Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Rossi930 on za 23-04-2016 at 15:28:42,39. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Rossi930\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 23-4-2016 15:30:22 Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\WinZipper deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\UpdatusUser\AppData\LocalLow deleted successfully C:\Users\Rossi930\AppData\Local\ActiveSync deleted successfully C:\Users\Rossi930\AppData\Local\NetworkTiles deleted successfully C:\Users\Rossi930\AppData\Local\PackageStaging deleted successfully C:\Users\Rossi930\AppData\Local\Skype deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2692958852-1695414720-1072984534-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCFCC2EC-3F33-45A8-8ADF-A6C81F11232F} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DCFCC2EC-3F33-45A8-8ADF-A6C81F11232F} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== "Windows Live Essentials" "Windows Live Mail" ????? Windows Live ?????? ??????? ?????? Windows Live ???????? ?????????? Windows Live ?????????? ?????????? (????????????? ??????) ??????????? ???????????? AdBlocker Adobe Acrobat Reader DC - Nederlands Adobe Refresh Manager AllShare Framework DMS Amazon 1Button App Amazon Assistant ANT Drivers Installer x64 Around The World In 80 Days AVG AVG 2016 AVG PC TuneUp AVG Protection Battery Calibration Belfius Smart Card Reader Chrome-App BurnRecovery CyberLink PowerDVD 10 CycloAgent D3DX10 Definition Update for Microsoft Office 2010 (KB3114999) 64-Bit Edition EA SPORTST FIFA 15 Elevated Installer FIFA 16 FMW 1 Foto-galerija Fotoattelu galerija Fotogal‚ria Fotogalerie Fotogalerii Fotogalerija Fotogalleri Fotogalleriet Fotograf Galerisi Fot¢t r Galeria de Fotografias Galeria de Fotos Galer¡a de fotos Galeria fotografii Galerie de photos Galerie foto Galerija fotografija Garmin City Navigator Europe NT 2015.40 Garmin Communicator Plugin Garmin Communicator Plugin x64 Garmin Express Garmin Express Tray Garmin USB Drivers Google Chrome Google Toolbar for Internet Explorer Google Update Helper GrabIt 1.7.3 Beta (build 1010) Hitman: Sniper Challenge Hybrid Power Intel(R) Manageability Engine Firmware Recovery Agent Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel© Trusted Connect Service Client Java 8 Update 91 Java Auto Updater Junk Mail filter update K-Lite Codec Pack 9.3.0 (Basic) KB9X Radio Switch Driver KLM Metro: Last Light (c) Deep Silver version 1 Microsoft Application Error Reporting Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 32-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Movie Maker MSI Remind Manager MSI Social Media Collection MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 NVIDIA-configuratiescherm 353.62 NVIDIA Graphics Driver 311.48 NVIDIA HD Audio Driver 1.3.23.1 NVIDIA Install Application NVIDIA Optimus 1.11.3 NVIDIA PhysX NVIDIA PhysX System Software 9.12.1031 NVIDIA Update 1.11.3 NVIDIA Update Components Origin Photo Common Photo Gallery Poczta uslugi Windows Live Podstawowe programy Windows Live Polar Daemon Polar WebSync Posta Windows Live qksee Qualcomm Atheros Bluetooth Suite (64) Qualcomm Atheros Killer Network Manager Raccolta foto Realtek High Definition Audio Driver Realtek PCIE Card Reader S?????? f?t???af??? Samsung Link 2.0.0.1603091618 SCM Security Update for Microsoft Access 2010 (KB3101544) 64-Bit Edition Security Update for Microsoft Excel 2010 (KB3114888) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB3114414) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2956073) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3054848) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 64-Bit Edition Security Update for Microsoft Outlook 2010 (KB3114883) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 64-Bit Edition Security Update for Microsoft Publisher 2010 (KB2817478) 64-Bit Edition Security Update for Microsoft Visio 2010 (KB3114402) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 64-Bit Edition Security Update for Microsoft Word 2010 (KB3114993) 64-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition SkypeT 7.21 Sound Blaster Cinema Spotify Spotnet SpyHunter Steam Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) Super-Charger Synaptics Pointing Device Driver Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Topomap Benelux UltraISO Premium V9.52 Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2999508) 64-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition Update for Microsoft Office 2010 (KB2553388) 64-Bit Edition Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition Update for Microsoft Office 2010 (KB2589318) 64-Bit Edition Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition Update for Microsoft Office 2010 (KB2791057) 64-Bit Edition Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition Update for Microsoft Office 2010 (KB3054873) 64-Bit Edition Update for Microsoft Office 2010 (KB3054886) 64-Bit Edition Update for Microsoft Office 2010 (KB3054977) 64-Bit Edition Update for Microsoft Office 2010 (KB3055042) 64-Bit Edition Update for Microsoft Office 2010 (KB3055047) 64-Bit Edition Update for Microsoft Office 2010 (KB3085512) 64-Bit Edition Update for Microsoft Office 2010 (KB3114555) 64-Bit Edition Update for Microsoft Office 2010 (KB3114750) 64-Bit Edition Update for Microsoft Office 2010 (KB3114989) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2956205) 64-Bit Edition Update for Microsoft OneNote 2010 (KB3114410) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 64-Bit Edition Update for Microsoft Outlook 2010 (KB3114756) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB3114867) 64-Bit Edition Update for Microsoft Project 2010 (KB3114891) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 64-Bit Edition Uplay Valokuvavalikoima VASCO Card Reader Plug-In (64-Bit) VASCO Smart Card Reader Plug-In (User) Virtual COM Port Driver Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live Posta Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Par‡alar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven peruspaketti Windows Liven s„hk”posti WinRAR 5.20 bŠta 3 (64-bit) YAC(Yet Another Cleaner) ==== Running Processes ====================== C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe C:\Program Files (x86)\AVG\Av\avgfws.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AdBlocker\Service.WinServiceHost.exe C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe C:\Program Files (x86)\Polar\Daemon\polard.exe C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe C:\Program Files (x86)\SCM\MSIService.exe C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\ProgramData\jIxmRfR\protect\protect.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe C:\Users\Rossi930\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Program Files (x86)\Steam\Steam.exe C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Users\Rossi930\AppData\Roaming\Spotify\Spotify.exe C:\Users\Rossi930\AppData\Roaming\Spotify\SpotifyCrashService.exe C:\Users\Rossi930\AppData\Roaming\Spotify\Spotify.exe C:\Users\Rossi930\AppData\Roaming\Spotify\Spotify.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Program Files (x86)\MSI\KLM\KLM.exe C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\AVG\Av\avgui.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\WINDOWS\SysWOW64\DllHost.exe C:\Users\Rossi930\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\jIxmRfR_protect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\jIxmRfR_update deleted successfully ==== Deleting Files \ Folders ====================== C:\PROGRA~2\WinZipper not found C:\windows\SysNative\Tasks\0116avtUpdateInfo deleted C:\extensions deleted C:\PROGRA~3\Avg_Update_0116avt deleted C:\PROGRA~3\Package Cache deleted C:\Users\Rossi930\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Public\Documents\dmp deleted C:\windows\SysNative\tasks\DistromaticSearchProtect-hourly deleted C:\windows\SysNative\tasks\DistromaticSearchProtect-logon deleted C:\windows\SysNative\GroupPolicy\Adm deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\html.dat" not deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\tuavga.dll" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\tuavgx.dll" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe" not deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\tuneup_nl.lng" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\tuuix.dll" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp" not deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 16272 MB CPU Info: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz CPU Speed: 2395,0 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 | NVIDIA GeForce GTX 780M | NVIDIA GeForce GTX 780M | NVIDIA GeForce GTX 780M | NVIDIA GeForce GTX 780M Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Killer Wireless-N 1202 Network Adapter | Microsoft Wi-Fi Direct Virtual Adapter | This Killer e2200 Network Controller connects you to the network. CD / DVD Drives: 2x (E: | F: | ) E: TSSTcorpBDDVDW SN-506BB | F: EZBSYS ISO CDVD DRIVE Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 236,4GB | D: 679,8GB Hard Disks - Free: C: 121,2GB | D: 547,5GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | MSI_NB - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Micro-Star International Co., Ltd. MS-1763 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Default Browser: Internet Explorer 11.00.10586.0 (th2_release.151029-1700) Internet Explorer Version: 11.212.10586.0 Google Chrome version: 50.0.2661.87 Adobe Reader version: 15.10.20056.167417 Sun Java version: 1.8.0_91 (32-bit) Sun Java version: 1.8.0_91 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Rossi930\AppData\Local\Temp ==== ====== Java Cache ===== 2016-04-23 13:26:12 C2C4419CC379775E48EFD958C3FEBFEE 479817 ----a-w- C:\Users\Rossi930\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\1784d7c2-3d47e43e 2016-04-23 13:26:12 A1BFC1D6931E85A5C819335346E23C75 437 ----a-w- C:\Users\Rossi930\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\31b19ba-31dd21483c370f10d50919e7f606200b29b1a28ae4eed846ca2c3c62f1816baa-6.0.lap 2016-04-23 13:26:12 C611538EFED63F122E4A07F748AC01B3 793 ----a-w- C:\Users\Rossi930\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\31b19ba-4e6de5b9 ====== C:\WINDOWS\SysWOW64 ===== 2016-04-23 13:24:53 D0C0D9F3E64C97730DF0F130D0D5B307 97856 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-04-18 11:25:02 3FCA01A33618D56C7B2E03C397F56C2A 32680 ----a-w- C:\WINDOWS\SysWOW64\authuitu.dll 2016-04-14 12:03:01 E07F85C08C025B08F25150E60CB69B44 37376 ----a-w- C:\WINDOWS\SysWOW64\atmlib.dll 2016-04-14 12:03:01 49A21B514FC10B2D55499D58DC78E862 45568 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll 2016-04-14 12:03:00 529ADF562993ACA4B8AB43847F42F9B0 18673664 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-04-14 12:02:59 C31E805C9AD3DBEA0A75337312967E77 792064 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2016-04-14 12:02:59 B4102814D9B1D1FC6C39869D7F224E12 303104 ----a-w- C:\WINDOWS\SysWOW64\atmfd.dll 2016-04-14 12:02:59 2BFF4D19D7FC686C150879A2FD5BAE77 2229760 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-04-14 12:02:59 17998B6098C06B8FAA32890D6E1F7A58 19340800 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-14 12:02:58 FD639F1372389D7C5990663D6A100CFE 541304 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-04-14 12:02:58 D5BF10F0C309C82820813A7190CE1F5F 65536 ----a-w- C:\WINDOWS\SysWOW64\wininetlui.dll 2016-04-14 12:02:58 51A5FD6E5EF1E9A2C63C615F238961F9 1500672 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-14 12:02:57 F172B5FDEACA0C57A4892208F617AB91 12125184 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-14 12:02:56 D28C3C4AAB51D00FD6EFA07F6DCC1CBA 1862008 ----a-w- C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-04-14 12:02:46 C57E960CD2C7F64AE0295DF0423FE071 1444352 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-04-14 12:02:46 B74C5FA6221607F864C62090F74FDB80 799744 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll 2016-04-14 12:02:44 3D74763FFF3EF03D8CC9233B5A0EBBB2 13018624 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-04-14 12:02:43 65930B7D5917CB0D76CAA51A46F3850B 9918976 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-04-14 12:02:42 408AF8141C4A44BC120F4204F8F79A75 1944576 ----a-w- C:\WINDOWS\SysWOW64\InputService.dll 2016-04-14 12:02:41 0822CB125008CFCA3DFB52C9DF118273 5662208 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-04-14 12:02:38 287FAD133D3E5F47DB367B86DC523631 2798080 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-04-14 12:02:38 15C9692077BA7E20D64E34AE6210B438 5202944 ----a-w- C:\WINDOWS\SysWOW64\BingMaps.dll 2016-04-14 12:02:35 265DB46FE368D8F701A74976D3823ADC 986976 ----a-w- C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-04-14 12:02:34 4B6F30BA21606440EC91852F15B296A9 1626624 ----a-w- C:\WINDOWS\SysWOW64\dwmcore.dll 2016-04-14 12:02:33 CC2F923F02D8EB36D0C442CE709B6CD9 1139712 ----a-w- C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2016-04-14 12:02:33 402A33FCE08200518FB0012A6BF2E966 2722816 ----a-w- C:\WINDOWS\SysWOW64\esent.dll 2016-04-14 12:02:32 395AC69CCD9E2D590775AA6ADD2AE1D2 649728 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-04-14 12:02:31 2C313D0D6CAF3467664058F15742CC98 354304 ----a-w- C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-04-14 12:02:31 127D1DD4E7385AB56A32D72CF948DB9B 711680 ----a-w- C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-04-14 12:02:29 E46FCEC3EAC209AFCDB2825386E51423 415232 ----a-w- C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-04-14 12:02:29 52A1E3042711C59E316936C9EDE560F8 502104 ----a-w- C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-04-14 12:02:28 4135F625D8F20D76FB29F86FE7A4CC48 93696 ----a-w- C:\WINDOWS\SysWOW64\fontsub.dll 2016-04-14 12:02:27 D57F7D9FB771CA0B434E975F76413430 1072128 ----a-w- C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2016-04-14 12:02:27 B71A99EC3D8818A6662A6A9D26FE5807 346624 ----a-w- C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-04-14 12:02:27 70128BC69D515F2D38577D2438861424 133632 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-04-14 12:02:26 BED401741C226F05FCD2C2678F9E9F14 350720 ----a-w- C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-04-14 12:02:26 B8AC85F66A12455FB3F2FDB916B1C679 498176 ----a-w- C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-04-14 12:02:26 B1D8636E375413D57B50BDE20CA5E710 358400 ----a-w- C:\WINDOWS\SysWOW64\AccountsRt.dll 2016-04-14 12:02:26 897906025BD3616BF9C30A3979A73DEE 712704 ----a-w- C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2016-04-14 12:02:25 88E6A274B44C66EDBD26F2BA9E0ACE8F 253088 ----a-w- C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-04-14 12:02:25 6D062C6E2C47B3DCDE8F4C3FDB634DEE 83456 ----a-w- C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-04-14 12:02:24 FEB304F6F577D923E390F5D6BE7DF870 800768 ----a-w- C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-04-14 12:02:24 C31BB8559C52E389B82A4B533C2FB39A 764928 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2016-04-14 12:02:24 3ABE2040F4F9BDDD008EC5D4713D5ABE 294752 ----a-w- C:\WINDOWS\SysWOW64\msv1_0.dll 2016-04-14 12:02:20 CA3C908B5C24293F1F1FB89301D63F16 1588224 ----a-w- C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-14 12:02:20 594D1C58958A1F980336964B643784F3 3671040 ----a-w- C:\WINDOWS\SysWOW64\msi.dll 2016-04-14 12:02:19 64229C17CFE9262689EAE3E852D3975F 296488 ----a-w- C:\WINDOWS\SysWOW64\policymanager.dll 2016-04-14 12:02:19 1F19665881A6167CC9E31A42C1F98AC3 638464 ----a-w- C:\WINDOWS\SysWOW64\TokenBroker.dll 2016-04-14 12:02:18 F29EDA4FE119EBF4881C9BA9AE7B27E7 84832 ----a-w- C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-04-14 12:02:18 CC68ABFB0AA40F62E7BD740101A0C92B 1117184 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2016-04-14 12:02:18 0BF6FDE72035DDC32FAF24344853B80B 777728 ----a-w- C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2016-04-14 12:02:17 7C557ABB26C2B2D930AA005FF6A8C025 592384 ----a-w- C:\WINDOWS\SysWOW64\Windows.Web.dll 2016-04-14 12:02:17 6A7ACABAE92C837F5C1330188EAE36AE 535080 ----a-w- C:\WINDOWS\SysWOW64\dnsapi.dll 2016-04-14 12:02:17 2C0BBF7FC5526D7285BEAD239895C473 682496 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2016-04-14 12:02:16 ACE2B02BA07DF7F13F59D07F7A38AA18 161792 ----a-w- C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-14 12:02:16 2BDB397DC5EC7D3186358F7F2388A009 59904 ----a-w- C:\WINDOWS\SysWOW64\MosStorage.dll 2016-04-14 12:02:15 7C7CC816CEEB07022EBCC6B779B16E1D 521728 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2016-04-14 12:02:13 C122D52ED9662F09EC2650B010544468 73872 ----a-w- C:\WINDOWS\SysWOW64\srvcli.dll 2016-04-14 12:02:13 7D276C5DF303462091092C3311027D30 129024 ----a-w- C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2016-04-14 12:02:12 D1600085065675F98F41A01DCD03AA6E 854528 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2016-04-14 12:02:12 B9378EA1892974391D15D54E57056130 151040 ----a-w- C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-04-14 12:02:12 6C2B2CA75F486449921ED10A39DB9799 69744 ----a-w- C:\WINDOWS\SysWOW64\netapi32.dll 2016-04-14 12:02:11 C5F501F481234D821457CA3A270BFCE7 83968 ----a-w- C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll 2016-04-14 12:02:11 B65D241B81A010B6A78CCEEA900CCFC0 56320 ----a-w- C:\WINDOWS\SysWOW64\wkscli.dll 2016-04-14 12:02:11 8D9CB9BB31AC17112D75456E928C3839 103936 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2016-04-14 12:02:11 35B0826C3EF8A0E16DF4F4A8D30246C7 705536 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll 2016-04-14 12:02:10 AD1EC1102124182624F1224768FFAE96 564224 ----a-w- C:\WINDOWS\SysWOW64\WSDApi.dll 2016-04-14 12:02:10 7D51637A2E604113F1A4E96FF3F2727C 51128 ----a-w- C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-04-14 12:02:09 5E52C817BCF919CF11CD523A2EC4A456 638464 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.dll 2016-04-14 12:02:09 1A341701906986F1865766C6849269FC 323072 ----a-w- C:\WINDOWS\SysWOW64\oleacc.dll 2016-04-14 12:02:08 6920DEFBFA38033B2438ED9760231C12 219648 ----a-w- C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-04-14 12:02:07 92B98A16E41005D74CF7B2EF28AB1FCF 26112 ----a-w- C:\WINDOWS\SysWOW64\wsdchngr.dll 2016-04-14 12:02:07 806D3A66BBC91F7F2B4FCC337C13EFAE 239104 ----a-w- C:\WINDOWS\SysWOW64\NotificationObjFactory.dll 2016-04-14 12:02:06 F0D9C0E953ACE5E5B8D3DD799B089B00 306176 ----a-w- C:\WINDOWS\SysWOW64\ieproxy.dll 2016-04-14 12:02:06 B4643C990D071EE99D9713336052F97B 193024 ----a-w- C:\WINDOWS\SysWOW64\credprovhost.dll 2016-04-14 12:02:05 3EB91A44E6BCD05CA257E113FCA1DA0C 43520 ----a-w- C:\WINDOWS\SysWOW64\browcli.dll 2016-04-14 12:02:04 E9B121C13C171C28E8AF4871B52AABA0 450560 ----a-w- C:\WINDOWS\SysWOW64\SyncController.dll 2016-04-14 12:02:03 F297B1F54D3FF42732C89C738AEC041F 141824 ----a-w- C:\WINDOWS\SysWOW64\easwrt.dll 2016-04-14 12:02:02 EAF904785CA7849C66F6DC2EF0A0E0E7 22528 ----a-w- C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe 2016-04-14 12:02:02 9A9CDAB4049BDB383C5CA8746F44E4CB 269824 ----a-w- C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-14 12:02:02 2E947792E9B1C738E33FD5794B1650F9 30208 ----a-w- C:\WINDOWS\SysWOW64\tbauth.dll 2016-04-14 12:02:01 144B4EDF56E0D48C501F4AAEE5E032B0 6297088 ----a-w- C:\WINDOWS\SysWOW64\mos.dll 2016-04-14 12:02:00 E793B893135F3B6942B6230D45E27610 61440 ----a-w- C:\WINDOWS\SysWOW64\samlib.dll 2016-04-14 12:02:00 DBC451C2509141BFA9F851004A5DF99B 2193408 ----a-w- C:\WINDOWS\SysWOW64\actxprxy.dll 2016-04-14 12:02:00 BF769A5BEA8E50F12264746D30D57C6F 52736 ----a-w- C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll 2016-04-14 12:02:00 979CCB709243FE7B0E75E9CDCCF8C9A8 784896 ----a-w- C:\WINDOWS\SysWOW64\NMAA.dll 2016-04-14 12:02:00 96BFB1E4B3F38D999E418D286BE45BFB 118272 ----a-w- C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-14 12:02:00 91ED19257EAA98C1C95A7E5F0FF07FF0 10240 ----a-w- C:\WINDOWS\SysWOW64\oleacchooks.dll 2016-04-14 12:02:00 2823A28AB08EE9DCE85436C700799D66 80384 ----a-w- C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll 2016-04-14 12:01:59 DDD613E502D30A6E2E407F3280521311 87040 ----a-w- C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-04-14 12:01:59 BC5D8155DBA7DC0E4F92430701C19901 161280 ----a-w- C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-04-14 12:01:58 C9D7861D1C984E1997A3778A97DD1AF9 162816 ----a-w- C:\WINDOWS\SysWOW64\MTF.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-04-18 11:25:02 E4264A97B1E6BDB2B1E7465FF963CAEE 37288 ----a-w- C:\WINDOWS\Sysnative\authuitu.dll 2016-04-18 11:25:02 852D7A8DFD3DC06E823363740FC31C75 45992 ----a-w- C:\WINDOWS\Sysnative\TURegOpt.exe 2016-04-14 12:02:59 7A0E065E46156F9288AE32B1E0399247 52224 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll 2016-04-14 12:02:58 E2B2525EF375D716E0DE6FE8F3ADCEDB 365568 ----a-w- C:\WINDOWS\Sysnative\atmfd.dll 2016-04-14 12:02:58 AE6A68A065D4C26AF4BEFAA53623B266 2755584 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-04-14 12:02:57 CD885F960066DDD538CD1BBD509A0EC0 69632 ----a-w- C:\WINDOWS\Sysnative\wininetlui.dll 2016-04-14 12:02:57 4025493B778984A65B1A310864C4F08C 970752 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2016-04-14 12:02:56 F7391A45172C10D8B79A239CDD8BA88B 209408 ----a-w- C:\WINDOWS\Sysnative\storewuauth.dll 2016-04-14 12:02:56 60C04811AC0BB0BFC5E00D293B8F4464 630632 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe 2016-04-14 12:02:56 0F85790D9E32FA0B8798AECBBEF6F5F4 1731584 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-04-14 12:02:55 B21B08D436D2B9E7D280FCF9BCBB5DDE 22378496 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-04-14 12:02:55 A6A8B92FBADFA793794C0EEFA77941C3 13382656 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-04-14 12:02:54 A2B2198B126C8BB489585994A453B064 7474016 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-04-14 12:02:54 7F7591CCC146EC7D9EB77C1277D605F4 1213440 ----a-w- C:\WINDOWS\Sysnative\wwansvc.dll 2016-04-14 12:02:54 3D0DE8170ECCEC20CBF205D79C535BA1 2275328 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-04-14 12:02:54 14D75B31BA6A28F4A46D7432B48C26B3 45568 ----a-w- C:\WINDOWS\Sysnative\atmlib.dll 2016-04-14 12:02:53 92FB4032354D2074DA0DC9E70D8305B1 1388032 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2016-04-14 12:02:53 703F15FBAEA94F88FD5E12EFA94A0F7E 2656952 ----a-w- C:\WINDOWS\Sysnative\CoreUIComponents.dll 2016-04-14 12:02:53 5417FA7098B9A1F5A6EECB198A7B4BFC 3592704 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-04-14 12:02:52 DBADA23940BA56E3D96762C961145654 24602112 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-04-14 12:02:46 6870232D80480DA4FF1FBE3373FCA06E 965632 ----a-w- C:\WINDOWS\Sysnative\SRH.dll 2016-04-14 12:02:46 2F9B478546FC00827CB269BAD949D98B 16985600 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2016-04-14 12:02:46 290D24F50396B379338790B8E8D1C503 1714688 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll 2016-04-14 12:02:44 2291CACFF9BE4252C2D39D1A6D27B4E4 11545600 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-04-14 12:02:43 04EDE78320552097AC7EB3CE69A4A0BD 118272 ----a-w- C:\WINDOWS\Sysnative\fontsub.dll 2016-04-14 12:02:42 99D5C132D5085DACBFF909C3AAF832AC 2624512 ----a-w- C:\WINDOWS\Sysnative\InputService.dll 2016-04-14 12:02:42 775B118277B9A81BF9B23AA386A9196D 7836160 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-04-14 12:02:40 F8FAB3E1281FB937DB1C8109842A9534 3994624 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll 2016-04-14 12:02:39 32F3BA2C4849ED727508C021F999E147 3428864 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll 2016-04-14 12:02:37 5DFAF8BE5A3CABAABF6795BC09EB7876 948736 ----a-w- C:\WINDOWS\Sysnative\XblAuthManager.dll 2016-04-14 12:02:36 D0CCDC8D0D00DA363F9D87C2E9A803EF 1297752 ----a-w- C:\WINDOWS\Sysnative\LicenseManager.dll 2016-04-14 12:02:36 93E597D2B5C653E94680E8B8E1C59B36 641536 ----a-w- C:\WINDOWS\Sysnative\enterprisecsps.dll 2016-04-14 12:02:36 5276C6CCA158FD73D20642C6A7A507E7 1946112 ----a-w- C:\WINDOWS\Sysnative\dwmcore.dll 2016-04-14 12:02:36 0C015924C6DA5368E6B102CC597AC640 1390080 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll 2016-04-14 12:02:35 BE7D6EA3650F1C25076335A9C1F3D59B 1098240 ----a-w- C:\WINDOWS\Sysnative\dosvc.dll 2016-04-14 12:02:35 B471A4DA6F8DFF957B6F109FA182C366 3575296 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsThresholdAdminFlowUI.dll 2016-04-14 12:02:35 92840BF0817C457BB011220BA21BAE9B 1832448 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2016-04-14 12:02:35 2A2C0983B6FE62F02E7183335B1F5C20 1054208 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2016-04-14 12:02:34 EFA3EFE172FDA2EE7C3F64F17277181C 7199232 ----a-w- C:\WINDOWS\Sysnative\BingMaps.dll 2016-04-14 12:02:34 DB0C2721BE0E21EAA0C4C70B07F481DE 3078144 ----a-w- C:\WINDOWS\Sysnative\esent.dll 2016-04-14 12:02:34 2F844EBBB6BAA883BDDC472C44B738AE 1388544 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2016-04-14 12:02:33 F99D8BF6ACA4728C9E285BD161C22BCB 938496 ----a-w- C:\WINDOWS\Sysnative\MapControlCore.dll 2016-04-14 12:02:33 E8A201E7ACF39359D99EEDD3D059E5AC 1395712 ----a-w- C:\WINDOWS\Sysnative\UIAutomationCore.dll 2016-04-14 12:02:33 D8F3E820C39808C00A687AED554D23C0 859136 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll 2016-04-14 12:02:32 E5421101B84007FBC3D11501A6887F42 471552 ----a-w- C:\WINDOWS\Sysnative\NetSetupShim.dll 2016-04-14 12:02:32 BFE2669F7B0EB1EBAF587490E9E591AA 630272 ----a-w- C:\WINDOWS\Sysnative\PhoneProviders.dll 2016-04-14 12:02:32 9065EB3B7E982A5370790BF729EDBBA7 696664 ----a-w- C:\WINDOWS\Sysnative\NetSetupEngine.dll 2016-04-14 12:02:32 49FDB6B2E192AD639F09EF90C32A0395 852480 ----a-w- C:\WINDOWS\Sysnative\MapsStore.dll 2016-04-14 12:02:32 42C6780C909074A1879F8BBA34920FE6 988160 ----a-w- C:\WINDOWS\Sysnative\SharedStartModel.dll 2016-04-14 12:02:32 0F3C165B71F8140F50A1DB5DE3E6D695 2158592 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2016-04-14 12:02:31 EF953237B34D1468B81A6AB260A3C524 1317640 ----a-w- C:\WINDOWS\Sysnative\winload.efi 2016-04-14 12:02:31 C59CF7385D070450643D61C8ADEFFE3C 958976 ----a-w- C:\WINDOWS\Sysnative\RemoteNaturalLanguage.dll 2016-04-14 12:02:31 92291BFE95AD37CF486BD3E4B31F746B 1141504 ----a-w- C:\WINDOWS\Sysnative\winload.exe 2016-04-14 12:02:31 492FB85E61768950CDD27C87AED6E8FA 587776 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll 2016-04-14 12:02:31 1BF000CFA56FD272B4ECAC167CDF6A8F 1211904 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Cred.dll 2016-04-14 12:02:30 77981E6F98F4A8743D3AEB1A8AF4DE09 108544 ----a-w- C:\WINDOWS\Sysnative\InputLocaleManager.dll 2016-04-14 12:02:30 518A992A6700A86A47F79388F91737C0 1090048 ----a-w- C:\WINDOWS\Sysnative\RDXService.dll 2016-04-14 12:02:30 258BCD1FE978849EDB02D131FD1F7893 989536 ----a-w- C:\WINDOWS\Sysnative\SecConfig.efi 2016-04-14 12:02:29 C1C169EFA8E5E30A0A521C0409CAC153 874968 ----a-w- C:\WINDOWS\Sysnative\winresume.exe 2016-04-14 12:02:29 B0236F0FB7402381A50F2EBF031C49CF 1030416 ----a-w- C:\WINDOWS\Sysnative\winresume.efi 2016-04-14 12:02:29 0271B5C23A375E008C34024088D0F396 1575936 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Speech.dll 2016-04-14 12:02:28 834D1648124F0F2729462BF79DB0C2CD 369912 ----a-w- C:\WINDOWS\Sysnative\audiodg.exe 2016-04-14 12:02:28 6A0745D04DFB6E37A6D0FEE339A0B742 556032 ----a-w- C:\WINDOWS\Sysnative\PsmServiceExtHost.dll 2016-04-14 12:02:28 62300878366762EABAC7834543964A6E 498688 ----a-w- C:\WINDOWS\Sysnative\tileobjserver.dll 2016-04-14 12:02:28 46E51F35566F8B73540D56EAA0A97E46 175616 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Core.TextInput.dll 2016-04-14 12:02:28 1AE232355968BBCA3787B5B35DCA0FD0 550912 ----a-w- C:\WINDOWS\Sysnative\StoreAgent.dll 2016-04-14 12:02:27 85EE46E85C3E76809BC454A50564ECD6 418304 ----a-w- C:\WINDOWS\Sysnative\dmenrollengine.dll 2016-04-14 12:02:27 7ED9629564A44BF0ECAEDEDE7B1BC1FF 988160 ----a-w- C:\WINDOWS\Sysnative\NMAA.dll 2016-04-14 12:02:27 728146F5877FD08DE65B21817ABB19A8 765952 ----a-w- C:\WINDOWS\Sysnative\fveapi.dll 2016-04-14 12:02:27 45D26646E3AD737E5DE3DB91CCCE7DBA 339968 ----a-w- C:\WINDOWS\Sysnative\SensorService.dll 2016-04-14 12:02:27 3F4C879B631C77878B42F89990518F72 460288 ----a-w- C:\WINDOWS\Sysnative\MapConfiguration.dll 2016-04-14 12:02:27 1F3D69B0AE210874DDC300C3EF1C9CCD 438784 ----a-w- C:\WINDOWS\Sysnative\AccountsRt.dll 2016-04-14 12:02:26 E5C3042B68D4EA89B3C52E150E553DA0 617984 ----a-w- C:\WINDOWS\Sysnative\StorSvc.dll 2016-04-14 12:02:26 C5DEEC4F7ED591D1E322899ADC4EE45F 207360 ----a-w- C:\WINDOWS\Sysnative\NetSetupSvc.dll 2016-04-14 12:02:26 3C994D13A234D0E33D592CDF55F09B01 628736 ----a-w- C:\WINDOWS\Sysnative\MessagingDataModel2.dll 2016-04-14 12:02:26 281C61D772D6F267FEABDF71E38C621C 821760 ----a-w- C:\WINDOWS\Sysnative\TokenBroker.dll 2016-04-14 12:02:26 1E1631970DDFD63EDD4483D33E18EC89 300104 ----a-w- C:\WINDOWS\Sysnative\LockAppHost.exe 2016-04-14 12:02:26 167176E3A8B095C2E807D27CBE6AB0D3 1902592 ----a-w- C:\WINDOWS\Sysnative\msxml3.dll 2016-04-14 12:02:25 D842C2B65E77C13273B626317A5BC5C4 555520 ----a-w- C:\WINDOWS\Sysnative\SyncController.dll 2016-04-14 12:02:25 C1FD242DB2679B7E8F9D54955131A603 1056256 ----a-w- C:\WINDOWS\Sysnative\JpMapControl.dll 2016-04-14 12:02:25 B7C13F4BE0263F3A8303404A96F4246D 358752 ----a-w- C:\WINDOWS\Sysnative\msv1_0.dll 2016-04-14 12:02:25 87F0EA669FB37C03207A8870C3B91174 1410560 ----a-w- C:\WINDOWS\Sysnative\Windows.Web.Http.dll 2016-04-14 12:02:25 8790833B243AB6DD22A1F86FFB26B689 1052160 ----a-w- C:\WINDOWS\Sysnative\MsSpellCheckingFacility.dll 2016-04-14 12:02:25 7ECAE31725C1DC35CC448FA8D0EA09D9 324608 ----a-w- C:\WINDOWS\Sysnative\RDXTaskFactory.dll 2016-04-14 12:02:24 335995302980B83CA6B1974A84AC6009 730344 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Shell.Broker.dll 2016-04-14 12:02:23 AB3F697651DDAE1C424C9B2412EFBB59 1239552 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Bluetooth.dll 2016-04-14 12:02:23 82A4EFF3567A00EAAA5929C64C42F22D 269824 ----a-w- C:\WINDOWS\Sysnative\moshostcore.dll 2016-04-14 12:02:20 F374C27099807E99A156953F8416D34A 361472 ----a-w- C:\WINDOWS\Sysnative\bdesvc.dll 2016-04-14 12:02:20 DB2911201B4AAC79AF712C5551F0C41D 688640 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.Connectivity.dll 2016-04-14 12:02:20 8024D7BDD26E9C1280B8B6D605488179 848896 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll 2016-04-14 12:02:19 E15D10FA246ADC4DC59B93C13F417AA3 440320 ----a-w- C:\WINDOWS\Sysnative\CredProvDataModel.dll 2016-04-14 12:02:19 AC71C0A77ED618382D5422C6AB1747E4 169472 ----a-w- C:\WINDOWS\Sysnative\mdmmigrator.dll 2016-04-14 12:02:19 5CB565C1A0A30D76D7B099EEF9654297 256000 ----a-w- C:\WINDOWS\Sysnative\accountaccessor.dll 2016-04-14 12:02:19 51449675B00C62F970B497A2FBF1BC46 787456 ----a-w- C:\WINDOWS\Sysnative\Windows.Web.dll 2016-04-14 12:02:19 4C5D035670EB045123DCF87EE2FDB33B 162816 ----a-w- C:\WINDOWS\Sysnative\enrollmentapi.dll 2016-04-14 12:02:18 B82C04128A96A05139F9F58ED07D0DB2 3351040 ----a-w- C:\WINDOWS\Sysnative\msi.dll 2016-04-14 12:02:18 9A3E17CDB177913C2A111C80F3D0DBB4 686976 ----a-w- C:\WINDOWS\Sysnative\dnsapi.dll 2016-04-14 12:02:18 5066575F39AEECAA7A9E03C0FA007A90 881664 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Input.Inking.dll 2016-04-14 12:02:18 2F0FA6F60BC9A971BFBF31D1D2C8AF08 167936 ----a-w- C:\WINDOWS\Sysnative\dafBth.dll 2016-04-14 12:02:17 D3406F98BD98633780820C5EDBA9A5B4 166400 ----a-w- C:\WINDOWS\Sysnative\AboveLockAppHost.dll 2016-04-14 12:02:17 C8B840675B83DC8A257B075BFE5F9357 261376 ----a-w- C:\WINDOWS\Sysnative\LsaIso.exe 2016-04-14 12:02:17 B232CE503C6666873E7B9E4BA769C524 92160 ----a-w- C:\WINDOWS\Sysnative\policymanagerprecheck.dll 2016-04-14 12:02:17 AA5E227F977D03198227E09804394A24 127488 ----a-w- C:\WINDOWS\Sysnative\VEDataLayerHelpers.dll 2016-04-14 12:02:17 7E0078F1EFEB6F8F47CF85C1D73C7EBC 328192 ----a-w- C:\WINDOWS\Sysnative\profsvc.dll 2016-04-14 12:02:17 03416DA86664FF2141A5820868B0B9B1 88576 ----a-w- C:\WINDOWS\Sysnative\AppxSysprep.dll 2016-04-14 12:02:16 542C143FA639E4F488005E889C8A9CFD 74752 ----a-w- C:\WINDOWS\Sysnative\MosStorage.dll 2016-04-14 12:02:15 9FDAC1F65E074C1CF12C3E80BD5195E4 176640 ----a-w- C:\WINDOWS\Sysnative\mdmregistration.dll 2016-04-14 12:02:15 24146738C422814EEB2A98FF1FC5C6E1 338432 ----a-w- C:\WINDOWS\Sysnative\ncbservice.dll 2016-04-14 12:02:14 FDBDA93BA9CD3B78060705B41BFCF92D 288256 ----a-w- C:\WINDOWS\Sysnative\fveui.dll 2016-04-14 12:02:14 F432ACF44EABBE3EB98F613E1573DA6F 334736 ----a-w- C:\WINDOWS\Sysnative\policymanager.dll 2016-04-14 12:02:14 DF0321E30FD7D00BC8178FC58550B8C0 115040 ----a-w- C:\WINDOWS\Sysnative\NetSetupApi.dll 2016-04-14 12:02:14 CFF6A3799F83060D3FF538564E4264CA 374008 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsAdminFlows.exe 2016-04-14 12:02:14 AF13258A6E8FD57CE0B9C6BEDCDF80CB 144896 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Devices.dll 2016-04-14 12:02:14 A6969BAD3166EDA1C79988DD782A87CF 888320 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.dll 2016-04-14 12:02:14 21045DC8C67DA8600529FED2A6F90D6A 848896 ----a-w- C:\WINDOWS\Sysnative\samsrv.dll 2016-04-14 12:02:14 11C782F631D915895E56FC1CD8214E51 100232 ----a-w- C:\WINDOWS\Sysnative\omadmapi.dll 2016-04-14 12:02:12 B3B3BF36976D72C06C2D3524AC040643 81144 ----a-w- C:\WINDOWS\Sysnative\netapi32.dll 2016-04-14 12:02:12 2804ACDD73835F051CE71DA4DB25337D 110584 ----a-w- C:\WINDOWS\Sysnative\srvcli.dll 2016-04-14 12:02:11 E34A89A196F45473D61CCDAB193293D1 119808 ----a-w- C:\WINDOWS\Sysnative\BitLockerDeviceEncryption.exe 2016-04-14 12:02:11 CFF415024C353DA284731CB72FE3F8FF 770640 ----a-w- C:\WINDOWS\Sysnative\iuilp.dll 2016-04-14 12:02:11 998015F786B2B9EE029FB556393CF848 78040 ----a-w- C:\WINDOWS\Sysnative\wkscli.dll 2016-04-14 12:02:10 DA4F2FBA02ADB65797953219ABEF0C44 58400 ----a-w- C:\WINDOWS\Sysnative\SensorsNativeApi.dll 2016-04-14 12:02:10 AEBD5FCFBFF0294A2D87048D4F5417CB 74424 ----a-w- C:\WINDOWS\Sysnative\easinvoker.exe 2016-04-14 12:02:10 6758ABE6A73AE709A6C74F121C666CC1 841216 ----a-w- C:\WINDOWS\Sysnative\win32spl.dll 2016-04-14 12:02:10 3385A5D97C974EA03D6E17E97830F340 686592 ----a-w- C:\WINDOWS\Sysnative\ieproxy.dll 2016-04-14 12:02:10 0C8955B4BB1E9D588B4B62D0BD2E5E78 411648 ----a-w- C:\WINDOWS\Sysnative\oleacc.dll 2016-04-14 12:02:09 E5E09ABD5171EB8622821059D8757F43 239616 ----a-w- C:\WINDOWS\Sysnative\credprovhost.dll 2016-04-14 12:02:09 95A03F67830FDCB950E70261128D540D 957952 ----a-w- C:\WINDOWS\Sysnative\IKEEXT.DLL 2016-04-14 12:02:09 5839A317C25F70979433E0905DFABB1B 284672 ----a-w- C:\WINDOWS\Sysnative\dnsrslvr.dll 2016-04-14 12:02:09 4BE54893EC2A3B26140DF44E7B6D4E99 230400 ----a-w- C:\WINDOWS\Sysnative\DAFWSD.dll 2016-04-14 12:02:09 12D83590FEF1C8C28DBF3323C61E831A 31232 ----a-w- C:\WINDOWS\Sysnative\wsdchngr.dll 2016-04-14 12:02:07 F40C5151476B066A4061E67DFA641657 128512 ----a-w- C:\WINDOWS\Sysnative\dmcsps.dll 2016-04-14 12:02:07 B8293D5BCBCE179870AAB09CCF21B120 151040 ----a-w- C:\WINDOWS\Sysnative\VEStoreEventHandlers.dll 2016-04-14 12:02:07 A2902A998C3A8A049D26235A75DBE300 174592 ----a-w- C:\WINDOWS\Sysnative\easwrt.dll 2016-04-14 12:02:07 94612B9F7FC2B1A5C6D337C649B346F1 278528 ----a-w- C:\WINDOWS\Sysnative\NotificationObjFactory.dll 2016-04-14 12:02:07 81B78E1782DB1BA758FDA7B993C9FEB5 91136 ----a-w- C:\WINDOWS\Sysnative\browserbroker.dll 2016-04-14 12:02:07 722A68A4CC2BC8BC3C0B776B0711A3C9 285696 ----a-w- C:\WINDOWS\Sysnative\VEEventDispatcher.dll 2016-04-14 12:02:06 F5B8CC586CE9D6187F412B5DFE932468 33280 ----a-w- C:\WINDOWS\Sysnative\wuautoappupdate.dll 2016-04-14 12:02:06 56C238ACFE4CB020D3E38508249039EA 87040 ----a-w- C:\WINDOWS\Sysnative\tzautoupdate.dll 2016-04-14 12:02:06 38C87ECB57CB973AA5DA633B91778670 676352 ----a-w- C:\WINDOWS\Sysnative\WSDApi.dll 2016-04-14 12:02:05 F72F137EEFF89D0B5A2FB8867B4ACEED 402432 ----a-w- C:\WINDOWS\Sysnative\FWPUCLNT.DLL 2016-04-14 12:02:05 F0BBBF8807D5725102A9EB06AEB9C1C5 58368 ----a-w- C:\WINDOWS\Sysnative\browcli.dll 2016-04-14 12:02:05 D22A2DEC01300ECEB41D22AB60B1E4B3 66048 ----a-w- C:\WINDOWS\Sysnative\OnDemandConnRouteHelper.dll 2016-04-14 12:02:05 A617BE5E429A035A1CA8217C1B16F0BB 134656 ----a-w- C:\WINDOWS\Sysnative\browser.dll 2016-04-14 12:02:05 82E25186617BA6C15010F0D47C705705 65536 ----a-w- C:\WINDOWS\Sysnative\basesrv.dll 2016-04-14 12:02:05 712AE16ED8FC7F2363F7EA1D8F6D546A 821248 ----a-w- C:\WINDOWS\Sysnative\fvewiz.dll 2016-04-14 12:02:05 7119946D6A8D221C65514267D9F4D520 4774912 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2016-04-14 12:02:04 A15D9F32A84660FA62F9D27577B0F105 324608 ----a-w- C:\WINDOWS\Sysnative\fvecpl.dll 2016-04-14 12:02:04 8FFFDB163436D790369E39700B8A7DC1 27648 ----a-w- C:\WINDOWS\Sysnative\LicenseManagerShellext.exe 2016-04-14 12:02:04 594FDF2DB7568C73C282B282845E30CF 36352 ----a-w- C:\WINDOWS\Sysnative\tbauth.dll 2016-04-14 12:02:04 37F5E2385CB4D10AB42186974B9C241A 794112 ----a-w- C:\WINDOWS\Sysnative\BFE.DLL 2016-04-14 12:02:04 091D5AE5E663A66EE73B539AF7C32EC5 69632 ----a-w- C:\WINDOWS\Sysnative\fveskybackup.dll 2016-04-14 12:02:03 3F4461644840A3C5572DDC726C36BDF7 92160 ----a-w- C:\WINDOWS\Sysnative\SensorsNativeApi.V2.dll 2016-04-14 12:02:02 E083BE4900FCBB6BC42943438DCF2CAD 176128 ----a-w- C:\WINDOWS\Sysnative\SystemSettings.DeviceEncryptionHandlers.dll 2016-04-14 12:02:02 D9A795240A84C9E3DA78BC1B9E239FCF 95744 ----a-w- C:\WINDOWS\Sysnative\samlib.dll 2016-04-14 12:02:02 C10E0567A0C9541F839EC5B4758795DA 48128 ----a-w- C:\WINDOWS\Sysnative\wups.dll 2016-04-14 12:02:02 9BC40C5A140B5F380042E391CC95993F 66560 ----a-w- C:\WINDOWS\Sysnative\moshost.dll 2016-04-14 12:02:02 63939B50C5C103FA71A419BCEA5B1CF0 26112 ----a-w- C:\WINDOWS\Sysnative\TokenBrokerCookies.exe 2016-04-14 12:02:02 0D9E0BDCCCE10F07A7B66A61B27C1F71 116224 ----a-w- C:\WINDOWS\Sysnative\FontProvider.dll 2016-04-14 12:02:01 C3BB5D3E3DD24AC0BFA9223F2877F136 76800 ----a-w- C:\WINDOWS\Sysnative\NetCfgNotifyObjectHost.exe 2016-04-14 12:02:01 91F08041D932816D0D9607F68578A87E 34816 ----a-w- C:\WINDOWS\Sysnative\dmenterprisediagnostics.dll 2016-04-14 12:02:01 727E03710FB2320AC0C114A9BF40AB40 7979008 ----a-w- C:\WINDOWS\Sysnative\mos.dll 2016-04-14 12:02:01 5300F190147040AECDA4F8D669B7D673 28672 ----a-w- C:\WINDOWS\Sysnative\mapsupdatetask.dll 2016-04-14 12:02:00 F4F6D943E788447DAE29DA217B6743E6 147456 ----a-w- C:\WINDOWS\Sysnative\mtxoci.dll 2016-04-14 12:02:00 CA24B0764C9DFE243D15A8708580673B 107520 ----a-w- C:\WINDOWS\Sysnative\BdeHdCfgLib.dll 2016-04-14 12:02:00 A4CA6FE3F02C6299EED8B7296DC902D6 12800 ----a-w- C:\WINDOWS\Sysnative\oleacchooks.dll 2016-04-14 12:02:00 81D0BDE09DA9D13C4A5A47A8ADCE0993 120320 ----a-w- C:\WINDOWS\Sysnative\MapsBtSvc.dll 2016-04-14 12:02:00 6B5963BC0C0074448A502FD19209D1BB 89088 ----a-w- C:\WINDOWS\Sysnative\MapsCSP.dll 2016-04-14 12:02:00 5118193C56A2F8D07554395B78A6FDCC 223232 ----a-w- C:\WINDOWS\Sysnative\fveapibase.dll 2016-04-14 12:01:59 E95C204F9042223B355C4D04CE675D50 86528 ----a-w- C:\WINDOWS\Sysnative\AppCapture.dll 2016-04-14 12:01:59 E81A803BE3E7D49DE669FB8C30B18BA4 414720 ----a-w- C:\WINDOWS\Sysnative\bcastdvr.exe 2016-04-14 12:01:59 AB416599057FFDC84E28BBB6DA69EADC 235008 ----a-w- C:\WINDOWS\Sysnative\MTF.dll 2016-04-14 12:01:59 446882966C68D7EF2783E6B327421493 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2016-04-14 12:01:59 087FF4F0D29833949962F8EE60DA345E 199168 ----a-w- C:\WINDOWS\Sysnative\InstallAgent.exe ====== C:\WINDOWS\Sysnative\drivers ===== 2016-04-21 11:49:28 C3C6CD680E4D2B2F682E6219BCC6CDCF 55056 ----a-w- C:\WINDOWS\Sysnative\drivers\iSafeKrnlBoot.sys 2016-04-21 11:49:28 9FB02FBA90F6AF59537A30C3DB9777C8 52392 ----a-w- C:\WINDOWS\Sysnative\drivers\iSafeNetFilter.sys 2016-04-14 12:02:56 19BD8A88AAC580592668B070AC0727D9 2152280 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2016-04-14 12:02:37 3B866F8CB10719A5AF9E410B1B149714 605440 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-04-14 12:02:28 2A0EF9AF5FD3FCCC25E17C47198D6E25 954368 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2016-04-14 12:02:27 63C3F74DC398A1C1A77E39DFB9C312CA 1089888 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2016-04-14 12:02:20 083A727D784009F9CCFB120C7841B7AF 2403680 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2016-04-14 12:02:19 28B8E1C6CBCF9FFE2FABFF3160C26ADF 258912 ----a-w- C:\WINDOWS\Sysnative\drivers\ufx01000.sys 2016-04-14 12:02:17 9E9D58F5E1702955B2F4D62996F80E8E 378208 ----a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2016-04-14 12:02:16 E582DA849A58524E645545FB68B6625D 1152864 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2016-04-14 12:02:15 DA0807D87A62D076C29C4E30F1E84F46 26112 ----a-w- C:\WINDOWS\Sysnative\drivers\xinputhid.sys 2016-04-14 12:02:14 935823F79CBEDB91637B63D37E3A5A36 148480 ----a-w- C:\WINDOWS\Sysnative\drivers\dfsc.sys 2016-04-14 12:02:11 B24408471C1BCB17FC44F5B47EA8DEA3 277856 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2016-04-14 12:02:11 AA4CD20708B7E0412A5316D7E2875103 530432 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2016-04-14 12:02:10 8359F776CA899E761852F2293B724EAE 185184 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2016-04-14 12:02:10 2BC2E99623119521EEF7910A11D0FDE0 694784 ----a-w- C:\WINDOWS\Sysnative\drivers\WdiWiFi.sys 2016-04-14 12:02:03 249A563C48DFD9E42A37587653E003BB 83968 ----a-w- C:\WINDOWS\Sysnative\drivers\serial.sys 2016-04-14 12:02:01 0731E8F4D8D3B8D3FD98A46A8ABFE0A0 333824 ----a-w- C:\WINDOWS\Sysnative\drivers\portcls.sys 2016-04-14 12:01:59 B13CB5CCEE91ACA77C985B8E0D53A7D4 84992 ----a-w- C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS 2016-04-12 09:52:21 8B084B611D6DC8A0882DD162793DECC3 80768 ----a-w- C:\WINDOWS\Sysnative\drivers\ucguard.sys ====== C:\WINDOWS\Tasks ====== 2016-04-23 13:26:38 72DB1020A1BEB9CA2537D2F24416FF59 4048 ----a-w- C:\WINDOWS\Sysnative\Tasks\DistromaticUpdater-logon 2016-04-23 13:26:38 6E6BE998A0ED8D6A748E0D81A0FD44DD 4578 ----a-w- C:\WINDOWS\Sysnative\Tasks\DistromaticUpdater-periodic 2016-04-21 11:48:25 A21692FC049EB5D56EEA32E430DD319B 3888 ----a-w- C:\WINDOWS\Sysnative\Tasks\jIxmRfRBrowserUpdateCore 2016-04-21 11:48:25 6D8F9A276EAFF9B9DA2F229209633A50 14810 ----a-w- C:\WINDOWS\Sysnative\Tasks\jIxmRfRCheckTask 2016-04-21 11:48:24 57EAFB97DCD00D2431C9FAFFEFD2C73C 14824 ----a-w- C:\WINDOWS\Sysnative\Tasks\jIxmRfRBrowserUpdateUA 2016-04-18 16:12:17 51573E13C4A44AA3CCAFB8C301150133 2904 ----a-w- C:\WINDOWS\Sysnative\Tasks\AVGPCTuneUp_Task_BkGndMaintenance 2016-04-15 14:51:49 A7CB5AAD568B86172A75B5B51548227E 15126 ----a-w- C:\WINDOWS\Sysnative\Tasks\Browser Updater Task(Core) ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-04-12 11:22:13 -------- d---a-w- C:\Program Files\Garmin GPS Plugin ======= C:\PROGRA~2 ===== 2016-04-23 13:26:36 -------- d-----w- C:\PROGRA~2\Amazon Browser Settings 2016-04-23 13:26:32 -------- d-----w- C:\PROGRA~2\Amazon 2016-04-23 13:25:16 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2016-04-23 13:24:37 -------- d-----w- C:\PROGRA~2\Java 2016-04-21 11:49:22 -------- d-----w- C:\PROGRA~2\Elex-tech 2016-04-21 11:48:07 -------- d-----w- C:\PROGRA~2\jIxmRfR 2016-04-18 10:32:13 -------- d-----w- C:\PROGRA~2\AVG 2016-04-15 14:51:49 -------- d-----w- C:\PROGRA~2\QQBrowser 2016-04-12 11:22:13 -------- d---a-w- C:\PROGRA~2\Garmin GPS Plugin 2016-04-12 09:51:44 -------- d-----w- C:\PROGRA~2\WinTsks 2016-04-12 09:51:44 -------- d-----w- C:\PROGRA~2\WinSvces 2016-04-12 09:51:43 -------- d-----w- C:\PROGRA~2\SpeedSearchesbnd 2016-04-12 09:51:37 -------- d---a-w- C:\PROGRA~2\AdBlocker 2016-04-12 09:18:47 -------- d---a-w- C:\PROGRA~2\COMMON~1\Skype ======= C: ===== ====== C:\Users\Rossi930\AppData\Roaming ====== 2016-04-23 13:26:38 -------- d-----w- C:\Users\Rossi930\AppData\Local\Amazon Browser Settings 2016-04-21 11:48:43 -------- d-----w- C:\Users\Rossi930\AppData\Local\jIxmRfR 2016-04-18 10:33:23 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\AvgSetupLog 2016-04-18 10:33:01 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Avg 2016-04-18 10:32:16 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avg 2016-04-18 10:26:21 -------- d-----w- C:\Users\Rossi930\AppData\Local\AvgSetupLog 2016-04-12 09:52:21 -------- d-----w- C:\Users\Rossi930\AppData\Local\UCBrowser ====== C:\Users\Rossi930 ====== 2016-04-23 13:24:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-04-23 13:19:45 34CC302C512B0B4F6485F324F6171ED3 738368 ----a-w- C:\Users\Rossi930\Downloads\JavaSetup8u91.exe 2016-04-22 10:32:42 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Rossi930\Downloads\RSITx64.exe 2016-04-21 11:49:04 -------- d-----w- C:\ProgramData\jIxmRfR 2016-04-21 11:48:15 -------- d-----w- C:\Users\Public\Documents\jIxmRfR 2016-04-18 10:33:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2016-04-18 10:32:12 -------- d-----w- C:\ProgramData\Avg 2016-04-15 14:52:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee 2016-04-15 14:51:51 -------- d-----w- C:\ProgramData\lwinpl 2016-04-12 11:21:39 99B4A2A03C2F9C566403D372926AA281 18860616 ----a-w- C:\Users\Rossi930\Downloads\CommunicatorPlugin_420.exe 2016-04-12 11:21:09 362AC1D0FE7D0A8AD4B3B88630161E5E 8997592 ----a-w- C:\Users\Rossi930\Downloads\USBDrivers_2311.exe 2016-04-12 09:59:56 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\Users\Rossi930\ntuser.pol 2016-04-12 09:51:40 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol ====== C: exe-files == 2016-04-23 13:26:37 659E281BD04DE1391F64519E7262E986 3509352 ----a-w- C:\Program Files (x86)\Amazon Browser Settings\updater.exe 2016-04-23 13:26:37 659E281BD04DE1391F64519E7262E986 3509352 ----a-w- C:\Program Files (x86)\Amazon Browser Settings\uninstaller.exe 2016-04-23 13:26:36 659E281BD04DE1391F64519E7262E986 3509352 ----a-w- C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe 2016-04-23 13:24:53 D117B71E46E9156F1C88146E6F5EDB03 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2016-04-23 13:24:53 28AC474C021D764DF31736CB9B47DD88 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2016-04-23 13:24:53 0BA64EAF4F4080DA2FB79DCC05CB2A14 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2016-04-23 13:24:49 DE2D3B374C6EFA769028B811A1203FB1 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\jjs.exe 2016-04-23 13:24:49 D8065554BA4D664A55F57F76E1B4F9E3 77888 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2launcher.exe 2016-04-23 13:24:49 D26A12768BFA19B5565F82DF16B85192 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\kinit.exe 2016-04-23 13:24:49 BA45896DE4744CC7AB7EAECF59D6758C 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\orbd.exe 2016-04-23 13:24:49 B6AAFABF90E5FE4683690793F2963388 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\keytool.exe 2016-04-23 13:24:49 AFB89E0B881A2F9F0135AB8984B9FC53 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\pack200.exe 2016-04-23 13:24:49 76E017B33C2C0F72CBBDB77251B00658 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\rmid.exe 2016-04-23 13:24:49 6C58D1081EC589813A197E81CA5CB85C 159296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\unpack200.exe 2016-04-23 13:24:49 56B31942246558D41498912CA9868DF2 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\servertool.exe 2016-04-23 13:24:49 38E67313028C22B78E26D7860494015E 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\policytool.exe 2016-04-23 13:24:49 2EBB23647400B52B56815FEBC59DCCF7 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\ktab.exe 2016-04-23 13:24:49 2C02E97DF732010028B565DA92F3CB0F 51776 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssvagent.exe 2016-04-23 13:24:49 2ABC222E2C3E728136516D6390BDF447 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\klist.exe 2016-04-23 13:24:49 1F3D5C9A2D230CDE5B2120AA0F3721B6 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\tnameserv.exe 2016-04-23 13:24:49 1CB2916C0CC541F2A4AC28DAC03F1833 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\rmiregistry.exe 2016-04-23 13:24:48 D117B71E46E9156F1C88146E6F5EDB03 191552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\javaw.exe 2016-04-23 13:24:48 CCCE1ACFFBFCB34B5F3CD157A78522F8 68672 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\javacpl.exe 2016-04-23 13:24:48 AFD756C629D5527D1CFE3BE9D6EBB416 30784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\jabswitch.exe 2016-04-23 13:24:48 28AC474C021D764DF31736CB9B47DD88 191040 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\java.exe 2016-04-23 13:24:48 0BA64EAF4F4080DA2FB79DCC05CB2A14 268352 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\javaws.exe 2016-04-23 13:24:48 09EABD6F36ECC85644DCE5C3BD709F29 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\bin\java-rmi.exe 2016-04-23 13:24:11 6237DCE9875D4C2FDEEB7856C655B87A 128 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2692958852-1695414720-1072984534-1002\$IWC2DWS.exe 2016-04-23 13:23:56 34CC302C512B0B4F6485F324F6171ED3 738368 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2692958852-1695414720-1072984534-1002\$RWC2DWS.exe 2016-04-23 13:13:51 448DFA3A9ADCDACCBAF4108CDA08E37F 399472 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_64_BE5D89D8B9F08786.exe 2016-04-23 13:13:50 10C7582276BA5614D81DF46A9E16DC24 308336 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_32_13D64232A255CA16.exe 2016-04-23 13:13:49 F8C875A26AF343D9EF8020583E98A241 1104496 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_F3B2E431EE169D71.exe 2016-04-23 13:13:13 467237FB6807FAD8D7B0368C7830FB01 530032 ----a-w- C:\Program Files (x86)\Google\Update\Install\{8CCAE34D-7D25-4F2A-86F7-4DC06BA54D64}\GoogleToolbarInstaller_updater_signed.exe 2016-04-23 13:13:13 467237FB6807FAD8D7B0368C7830FB01 530032 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.7619.1252\GoogleToolbarInstaller_updater_signed.exe 2016-04-22 05:13:57 B59F9660984AC58B1290EF5E226E5C10 45303712 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\50.0.2661.87\50.0.2661.87_chrome_installer.exe 2016-04-21 22:13:50 A0F856B53760286CDCEBE89452698D2B 992856 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\50.0.2661.87\50.0.2661.87_50.0.2661.75_chrome_updater.exe 2016-04-21 11:49:31 A03A95B389479B2ADE3A288FA2EA11D1 118048 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\tws\iSafeSvc2.exe 2016-04-21 11:49:28 7DBE0EA875EE51E4941442213E690C76 470448 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp64.exe 2016-04-21 11:49:27 EC7210A6E0806CFDE79565952F3E84CC 290936 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\ipcdl.exe 2016-04-21 11:49:27 9EBAF1EA895749E4B9F29C82C47E7814 890584 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iDesk.exe 2016-04-21 11:49:27 553D46AB09485441EBF447EF77F88757 558616 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iSafeVirusScanner.exe 2016-04-21 11:49:26 FE8141CA10669111D08336922DB5DACB 369488 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe 2016-04-21 11:49:26 E843D6CB9B15EE770033E3368CAF1690 1059064 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\uninstall.exe 2016-04-21 11:49:26 CDE39C7DED9CC9169665811503BCA26C 308744 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iSafeBugReport.exe 2016-04-21 11:49:26 B0E6B595F23C73C7169E0C5D068AD8CC 359584 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe 2016-04-21 11:49:26 A03A95B389479B2ADE3A288FA2EA11D1 118048 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe 2016-04-21 11:49:26 7BDEDE5498BC4D85B9A598909197BB0B 505616 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp.exe 2016-04-21 11:49:26 586432734351A625A78108EA88A6FA96 317512 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iStart.exe 2016-04-21 11:49:26 25729B5E8DF28B46551CD5438E784F3A 365336 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\feedback.exe 2016-04-21 11:49:26 11F6F9216D8F77EAC196B07D66E819EA 118048 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe 2016-04-21 11:49:26 10B02327CA5D324AD8C992591A09CBE5 713544 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iSafe.exe 2016-04-21 11:49:12 CD1390EDF2DA7B5166BCBBBAB6B08B58 19324170 ----a-w- C:\Users\Rossi930\AppData\Local\Microsoft\Windows\INetCache\IE\H2M1BTT2\dat0420[1].exe 2016-04-21 11:48:52 8D677EE90317A10D3369C3885C93B268 1579416 ----a-w- C:\Users\Rossi930\AppData\Local\jIxmRfR\User Data\SwReporter\6.44.4\software_reporter_tool.exe 2016-04-21 11:48:13 FDF94F6EFC6B33EF4C089093714B708A 227240 ----a-w- C:\Program Files (x86)\jIxmRfR\Un__install.exe 2016-04-21 11:48:13 DCA5F8E454DF480D4CDD7C97172AAE0A 652200 ----a-w- C:\Program Files (x86)\jIxmRfR\jIxmRfR\delegate_execute.exe 2016-04-21 11:48:13 D87DF33939C2E7964A8D0B15D16B99E5 473000 ----a-w- C:\Program Files (x86)\jIxmRfR\jIxmRfR\bin\jIxmRfR_server.exe 2016-04-21 11:48:13 A814C85E283106AF0BA1B09DB92A1746 303016 ----a-w- C:\ProgramData\jIxmRfR\protect\protect.exe 2016-04-21 11:48:13 85589053C91E9FCF9CB0878F03A78651 1031592 ----a-w- C:\Program Files (x86)\jIxmRfR\jIxmRfR\chrome.exe 2016-04-21 11:48:13 000DD94A52327D5F50E89507A791C2FA 72104 ----a-w- C:\Program Files (x86)\jIxmRfR\jIxmRfR\wow_helper.exe 2016-04-21 10:24:04 88F3F82A4E065F6B99E7AD6CA4B83081 621832 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00008981\CoProc update.20665847.exe 2016-04-20 04:13:22 27C325E1EB78A41E767802D481C46EA0 8892608 ----a-w- C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe 2016-04-20 04:13:22 27C325E1EB78A41E767802D481C46EA0 8892608 ----a-w- C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\OneDriveSetup.exe 2016-04-20 04:13:17 F75A4E3FDA266B6E4A9FC3075AE3D4C2 176840 ----a-w- C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe 2016-04-20 04:13:17 AE03FFEAAB0963E119CD7AF8032FB054 493256 ----a-w- C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\OneDriveStandaloneUpdater.exe 2016-04-20 04:13:17 7AA1222AA05D17D4A727E52786AE7572 178888 ----a-w- C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileSyncConfig.exe 2016-04-18 11:24:51 F55C3197CEFAB359BFE1146AD85F5506 3147176 ----a-w- C:\Program Files (x86)\AVG\Setup\avgsetupx.exe 2016-04-18 11:24:51 D8ABB1EE680D7984B056580C5E7B8388 2235816 ----a-w- C:\Program Files (x86)\AVG\Setup\avgsetupwrkx.exe 2016-04-18 11:24:51 731F28E5D839DE0C0E133631036A566D 675240 ----a-w- C:\Program Files (x86)\AVG\Setup\avgntdumpx.exe 2016-04-18 10:33:28 AF5E798DA0D337E6C8D958264AB24BC8 78608 ----a-w- C:\ProgramData\Avg\Setup\av\avguirux.exe 2016-04-18 10:33:28 A28AE98D7B5CEFD1D21008B9CF31FB57 6069152 ----a-w- C:\ProgramData\Avg\Setup\av\avgmfapx.exe 2016-04-18 10:32:30 C686D034B22F184C65634DF19CCC2921 348944 ----a-w- C:\Program Files (x86)\AVG\Av\avgndisa.exe 2016-04-18 10:28:25 C9B96FF82A9A3F3ADB22908AEDB6F682 785907 ----a-w- C:\Program Files (x86)\UltraISO\unins000.exe === C: other files == 2016-04-23 13:24:49 CB600FFB53D99A9B07EB870111BA7470 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_91\lib\deploy\ffjcext.zip 2016-04-23 07:51:58 78D74D6DC29066188229F60792A4C52A 24956 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\tmp\2EBD7C8C.zip 2016-04-22 14:19:45 2B200AD741714527023D2D7EF11B0CFA 39685 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\tmp\096730C7.zip 2016-04-22 13:40:25 F3A63618D0884AEB1A287DF2A9F2097C 37026 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\tmp\6B4C21E8.zip 2016-04-22 12:13:58 3A7420AAB79361D29BEBA6C80EF3338C 52295 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\tmp\29216CB8.zip 2016-04-22 09:56:27 13FB7E8C9644D50D8D35B23E03A1130C 21229 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\tmp\3FE1328B.zip 2016-04-22 05:31:58 9886D788FD9DF1497D0C0FB0FFCDE0CC 30537 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\tmp\75706552.zip 2016-04-22 04:54:09 3D5FEC59229991DF715F26CA253F5CF2 14698 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\tmp\58826D28.zip 2016-04-21 23:12:36 498C2CCB66D1C7BDDFB7C9D7B2E48786 19924 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\tmp\53196AD4.zip 2016-04-21 12:50:09 79545D6DE71ED17D3F90B566828D0C69 425246 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\log\bugreport.zip 2016-04-21 11:49:28 9FB02FBA90F6AF59537A30C3DB9777C8 52392 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iSafeNetFilter.sys 2016-04-21 11:49:27 C582D9636E76C986B6BC4DE427C4FC5F 103904 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys 2016-04-21 11:49:27 C3C6CD680E4D2B2F682E6219BCC6CDCF 55056 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlBoot.sys 2016-04-21 11:49:27 858D97E151873DBFD955678FC9601F1B 52440 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys 2016-04-21 11:49:27 634537CD44F9D15B21690A97BAAE10DE 260856 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys 2016-04-21 11:49:27 62459D576E53A2DC6D7A804B8435B62D 110112 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys 2016-04-20 04:13:17 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\CollectOneDriveLogs.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-2692958852-1695414720-1072984534-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-2692958852-1695414720-1072984534-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_F216E1CF03F967D676EDA4B0F93EE6C8"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Spotify Web Helper"="C:\Users\Rossi930\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "OneDrive"="C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Spotify"="C:\Users\Rossi930\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-21-2692958852-1695414720-1072984534-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_USERS\S-1-5-21-2692958852-1695414720-1072984534-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64" "Uninstall C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "KLM"="C:\Program Files (x86)\MSI\KLM\KLM.exe" "Sound Blaster Cinema"="C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe /r" "Super-Charger"="C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "BDRegion"="C:\Program Files (x86)\Cyberlink\Shared files\brs.exe" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe /lps=fmw" "AVG_UI"="C:\Program Files (x86)\AVG\Av\avuirunnerx.exe C:\Program Files (x86)\AVG\Av\avgui.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_F216E1CF03F967D676EDA4B0F93EE6C8"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Spotify Web Helper"="C:\Users\Rossi930\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "OneDrive"="C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Spotify"="C:\Users\Rossi930\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64" "Uninstall C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "MBCfg64"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64" "Samsung Link"="C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Radio Manager"="C:\Program Files (x86)\SCM\Radio Manager.exe" "SCM"="C:\Program Files (x86)\SCM\SCM.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09-04-2015 23:07] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09-04-2015 23:07] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\AVGPCTuneUp_Task_BkGndMaintenance" [C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe] "C:\WINDOWS\SysNative\tasks\Browser Updater Task(Core)" [""C:\Program Files (x86)\QQBrowser\Update\6DC5E59AAF913A923CEB2014291F0932\Update\BrowserUpdate.exe""] "C:\WINDOWS\SysNative\tasks\CreateExplorerShellUnelevatedTask" [C:\WINDOWS\explorer.exe] "C:\WINDOWS\SysNative\tasks\DistromaticUpdater-logon" [C:\Program Files (x86)\Amazon Browser Settings\updater.exe] "C:\WINDOWS\SysNative\tasks\DistromaticUpdater-periodic" [C:\Program Files (x86)\Amazon Browser Settings\updater.exe] "C:\WINDOWS\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d" ["C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe"] "C:\WINDOWS\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon" ["C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe"] "C:\WINDOWS\SysNative\tasks\jIxmRfRBrowserUpdateCore" [C:\Program Files (x86)\jIxmRfR\jIxmRfR\bin\jIxmRfR_server.exe] "C:\WINDOWS\SysNative\tasks\jIxmRfRBrowserUpdateUA" [C:\Program Files (x86)\jIxmRfR\jIxmRfR\bin\jIxmRfR_server.exe] "C:\WINDOWS\SysNative\tasks\jIxmRfRCheckTask" [C:\Program Files (x86)\jIxmRfR\jIxmRfR\bin\jIxmRfR_server.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{B6F71DFA-3BA8-4029-B2F5-4003B34BE392}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\{9C8C3671-6534-4E05-91C1-2337A7734A70}" ["c:\windows\system32\launchwinapp.exe"] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Chromium Look ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions pbjikboenpfhbbejgkoklgkhjpfogcam - No path found[] Belfius Smart Card Reader Chrome Extension - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\agicnfmechmlphpjmeefookfjhifbmhi Bubble Shooter Level Pack - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\cclpcbfoiabkkbhlcdlkkjhledodjakp Pool - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb selector is not a valid CSS selector - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb AVG Web TuneUp - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn Add to Wunderlist - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmnddeddcgdllibmaodanoonljfdmooc AdBlock - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom 3D Galaxy Bowling - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\llojoebfpfheijcipgokjllohccfnkoo Google Maps - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh Chrome Web Store Payments - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Cube Slam - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcoeeddamedegogbcmdbadnoifmfipn Belfius Smart Card Reader Chrome Extension - Rossi930\AppData\Local\jIxmRfR\User Data\Default\Extensions\agicnfmechmlphpjmeefookfjhifbmhi Bubble Shooter Level Pack - Rossi930\AppData\Local\jIxmRfR\User Data\Default\Extensions\cclpcbfoiabkkbhlcdlkkjhledodjakp Pool - Rossi930\AppData\Local\jIxmRfR\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb selector is not a valid CSS selector - Rossi930\AppData\Local\jIxmRfR\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb AVG Web TuneUp - Rossi930\AppData\Local\jIxmRfR\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn Add to Wunderlist - Rossi930\AppData\Local\jIxmRfR\User Data\Default\Extensions\dmnddeddcgdllibmaodanoonljfdmooc AdBlock - Rossi930\AppData\Local\jIxmRfR\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Chrome Adr - Rossi930\AppData\Local\jIxmRfR\User Data\Default\Extensions\knbdkcpkcpmiakimkhhmlgkjmchgahil 3D Galaxy Bowling - Rossi930\AppData\Local\jIxmRfR\User Data\Default\Extensions\llojoebfpfheijcipgokjllohccfnkoo Google Maps - Rossi930\AppData\Local\jIxmRfR\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh Chrome Web Store Payments - Rossi930\AppData\Local\jIxmRfR\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Cube Slam - Rossi930\AppData\Local\jIxmRfR\User Data\Default\Extensions\pkcoeeddamedegogbcmdbadnoifmfipn ==== Chromium Fix ====================== C:\Users\Rossi930\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Rossi930\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Rossi930\AppData\Local\jIxmRfR\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Rossi930\AppData\Local\jIxmRfR\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn deleted successfully C:\Users\Rossi930\AppData\Local\jIxmRfR\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 ==== Reset Google Chrome ====================== C:\Users\Rossi930\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Rossi930\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Rossi930\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully C:\Users\Rossi930\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesgbak was reset successfully C:\Users\Rossi930\AppData\Local\jIxmRfR\User Data\Default\Preferences was reset successfully C:\Users\Rossi930\AppData\Local\jIxmRfR\User Data\Default\Secure Preferences was reset successfully C:\Users\Rossi930\AppData\Local\jIxmRfR\User Data\Default\Secure Preferences.bad was reset successfully C:\Users\Rossi930\AppData\Local\jIxmRfR\User Data\Default\Secure Preferencesgbak was reset successfully C:\Users\Rossi930\AppData\Local\UCBrowser\User Data\Default\Preferences was reset successfully C:\Users\Rossi930\AppData\Local\UCBrowser\User Data\Default\Secure Preferences was reset successfully C:\Users\Rossi930\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Rossi930\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\Rossi930\AppData\Local\Google\Chrome\User Data\Default\Web Datagbak was reset successfully C:\Users\Rossi930\AppData\Local\jIxmRfR\User Data\Default\Web Data was reset successfully C:\Users\Rossi930\AppData\Local\jIxmRfR\User Data\Default\Web Data-journal was reset successfully C:\Users\Rossi930\AppData\Local\jIxmRfR\User Data\Default\Web Datagbak was reset successfully C:\Users\Rossi930\AppData\Local\UCBrowser\User Data\Default\Web Data.65 was reset successfully C:\Users\Rossi930\AppData\Local\UCBrowser\User Data\Default\Web Data.65-journal was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2692958852-1695414720-1072984534-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E727987-C8EA-44DA-8749-310C0FBE3C3E} deleted successfully HKEY_USERS\S-1-5-21-2692958852-1695414720-1072984534-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E727987-C8EA-44DA-8749-310C0FBE3C3E} deleted successfully HKEY_USERS\S-1-5-21-2692958852-1695414720-1072984534-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E727987-C8EA-44DA-8749-310C0FBE3C3E} deleted successfully HKEY_CLASSES_ROOT\CLSID\{6E727987-C8EA-44DA-8749-310C0FBE3C3E} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6E727987-C8EA-44DA-8749-310C0FBE3C3E} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2692958852-1695414720-1072984534-1001\SOFTWARE\Microsoft\Internet Explorer\Approved Extensions\{6E727987-C8EA-44DA-8749-310C0FBE3C3E} deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [KLM] C:\Program Files (x86)\MSI\KLM\KLM.exe O4 - HKLM\..\Run: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F216E1CF03F967D676EDA4B0F93EE6C8] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Rossi930\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [OneDrive] "C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [Spotify] "C:\Users\Rossi930\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rossi930\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-2692958852-1695414720-1072984534-1001\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2692958852-1695414720-1072984534-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser') O4 - Global Startup: Polar WebSync.lnk = C:\Program Files (x86)\Polar\WebSync\WebSync.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{4464949a-3d7d-478b-9ec4-7abb0ee09e95}: NameServer = 138.201.48.176,8.8.8.8 O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: AdBlockerService - Unknown owner - C:\Program Files (x86)\AdBlocker\Service.WinServiceHost.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe O23 - Service: Amazon 1Button App Service - Amazon Inc. - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe O23 - Service: CyberLink Product - 2013/04/23 18:09:04 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participações Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\SCM\MSIService.exe O23 - Service: Microsoft SharePoint Workspace Audit Service - Unknown owner - C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Origin Client Service - Electronic Arts - D:\Origin\OriginClientService.exe O23 - Service: Polar Daemon - Unknown owner - C:\Program Files (x86)\Polar\Daemon\polard.exe O23 - Service: Qualcomm Atheros Killer Service - Unknown owner - C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Samsung Link Service - Samsung Electronics Co.,Ltd - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default.migrated\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Rossi930\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Rossi930\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Rossi930\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Rossi930\AppData\Local\Microsoft\Windows\INetCache\Low\IE\D8K7T5SK will be deleted at reboot C:\Users\Rossi930\AppData\Local\Microsoft\Windows\INetCache\Low\IE\ME2Y7XID will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Rossi930\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Rossi930\AppData\Local\jIxmRfR\User Data\Default\Cache emptied successfully C:\Users\Rossi930\AppData\Local\UCBrowser\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3595 folders=719 382140546 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Rossi930\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\AVG\AVG PC TuneUp\html.dat" not found "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe" not found "C:\Program Files (x86)\AVG\AVG PC TuneUp" not found "C:\Users\Rossi930\AppData\Local\Microsoft\Windows\INetCache\Low\IE\D8K7T5SK" not found "C:\Users\Rossi930\AppData\Local\Microsoft\Windows\INetCache\Low\IE\ME2Y7XID" not found ==== EOF on za 23-04-2016 at 16:08:35,19 ======================