:\WINDOWS\system32\F12
2016-03-18 11:17:41 ----SD---- C:\WINDOWS\system32\dsc
2016-03-18 11:17:41 ----SD---- C:\WINDOWS\system32\DiagSvcs
2016-03-18 11:17:41 ----SD---- C:\WINDOWS\system32\Configuration
2016-03-18 11:17:41 ----SD---- C:\WINDOWS\Downloaded Program Files
2016-03-18 11:17:41 ----SD---- C:\ProgramData\Microsoft
2016-03-18 11:17:41 ----SD---- C:\Program Files\WindowsPowerShell
2016-03-18 11:17:41 ----SD---- C:\Program Files (x86)\WindowsPowerShell
2016-03-18 11:17:41 ----RSD---- C:\WINDOWS\Media
2016-03-18 11:17:41 ----RSD---- C:\WINDOWS\Fonts
2016-03-18 11:17:41 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-18 11:17:41 ----RD---- C:\WINDOWS\PrintDialog
2016-03-18 11:17:41 ----RD---- C:\WINDOWS\Offline Web Pages
2016-03-18 11:17:41 ----RD---- C:\WINDOWS\MiracastView
2016-03-18 11:17:41 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-03-18 11:17:41 ----RD---- C:\WINDOWS\DevicesFlow
2016-03-18 11:17:41 ----RD---- C:\WINDOWS\DesktopTileResources
2016-03-18 11:17:41 ----RD---- C:\WINDOWS\assembly
2016-03-18 11:17:41 ----HD---- C:\WINDOWS\ELAMBKUP
2016-03-18 11:17:41 ----HD---- C:\ProgramData
2016-03-18 11:17:41 ----HD---- C:\Program Files\WindowsApps
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\Sysprep
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\spp
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\spool
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\Speech_OneCore
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\Speech
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\sl-SI
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\sk-SK
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\setup
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\ru-RU
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\ro-RO
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\restore
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\Recovery
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\RasToast
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\ras
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\pt-PT
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\pt-BR
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\ProximityToast
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\PointOfService
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\pl-PL
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\oobe
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\nl-NL
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\networklist
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\NDF
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\nb-NO
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\MUI
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\MsDtc
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\MSDRM
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\migwiz
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\migration
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\MailContactsCalendarSync
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\Macromed
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\lv-LV
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\lt-LT
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\LogFiles
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\Licenses
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\ko-KR
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\ja-JP
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\it-IT
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\Ipmi
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\InputMethod
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\inetsrv
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\IME
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\icsxml
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\ias
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\hu-HU
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\hr-HR
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\he-IL
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\GroupPolicyUsers
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\GroupPolicy
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\FxsTmp
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\fr-FR
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\fr-CA
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\fi-FI
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\et-EE
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\es-MX
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\es-ES
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\en-US
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\en-GB
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\el-GR
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\drivers\etc
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\downlevel
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\Dism
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\de-DE
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\da-DK
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\cs-CZ
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\Com
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\catroot2
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\Bthprops
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\Boot
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\bg-BG
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\ar-SA
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\appraiser
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\AppLocker
2016-03-18 11:17:41 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2016-03-18 11:17:41 ----D---- C:\WINDOWS\System
2016-03-18 11:17:41 ----D---- C:\WINDOWS\Speech_OneCore
2016-03-18 11:17:41 ----D---- C:\WINDOWS\Speech
2016-03-18 11:17:41 ----D---- C:\WINDOWS\SKB
2016-03-18 11:17:41 ----D---- C:\WINDOWS\ShellNew
2016-03-18 11:17:41 ----D---- C:\WINDOWS\security
2016-03-18 11:17:41 ----D---- C:\WINDOWS\schemas
2016-03-18 11:17:41 ----D---- C:\WINDOWS\SchCache
2016-03-18 11:17:41 ----D---- C:\WINDOWS\Resources
2016-03-18 11:17:41 ----D---- C:\WINDOWS\rescache
2016-03-18 11:17:41 ----D---- C:\WINDOWS\Registration
2016-03-18 11:17:41 ----D---- C:\WINDOWS\Provisioning
2016-03-18 11:17:41 ----D---- C:\WINDOWS\prefetch
2016-03-18 11:17:41 ----D---- C:\WINDOWS\PolicyDefinitions
2016-03-18 11:17:41 ----D---- C:\WINDOWS\PLA
2016-03-18 11:17:41 ----D---- C:\WINDOWS\Performance
2016-03-18 11:17:41 ----D---- C:\WINDOWS\ModemLogs
2016-03-18 11:17:41 ----D---- C:\WINDOWS\Migration
2016-03-18 11:17:41 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-18 11:17:41 ----D---- C:\WINDOWS\Logs
2016-03-18 11:17:41 ----D---- C:\WINDOWS\LiveKernelReports
2016-03-18 11:17:41 ----D---- C:\WINDOWS\L2Schemas
2016-03-18 11:17:41 ----D---- C:\WINDOWS\InputMethod
2016-03-18 11:17:41 ----D---- C:\WINDOWS\IME
2016-03-18 11:17:41 ----D---- C:\WINDOWS\Help
2016-03-18 11:17:41 ----D---- C:\WINDOWS\Globalization
2016-03-18 11:17:41 ----D---- C:\WINDOWS\diagnostics
2016-03-18 11:17:41 ----D---- C:\WINDOWS\debug
2016-03-18 11:17:41 ----D---- C:\WINDOWS\Cursors
2016-03-18 11:17:41 ----D---- C:\WINDOWS\Branding
2016-03-18 11:17:41 ----D---- C:\WINDOWS\Boot
2016-03-18 11:17:41 ----D---- C:\WINDOWS\AppReadiness
2016-03-18 11:17:41 ----D---- C:\WINDOWS\AppPatch
2016-03-18 11:17:41 ----D---- C:\WINDOWS\appcompat
2016-03-18 11:17:41 ----D---- C:\WINDOWS\addins
2016-03-18 11:17:41 ----D---- C:\ProgramData\USOPrivate
2016-03-18 11:17:41 ----D---- C:\ProgramData\SoftwareDistribution
2016-03-18 11:17:41 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-03-18 11:17:41 ----D---- C:\ProgramData\Comms
2016-03-18 11:17:41 ----D---- C:\Program Files\Windows Portable Devices
2016-03-18 11:17:41 ----D---- C:\Program Files\Windows Photo Viewer
2016-03-18 11:17:41 ----D---- C:\Program Files\Windows NT
2016-03-18 11:17:41 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-18 11:17:41 ----D---- C:\Program Files\Windows Media Player
2016-03-18 11:17:41 ----D---- C:\Program Files\Windows Mail
2016-03-18 11:17:41 ----D---- C:\Program Files\Windows Journal
2016-03-18 11:17:41 ----D---- C:\Program Files\Windows Defender
2016-03-18 11:17:41 ----D---- C:\Program Files\Internet Explorer
2016-03-18 11:17:41 ----D---- C:\Program Files\Common Files\System
2016-03-18 11:17:41 ----D---- C:\Program Files\Common Files\Services
2016-03-18 11:17:41 ----D---- C:\Program Files\Common Files\microsoft shared
2016-03-18 11:17:41 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-18 11:17:41 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-03-18 11:17:41 ----D---- C:\Program Files (x86)\Windows NT
2016-03-18 11:17:41 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-18 11:17:41 ----D---- C:\Program Files (x86)\Windows Media Player
2016-03-18 11:17:41 ----D---- C:\Program Files (x86)\Windows Mail
2016-03-18 11:17:41 ----D---- C:\Program Files (x86)\Windows Defender
2016-03-18 11:17:41 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-03-18 11:17:41 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-18 11:17:41 ----D---- C:\PerfLogs
2016-03-18 11:17:10 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-03-18 11:17:08 ----D---- C:\WINDOWS\system32\drivers
2016-03-18 11:15:21 ----D---- C:\WINDOWS\INF
2016-03-18 11:00:50 ----D---- C:\WINDOWS\CbsTemp
2016-03-18 10:49:05 ----RD---- C:\Users
2016-03-18 10:49:05 ----RD---- C:\Program Files (x86)
2016-03-18 10:49:05 ----RD---- C:\Program Files
2016-03-18 10:49:05 ----D---- C:\WINDOWS\WinSxS
2016-03-18 10:49:05 ----D---- C:\WINDOWS\system32\SMI
2016-03-18 10:49:05 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-18 10:49:05 ----D---- C:\WINDOWS\system32\config
2016-03-18 10:49:05 ----D---- C:\WINDOWS\system32\CatRoot
2016-03-18 10:49:05 ----D---- C:\WINDOWS\System32
2016-03-18 10:49:05 ----D---- C:\WINDOWS\servicing
2016-03-18 10:49:05 ----D---- C:\Windows
2016-03-18 10:49:05 ----D---- C:\Program Files\Common Files
2016-03-18 10:49:05 ----D---- C:\Program Files (x86)\Common Files
2016-03-09 12:11:06 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-03-09 12:11:05 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-03-09 12:11:04 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-09 12:11:04 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-09 12:11:02 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-03-09 12:11:01 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-09 12:10:57 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-03-09 12:10:55 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-09 12:10:53 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-09 12:10:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-03-09 12:10:50 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 12:10:49 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-03-09 12:10:47 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-09 12:10:47 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-03-09 12:10:44 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-09 12:10:42 ----A---- C:\WINDOWS\system32\WMASF.DLL
2016-03-09 12:10:37 ----A---- C:\WINDOWS\system32\shell32.dll
2016-03-09 12:10:32 ----A---- C:\WINDOWS\SYSWOW64\WMASF.DLL
2016-03-09 12:10:31 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-03-09 12:10:26 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-03-09 12:10:26 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 12:10:25 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 12:10:25 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 12:10:23 ----A---- C:\WINDOWS\system32\ole32.dll
2016-03-09 12:10:22 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-09 12:10:21 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-03-09 12:10:21 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-03-09 12:10:20 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2016-03-09 12:10:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-03-09 12:10:18 ----A---- C:\WINDOWS\system32\scapi.dll
2016-03-09 12:10:18 ----A---- C:\WINDOWS\system32\configurationclient.dll
2016-03-09 12:10:16 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2016-03-09 12:10:16 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-09 12:10:16 ----A---- C:\WINDOWS\system32\werui.dll
2016-03-09 12:10:16 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 12:10:14 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-03-09 12:10:14 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-09 12:10:13 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-09 12:10:11 ----A---- C:\WINDOWS\system32\sqmapi.dll
2016-03-09 12:10:11 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-03-09 12:10:09 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2016-03-09 12:10:08 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-03-09 12:10:06 ----A---- C:\WINDOWS\system32\winload.exe
2016-03-09 12:10:06 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-03-09 12:10:06 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-03-09 12:10:04 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-03-09 12:10:00 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2016-03-09 12:10:00 ----A---- C:\WINDOWS\system32\browser.dll
2016-03-09 12:09:58 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-03-09 12:09:58 ----A---- C:\WINDOWS\SYSWOW64\netapi32.dll
2016-03-09 12:09:58 ----A---- C:\WINDOWS\SYSWOW64\browcli.dll
2016-03-09 12:09:58 ----A---- C:\WINDOWS\system32\browcli.dll
2016-03-09 12:09:58 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-03-09 12:09:57 ----A---- C:\WINDOWS\system32\wkscli.dll
2016-03-09 12:09:57 ----A---- C:\WINDOWS\system32\netapi32.dll
2016-03-09 12:09:56 ----A---- C:\WINDOWS\SYSWOW64\wkscli.dll
2016-03-09 12:09:56 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-03-09 12:09:56 ----A---- C:\WINDOWS\SYSWOW64\srvcli.dll
2016-03-09 12:09:56 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-03-09 12:09:56 ----A---- C:\WINDOWS\system32\srvcli.dll
2016-03-09 12:09:55 ----A---- C:\WINDOWS\system32\wer.dll
2016-03-09 12:09:55 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 12:09:54 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-03-09 12:09:54 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-09 12:09:52 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-03-09 12:09:51 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-03-09 12:09:50 ----A---- C:\WINDOWS\system32\seclogon.dll
2016-03-09 12:09:50 ----A---- C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-03-09 12:09:49 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-03-09 12:09:49 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 12:09:49 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-03-09 12:09:45 ----A---- C:\WINDOWS\system32\mfds.dll
2016-03-09 12:09:44 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2016-03-09 12:09:43 ----A---- C:\WINDOWS\SYSWOW64\NetCfgNotifyObjectHost.exe
2016-03-09 12:09:43 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-03-09 12:09:43 ----A---- C:\WINDOWS\system32\wups2.dll
2016-03-09 12:09:42 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2016-03-09 12:09:42 ----A---- C:\WINDOWS\system32\winresume.exe
2016-03-09 12:09:42 ----A---- C:\WINDOWS\system32\wermgr.exe
2016-03-09 12:09:42 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-03-09 12:09:42 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 12:09:41 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-03-09 12:09:40 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-03-09 12:09:37 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-03-09 12:09:37 ----A---- C:\WINDOWS\system32\atmlib.dll

======List of files/folders modified in the last 1 month======

2016-03-19 23:39:00 ----SHD---- C:\System Volume Information
2016-03-19 23:35:58 ----A---- C:\WINDOWS\system32\coinst_15.20.dll
2016-03-19 23:35:52 ----A---- C:\WINDOWS\system32\atiuxp64.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\system32\atiesrxx.exe
2016-03-19 23:35:50 ----A---- C:\WINDOWS\system32\atidxx64.dll
2016-03-19 23:35:50 ----A---- C:\WINDOWS\system32\aticfx64.dll
2016-03-18 17:08:07 ----HD---- C:\$SysReset

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-12-01 8192]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\System32\drivers\vwififlt.sys [2015-07-10 72704]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R2 VBoxDRV;PortableVBoxDRV; \??\F:\VirtualBox\Portable-VirtualBox\app64\drivers\VBoxDrv\VBoxDrv.sys [2016-03-04 982504]
R2 VBoxUSBMon;PortableVBoxUSBMon; \??\F:\VirtualBox\Portable-VirtualBox\app64\drivers\USB\filter\VBoxUSBMon.sys [2016-03-04 148808]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2016-03-19 21648880]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2016-03-19 674288]
R3 AtiHDAudioService;@oem4.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-07-29 102912]
R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Stuurprogramma voor Broadcom 802.11 netwerkadapter; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2015-07-10 7593176]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2015-07-10 129224]
R3 SynTP;@oem3.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\System32\drivers\SynTP.sys [2015-07-29 606376]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-videoapparaat (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2015-07-10 221184]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\System32\drivers\vwifimp.sys [2015-07-10 39936]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 dtsoftbus01;@oem15.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-07-29 283064]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 HDJCtrl;@oem9.inf,%SvcDesc%;Hercules DJ Control MP3 Service; C:\WINDOWS\System32\Drivers\HDJCtrl.sys [2013-05-21 38704]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-07-29 934752]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-07-29 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-07-10 28512]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-07-10 57696]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-07-10 27488]
S3 USBAAPL64;@oem24.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2014-07-28 54784]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\WINDOWS\System32\drivers\usbser.sys [2016-01-31 67072]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\WINDOWS\System32\drivers\vhf.sys [2015-07-10 31744]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2016-03-19 255472]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-08-21 344064]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 OneSyncSvc_Session1;Host synchroniseren_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-07-29 237736]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session1;Contact Data_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-07-29 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc_Session1;User Data Storage_Session1; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 UserDataSvc_Session1;User Data Access_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 vmicvmsession;@%systemroot%\system32\icsvc.dll,-901; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 WalletService;@%SystemRoot%\System32\WalletService.dll,-1000; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]

-----------------EOF-----------------

Mvg
lauji

zaterdag 19 maart 2016 18:02

Acties:

F_J_K

Moderator CSA/PB

Front verplichte underscores

Je dumpt een lange lap tekst en vraagt of wij die ff doornemen, dat is niet hoe het bij voorkeur werkt

Vermoed je malware, waarom? Over welke elementen van het log ben je vrij zeker dat het OK is, over welk twijfel je?

'Multiple exclamation marks,' he went on, shaking his head, 'are a sure sign of a diseased mind' (Terry Pratchett, Eric)

zaterdag 19 maart 2016 18:02

Acties:

Crahsystor

Alles is ok, want het staat netjes op het scherm.

Wat verwacht je, wat wil je weten, welke context, wat heb je zelf gevonden? Hier een logfile neerzetten en verwachten dat er op automagische wijze een diagnose uitkomt word niet op prijs gesteld en maakt hulp ook erg moeilijk. Immers hebben de meeste tweakers geen kristallen bol om te weten wat jouw situatie is en wat daarin normaal is. Geef gewoon even aan wat het probleem is waar je tegenaan loopt. Waarom kun je zelf niet bepalen of dit oké is voor jouw situatie?

Addicted to silent computing

woensdag 23 maart 2016 08:59

Acties:

iisschots

We verwachten toch iets van eigen inzet voordat een topic geopend word.

Hackerspace in Friesland | www.frack.nl | Bezig met opzetten, help mee!

Dit topic is gesloten.