Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Kris on do 14/04/2016 at 13:56:49,38. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Kris\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 14/04/2016 13:57:45 Zoek.exe System Restore Point Created Successfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Empty Folders Check ====================== C:\Program Files\Sublight deleted successfully C:\PROGRA~3\CanonEPP deleted successfully C:\PROGRA~3\CanonIJEPPEX2 deleted successfully C:\PROGRA~3\PhotoStitch deleted successfully C:\Users\Kris\AppData\Roaming\WinRAR deleted successfully C:\Users\Kris\AppData\Local\CutePDF Writer deleted successfully C:\Users\Kris\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Kris\AppData\Local\EmieSiteList deleted successfully C:\Users\Kris\AppData\Local\EmieUserList deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Acrobat Reader DC - Nederlands Adobe Flash Player 21 ActiveX Adobe Flash Player 21 NPAPI Adobe Photoshop Lightroom 5.4 64-bit Adobe Refresh Manager Albelli.be Fotoboeken Autodesk Inventor Content Center Libraries 2012 (Desktop Content) Autodesk Inventor Fusion 2012 Autodesk Inventor Fusion 2012 Language Pack Autodesk Inventor Fusion for Inventor 2012 Add-in Autodesk Inventor Fusion for Inventor 2012 Add-in Language Pack Autodesk Inventor Professional 2012 Autodesk Inventor Professional 2012 English Autodesk Inventor Professional 2012 English Language Pack Autodesk Inventor Professional 2012 SP1 Autodesk Inventor Professional 2012 SP2 Autodesk Material Library 2012 Autodesk Material Library Base Resolution Image Library 2012 Autodesk Material Library Low Resolution Image Library 2012 BisonCam BitComet 1.36 64-bit calibre 64bit Canon Auto Update Service Canon Easy-PhotoPrint EX Canon Easy-WebPrint EX Canon IJ Network Scanner Selector EX Canon IJ Network Tool CANON iMAGE GATEWAY MyCamera Download Plugin CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Inkjet Printer/Scanner/Fax Extended Survey Program Canon MG3100 series MP Drivers Canon MG3100 series On-screen Manual Canon MOV Decoder Canon MOV Encoder Canon MovieEdit Task for ZoomBrowser EX Canon MP Navigator EX 5.0 Canon My Printer Canon Solution Menu EX Canon Utilities CameraWindow DC 8 Canon Utilities CameraWindow Launcher Canon Utilities MyCamera Canon Utilities PhotoStitch Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility CCleaner ChiconyCam CPUID CPU-Z 1.68 CutePDF Writer 3.0 D3DX10 Definition Update for Microsoft Office 2010 (KB3114999) 32-Bit Edition Eco Materials Adviser (x64) Ezvid Freemake Video Converter versie 4.1.5 Gebruikersregistratie voor Canon MG3100 series Google Chrome Google Toolbar for Internet Explorer Google Update Helper High-Definition Video Playback 10 Hotkey 7.0028 Intel(R) Chipset Device Software Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology Intel(R) Rapid Storage Technology Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel(R) USB 3.0 eXtensible Host Controller Driver Intel© PROSet/Wireless Software Intel© Trusted Connect Service Client Java 8 Update 77 Java Auto Updater Junk Mail filter update Malwarebytes Anti-Malware versie 2.2.1.1043 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft Application Error Reporting Microsoft ASP.NET MVC 4 Runtime Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Primary Interoperability Assemblies 2005 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft WSE 3.0 Runtime Microsoft_VC100_CRT_SP1_x64 Microsoft_VC100_CRT_SP1_x86 Mihov Image Resizer (remove only) Movie Maker Mozilla Firefox 45.0.2 (x86 nl) Mozilla Maintenance Service MSVC80_x64_v2 MSVC80_x86_v2 MSVC90_x64 MSVC90_x86 MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack Basic Nero BackItUp 10 Help (CHM) Nero Burning ROM 10 Nero BurningROM 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero CoverDesigner 10 Nero CoverDesigner 10 Help (CHM) Nero DiscSpeed 10 Nero DiscSpeed 10 Help (CHM) Nero Dolby Files 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero MediaHub 10 Nero MediaHub 10 Help (CHM) Nero Multimedia Suite 10 Nero Recode 10 Nero Recode 10 Help (CHM) Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero SoundTrax 10 Nero SoundTrax 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Vision 10 Nero Vision 10 Help (CHM) Nero WaveEditor 10 Nero WaveEditor 10 Help (CHM) NirSoft BlueScreenView Nokia Connectivity Cable Driver Nokia Ovi Player Nokia Suite Nokia_Multimedia_Common_Components_2_5 NVIDIA-configuratiescherm 358.91 NVIDIA GeForce Experience 2.5.15.54 NVIDIA GeForce Experience Service NVIDIA Grafisch stuurprogramma 358.91 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Network Service NVIDIA Optimus Update 2.5.15.54 NVIDIA PhysX Systeem Software 9.15.0428 NVIDIA ShadowPlay 2.5.15.54 NVIDIA Update 2.5.15.54 NVIDIA Update Core NVIDIA Virtual Audio 1.2.31 Oracle VM VirtualBox 4.3.20 PC Connectivity Solution Photo Common Photo Gallery Platform Popcorn Time Quick Uninstall Tool for Autodesk Inventor 2012 Realtek Ethernet Controller Driver Realtek PCIE Card Reader Security Update for Microsoft .NET Framework 4.5.2 (KB3097996) Security Update for Microsoft .NET Framework 4.5.2 (KB3098781) Security Update for Microsoft .NET Framework 4.5.2 (KB3122656) Security Update for Microsoft .NET Framework 4.5.2 (KB3127229) Security Update for Microsoft .NET Framework 4.5.2 (KB3135996) Security Update for Microsoft Access 2010 (KB3101544) 32-Bit Edition Security Update for Microsoft Excel 2010 (KB3114888) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054848) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB3114883) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2817478) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB3114402) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition Security Update for Microsoft Word 2010 (KB3114993) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SHIELD Streaming SHIELD Wireless Controller Driver SkypeT 7.6 Software voor Intel© Chipset-apparaten Sound Blaster Cinema Speccy Sublight SubSync Synaptics Pointing Device Driver System Requirements Lab for Intel Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2791057) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3054977) 32-Bit Edition Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3085512) 32-Bit Edition Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition Update for Microsoft Office 2010 (KB3114750) 32-Bit Edition Update for Microsoft Office 2010 (KB3114989) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956205) 32-Bit Edition Update for Microsoft OneNote 2010 (KB3114410) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3114756) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB3114867) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition VBA (2627.01) VIA Platform apparaatbeheer VLC media player WebCam Installer Windows-stuurprogrammapakket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR archiver ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Users\Kris\AppData\Roaming\PT\updater.exe C:\Program Files (x86)\Hotkey\PowerBiosServer.exe C:\Program Files (x86)\Popcorn Time\Updater.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\ChiconyCam\CECAPLF.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Hotkey\Hotkey.exe C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\sysWOW64\wbem\wmiprvse.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Users\Kris\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\Package Cache deleted C:\Windows\SysNative\config\systemprofile\Searches deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8112 MB CPU Info: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz CPU Speed: 2390,6 MHz Sound Card: Luidsprekers (2- VIA High Defin | SPDIF Interface (TX0) (2- VIA H | Display Adapters: Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 | NVIDIA GeForce GTX 765M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter #3 | Bluetooth-apparaat (Personal Area Network) #3 | Intel(R) Dual Band Wireless-AC 7260 #2 | Realtek PCIe GBE Family Controller #2 CD / DVD Drives: 1x (D: | ) D: SlimtypeDVD A DS8A4S Ports: COM10 | COM11 | COM12 | COM13 | COM14 | COM15 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 232,8GB | E: 931,5GB Hard Disks - Free: C: 123,8GB | E: 350,4GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 01/16/14 | HPQOEM - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Notebook W35xSTQ_370ST Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: Microsoft Security Essentials *Enabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95} SP: Microsoft Security Essentials *Enabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} Default Browser: Firefox 45.0.2 Internet Explorer Version: 11.0.9600.18282 Mozilla Firefox version: 45.0.2 (x86 nl) Google Chrome version: 50.0.2661.75 Adobe Reader version: 15.10.20056.167417 Sun Java version: 1.8.0_77 (32-bit) Sun Java version: 1.8.0_77 (64-bit) Flash Player version: 21.0.0.213 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Kris\AppData\Local\Temp ==== 2016-04-14 11:52:25 C72712B780C203BFF11B658D0F89BEB5 1581056 ----a-w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\mpam-49c5546c.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-04-13 08:37:33 F1CA4530A435A6741346A1ECF3FE10E9 3943144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2016-04-13 08:37:33 E518B37F8C82A4320732352E4DA9BF41 1414144 ----a-w- C:\Windows\SysWOW64\ole32.dll 2016-04-13 08:37:33 5C47821CC760ED48EA66A28465BD35E4 3998952 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2016-04-13 08:37:33 40A0F37C85DFA5D6E963FFD496439661 1314112 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2016-04-13 08:37:32 9F55E7A647A793A4D8C89A32B9543799 644096 ----a-w- C:\Windows\SysWOW64\advapi32.dll 2016-04-13 08:37:32 6B69810EDAEBBC68B205F5BBFD625E84 553984 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2016-04-13 08:37:32 405B50ED43C2D73B32056168494DEA24 666112 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2016-04-13 08:37:32 2347F9D5227F8751527C0AA0CDBA7375 342528 ----a-w- C:\Windows\SysWOW64\certcli.dll 2016-04-13 08:37:32 19E838D8DD2CB5576707259C8281EA78 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2016-04-13 08:37:31 F7DF39F60CCB70AD4551BAC41C18ACA1 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2016-04-13 08:37:31 E8618EF4CB8D38462D4D8A4ED7DA9850 171520 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2016-04-13 08:37:31 C8AE40931A2AC87E30E05C75E4A61796 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2016-04-13 08:37:31 B782F44A047D0D9459F0078A98AA8542 36352 ----a-w- C:\Windows\SysWOW64\cryptbase.dll 2016-04-13 08:37:31 B52C499A81A73E8F74938ACA42734331 275456 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2016-04-13 08:37:31 AAF65CD3A15EF6ECB0F4EF32F0D461B8 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2016-04-13 08:37:31 A3ECF0CFA0BFE509A77F0514885EA608 50688 ----a-w- C:\Windows\SysWOW64\appidapi.dll 2016-04-13 08:37:31 972332B4F1AC8EF3A42AE45BF65D3B60 141312 ----a-w- C:\Windows\SysWOW64\rpchttp.dll 2016-04-13 08:37:31 88B9000A87883C908F927AF5036B8309 223232 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2016-04-13 08:37:31 6B0E139FEF3B7C0061983C1502AE0CA3 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2016-04-13 08:37:31 47B6BE9CDF6888B7F9FDC5B2DB41B107 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2016-04-13 08:37:31 361F32EEFC326C7D34CD2CCF05C469FC 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2016-04-13 08:37:31 28B998D3ACC5AF930B78A982B4698CB8 260608 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2016-04-13 08:37:31 2610C8EF506344326F7250691093A3B9 251392 ----a-w- C:\Windows\SysWOW64\schannel.dll 2016-04-13 08:37:31 002E17D37479281C5D241A189F973C5F 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2016-04-13 08:37:30 BCF50CD5076E765200740A97FCB4D74F 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2016-04-13 08:37:30 8DCFB284FC896E2F6F02134298A8F1E1 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2016-04-13 08:37:30 6DB3EFE1174B79571A28355A732B3337 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2016-04-13 08:37:29 F5042159B95FD2748F55D89E08A89B48 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2016-04-13 08:37:29 866254892512D27510475080EEC15748 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2016-04-13 08:37:29 4DD90351DB68847F9048133E45004B2F 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2016-04-13 08:37:29 38958A47AEE19E4CD89A0850640217C3 690688 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2016-04-13 08:37:29 1FCAFC14E7B1BA3569DD1E483E486998 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll 2016-04-13 08:36:58 386E748E484BA802FCCBF00FC90729C4 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2016-04-13 08:36:54 E08CCC70F5520717E764A966A7BA22EF 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2016-04-13 08:36:54 B49EBDC69A49D67A3F20C583DDC7BF5D 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2016-04-13 08:36:54 55E69CE386E20BE89CB62FD5A205D5A1 91136 ----a-w- C:\Windows\SysWOW64\inseng.dll 2016-04-13 08:36:54 4949ACC87CA50A42863676CEA35147EA 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2016-04-13 08:36:53 E90EF76CB74E7AECB0355AF44B6B1B78 346320 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2016-04-13 08:36:53 E1DEB2313E5527B721514570756A33C8 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2016-04-13 08:36:53 DDD0F1861689EC17F8CA0CD8E46B8D5A 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-04-13 08:36:53 7A24C77D85DE57C80D300A2F241F1721 496640 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2016-04-13 08:36:53 79E4D96CCB1E68A3CE18B6E8E3F3B705 1311744 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2016-04-13 08:36:53 340F204F636FB15D8C52DC1FFBD88F51 130048 ----a-w- C:\Windows\SysWOW64\occache.dll 2016-04-13 08:36:52 8C99981E6B4209ABC8BCF887BDEBCE53 20352512 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2016-04-13 08:36:52 28009063B84E8F9C8479D34AD32BF7D2 693248 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2016-04-13 08:36:52 145A62FF0E34A8DC81DC45954EBD7EE9 279040 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2016-04-13 08:36:51 B68217807ABBCA26B08D33E7315F4566 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2016-04-13 08:36:51 65BC52D21BBCED6B6538378E11439850 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2016-04-13 08:36:51 2AEBB3308B4AACDC0BB548EF5560AACF 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2016-04-13 08:36:50 E34AB80B40980408CE370070512AB6AB 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll 2016-04-13 08:36:50 C0C84BA8E2C98159BC0847BE36B05D47 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2016-04-13 08:36:50 96537B3B2E17273D4B4DB5A061B5D07B 2056192 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2016-04-13 08:36:50 49E51E0E5A6BF6B893017578CEB42B2D 2285056 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2016-04-13 08:36:50 2CBA7EBF49FF867C7F116BF66C0049BF 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2016-04-13 08:36:49 A0701B16086577DD3D592AE7D28EFAB6 416256 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2016-04-13 08:36:49 795F250FBBC41FC616557767E4FD63EF 13811712 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2016-04-13 08:36:49 720DCF5A80B0D37865CBB58333961335 476160 ----a-w- C:\Windows\SysWOW64\ieui.dll 2016-04-13 08:36:47 39E2397EE90CBC724567B9E6906E1AFC 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2016-04-13 08:36:46 EE3825FFE3F31B7FCB7B4A284197361B 2121216 ----a-w- C:\Windows\SysWOW64\wininet.dll 2016-04-13 08:36:46 CBDA03CEE7784F2A3D3C3E197B5C3784 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2016-04-13 08:36:46 9A94A96401F9E8D777145C4A10E2F068 4611072 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2016-04-13 08:36:46 7C06F83E73201DE87B471917E8C9BCBD 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2016-04-13 08:36:46 3E816997AA0924BE8C1F957BB0B6A2AD 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2016-04-13 08:36:46 26597D00E5A4A022D5D4C4459967BF30 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-04-13 08:37:33 ADFFC3B4418247A562E8727C66DE4428 5551336 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2016-04-13 08:37:33 7BE74B8A4BA6D27137E5557229EB83E3 631176 ----a-w- C:\Windows\Sysnative\winresume.efi 2016-04-13 08:37:33 7AE8440A7C8B7E7078EE2654DDB8D21F 1732864 ----a-w- C:\Windows\Sysnative\ntdll.dll 2016-04-13 08:37:33 6FCB62DDF2575ADFFD577A6648B25377 1464320 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2016-04-13 08:37:33 10F466EF4048CA32CAF98FE4A3A16982 2084864 ----a-w- C:\Windows\Sysnative\ole32.dll 2016-04-13 08:37:32 C9F6BB175A7392A851FD86F2A3359088 463872 ----a-w- C:\Windows\Sysnative\certcli.dll 2016-04-13 08:37:32 B46D03BABD31B23E6FCB226CB22D4D6B 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll 2016-04-13 08:37:32 B3A62D12B93A49189EA8CE51D186FC61 880640 ----a-w- C:\Windows\Sysnative\advapi32.dll 2016-04-13 08:37:32 AE9981D722DA386FBDDC78BEE6E41E56 419840 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2016-04-13 08:37:32 841BF993597DCD498247684B5D3AE845 215552 ----a-w- C:\Windows\Sysnative\winsrv.dll 2016-04-13 08:37:32 77372D87A1A5E170C366E436990C6CB5 312320 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2016-04-13 08:37:32 682586CACD78EF53EF7301B4180EB595 112640 ----a-w- C:\Windows\Sysnative\smss.exe 2016-04-13 08:37:32 5817A07A72436A5658E48BF98A91137D 706280 ----a-w- C:\Windows\Sysnative\winload.efi 2016-04-13 08:37:32 54D7B147EB4E7691AA5A2FA110A38363 1212928 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2016-04-13 08:37:32 4F374ED543FC9F3BB17EC6A7C8DF39A1 344064 ----a-w- C:\Windows\Sysnative\schannel.dll 2016-04-13 08:37:32 487D19B284DAFCBAE811AE785CC8B603 731136 ----a-w- C:\Windows\Sysnative\kerberos.dll 2016-04-13 08:37:32 3B38C2EDA0D4854ED0E72BA3CBE8D72E 316416 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2016-04-13 08:37:32 2D99A0ECE8475367798F1313197C933D 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2016-04-13 08:37:31 EF34A098DD383766689A2F21BA2A990E 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2016-04-13 08:37:31 CB7E479501BC4C55328D242D41C1D074 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2016-04-13 08:37:31 C47B6624AF9AEE4146743DCB133A159D 34816 ----a-w- C:\Windows\Sysnative\appidsvc.dll 2016-04-13 08:37:31 BEEC56A8B8B5707B0E7139C6D9D57217 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2016-04-13 08:37:31 BEAD4B03B375B8F02C8C205E25A7CF0A 63488 ----a-w- C:\Windows\Sysnative\setbcdlocale.dll 2016-04-13 08:37:31 9D8F5EBE48750AF80C5EB5542BEC448B 59904 ----a-w- C:\Windows\Sysnative\appidapi.dll 2016-04-13 08:37:31 9C73710485E2E1540D869BDB8A8A68CA 43520 ----a-w- C:\Windows\Sysnative\cryptbase.dll 2016-04-13 08:37:31 97C1D81250E9E73F7FC8568EF622017A 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2016-04-13 08:37:31 81AA2961530A4F036046CC627B4A90BC 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2016-04-13 08:37:31 811D9D4242A3E53D6DA86A400CCD63D0 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll 2016-04-13 08:37:31 7F9ADD80DE0B27B5EF2ACA7B19EAA3E5 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2016-04-13 08:37:31 7BBBB5DE05EFEEF2E45A48F9A943B6B0 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2016-04-13 08:37:31 7407A5C092DAD554A3FC768B9859A847 210432 ----a-w- C:\Windows\Sysnative\wdigest.dll 2016-04-13 08:37:31 626BE7CD27F44185AA4DCD3603830312 30720 ----a-w- C:\Windows\Sysnative\lsass.exe 2016-04-13 08:37:31 6199722CB619A0887BE81F16A4474538 190464 ----a-w- C:\Windows\Sysnative\rpchttp.dll 2016-04-13 08:37:31 59738954027D75A282D82680C8AFBC54 148480 ----a-w- C:\Windows\Sysnative\appidpolicyconverter.exe 2016-04-13 08:37:31 593BC0F0D33A1905B5DC37FA756EB2BA 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2016-04-13 08:37:31 3D6AE177FAF7E3296251DDB05773618E 338432 ----a-w- C:\Windows\Sysnative\conhost.exe 2016-04-13 08:37:31 3B44D778B4719B1D5650FC6B1D90AA19 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2016-04-13 08:37:31 3A2DF0CC19D68C60F434DA02E1ED01B3 28672 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2016-04-13 08:37:31 1F8F134C7350EF16C79E1C42005BCDE9 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2016-04-13 08:37:31 0E4019A26AE3DB40461B5AA0C3AD6A68 17920 ----a-w- C:\Windows\Sysnative\appidcertstorecheck.exe 2016-04-13 08:37:31 0CBD4E2DBBADABB79BFB8289E6E6227F 135680 ----a-w- C:\Windows\Sysnative\sspicli.dll 2016-04-13 08:37:29 DB651F0E6AC20C42348A9F0E8E7C42D5 690688 ----a-w- C:\Windows\Sysnative\adtschema.dll 2016-04-13 08:37:29 800AA696A0A773C039D1568F5828EFDE 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2016-04-13 08:37:29 6A019F8581D13BC1637DF9F2C92849DB 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll 2016-04-13 08:37:29 3D347AF86D2FDDEC5F30844537C355D1 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2016-04-13 08:37:15 1D0A5FF3C7C7EA7480429D16D38B60EA 3216896 ----a-w- C:\Windows\Sysnative\win32k.sys 2016-04-13 08:36:58 83250E0CE090E705B826C17F3345C758 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2016-04-13 08:36:54 F734019D02F9BA24764F5D98E31B100D 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2016-04-13 08:36:54 9AB123A730E48BBEB355FDFF8A940605 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2016-04-13 08:36:54 5A5C52E1349D8DFFB24C23715C2235DC 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2016-04-13 08:36:53 6A80D021EBD77CFEF88836E796C3EF05 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2016-04-13 08:36:53 1FD2417B253AAF8D3E73A5B3F5660253 107520 ----a-w- C:\Windows\Sysnative\inseng.dll 2016-04-13 08:36:53 04AA1E7E50F9769EC7839EB76E7BA9F5 725504 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2016-04-13 08:36:52 5E3FC3737471E4F9C4836EBC7F8DFFFC 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2016-04-13 08:36:51 5938B49B3D83028409AC08F5979D793D 152064 ----a-w- C:\Windows\Sysnative\occache.dll 2016-04-13 08:36:50 D664D27231EC3E73A2D36811508539D3 394952 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2016-04-13 08:36:50 6526575EEFF97F225F64D80633B555A3 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2016-04-13 08:36:50 43DD53A9F55C8FA28E78E7FEE177EE09 1547264 ----a-w- C:\Windows\Sysnative\urlmon.dll 2016-04-13 08:36:49 DC3C6F43A83BC90A1AC77E7369A24971 315392 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2016-04-13 08:36:49 876DCA7F8F58E6F5F9CA0BD2C09AF134 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2016-04-13 08:36:49 2B1E9C2199882E0C3BB598DBA0FC421C 806400 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2016-04-13 08:36:48 CD397ADCD899BF08450D9EDDAC873232 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2016-04-13 08:36:48 855B804B5CC55D371DD34614B0A1831A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2016-04-13 08:36:47 873DFCA620963C330BC8E3E37B972A96 2131968 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2016-04-13 08:36:47 3E0CD58E1F313D3BBF58CCE38D4955DA 2892800 ----a-w- C:\Windows\Sysnative\iertutil.dll 2016-04-13 08:36:46 903C5D4331CF4B0BEB3A778B0EF7C7D4 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2016-04-13 08:36:46 4E58493C10022CC28C99D7E4ABAD74EC 571904 ----a-w- C:\Windows\Sysnative\vbscript.dll 2016-04-13 08:36:45 A633F1A4D75A8435C62A77ED741D2329 615936 ----a-w- C:\Windows\Sysnative\ieui.dll 2016-04-13 08:36:45 10BDB7F57DEE499D54F94F1ED261E5FF 489984 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2016-04-13 08:36:44 6597570F5E74FB9B1474741678AF0003 15415808 ----a-w- C:\Windows\Sysnative\ieframe.dll 2016-04-13 08:36:44 40FA30AE9CAEC38F3E753A934BE66AFD 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2016-04-13 08:36:43 EEE42684C753083B01D3F72FA252B88C 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2016-04-13 08:36:43 8FC9C6E4F1CE587C735A06F0CFFEE619 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2016-04-13 08:36:43 8975E4521C293E751031B6EFCAA6E17A 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2016-04-13 08:36:43 7D8316FE73C06E03A308BA0BFACC189F 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2016-04-13 08:36:43 726A9338C34B1598422609822FE4E58A 817664 ----a-w- C:\Windows\Sysnative\jscript.dll 2016-04-13 08:36:42 D2E3B1DEDF6F6177D8C32B2516703A93 2596864 ----a-w- C:\Windows\Sysnative\wininet.dll 2016-04-13 08:36:42 97BC9545A72A88E6B952301AF5D22316 6052352 ----a-w- C:\Windows\Sysnative\jscript9.dll 2016-04-13 08:36:41 E5390387D51FDA7CF4FB5F1C3C8E1049 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2016-04-13 08:36:41 472E445AB61201546ABCFF7220DCA4C5 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2016-04-13 08:36:41 0DB95DBB77C611BEE1A476977A3B3DE3 417792 ----a-w- C:\Windows\Sysnative\html.iec 2016-04-13 08:36:40 31C8C489E5C51A72B52CC0F0B292FB3B 25817600 ----a-w- C:\Windows\Sysnative\mshtml.dll ====== C:\Windows\Sysnative\drivers ===== 2016-04-13 08:37:32 FB4397DDCC732DB6A7B33B747C7EB708 154344 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-04-13 08:37:32 B6C2FA7F5E5BC1A488A57C6344D29D64 95464 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2016-04-13 08:37:32 ACEC16415275E1AD6F7983EF472810E3 159744 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-04-13 08:37:32 0F276F2F2018296FABC7BD2BCCAAB40B 291328 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-04-13 08:37:31 A9FB80B0BBA6F765F4E691B7AD4963A7 62464 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2016-04-13 08:37:31 1D4B7972375052F5B7877A6FD9BE33A0 129536 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-04-13 08:37:25 616387BBD83372220B09DE95F4E67BBC 73664 ----a-w- C:\Windows\Sysnative\drivers\disk.sys ====== C:\Windows\Tasks ====== 2016-04-14 11:48:41 F370AFC23F335BBB4F52F56BDA78699C 3114 ----a-w- C:\Windows\Sysnative\Tasks\{3778C1C8-D03E-4601-ACCF-E9A77116C69D} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2016-04-14 11:49:34 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Kris\AppData\Roaming ====== 2016-04-14 11:49:27 -------- d-----w- C:\Users\Kris\AppData\Roaming\Sun 2016-04-14 11:47:26 -------- d-----w- C:\Users\Kris\AppData\Locallow\Oracle ====== C:\Users\Kris ====== 2016-04-14 11:49:27 -------- d-----w- C:\Users\Kris\.oracle_jre_usage ====== C: exe-files == 2016-04-14 11:52:25 C72712B780C203BFF11B658D0F89BEB5 1581056 ----a-w- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-49c5546c.exe 2016-04-14 11:49:19 F85C40988E94C2F463508FBEE94025BF 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\kinit.exe 2016-04-14 11:49:19 F4E94CBB9DEF622171D8943F2160B214 51776 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssvagent.exe 2016-04-14 11:49:19 E2AF676759086BAE2F16D6B5033E7F46 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\policytool.exe 2016-04-14 11:49:19 D709404CB67D09946628987244B98A60 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\servertool.exe 2016-04-14 11:49:19 D62B10425DC16A177CB64D6B0356F915 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\jjs.exe 2016-04-14 11:49:19 C558C87F624CF96F812028165190EEDE 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\pack200.exe 2016-04-14 11:49:19 C1F46A7656D1DED6326D8E28B1CF1862 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\rmiregistry.exe 2016-04-14 11:49:19 AC4F3A4F853070419C9E8479B3868103 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\tnameserv.exe 2016-04-14 11:49:19 A756D5633F6596B0E4711E60D3F61BCA 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\orbd.exe 2016-04-14 11:49:19 A48BDE309534612FBA41D58E754A38BE 159296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\unpack200.exe 2016-04-14 11:49:19 8DF0EA1993F98096557A4AFA6235DE4E 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\rmid.exe 2016-04-14 11:49:19 724998551979EB4E0DF53CA3994AF035 77888 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2launcher.exe 2016-04-14 11:49:19 5192C3656176D1D21D21372E1061D1A4 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\ktab.exe 2016-04-14 11:49:19 4CC7AA4DCC143BB06999A62B8763EA6C 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\keytool.exe 2016-04-14 11:49:19 26E779D9D96192E312E5DC042E993DED 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\klist.exe 2016-04-14 11:49:18 D763E321831C859D9195ADF15A951E95 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\java-rmi.exe 2016-04-14 11:49:18 C31F1BDBB1902458FA15515BD0D8340B 191040 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\java.exe 2016-04-14 11:49:18 AAADCD8DA5BCE8986D6FEC09FAB7B70D 68672 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\javacpl.exe 2016-04-14 11:49:18 A5AECC1529B64CB123B1880D3AD0F1AE 268352 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\javaws.exe 2016-04-14 11:49:18 6101EC702C56D5F688AA578AC457A440 30784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\jabswitch.exe 2016-04-14 11:49:18 2AD9EFBB015490AA315707BAC2BFD816 191552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\javaw.exe 2016-04-14 11:40:52 6750A35F6D78550EBAC359B1BBA724DB 1190040 ----a-w- C:\Windows\Temp\CR_028B9.tmp\setup.exe 2016-04-14 11:40:51 C3D666FA45A00145C09E4BA478267054 8538200 ----a-w- C:\Program Files (x86)\Google\Update\Install\{2AD96ED0-5B34-4A4A-B24A-936EC52F577D}\50.0.2661.75_49.0.2623.112_chrome_updater.exe 2016-04-14 11:40:51 C3D666FA45A00145C09E4BA478267054 8538200 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\50.0.2661.75\50.0.2661.75_49.0.2623.112_chrome_updater.exe 2016-04-13 16:58:30 496DE87E5E6D1F46C5FD7A0AA6EAB8CF 7720424 ----a-w- C:\Users\Kris\AppData\Local\NVIDIA\NvBackend\Packages\00008959\DAO.20637995.exe 2016-04-13 08:37:33 F1CA4530A435A6741346A1ECF3FE10E9 3943144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2016-04-13 08:37:33 ADFFC3B4418247A562E8727C66DE4428 5551336 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-04-13 08:37:33 5C47821CC760ED48EA66A28465BD35E4 3998952 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2016-04-13 08:37:32 682586CACD78EF53EF7301B4180EB595 112640 ----a-w- C:\Windows\System32\smss.exe 2016-04-13 08:37:31 BEEC56A8B8B5707B0E7139C6D9D57217 296960 ----a-w- C:\Windows\System32\rstrui.exe 2016-04-13 08:37:31 626BE7CD27F44185AA4DCD3603830312 30720 ----a-w- C:\Windows\System32\lsass.exe 2016-04-13 08:37:31 59738954027D75A282D82680C8AFBC54 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe 2016-04-13 08:37:31 3D6AE177FAF7E3296251DDB05773618E 338432 ----a-w- C:\Windows\System32\conhost.exe 2016-04-13 08:37:31 1F8F134C7350EF16C79E1C42005BCDE9 64000 ----a-w- C:\Windows\System32\auditpol.exe 2016-04-13 08:37:31 0E4019A26AE3DB40461B5AA0C3AD6A68 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe 2016-04-13 08:37:30 BCF50CD5076E765200740A97FCB4D74F 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2016-04-13 08:37:30 8DCFB284FC896E2F6F02134298A8F1E1 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2016-04-13 08:37:30 6DB3EFE1174B79571A28355A732B3337 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2016-04-13 08:37:29 866254892512D27510475080EEC15748 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2016-04-13 08:36:58 2D98A2C9EC46ADE57B04DE54672DB205 49664 ----a-w- C:\Windows\servicing\GC64\tzupd.exe 2016-04-13 08:36:54 5A5C52E1349D8DFFB24C23715C2235DC 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe 2016-04-13 08:36:53 4220C16D79E0386F9C684EEF5586699B 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2016-04-13 08:36:53 04AA1E7E50F9769EC7839EB76E7BA9F5 725504 ----a-w- C:\Windows\System32\ie4uinit.exe 2016-04-13 08:36:51 A00F16DFE1661B5BC5A2AFF02ED7BB78 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2016-04-13 08:36:51 0D509AB88C513DE28EF46B434AD3B1AA 473600 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2016-04-13 08:36:50 3A3666314CA3CAB290DCD6C0445DDB12 815312 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2016-04-13 08:36:49 876DCA7F8F58E6F5F9CA0BD2C09AF134 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2016-04-13 08:36:48 239E4651A281DBAA5B5CA3658D94AB78 491008 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2016-04-13 08:36:47 B719287E7679AC28F5847197949D325B 814280 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2016-04-13 08:36:46 3E816997AA0924BE8C1F957BB0B6A2AD 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2016-04-13 08:36:43 8975E4521C293E751031B6EFCAA6E17A 144384 ----a-w- C:\Windows\System32\ieUnatt.exe 2016-04-12 18:44:10 9B9FCBFA0D10099DB855E77AF0F43613 686520 ----a-w- C:\Users\Kris\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-04-12 18:44:06 3DC3258BDBD3EF5E801ADB1B8228F70E 254904 ----a-w- C:\Users\Kris\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-04-11 15:32:03 CC079B17C59F11B2FC193732C3301A59 621288 ----a-w- C:\Users\Kris\AppData\Local\NVIDIA\NvBackend\Packages\00008949\CoProc update.20631836.exe === C: other files == 2016-04-14 11:49:19 4EDC09D3151E434741F50E8F7210D162 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\lib\deploy\ffjcext.zip 2016-04-13 08:37:32 FB4397DDCC732DB6A7B33B747C7EB708 154344 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2016-04-13 08:37:32 B6C2FA7F5E5BC1A488A57C6344D29D64 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2016-04-13 08:37:32 ACEC16415275E1AD6F7983EF472810E3 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2016-04-13 08:37:32 0F276F2F2018296FABC7BD2BCCAAB40B 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2016-04-13 08:37:31 A9FB80B0BBA6F765F4E691B7AD4963A7 62464 ----a-w- C:\Windows\System32\drivers\appid.sys 2016-04-13 08:37:31 1D4B7972375052F5B7877A6FD9BE33A0 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2016-04-13 08:37:25 616387BBD83372220B09DE95F4E67BBC 73664 ----a-w- C:\Windows\System32\drivers\disk.sys 2016-04-13 08:37:15 1D0A5FF3C7C7EA7480429D16D38B60EA 3216896 ----a-w- C:\Windows\System32\win32k.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1725989601-2335644033-3128775016-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UpdReg"="C:\Windows\UpdReg.EXE" "IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE" "CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Sound Blaster Cinema"="C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe /r" "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "NokiaMusic FastStart"="C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe /command:faststart" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "CECAPLF"="C:\Program Files (x86)\ChiconyCam\CECAPLF.exe" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp" "BLEServicesCtrl"="C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "MBCfg64"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64" "HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Startup Folders ====================== 2014-03-19 22:19:36 865 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10/04/2016 11:23] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 00:14] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 00:14] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== No folders found aged 0-6 months