Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by TimTa on vr 21-08-2015 at 8:43:23,01. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\TimTa\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-08-18-194300.log 48835 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent 7-Zip 9.20 Adobe Flash Player 18 ActiveX Adobe Reader XI (11.0.12) - Nederlands Advanced MP3 Converter Pro 1.1 Albelli Fotoboeken AMD Catalyst Control Center AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Wireless Display v3.0 AviSynth Canon Easy-PhotoPrint EX Canon Inkjet Printer/Scanner/Fax Extended Survey Program Canon MG5300 series MP Drivers Canon MG5300 series User Registration Canon MP Navigator EX 5.0 Canon My Printer Canon Solution Menu EX Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center Localization All CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Citrix Authentication Manager Citrix online plug-in (Web) Citrix Receiver Citrix Receiver (HDX Flash Redirection) Citrix Receiver Inside Citrix Receiver(Aero) Citrix Receiver(DV) Citrix Receiver(USB) Counter-Strike D3DX10 DAEMON Tools Lite Definition Update for Microsoft Office 2013 (KB3055013) 64-Bit Edition Defraggler Google Update Helper GrabIt 1.7.3 Beta (build 1010) High-Definition Video Playback HitmanPro 3.7 Java 8 Update 51 (64-bit) Java Auto Updater Junk Mail filter update K-Lite Mega Codec Pack 11.2.0 Malwarebytes Anti-Malware versie 2.1.8.1057 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (NLD) Microsoft Access MUI (Dutch) 2013 Microsoft Application Error Reporting Microsoft DCF MUI (Dutch) 2013 Microsoft Excel MUI (Dutch) 2013 Microsoft Groove MUI (Dutch) 2013 Microsoft InfoPath MUI (Dutch) 2013 Microsoft Lync MUI (Dutch) 2013 Microsoft Office 32-bit Components 2013 Microsoft Office Korrekturhilfen 2013 - Deutsch Microsoft Office OSM MUI (Dutch) 2013 Microsoft Office OSM UX MUI (Dutch) 2013 Microsoft Office Professional Plus 2013 Microsoft Office Proofing (Dutch) 2013 Microsoft Office Proofing Tools 2013 - English Microsoft Office Proofing Tools 2013 - Nederlands Microsoft Office Shared 32-bit MUI (Dutch) 2013 Microsoft Office Shared MUI (Dutch) 2013 Microsoft OneNote MUI (Dutch) 2013 Microsoft Outlook MUI (Dutch) 2013 Microsoft PowerPoint MUI (Dutch) 2013 Microsoft Publisher MUI (Dutch) 2013 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft Word MUI (Dutch) 2013 Microsoft Xbox 360 Accessories 1.2 Movie Maker MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 Nero 11 Nero 11 Cliparts Nero 11 Disc Menus 1 Nero 11 Disc Menus 2 Nero 11 Disc Menus 3 Nero 11 Disc Menus Basic Nero 11 Effects Basic Nero 11 Image Samples Nero 11 Kwik Themes 1 Nero 11 Kwik Themes 2 Nero 11 Kwik Themes 3 Nero 11 Kwik Themes 4 Nero 11 Kwik Themes Basic Nero 11 PiP Effects 1 Nero 11 PiP Effects Basic Nero 11 Video Samples Nero 11 Video Transitions 1 Nero Audio Pack 1 Nero BackItUp 11 Nero BackItUp 11 Help (CHM) Nero Backup Drivers Nero Burning ROM 11 Nero Burning ROM 11 Help (CHM) Nero ControlCenter 11 Nero ControlCenter 11 Help (CHM) Nero Core Components 11 Nero CoverDesigner 11 Nero CoverDesigner 11 Help (CHM) Nero Express 11 Nero Express 11 Help (CHM) Nero Kwik Media Nero Kwik Media Help (CHM) Nero Recode 11 Nero Recode 11 Help (CHM) Nero RescueAgent 11 Nero RescueAgent 11 Help (CHM) Nero SoundTrax 11 Nero SoundTrax 11 Help (CHM) Nero Update Nero Video 11 Nero Video 11 Help (CHM) Nero WaveEditor 11 Nero WaveEditor 11 Help (CHM) nero.prerequisites.msi Online Plug-in Outils de v‚rification linguistique 2013 de Microsoft Officeÿ- Fran‡ais Photo Common Photo Gallery Plex Media Server PS3 Media Server QuickPar 0.9 Ravensburger tiptoi Realtek High Definition Audio Driver Revo Uninstaller 1.95 SAMSUNG USB Driver for Mobile Phones Secunia PSI (3.0.0.9016) Security Update for Microsoft .NET Framework 4.5.2 (KB3023224) Security Update for Microsoft .NET Framework 4.5.2 (KB3035490) Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) Security Update for Microsoft Excel 2013 (KB3054991) 64-Bit Edition Security Update for Microsoft Office 2013 (KB2910941) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3039734) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3039749) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3039798) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3054816) 64-Bit Edition Security Update for Microsoft PowerPoint 2013 (KB3054999) 64-Bit Edition Security Update for Microsoft Word 2013 (KB3055030) 64-Bit Edition Self-service Plug-in Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition Spotify Steam Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TeamSpeak 3 Client TomTom HOME TomTom HOME Visual Studio Merge Modules Update for Microsoft Access 2013 (KB2965276) 64-Bit Edition Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition Update for Microsoft Lync 2013 (KB2889923) 64-Bit Edition Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition Update for Microsoft Office 2013 (KB2760371) 64-Bit Edition Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition Update for Microsoft Office 2013 (KB2837654) 64-Bit Edition Update for Microsoft Office 2013 (KB2880487) 64-Bit Edition Update for Microsoft Office 2013 (KB2881076) 64-Bit Edition Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition Update for Microsoft Office 2013 (KB2883095) 64-Bit Edition Update for Microsoft Office 2013 (KB2889863) 64-Bit Edition Update for Microsoft Office 2013 (KB2899498) 64-Bit Edition Update for Microsoft Office 2013 (KB2899522) 64-Bit Edition Update for Microsoft Office 2013 (KB2956152) 64-Bit Edition Update for Microsoft Office 2013 (KB2965271) 64-Bit Edition Update for Microsoft Office 2013 (KB2975869) 64-Bit Edition Update for Microsoft Office 2013 (KB3023052) 64-Bit Edition Update for Microsoft Office 2013 (KB3023054) 64-Bit Edition Update for Microsoft Office 2013 (KB3039718) 64-Bit Edition Update for Microsoft Office 2013 (KB3039762) 64-Bit Edition Update for Microsoft Office 2013 (KB3039792) 64-Bit Edition Update for Microsoft Office 2013 (KB3054774) 64-Bit Edition Update for Microsoft Office 2013 (KB3054783) 64-Bit Edition Update for Microsoft Office 2013 (KB3054807) 64-Bit Edition Update for Microsoft Office 2013 (KB3054856) 64-Bit Edition Update for Microsoft Office 2013 (KB3054935) 64-Bit Edition Update for Microsoft Office 2013 (KB3054938) 64-Bit Edition Update for Microsoft Office 2013 (KB3054939) 64-Bit Edition Update for Microsoft Office 2013 (KB3055000) 64-Bit Edition Update for Microsoft Office 2013 (KB3055001) 64-Bit Edition Update for Microsoft Office 2013 (KB3055017) 64-Bit Edition Update for Microsoft OneDrive for Business (KB2986244) 64-Bit Edition Update for Microsoft OneNote 2013 (KB2975901) 64-Bit Edition Update for Microsoft Outlook 2013 (KB3039799) 64-Bit Edition Update for Microsoft Outlook Social Connector 2013 (KB3039711) 64-Bit Edition Update for Microsoft Project 2013 (KB3054956) 64-Bit Edition Update for Microsoft Publisher 2013 (KB2883048) 64-Bit Edition Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VLC media player welcome Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 4.20 (64-bit) ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files (x86)\Secunia\PSI\sua.exe C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Citrix\ICA Client\redirector.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Users\TimTa\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe C:\Program Files (x86)\Citrix\ICA Client\concentr.exe C:\Program Files (x86)\Citrix\Receiver\Receiver.exe C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Folders Found ====================== 2015-07-08 10:25:34 2015-07-19 11:52:42 -------- d-----w- C:\$AVG 2015-07-08 10:25:33 2015-07-19 19:35:55 -------- d-----w- C:\ProgramData\AVG2015 2015-07-08 10:25:33 2015-07-19 19:35:55 -------- d-----w- C:\Users\All Users\AVG2015 2015-08-18 18:45:04 2015-08-18 18:45:04 -------- d---a-w- C:\zoek_backup\C_PROGRA~3_AVG Security Toolbar ==== Files Found ====================== --- C:\Users\TimTa\AppData\Local\MFAData\logs\avguiru.log --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 246 Created time: 2015-07-08 10:26:56 Modified time: 2015-07-08 10:27:28 MD5: 447257B7AA204B3C5BF86F8793D25E86 SHA1: 5EB4DA309C350C442E86CDF6699F2BAF9208A244 --- C:\Users\TimTa\AppData\Roaming\DAEMON Tools Lite\MediaInfo\fonts\yrzXiAvgeQQdopyG8QSg8Q.eot --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 436854 Created time: 2015-03-04 18:13:22 Modified time: 2015-03-04 18:13:22 MD5: 322776C943F31527731E9B88BD399E26 SHA1: 26C6B69E1BFBD6CDBDDE76EEB19A532F5D7BC90A --- C:\Users\TimTa\AppData\Roaming\Microsoft\Windows\Cookies\9AAVGBB2.txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 746 Created time: 2015-08-20 15:08:26 Modified time: 2015-08-20 15:08:26 MD5: 80C99865F2E8BC0E22F63F0DA87192C5 SHA1: 4C4B3760E6DC84677AA8EB0DEE77ACEE00E9A070 --- C:\Users\TimTa\Documents\12 juni 2009\kaarten\Tekstopmaak\AVG_certification --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 160 Created time: 2013-09-24 18:35:38 Modified time: 2009-04-07 09:03:36 MD5: 146DEE87EC3672C5EA5378553447993F SHA1: B4201BAF9A32D537B6A9E175FCDF918E8EF43BC7 ==== System Specs ====================== Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3200 MB CPU Info: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz CPU Speed: 2429,7 MHz Sound Card: Speakers (Realtek High Definiti | Realtek Digital Output (Realtek | Display Adapters: AMD Radeon HD 5700 Series | AMD Radeon HD 5700 Series | AMD Radeon HD 5700 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1920 X 1200 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter | Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller #2 | Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller CD / DVD Drives: 1x (E: | ) E: _NEC DVD_RW ND-4571A Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 931,4GB | D: 931,5GB Hard Disks - Free: C: 796,2GB | D: 664,3GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 07/22/10 | DELL - 7001022 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK Computer INC. P5W DH Deluxe Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Internet Explorer Version: 11.0.9600.17959 Adobe Reader version: 11.0.12.18 Sun Java version: 1.8.0_51 (32-bit) Sun Java version: 1.8.0_51 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-08-14 19:22:14 B32189BDFF6E577A92BAA61AD49264E6 193536 ----a-w- C:\Windows\notepad.exe ====== C:\Users\TimTa\AppData\Local\Temp ==== 2015-08-14 12:29:20 5F09D271B8F4A62FC087E0D5452D2EC8 681097 ----a-w- C:\Users\TimTa\AppData\Local\Temp\sqlite3.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-08-19 09:24:12 A98799EBA5BAABF1AB2BAFCE488FC9F9 19871232 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-08-19 09:24:12 225DB7BABA68ED284693EAEE04E94EA1 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-08-19 09:01:33 449A5A6D6B6F1ECB27ADA3002382D3BC 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2015-08-19 09:01:16 B83B25734C88C16026DFA483C5FE2107 3934656 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-08-19 09:01:15 8006BA4CA962EEE6DACE3DE36AA0D21D 1311768 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2015-08-19 09:01:15 7798C39730CA28B18F8CC45EDBB479DC 3989952 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-08-19 09:01:13 82CBE024109D89FFE27DB8601792758A 641536 ----a-w- C:\Windows\SysWOW64\advapi32.dll 2015-08-19 09:01:13 0E1490FB24DF3386AF80F66107A8515C 635392 ----a-w- C:\Windows\SysWOW64\tdh.dll 2015-08-19 09:01:12 1E679BB6671C67B2097A5E53D884D4D0 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2015-08-19 09:01:11 D16F40BF0B23926923A28ABF513A00B1 552960 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2015-08-19 09:01:10 F58753FAEE561563530D110D1DA78DF4 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-08-19 09:01:10 EEEE7A2838CA49C320DF8223E1B347AC 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2015-08-19 09:01:10 C352009A3BE68D131EA4CDBBE55C253C 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2015-08-19 09:01:10 634C2FE10334B1EEA16EAABDE73144D7 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2015-08-19 09:01:10 3F4331E86DDFDEBDEAB55B24B4DFDC46 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2015-08-19 09:01:09 479AA7AB66720972BB05F6DE71169452 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2015-08-19 09:01:09 43FFE2ED0632B955A3050355074BE7CF 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-08-19 09:01:09 2AC019AF62835EA83ACB16390A7E62F2 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2015-08-19 09:01:08 E770E00C9545F16076E2A9F2F2905C3C 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2015-08-19 09:01:08 BDDF8431790A4818B39889346337EA9F 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-08-19 09:01:08 933992B9C0E6FA3574A669D189B144AD 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2015-08-19 09:01:08 772D885BBEA6CD0A20BC6C24E63DB9E6 36864 ----a-w- C:\Windows\SysWOW64\cryptbase.dll 2015-08-19 09:01:08 34026F26713F620CF9C4E62AE1F5738F 665088 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2015-08-19 09:01:07 2B071656FF8452CE9FFD379F50F873B6 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2015-08-19 09:01:06 E0C16BFACA71201C18B8063299D21ABD 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-08-19 09:01:06 36347E68456774A4C1587EC1289CD1A1 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2015-08-19 09:01:05 8E0D294A30DE08CCB5FFB6A464BC96C5 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll 2015-08-19 09:01:05 4C19F6E5686D7484C2D74525C201F926 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2015-08-19 09:01:04 D0D0AB5CA02B07A9C1D566E76C49A95C 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-08-19 09:01:04 9B6E2DAADE259537BA7B14C2C3759F77 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2015-08-19 09:01:04 5D42935FE1D6038C3C91789705F02F1E 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-08-19 09:01:04 310E1CAC29BBF0736617E7A34C5A4BF5 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-08-19 09:00:47 A691D4B4B4167F56A717C421F9CF58C7 1372160 ----a-w- C:\Windows\SysWOW64\dwmcore.dll 2015-08-19 09:00:47 52213D271F6804AAA44F57AEFD2B778A 67584 ----a-w- C:\Windows\SysWOW64\dwmapi.dll 2015-08-19 08:56:22 672CCD96BAB00F869D4F46A148FCCBAE 1805824 ----a-w- C:\Windows\SysWOW64\authui.dll 2015-08-17 20:14:55 7C605727774982C7594527C40CB93802 2585816 ----a-w- C:\Windows\SysWOW64\RltkAPO.dll 2015-08-17 19:26:37 48435D12B45AB1F954CB579D1EA15D52 329360 ----a-w- C:\Windows\SysWOW64\SRCOM.dll 2015-08-17 19:26:35 90057B1D85470C7FF99F9BAD02615265 555664 ----a-w- C:\Windows\SysWOW64\SECOMN32.DLL 2015-08-14 20:08:08 4FA66A573E9A45D05AD5A25B1E76A35D 103120 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-08-14 19:30:47 90E480789256D852FA3EADD39D56FDDA 6131200 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2015-08-14 19:30:46 AF0EC95144F76EA4B40A7ED1DD34616C 856064 ----a-w- C:\Windows\SysWOW64\rdvidcrl.dll 2015-08-14 19:30:45 A27593907607A692D0DE105DE29BBC33 53248 ----a-w- C:\Windows\SysWOW64\tsgqec.dll 2015-08-14 19:29:18 55C70654420DBF429604FD567E6F3CD3 206848 ----a-w- C:\Windows\SysWOW64\WebClnt.dll 2015-08-14 19:29:17 6B003E11CDBDA3B45A3D16E5A9D3F73B 82432 ----a-w- C:\Windows\SysWOW64\davclnt.dll 2015-08-14 19:29:08 C989240A97D4E0B4354679CCF7E66389 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-08-14 19:29:08 BDC048308B74B2146495BBB8D4CD4974 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-08-14 19:29:07 FCDCEB29CD1129C6C86AD9700A7E5BD1 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-08-14 19:29:06 A37FEDFC0BC9E96AD3DFFF41D5805F04 2279424 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-08-14 19:29:05 BD3E3A13423C40E8CF4BE531EE68BAF0 1310720 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-08-14 19:29:05 67DA0EE95026FB2D3577F664F2187F98 342736 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-08-14 19:29:05 358D91656E54B03B8FFE3CF4D535A6C8 504320 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-08-14 19:29:04 C929BFB3FD2460B570553AE7344640BC 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-08-14 19:29:04 32664FC06B115923C449DC22D47CD8A6 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-08-14 19:29:03 C98AF04E9FC94DBF57B29A9891597664 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-08-14 19:29:01 728188684708FEF4F18E2CAB46C54DBB 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-08-14 19:29:01 0E9529DC8BA5AD3C06B99F115D0D804D 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-08-14 19:29:00 FB1B7D2B2D500E067B96C56EE0B4DDAD 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-08-14 19:29:00 D1D3DB57C68A2A62E03DD973F53CEA18 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-08-14 19:28:59 D7FDD5E8B88ADE9107772B4C879FDF94 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-08-14 19:28:59 8B6B89D3FEDB34CA38055B82A790545F 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-08-14 19:28:59 1CB9D50EE52BED7DEBF394CEA8A971A5 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-08-14 19:28:58 793F71F873D106A611DB79741327038C 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-08-14 19:28:58 3E168B5E5FEE3D09C2D4E97861B5F4B3 479232 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-08-14 19:28:58 3C74EA1EC43A694060F09B7D754446C6 12856832 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-08-14 19:28:55 AB6A3699E478DEF677D48B126B223C54 4520448 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-08-14 19:28:55 53DE75BD2C7A3EA29770147EAC8A8D5A 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-08-14 19:28:54 0AC8CD2138FD10C4A0E2FF08F892359C 1951232 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-08-14 19:28:53 ECF459774AE6A273F0F59D7C072DB3C4 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-08-14 19:28:53 4D036506C8359185FC52EB49DB891743 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2015-08-14 19:28:53 445DB8651F05684F8259D4054A15BC50 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-08-14 19:22:17 EA1BE72A8CD5CEA7B6E6649D1FD78BA1 1241088 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2015-08-14 19:22:17 127EE7F36CEA127ECCA55BECBC230398 2048 ----a-w- C:\Windows\SysWOW64\msxml6r.dll 2015-08-14 19:22:17 121E2E789BE080EB86DA71F95B611DF2 1390592 ----a-w- C:\Windows\SysWOW64\msxml6.dll 2015-08-14 19:22:16 B6F9E4CDA3069B03F654B650A5379E60 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2015-08-14 19:22:13 A4F6DF0E33E644E802C8798ED94D80EA 179712 ----a-w- C:\Windows\SysWOW64\notepad.exe 2015-08-14 19:22:10 CE21524C53E9671A7108B28FB9B4E474 1251328 ----a-w- C:\Windows\SysWOW64\DWrite.dll 2015-08-14 19:22:08 680D463893C9846CC6A1DA6012DD0FE5 299520 ----a-w- C:\Windows\SysWOW64\atmfd.dll 2015-08-14 19:22:05 965CFC7687F0D188F215DC142FC8F6A1 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2015-08-14 19:22:04 9E2F12744DD9810961031C56FBB691F4 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll 2015-08-14 19:22:04 7983F3481E89B96074FAE9AFCC24079C 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll 2015-08-14 19:22:04 520AEC6C64AF2CFD74B469DB98611D4A 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll 2015-08-14 19:22:04 400C20D6967A83EA69D6953EBB8D3FA3 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2015-08-14 19:19:11 4478348E3942AD9EED9AB263AFE7CD83 12875776 ----a-w- C:\Windows\SysWOW64\shell32.dll 2015-08-09 09:08:52 FBECE2B32A3658AEB609DC5A1021100F 30208 ----a-w- C:\Windows\SysWOW64\wups.dll 2015-08-09 09:08:52 E96D0EEAAE0446F664EE15703BB32A34 93184 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2015-08-09 09:08:52 A02515B58D318F427FBA64437FB0EDDF 566784 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2015-08-09 09:08:52 742AC3EF3C7C30F0EBF628D6D03BB399 34816 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2015-08-09 09:08:52 4447FD20A6B48D05E8392B6E18A194A8 173056 ----a-w- C:\Windows\SysWOW64\wuwebv.dll ====== C:\Windows\SysWOW64\drivers ===== 2015-08-17 19:08:25 E5805896A55D4166C20F216249F40FA3 26528 ----a-w- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS ====== C:\Windows\Sysnative ===== 2015-08-19 20:30:51 7384BDE956C5421E40F4D05C1B32A598 431424 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT 2015-08-19 09:24:13 E5F2BB962F84A8F8D996FEA33F4C817B 25191936 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-08-19 09:24:12 4FD63532DBF78DC6B50078F769E7949F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-08-19 09:01:33 532D9A504A429D4EECC12ABAEA3BB65F 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2015-08-19 09:01:17 ED824E1EAE1C16C5B1902213FE093CED 41984 ----a-w- C:\Windows\Sysnative\UtcResources.dll 2015-08-19 09:01:17 EC3F433D00365F1A9BC3411BCA7C7140 1390592 ----a-w- C:\Windows\Sysnative\diagtrack.dll 2015-08-19 09:01:17 0F97C5BD7D2FCBA9F2E6A69CBAEC389E 5568960 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-08-19 09:01:16 9C261AB78DE420AA52FC08D69FD5745D 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll 2015-08-19 09:01:16 4DDF9E4ECE29127A6FE95535D809ADDE 1730496 ----a-w- C:\Windows\Sysnative\ntdll.dll 2015-08-19 09:01:16 3B5D6CAC765E86BE07AA7959A35D553C 879104 ----a-w- C:\Windows\Sysnative\tdh.dll 2015-08-19 09:01:14 D8B8F5CC7C1CEF41AB8966053DFFF9C8 424448 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2015-08-19 09:01:13 C76537387488A98C6E8A70A5FF11C467 879104 ----a-w- C:\Windows\Sysnative\advapi32.dll 2015-08-19 09:01:13 C677AF63CF92603175332927B0346EE9 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-08-19 09:01:11 8BAF399B21A1A72E11C7A2A7BCCDDB81 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-08-19 09:01:11 8927015C999D55D9B4AC66000EE5343D 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll 2015-08-19 09:01:11 7D09CF46F69DC1581668D7D709F7374C 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-08-19 09:01:11 6CBA747B9CFBC875C59D9BC3ECA6E77E 338432 ----a-w- C:\Windows\Sysnative\conhost.exe 2015-08-19 09:01:11 493392E8355908346D6B41B34BAC4679 729088 ----a-w- C:\Windows\Sysnative\kerberos.dll 2015-08-19 09:01:11 3375DC60062A5AA8245B035C4515B05E 1216512 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2015-08-19 09:01:11 2508F4DE1F4E6F9EEEE390EA1CA4B309 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2015-08-19 09:01:10 F7E793AD6169C0CE79E8A3B29E37C750 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-08-19 09:01:10 A87E3AB7D2BAFB91B0EC64197A3B5373 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2015-08-19 09:01:10 84F5617F3EDAE4AB573C87BDE53B3132 342016 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-08-19 09:01:10 7F34310CE16A2B5746399411CD8A5360 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2015-08-19 09:01:10 73C38271F5694681506A17861112CC80 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2015-08-19 09:01:10 50EEE09D03B94A13DFEFEFC1D774FC31 112640 ----a-w- C:\Windows\Sysnative\smss.exe 2015-08-19 09:01:10 4305BB5CA8D225C5A161F8472469A40F 315392 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2015-08-19 09:01:10 11A9529B8D9393F6375716ABB7D02725 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2015-08-19 09:01:09 FDD980360C9D72DA77F4C59376AE95C9 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-08-19 09:01:09 D2302AF1408814BB6707BC1C100F3ACE 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-08-19 09:01:08 E56F2CCCB1AE74A740B8F89818C0380F 44032 ----a-w- C:\Windows\Sysnative\cryptbase.dll 2015-08-19 09:01:08 D4860FC70A0F6A677431ADA631337980 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2015-08-19 09:01:08 9F88B26479CE17A4E12184EF822AB679 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-08-19 09:01:08 8B72424954DC83CD63275DD0337AF20D 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2015-08-19 09:01:08 62B3F534E66734AD90E02CDFC2BD611A 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-08-19 09:01:08 37343B1CB862001DB49127FD9E5D7539 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2015-08-19 09:01:08 0FF5EA8EBF5EA9CE77A0D18C24AA97FB 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2015-08-19 09:01:07 3FE2ED1A5431BFD640478B2C78EA5E4D 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll 2015-08-19 09:01:05 337D2165A65FAAB19FA00D6F43A54609 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll 2015-08-19 09:01:04 F079E06E7DBDAE06B59CEEACF764A937 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-08-19 09:01:04 9EECE7648CD3887FC47B1861736ECD66 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-08-19 09:01:04 4DE7B857726C3A9856C3D9A643748DC3 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-08-19 09:00:47 B8542140074D2B51FDC55E6907996CC4 82944 ----a-w- C:\Windows\Sysnative\dwmapi.dll 2015-08-19 09:00:47 502237267638281B1365D1F20082AECF 1632256 ----a-w- C:\Windows\Sysnative\dwmcore.dll 2015-08-19 08:56:23 CF04BDEC90C2AFF1120D1D49647177E7 1941504 ----a-w- C:\Windows\Sysnative\authui.dll 2015-08-19 08:56:22 3EA5DA3F459F6ED19E10166965F6892F 70656 ----a-w- C:\Windows\Sysnative\appinfo.dll 2015-08-19 08:56:22 2E0A046F24D89C807B10FE3D202F1238 115136 ----a-w- C:\Windows\Sysnative\consent.exe 2015-08-17 20:17:03 3BF8B14BA7509319A6B90866F6DE876D 103424 ----a-w- C:\Windows\Sysnative\DelayAPO.dll 2015-08-17 20:15:05 8331FC724559DB1002249CE4792EB991 2702552 ----a-w- C:\Windows\Sysnative\RTSnMg64.cpl 2015-08-17 20:15:03 3126969E04C3645975ACEFF7A28A8726 184688 ----a-w- C:\Windows\Sysnative\RtkCfg64.dll 2015-08-17 20:14:58 FED4483218FD4314CF8CD8621D71A3DA 1310936 ----a-w- C:\Windows\Sysnative\RTCOM64.dll 2015-08-17 20:14:55 CD7CB560797B651BB8E9CAEEDF804132 2930904 ----a-w- C:\Windows\Sysnative\RltkAPO64.dll 2015-08-17 20:14:55 C8396A8EB9CF3DC533AC5AE924CF3791 1749208 ----a-w- C:\Windows\Sysnative\RCoInstII64.dll 2015-08-17 20:14:52 024A8951D4E8710379CD16656F4F8FA1 5714880 ----a-w- C:\Windows\Sysnative\NAHIMICV2apo.dll 2015-08-17 20:14:47 7343F1A3B7BAC94625F2AD26887D80D2 349528 ----a-w- C:\Windows\Sysnative\HiFiDAX2API.dll 2015-08-17 20:14:44 FB1F9765499981384AA360E9D3B2A2AA 6255888 ----a-w- C:\Windows\Sysnative\DDPP64AF3.dll 2015-08-17 20:14:44 F03945762D4F7DF6195095B538E5C6A2 1933584 ----a-w- C:\Windows\Sysnative\DDPD64AF3.dll 2015-08-17 20:14:44 E018154C2CD09511D39D65337A48A6FC 2393432 ----a-w- C:\Windows\Sysnative\DolbyDAX2APOv201.dll 2015-08-17 20:14:44 AEE27C741500BF38E93052DF736F5FAD 298768 ----a-w- C:\Windows\Sysnative\DDPA64F3.dll 2015-08-17 20:14:44 863B03900C286CDEB6B329CD6D0BB395 349968 ----a-w- C:\Windows\Sysnative\DDPO64AF3.dll 2015-08-17 20:14:44 2D6527EA6B43700FFE4D5E869D0217CA 2461528 ----a-w- C:\Windows\Sysnative\DolbyDAX2APOv211.dll 2015-08-17 20:14:44 1689D0E01CDD0DFF021ECF9D67CDD895 944984 ----a-w- C:\Windows\Sysnative\DolbyDAX2APOProp.dll 2015-08-17 19:26:38 E8474A2323DD53B12EB3BB840A2CB306 3262184 ----a-w- C:\Windows\Sysnative\YamahaAE2.dll 2015-08-17 19:26:38 BDA340F6BC694D6BC94F7EFA35F3BC68 213432 ----a-w- C:\Windows\Sysnative\tossaemaxapo64.dll 2015-08-17 19:26:37 D6798B461B2BFBFFB0F3C0DCF0A961AE 856992 ----a-w- C:\Windows\Sysnative\tadefxapo264.dll 2015-08-17 19:26:37 D47D28D2AD44318805CF5EF15665D570 1413776 ----a-w- C:\Windows\Sysnative\SRRPTR64.dll 2015-08-17 19:26:37 48435D12B45AB1F954CB579D1EA15D52 329360 ----a-w- C:\Windows\Sysnative\SRCOM.dll 2015-08-17 19:26:37 18F4327F7A659F4B1017C0E4C03EB50B 369296 ----a-w- C:\Windows\Sysnative\SRCOM64.dll 2015-08-17 19:26:36 EC05C33DF2CF20D839FE3650505ED6ED 734376 ----a-w- C:\Windows\Sysnative\sltech64.dll 2015-08-17 19:26:36 DBB99601D716F92CDD97CE4E60865319 943784 ----a-w- C:\Windows\Sysnative\sl3apo64.dll 2015-08-17 19:26:36 A5F6491F71A0DAF25140CA915600AB37 454288 ----a-w- C:\Windows\Sysnative\SRAPO64.dll 2015-08-17 19:26:36 6F8B108E8B57AC88F90D6EA13B2A1755 1104040 ----a-w- C:\Windows\Sysnative\slcnt64.dll 2015-08-17 19:26:36 2E4C258CB2FF3D249FD0ABBCABC664A1 250536 ----a-w- C:\Windows\Sysnative\slprp64.dll 2015-08-17 19:26:35 EFF9255F47AD4AC10340B44B2A14E0A7 858256 ----a-w- C:\Windows\Sysnative\SEHDRA64.dll 2015-08-17 19:26:35 B723902784FD6BBE1A7FB5E387D68530 2918104 ----a-w- C:\Windows\Sysnative\RtPgEx64.dll 2015-08-17 19:26:35 986E3BE81352583A1FCEF6103904570F 684176 ----a-w- C:\Windows\Sysnative\SECOMN64.dll 2015-08-17 19:26:35 4D4C12D652F710644EBA72D321072019 435856 ----a-w- C:\Windows\Sysnative\SEAPO64.dll 2015-08-17 19:26:32 E32DD814272AF44C35044FF0D2992CD0 3234520 ----a-w- C:\Windows\Sysnative\RtkApi64.dll 2015-08-17 19:26:32 4A1CA878196886743FE0E84F02C2C1DA 631000 ----a-w- C:\Windows\Sysnative\RtDataProc64.dll 2015-08-17 19:26:31 CD3F906FFA6CC16B27DADB0B913C83A7 72113152 ----a-w- C:\Windows\Sysnative\RCoRes64.dat 2015-08-17 19:26:30 52D09193B954697371DFA7BE9E520D05 5234952 ----a-w- C:\Windows\Sysnative\NAHIMICAPOlfx.dll 2015-08-17 19:26:30 4E5442D9B14EF9EF679CD8D65CD50A51 995120 ----a-w- C:\Windows\Sysnative\NahimicAPONSControl.dll 2015-08-17 19:26:29 DF3632EDBC612F4112F6FEDB024F6118 12996528 ----a-w- C:\Windows\Sysnative\MaxxVoiceAPO3064.dll 2015-08-17 19:26:29 6C100BAE708BD61F65932087D9A69ECA 12834736 ----a-w- C:\Windows\Sysnative\MaxxVoiceAPO4064.dll 2015-08-17 19:26:29 4209912F4FC493FCB0816771448F9E8E 980400 ----a-w- C:\Windows\Sysnative\MaxxVoiceAPO2064.dll 2015-08-17 19:26:28 CD2A9C650A6441544E4E4EB0B6F7C16E 2789808 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO7064.dll 2015-08-17 19:26:28 CB56F27AFF28FB9576C6FC79E6D14036 14048512 ----a-w- C:\Windows\Sysnative\MaxxAudioRealtek64.dll 2015-08-17 19:26:28 A0DEEB5F93530A3C67E913F2EAE7AF7C 1145264 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO4064.dll 2015-08-17 19:26:28 7C0186E421B1B5FC5824837D5078B4C1 1192368 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO5064.dll 2015-08-17 19:26:28 71947A1775D4CBD9CBE580C6E97FF78E 922880 ----a-w- C:\Windows\Sysnative\MaxxAudioAPOShell64.dll 2015-08-17 19:26:28 06059CB3AACCBDA5865EFD9922832F82 1374640 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO6064.dll 2015-08-17 19:26:27 B9178219A1B69431A12ED114B409E8C9 328816 ----a-w- C:\Windows\Sysnative\ICEsoundAPO64.dll 2015-08-17 19:26:27 3F5DD10EEC36A6DD6112978A2DF43160 728392 ----a-w- C:\Windows\Sysnative\IntelSstCApoPropPage.dll 2015-08-17 19:26:27 098D3F602867C947CFC7F3A3955671C5 3129672 ----a-w- C:\Windows\Sysnative\IntelSSTAPO.dll 2015-08-17 19:26:26 E3057F69217B864F022DCF3A9DABB8E2 3195416 ----a-w- C:\Windows\Sysnative\FMAPO64.dll 2015-08-17 19:26:25 DE67ADEAC731C1ED3BD76527AB530BA5 315736 ----a-w- C:\Windows\Sysnative\DDPO64A.dll 2015-08-17 19:26:25 CAC823DDBB6E785DB76906BFCCFE55AF 261464 ----a-w- C:\Windows\Sysnative\DDPA64.dll 2015-08-17 19:26:25 C71D1DAFA22B5D3B71853783E5AA09D2 7087448 ----a-w- C:\Windows\Sysnative\DDPP64A.dll 2015-08-17 19:26:25 018EFD4A9BF6FDA0F1AA3A6DE5712CD9 1939800 ----a-w- C:\Windows\Sysnative\DDPD64A.dll 2015-08-17 19:26:24 8113D6E1884940FC3F9DED886B364A1E 96568 ----a-w- C:\Windows\Sysnative\audioLibVc.dll 2015-08-17 19:26:24 66E6010C31A70C8C5C2853AF597D853E 1576976 ----a-w- C:\Windows\Sysnative\CX64APO.dll 2015-08-17 19:26:23 B9B73E9AF77BC79C46E499A1D3B09D67 560328 ----a-w- C:\Windows\Sysnative\AERTAC64.dll 2015-08-14 20:08:08 52ED64BF80D360B0EA2B6E5F1504CDFF 124624 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll 2015-08-14 19:30:48 C01DC60229F41D33AF2DF4162EDA0F44 7077376 ----a-w- C:\Windows\Sysnative\mstscax.dll 2015-08-14 19:30:46 35A97817FDA4C8F421D8478DCCF045B1 1057792 ----a-w- C:\Windows\Sysnative\rdvidcrl.dll 2015-08-14 19:30:45 CDA122FCC691D14D3971A83AB035156D 62976 ----a-w- C:\Windows\Sysnative\tsgqec.dll 2015-08-14 19:30:45 2686F572B3CAF633C4A350A3671835F2 429568 ----a-w- C:\Windows\Sysnative\wksprt.exe 2015-08-14 19:30:38 2E730941CC5BF6200A4F56D1E9C24AAD 1743360 ----a-w- C:\Windows\Sysnative\sysmain.dll 2015-08-14 19:30:28 7ADF0CB99051D1E0DB7F65DA1D8099F1 11264 ----a-w- C:\Windows\Sysnative\msmmsp.dll 2015-08-14 19:30:06 168EA9CD9BD6056BB6F60B57D5304BBE 52736 ----a-w- C:\Windows\Sysnative\basesrv.dll 2015-08-14 19:29:18 4E89FC53493704BF835F0300DC201C34 260096 ----a-w- C:\Windows\Sysnative\WebClnt.dll 2015-08-14 19:29:17 16FD9A0F6EDEF091A72D7D3B77574008 102912 ----a-w- C:\Windows\Sysnative\davclnt.dll 2015-08-14 19:29:08 92E60B0F2E864336737091554370E658 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-08-14 19:29:08 890E3A6A6DB6D15EB242460D2353D39C 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-08-14 19:29:08 4E37600CED71FFCE7EEBB129A90B3431 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-08-14 19:29:06 D0A52A4F631172E2AC35A84CCDF28FA4 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-08-14 19:29:06 ACE8BB2BECFEC66A738EE3DDDFF0CA07 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-08-14 19:29:04 B2ADFD1217625A68A484E9838C608F51 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-08-14 19:29:01 9CAC3401B481383936A9D66EF1B80307 389840 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-08-14 19:29:00 B8322A1FCD5686F2D97B6BCA1862C9B8 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-08-14 19:29:00 158C1D034080B9DC0A9A2CD9E8DB0199 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-08-14 19:28:58 857D9F533F7F9838B68C2CEF8AB68412 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-08-14 19:28:58 427D40AF9BCAE05125F3513E770706E1 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-08-14 19:28:58 3E4568FFE110FE81CA1A75BF1149153B 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-08-14 19:28:57 F9C6645800D1EDE9033858C60903F00C 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-08-14 19:28:57 C580215DE134617942FF1740A1235CE4 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-08-14 19:28:56 43AF91A40E44205272335E33B7BBA4C3 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-08-14 19:28:55 39E11AA344781CD5773BE9E2472C84E4 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-08-14 19:28:54 95C5B29740852D171CA03BAE61B670FE 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-08-14 19:28:54 62FC1CC7DFC11B5F6A25763375F765BF 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-08-14 19:28:52 6E3D6B8844FF524D7B27EE7FFB3EF6F5 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-08-14 19:28:51 E892688BB1C8B0B485C27436F2B963CF 615936 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-08-14 19:28:51 995797E4DE4215715CA2040BB81F4594 14451200 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-08-14 19:28:50 ECA4CCA74F61C6288734B786089765B0 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-08-14 19:28:50 AD31A019C2195C75B26DF3337EE8F9FE 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-08-14 19:28:50 9C7B3D3A9A945AED5CC97C6535C9D857 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-08-14 19:28:50 56E1A08F9CDF246CCAB75EA32B87B2DA 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-08-14 19:28:49 C6960223A6BAB3CF83DB09565D191844 5923328 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-08-14 19:28:49 C555B5C8142844DED9E3BD94E6313000 2427904 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-08-14 19:28:48 77A4FEE4031F90DBB5C16F6A8FC855BC 417792 ----a-w- C:\Windows\Sysnative\html.iec 2015-08-14 19:28:48 2D9A67695E80C889FAD5C92651D5E641 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-08-14 19:28:48 080E99BE131C2433FD7E6813F77F08FD 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-08-14 19:22:18 40EA064E91C6A63FDBC83259FC5BD4F8 2004992 ----a-w- C:\Windows\Sysnative\msxml6.dll 2015-08-14 19:22:18 32A74A5BC52EF569BC65252AF6F28578 1887232 ----a-w- C:\Windows\Sysnative\msxml3.dll 2015-08-14 19:22:17 22DC6C17443DECC9EBE258220906DCAC 2048 ----a-w- C:\Windows\Sysnative\msxml6r.dll 2015-08-14 19:22:16 99119778A8E44F077E46B0870B8DD6A8 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2015-08-14 19:22:14 B32189BDFF6E577A92BAA61AD49264E6 193536 ----a-w- C:\Windows\Sysnative\notepad.exe 2015-08-14 19:22:11 DB94C47BD7F2AD9C58DEC46026D5FD08 1648128 ----a-w- C:\Windows\Sysnative\DWrite.dll 2015-08-14 19:22:11 D5A775990A7C202A037378FDBCDB6141 1180160 ----a-w- C:\Windows\Sysnative\FntCache.dll 2015-08-14 19:22:10 F8C0AF84AB602D395FFC89BC7CF3CE18 372736 ----a-w- C:\Windows\Sysnative\atmfd.dll 2015-08-14 19:22:09 F97A0CFC495C92FF2F6A03933157D115 3208192 ----a-w- C:\Windows\Sysnative\win32k.sys 2015-08-14 19:22:05 D4FB2E00F49711C9DD3E2C2646D7C767 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2015-08-14 19:22:05 0365E7AED8A38CB5FFF1DFB4458C0593 41984 ----a-w- C:\Windows\Sysnative\lpk.dll 2015-08-14 19:22:04 B45F7BC413F905ECA9DE679E3FF09472 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll 2015-08-14 19:22:04 52DE81006E192EAA09B3BDE763D80BC8 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll 2015-08-14 19:22:04 15113A4CD09E0F06894495FCE8BF2BF8 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll 2015-08-14 19:19:12 733BC760342A816D3B5A8CE2C7EF1D92 14177280 ----a-w- C:\Windows\Sysnative\shell32.dll 2015-08-09 09:09:15 EC9178A8037D3EF938F38B6793EAF990 774656 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-08-09 09:09:15 DD91D9EAAA415B26EB30EC9CF768BF03 743424 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-08-09 09:09:15 A3D0A038A6C03E368E80CDDEFC473140 1148416 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-08-09 09:09:15 4FEB4397B066DEEDDDED0D1CEDA1C887 69120 ----a-w- C:\Windows\Sysnative\acmigration.dll 2015-08-09 09:09:15 400E0B72AEB663360E1A3AB33DDD6A87 1116672 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-08-09 09:09:15 36DA2E5BD218764CB48B8A13CF0B091F 437760 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-08-09 09:09:14 EEAFBC5A31C68438AF67531C52410A3D 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2015-08-09 09:09:14 E99A30142A108B11381C47B0A30283B0 17344 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe 2015-08-09 09:08:52 DE1B5089D48291BD81F6A5CCFB832E53 36864 ----a-w- C:\Windows\Sysnative\wups.dll 2015-08-09 09:08:52 D1E38F98DDA581BF70B6A89882E6E6F6 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll 2015-08-09 09:08:52 C980982C7F8ECB462C52CBEC759CBBDC 3154944 ----a-w- C:\Windows\Sysnative\wucltux.dll 2015-08-09 09:08:52 C0DA341908CC3A0209A63FBD4B521C2A 91136 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll 2015-08-09 09:08:52 B0FBE5C8E18EB3BD677846DAB54037D5 696320 ----a-w- C:\Windows\Sysnative\wuapi.dll 2015-08-09 09:08:52 A6848EF3860E81A835AA4982ADBA1884 37888 ----a-w- C:\Windows\Sysnative\wups2.dll 2015-08-09 09:08:52 7CFCC5210E226AA85F2A21098FA01F29 37376 ----a-w- C:\Windows\Sysnative\wuapp.exe 2015-08-09 09:08:52 6FDC1FAD277AEF0A89B0D28F5675679C 139776 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2015-08-09 09:08:52 499034D7F1F6AF49F9EE12F8822793CB 2606080 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2015-08-09 09:08:52 1956D89C3E24A8388840489371B3A428 98304 ----a-w- C:\Windows\Sysnative\wudriver.dll 2015-08-09 09:08:52 0F72B73EBE4F6F86EE569598D377165E 192000 ----a-w- C:\Windows\Sysnative\wuwebv.dll ====== C:\Windows\Sysnative\drivers ===== 2015-08-19 09:01:10 E4DC0909B5EACB5BF50F6252095BCFF2 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-08-19 09:01:10 A405647429DE231CD954D93F792CFBA2 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-08-19 09:01:07 62CEA59FF56B66154E08BD51D87392C2 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2015-08-19 09:01:07 43E1F4B0EFDC244D2A83995CCD7846F7 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2015-08-19 09:01:06 7D65B5E9573A26C204AA547457DBF544 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2015-08-17 20:17:03 F270AFC3848C54C67E3BFB892CE9B9C6 96256 ----a-w- C:\Windows\Sysnative\drivers\AtihdW76.sys 2015-08-17 20:15:03 D172E06EFE08DF148155A59DB716C1B6 4514008 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys 2015-08-17 20:14:55 EEBB2430E7BAFBD7B7A9F399502A43E1 35222128 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT 2015-08-17 19:26:35 7D7FBC9504575D97885A858EA93684F5 5804772 ----a-w- C:\Windows\Sysnative\drivers\rtvienna.dat 2015-08-17 19:26:33 31ABB86D0F0F1BCF78743C4A0234D7AC 3157796 ----a-w- C:\Windows\Sysnative\drivers\rtkSSTsetting.dat 2015-08-17 19:18:33 73A968D4A85BB2552DDCF72CB15F06D2 123704 ----a-w- C:\Windows\Sysnative\drivers\jraid.sys 2015-08-17 19:15:32 19B006B181E3875FD254F7B67ACF1E7C 15416 ----a-w- C:\Windows\Sysnative\drivers\ASACPI.sys 2015-08-14 19:30:35 67050452C0118BAF2883928E6FCCFE47 94656 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys ====== C:\Windows\Tasks ====== 2015-08-17 19:08:39 281DE2432B9A6C8D23062069A0B67205 2874 ----a-w- C:\Windows\Sysnative\Tasks\Driver Booster SkipUAC (TimTa) ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-08-17 11:06:03 -------- d-----w- C:\Program Files\trend micro 2015-07-30 18:48:22 -------- d-----w- C:\Program Files\Common Files\ATI Technologies 2015-07-30 18:47:17 -------- d-----w- C:\Program Files\AMD ======= C:\PROGRA~2 ===== 2015-08-01 20:19:48 -------- d-----w- C:\PROGRA~2\TeamSpeak 3 Client 2015-07-30 18:53:14 -------- d-----w- C:\PROGRA~2\COMMON~1\ATI Technologies 2015-07-30 18:51:15 -------- d-----w- C:\PROGRA~2\AMD ======= C: ===== ====== C:\Users\TimTa\AppData\Roaming ====== 2015-08-18 18:56:32 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-08-18 18:56:32 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-08-18 18:56:32 -------- d-----w- C:\Users\Public\AppData\Local\temp 2015-08-18 18:56:31 -------- d-----w- C:\Users\TimTa\AppData\Local\Temp 2015-08-18 18:56:31 -------- d-----w- C:\Users\Default\AppData\Local\temp 2015-08-18 18:56:31 -------- d-----w- C:\Users\Default User\AppData\Local\temp 2015-08-18 18:56:31 -------- d-----w- C:\Users\.TemporaryItems\AppData\Local\temp 2015-08-17 19:08:24 -------- d-----w- C:\Users\TimTa\AppData\Locallow\IObit 2015-08-17 19:08:22 -------- d-----w- C:\Users\TimTa\AppData\Roaming\IObit 2015-07-30 14:25:21 -------- d-----w- C:\Users\TimTa\AppData\Local\Steam 2015-07-30 14:25:21 -------- d-----w- C:\Users\TimTa\AppData\Local\CEF ====== C:\Users\TimTa ====== 2015-08-19 06:30:33 40152CB85BD788AF67684D341ED0CF79 1585664 ----a-w- C:\Users\TimTa\Desktop\adwcleaner_5.002.exe 2015-08-17 19:08:24 -------- d-----w- C:\ProgramData\IObit 2015-08-17 10:05:31 -------- d-----w- C:\Users\Public\AppData 2015-08-17 10:05:31 -------- d-----w- C:\Users\.TemporaryItems\AppData 2015-08-01 20:19:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-07-30 18:53:18 -------- d-----w- C:\ProgramData\ATI 2015-07-30 18:52:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center ====== C: exe-files == 2015-08-19 09:01:33 93B3B22407F81A85E1C3B356E075F3A1 49664 ----a-w- C:\Windows\servicing\GC64\tzupd.exe 2015-08-19 09:01:17 0F97C5BD7D2FCBA9F2E6A69CBAEC389E 5568960 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-08-19 09:01:16 B83B25734C88C16026DFA483C5FE2107 3934656 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-08-19 09:01:15 7798C39730CA28B18F8CC45EDBB479DC 3989952 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-08-19 09:01:11 7D09CF46F69DC1581668D7D709F7374C 296960 ----a-w- C:\Windows\System32\rstrui.exe 2015-08-19 09:01:11 6CBA747B9CFBC875C59D9BC3ECA6E77E 338432 ----a-w- C:\Windows\System32\conhost.exe 2015-08-19 09:01:10 50EEE09D03B94A13DFEFEFC1D774FC31 112640 ----a-w- C:\Windows\System32\smss.exe 2015-08-19 09:01:09 FDD980360C9D72DA77F4C59376AE95C9 31232 ----a-w- C:\Windows\System32\lsass.exe 2015-08-19 09:01:09 D2302AF1408814BB6707BC1C100F3ACE 64000 ----a-w- C:\Windows\System32\auditpol.exe 2015-08-19 09:01:09 43FFE2ED0632B955A3050355074BE7CF 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-08-19 09:01:09 2AC019AF62835EA83ACB16390A7E62F2 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2015-08-19 09:01:05 4C19F6E5686D7484C2D74525C201F926 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2015-08-19 09:01:04 9B6E2DAADE259537BA7B14C2C3759F77 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2015-08-19 08:56:22 2E0A046F24D89C807B10FE3D202F1238 115136 ----a-w- C:\Windows\System32\consent.exe 2015-08-19 06:30:33 40152CB85BD788AF67684D341ED0CF79 1585664 ----a-w- C:\Users\TimTa\Desktop\adwcleaner_5.002.exe 2015-08-17 20:15:03 890C5393F1E7775A38FA73DC554A379E 8497368 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 2015-08-17 20:14:54 DC64C1C5948E69DD5815BD5421DDED9B 1393880 ----a-w- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 2015-08-17 20:14:54 BF225BCD0EC2D85719C382019B5B4250 14040792 ----a-w- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 2015-08-17 19:26:33 538250508501C2A714B2764E9920DAFF 1768152 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe 2015-08-17 19:26:32 C397166D21F4CD59D5AF339F8938CD0D 294616 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 2015-08-17 19:26:26 B14370C5FF63C548BB880D21195F7CBC 124440 ----a-w- C:\Program Files\Realtek\Audio\HDA\FMAPP.exe 2015-08-17 19:26:24 BA3484DDEF9E56ED15E91EAF550B41C2 742592 ----a-w- C:\Program Files\Realtek\Audio\HDA\CXAPOAgent64.exe 2015-08-17 11:06:03 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\TimTa.exe 2015-08-14 19:30:45 2686F572B3CAF633C4A350A3671835F2 429568 ----a-w- C:\Windows\System32\wksprt.exe 2015-08-14 19:29:08 92E60B0F2E864336737091554370E658 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe 2015-08-14 19:29:06 F666B5E4A99DAE8E243189C89E9AFA74 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2015-08-14 19:29:06 ACE8BB2BECFEC66A738EE3DDDFF0CA07 720384 ----a-w- C:\Windows\System32\ie4uinit.exe 2015-08-14 19:29:01 E595881896AA929A7FA8936DFCF8D3FE 473600 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2015-08-14 19:29:01 2B1D4B6004AE4BE9EB19CAD4AB924944 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2015-08-14 19:29:00 C2A6A7E10E872F62F261637B67AFB248 815312 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2015-08-14 19:28:59 D7FDD5E8B88ADE9107772B4C879FDF94 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-08-14 19:28:58 427D40AF9BCAE05125F3513E770706E1 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2015-08-14 19:28:56 66CD0B90DA1E7219759821F9846A29CB 491008 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2015-08-14 19:28:55 AA12B1DD4C32F01995A07774D9A44C47 814288 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2015-08-14 19:28:54 95C5B29740852D171CA03BAE61B670FE 144384 ----a-w- C:\Windows\System32\ieUnatt.exe 2015-08-14 19:22:14 B32189BDFF6E577A92BAA61AD49264E6 193536 ----a-w- C:\Windows\System32\notepad.exe 2015-08-14 19:22:14 B32189BDFF6E577A92BAA61AD49264E6 193536 ----a-w- C:\Windows\notepad.exe 2015-08-14 19:22:13 A4F6DF0E33E644E802C8798ED94D80EA 179712 ----a-w- C:\Windows\SysWOW64\notepad.exe === C: other files == 2015-08-19 09:01:10 E4DC0909B5EACB5BF50F6252095BCFF2 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2015-08-19 09:01:10 A405647429DE231CD954D93F792CFBA2 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2015-08-19 09:01:07 62CEA59FF56B66154E08BD51D87392C2 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2015-08-19 09:01:07 43E1F4B0EFDC244D2A83995CCD7846F7 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2015-08-19 09:01:06 7D65B5E9573A26C204AA547457DBF544 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2015-08-17 20:17:03 F270AFC3848C54C67E3BFB892CE9B9C6 96256 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys 2015-08-17 20:15:03 D172E06EFE08DF148155A59DB716C1B6 4514008 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys 2015-08-17 19:18:33 73A968D4A85BB2552DDCF72CB15F06D2 123704 ----a-w- C:\Windows\System32\drivers\jraid.sys 2015-08-17 19:15:32 19B006B181E3875FD254F7B67ACF1E7C 15416 ----a-w- C:\Windows\System32\drivers\ASACPI.sys 2015-08-17 19:08:25 E5805896A55D4166C20F216249F40FA3 26528 ----a-w- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS 2015-08-14 19:30:35 67050452C0118BAF2883928E6FCCFE47 94656 ----a-w- C:\Windows\System32\drivers\mountmgr.sys 2015-08-14 19:22:09 F97A0CFC495C92FF2F6A03933157D115 3208192 ----a-w- C:\Windows\System32\win32k.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-790048904-797808528-2902581416-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonMyPrinter] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CanonMyPrinter" "hkey"="HKLM" "command"="C:\\Program Files\\Canon\\MyPrinter\\BJMyPrt.exe /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonSolutionMenuEx] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CanonSolutionMenuEx" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Canon\\Solution Menu EX\\CNSEMAIN.EXE /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CitrixReceiver] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CitrixReceiver" "hkey"="HKLM" "command"="\"C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Citrix\\Receiver Updater.lnk\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConnectionCenter] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ConnectionCenter" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Citrix\\ICA Client\\concentr.exe\" /startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Lync] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Lync" "hkey"="HKCU" "command"="\"C:\\Program Files\\Microsoft Office\\Office15\\lync.exe\" /fromrunkey" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NBAgent" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Nero\\Nero 11\\Nero BackItUp\\NBAgent.exe\" /WinStart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Plex Media Server] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Plex Media Server" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Plex\\Plex Media Server\\Plex Media Server.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Redirector] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Redirector" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Citrix\\ICA Client\\redirector.exe\" /startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\TimTa\\AppData\\Roaming\\Spotify\\spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\TimTa\\AppData\\Roaming\\Spotify\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\" -s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\XboxStat] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="XboxStat" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Xbox 360 Accessories\\XboxStat.exe\" silentrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Secunia PSI Tray.lnk" "backup"="C:\\Windows\\pss\\Secunia PSI Tray.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\Secunia\\PSI\\psi_tray.exe " "item"="Secunia PSI Tray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^TimTa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Verzenden naar OneNote.lnk] "path"="C:\\Users\\TimTa\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Verzenden naar OneNote.lnk" "backup"="C:\\Windows\\pss\\Verzenden naar OneNote.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\MICROS~1\\Office15\\ONENOTEM.EXE /tsr" "item"="Verzenden naar OneNote" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11-08-2015 20:41] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (TimTa)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\klcp_update" ["C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe"] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== ProfilePath: C:\Users\TimTa\AppData\Roaming\TomTom\HOME\Profiles\9cyu603w.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com ==== Firefox Plugins ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.ajaxshowtime.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.ajaxshowtime.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{1684C430-5634-4044-88AB-8AB64F0E2265}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {1684C430-5634-4044-88AB-8AB64F0E2265} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lync deleted successfully ==== HijackThis Entries ====================== O2 - BHO: CtxIEInterceptorBHO - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files (x86)\Citrix\ICA Client\IEInterceptor.dll O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\TimTa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\TimTa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=47 folders=37 138895424 bytes) ==== Empty Temp Folders ====================== C:\Users\.TemporaryItems\AppData\Local\temp emptied successfully C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\TimTa\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\TimTa\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on vr 21-08-2015 at 9:18:40,29 ======================