Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Alex on ma 16-05-2016 at 9:37:31,15. Microsoft Windows 10 Pro 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Alex\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 16-5-2016 09:41:07 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\Google deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\CanonEPP deleted successfully C:\PROGRA~3\CanonIJEPPEX2 deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\CorelDRAW Home and Student Suite 2014 deleted successfully C:\PROGRA~3\ioloGovernor deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully C:\Users\Alex\AppData\Local\ActiveSync deleted successfully C:\Users\Alex\AppData\Local\CrashDumps deleted successfully C:\Users\Alex\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Alex\AppData\Local\EmieSiteList deleted successfully C:\Users\Alex\AppData\Local\EmieUserList deleted successfully C:\Users\Alex\AppData\Local\NetworkTiles deleted successfully C:\Users\Alex\AppData\Local\PeerDistRepub deleted successfully C:\Users\Alex\AppData\Local\silo deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3855733098-1480899646-1222437621-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{814C76CB-2623-43F4-AAD0-58A0E5190A20} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== PowerDVD Create 10 Adobe Acrobat Reader DC - Nederlands Adobe Acrobat XI Pro Adobe AIR Adobe Refresh Manager AntiLogger Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update Avast Premier Avery Wizard 5.0 AVS Audio Converter 7 AVS Audio Editor 7.1 AVS Document Converter 2.2.5 AVS Image Converter 2.3.2.248 AVS Media Player 4.1.10.99 AVS Photo Editor AVS Registry Cleaner version 2.2 AVS Ringtone Maker version 1.6 Belfius Smart Card Reader Chrome-App Belgium e-ID middleware 4.1.16 (build 1723) Bonjour Bookworm Canon Easy-WebPrint EX Canon IJ Scan Utility Canon Inkjet Printer/Scanner/Fax Extended Survey Program Canon MG5700 series MP Drivers Canon MG5700 series On-screen Manual Canon My Image Garden Canon My Image Garden Design Files Canon My Printer Canon Quick Menu CCleaner Corel Graphics - Windows Shell Extension Corel Graphics - Windows Shell Extension 64 Bit CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit CorelDRAW Home & Student Suite 2014 - BR CorelDRAW Home & Student Suite 2014 - Capture CorelDRAW Home & Student Suite 2014 - Common CorelDRAW Home & Student Suite 2014 - Connect CorelDRAW Home & Student Suite 2014 - Custom Data CorelDRAW Home & Student Suite 2014 - CZ CorelDRAW Home & Student Suite 2014 - DE CorelDRAW Home & Student Suite 2014 - Draw CorelDRAW Home & Student Suite 2014 - EN CorelDRAW Home & Student Suite 2014 - ES CorelDRAW Home & Student Suite 2014 - Extra Content CorelDRAW Home & Student Suite 2014 - Filters CorelDRAW Home & Student Suite 2014 - FontNav CorelDRAW Home & Student Suite 2014 - FR CorelDRAW Home & Student Suite 2014 - IPM CorelDRAW Home & Student Suite 2014 - IT CorelDRAW Home & Student Suite 2014 - NL CorelDRAW Home & Student Suite 2014 - PHOTO-PAINT CorelDRAW Home & Student Suite 2014 - PL CorelDRAW Home & Student Suite 2014 - Redist CorelDRAW Home & Student Suite 2014 - Registration Gift CorelDRAW Home & Student Suite 2014 - RU CorelDRAW Home & Student Suite 2014 - Setup Files CorelDRAW Home & Student Suite 2014 - VideoBrowser CorelDRAW Home & Student Suite 2014 - Writing Tools CorelDRAW Home & Student Suite 2014 Create Recovery Media CyberLink Power2Go 7 CyberLink PowerProducer 5.5 Definition Update for Microsoft Office 2010 (KB3115129) 32-Bit Edition DisplayLink Core Software Dream Aquarium Enemy Front FastStone Capture 7.4 Folder Colorizer version 1.3.3 Gebruikersregistratie voor Canon MG5200 series Gebruikersregistratie voor Canon MG5700 series Google Chrome Google Earth Google Update Helper Intel(R) Chipset Device Software Intel(R) Management Engine Components Intel(R) ME UninstallLegacy Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Intel(R) USB 3.0 eXtensible Host Controller Driver Intel© Security Assist Intel© Trusted Connect Service Client iolo technologies' System Mechanic Java 8 Update 91 Java Auto Updater KeyCrypt SDK version 1.8.1.199 Lenovo Patch Utility 64 bit Lenovo Registration Lenovo Service Bridge Lenovo Slim USB Keyboard Lenovo Solution Center Lenovo System Update Lenovo USB Graphics Lenovo USB3.0 to DVI VGA Monitor Adapter Lenovo User Guide Logitech SetPoint 6.67 Message Center Plus Metric Collection SDK Metric Collection SDK 35 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (NLD) Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) Microsoft Office Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Mozilla Firefox 46.0 (x86 nl) Mozilla Maintenance Service Notification Mail Orange Adventurer Orange Inside Orange update Power Manager PowerDVD Create QuickTime 7 REACHit Realtek Ethernet Controller All-In-One Windows Driver Realtek High Definition Audio Driver SafeZone Stable 1.48.2066.101 Security Update for Microsoft Access 2010 (KB3101544) 32-Bit Edition Security Update for Microsoft Excel 2010 (KB3114888) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054984) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3101520) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2817478) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB3114402) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition Security Update for Microsoft Word 2010 (KB3115123) 32-Bit Edition SereneScreen Marine Aquarium 3 Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SHAREit Sharepod 4.0.0.1 Skype Click to Call Sniper Elite Sniper Elite V2 Software voor Intel© Chipset-apparaten Soldiers - Heroes of World War II SoMud 1.4.2 Spotify Stardock Fences 2 Steam Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TeamSpeak 3 Client TeamViewer 10 ThinkVantage Communications Utility UltraMon Unity Web Player Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2791057) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3054977) 32-Bit Edition Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition Update for Microsoft Office 2010 (KB3114750) 32-Bit Edition Update for Microsoft Office 2010 (KB3114989) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition Update for Microsoft OneNote 2010 (KB3114410) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3114756) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3115127) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB3114867) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition USB Enhanced Performance Keyboard VASCO Card Reader Plug-In (64-Bit) VASCO Smart Card Reader Plug-In (User) View Management Utility WaveEditor WD Drive Utilities Windows Driver Package - Intel Corporation (igfx) Display (01/29/2014 10.18.10.3412) WinZip 20.5 Zemana AntiMalware ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\AVAST Software\Avast\afwServ.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\TeamViewer\TeamViewer.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Program Files (x86)\TeamViewer\tv_w32.exe C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe C:\Users\Alex\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe C:\Program Files\WinZip\WZUpdateNotifier.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\AntiLogger\AntiLogger.exe C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe C:\Program Files (x86)\Lenovo\PowerMgr\SCHTASK.exe C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\Users\Alex\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\CorelDRAW Home and Student Suite 2014 not found C:\PROGRA~2\Pixia ver. 6 deleted C:\PROGRA~2\WinBee deleted C:\PROGRA~3\{A4C03A5E-4B4B-41FB-A8E6-48BD148372C7} deleted C:\PROGRA~3\Package Cache deleted C:\PROGRA~3\Trymedia deleted C:\Users\Alex\AppData\Local\Unity deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Alex\AppData\LocalLow\Unity deleted C:\windows\SysNative\tasks\WinZipBackGroundToolsTask deleted C:\Users\Alex\Documents\Add-in Express deleted "C:\Users\Alex\AppData\Local\AVAST Software\APM\Alex\ppRyCrhCqWReAtrN\kv_pam.db" not deleted "C:\Users\Alex\AppData\Local\AVAST Software\APM\Alex\ppRyCrhCqWReAtrN\kv_pamcore.db" not deleted "C:\Users\Alex\AppData\Local\AVAST Software\APM\Alex\ppRyCrhCqWReAtrN\kv_pampub.db" not deleted "C:\Users\Alex\AppData\Local\AVAST Software\APM\Alex\ppRyCrhCqWReAtrN\pam.db" not deleted "C:\Users\Alex\AppData\Roaming\iolo" deleted "C:\Users\Alex\AppData\Local\AVAST Software" not deleted "C:\Users\Alex\AppData\Local\AVAST Software\APM" not deleted "C:\Users\Alex\AppData\Local\AVAST Software\APM\Alex" not deleted "C:\Users\Alex\AppData\Local\AVAST Software\APM\Alex\ppRyCrhCqWReAtrN" not deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8010 MB CPU Info: Intel(R) Core(TM) i5-4440S CPU @ 2.80GHz CPU Speed: 2795,9 MHz Sound Card: Luidsprekers (Realtek High Defi | MD 20094 (Intel(R) Display Audi | Display Adapters: Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 Monitors: 2x; Generic PnP Monitor | Generic PnP Monitor | Screen Resolution: 1280 X 800 - 32 bit Network: Network Present Network Adapters: Linksys AE2500 #2 | Microsoft Hosted Network Virtual Adapter | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (G: | ) G: PLDS DVD-RW DH16AESH Ports: COM2 LPT1 Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 929,6GB | D: 931,5GB | E: 1396,9GB Hard Disks - Free: C: 699,8GB | D: 815,1GB | E: 1137,5GB Manufacturer *: LENOVO BIOS Info: AT/AT COMPATIBLE | 04/13/12 | LENOVO - 13a0 Time Zone: Romance (standaardtijd) Motherboard *: LENOVO Country: Nederland Language: NLD ==== System Specs (Software) ====================== Default Browser: Firefox 46.0 Internet Explorer Version: 11.306.10586.0 Mozilla Firefox version: 46.0 (x86 nl) Google Chrome version: 50.0.2661.102 Adobe Reader version: 15.16.20039.185268 Sun Java version: 1.8.0_91 (32-bit) Sun Java version: 1.8.0_91 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-05-11 03:25:07 2617877C5761B8A696FD0368861EE6E4 4515256 ----a-w- C:\WINDOWS\explorer.exe 2016-05-06 05:33:28 8D26DAE92B9995B082AE5B6BC2FB70DB 52184 ----a-w- C:\WINDOWS\avastSS.scr ====== C:\Users\Alex\AppData\Local\Temp ==== ====== Java Cache ===== 2016-04-28 17:41:14 C2C4419CC379775E48EFD958C3FEBFEE 479817 ----a-w- C:\Users\Alex\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\6f20baa4-2e1bcd2c 2016-04-28 17:41:12 C611538EFED63F122E4A07F748AC01B3 793 ----a-w- C:\Users\Alex\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\11dd5f3d-3d9d4d42 2016-04-28 17:41:14 115978367593D6D5725F2510F07AEF0F 442 ----a-w- C:\Users\Alex\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\11dd5f3d-866ea8a9a5e54c718f59857e9fb20e99af8e0c6c1540667a6358a78f78af6bf9-6.0.lap ====== C:\WINDOWS\SysWOW64 ===== 2016-05-11 03:25:30 15F732C297CE4B169D85214A96A16559 792064 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2016-05-11 03:25:29 22120EE8EC8AC405618FEA768071E267 19344384 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-05-11 03:25:23 3A5C07D5517087143701DBEB749F0EF1 18676224 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-05-11 03:25:22 0561104CC8619EC5A53848F642434235 13018112 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-05-11 03:25:16 9CD20753821A4F28AA797B5C9A24050F 9918976 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-05-11 03:25:15 5D9BB3289D25FDEA1B2DD491C9771778 21123320 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2016-05-11 03:25:14 468AA89AF32BEE9D6B0ABBDF7C88CF20 5240960 ----a-w- C:\WINDOWS\SysWOW64\windows.storage.dll 2016-05-11 03:25:13 9F6F693FD7738B8DA4B420E46E973F35 2919832 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2016-05-11 03:25:13 98DA2DE9A1AC739DF3750F7DABECC9CF 6295552 ----a-w- C:\WINDOWS\SysWOW64\mos.dll 2016-05-11 03:25:13 5A77C7C30E117F60ACCEF43E2EA6841D 12125696 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-05-11 03:25:12 A404EA688829EF2657431CB34D0C72DF 5660160 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-05-11 03:25:12 85ED26DB17B3270944C344E0E5B7C34A 1542816 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2016-05-11 03:25:10 3AEDE16F62921F443DDE37440C84B6F1 5205504 ----a-w- C:\WINDOWS\SysWOW64\BingMaps.dll 2016-05-11 03:25:06 FA6CCFE5305E3D276F06A104EAA83029 4759040 ----a-w- C:\WINDOWS\SysWOW64\d2d1.dll 2016-05-11 03:25:06 52FEDEA32F2BBFCD3AAA83FD39852C1A 2061824 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-05-11 03:25:05 80785EA474D952CC0CB2CF936E36DDE0 3666432 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2016-05-11 03:25:05 717DDEC1ABA5678EDC9F2AF1044BAA69 2000896 ----a-w- C:\WINDOWS\SysWOW64\twinui.appcore.dll 2016-05-11 03:25:05 692E62EA6039478321AE5D24A68E1FE2 4074160 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2016-05-11 03:24:59 FB01CB67364FF3AA677F0CFD8C958E50 5324288 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-05-11 03:24:59 2942FB92C23B77D3BD9D38117AF3663B 1557768 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2016-05-11 03:24:57 1F90253211F8E102D814F4DE4D550B85 1626624 ----a-w- C:\WINDOWS\SysWOW64\dwmcore.dll 2016-05-11 03:24:56 0188F4F7264EE585DE518FD02DDD9F79 711680 ----a-w- C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-05-11 03:24:55 35E635469515D564CE418DDCC7B7BC96 1500160 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-05-11 03:24:55 32A696B0A48CCCCE5FC8E8E572FD4E90 434688 ----a-w- C:\WINDOWS\SysWOW64\LogonController.dll 2016-05-11 03:24:55 2CE163D00A7DA251D77F7B39E267382B 925064 ----a-w- C:\WINDOWS\SysWOW64\mfplat.dll 2016-05-11 03:24:54 E48F0A089D9BAE356BF14FE3A16B1147 489984 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.dll 2016-05-11 03:24:54 B6506139C8A4CE3BDD3B4EFDF63A87B5 348672 ----a-w- C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-05-11 03:24:54 03B7C4D05DB7FF060E49FA900FCE627E 451928 ----a-w- C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2016-05-11 03:24:53 25E42F5C3FDE0E96BF3C16814DC7A688 1372304 ----a-w- C:\WINDOWS\SysWOW64\gdi32.dll 2016-05-11 03:24:52 30E3DC9ED2C6641709AC961CB7CE72BB 647680 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2016-05-11 03:24:51 3A1BD59AF5A0D20438D1E44FCF5EA4E8 349696 ----a-w- C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-05-11 03:24:51 362C9AA8696C74CD38F1416FF866C25C 522176 ----a-w- C:\WINDOWS\SysWOW64\dxgi.dll 2016-05-11 03:24:50 4ECC2FAF9F29066636E06253C0D7FA06 503296 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2016-05-11 03:24:50 1D04327817511268754ED6F177DAD3E8 754176 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-05-11 03:24:49 DFB54165665C7E369A59B273C91B90B0 800768 ----a-w- C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-05-11 03:24:49 D408D20295BA135DC1B9B181FADF78DD 255168 ----a-w- C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-05-11 03:24:49 318E2A6EC26C9703A5B273B015672660 388608 ----a-w- C:\WINDOWS\SysWOW64\schannel.dll 2016-05-11 03:24:48 89C74675E6DE7888153B1F6644772774 1536088 ----a-w- C:\WINDOWS\SysWOW64\crypt32.dll 2016-05-11 03:24:48 4B71644224F39A390B6DCC482B3D582A 639488 ----a-w- C:\WINDOWS\SysWOW64\TokenBroker.dll 2016-05-11 03:24:48 4AE45F3077E79A3E3B22996F80DA9E7A 354304 ----a-w- C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-05-11 03:24:47 122F8F0FAF690B88FBDE2DB097740AB6 569744 ----a-w- C:\WINDOWS\SysWOW64\SHCore.dll 2016-05-11 03:24:46 1587235261E629DFFAA0C39A72CAD1A6 667648 ----a-w- C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2016-05-11 03:24:46 10564E7A7EE807FF580E34A94ACF5590 1522152 ----a-w- C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2016-05-11 03:24:45 A825405D442EB9A2526468E16296DD58 513368 ----a-w- C:\WINDOWS\SysWOW64\d3d10level9.dll 2016-05-11 03:24:44 E7BD4D15CDC5A1E162256CFADCA92344 1337240 ----a-w- C:\WINDOWS\SysWOW64\user32.dll 2016-05-11 03:24:44 9E6DBA611E99BE75589D6A358F54364F 137728 ----a-w- C:\WINDOWS\SysWOW64\shacct.dll 2016-05-11 03:24:44 1B26C71109A2EA27DD6684719BF493EC 188256 ----a-w- C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-05-11 03:24:43 525FC35182F9660E2A7DCC75607535DC 707608 ----a-w- C:\WINDOWS\SysWOW64\rpcrt4.dll 2016-05-11 03:24:42 CD36155EE56E94B4E8830FA90822511F 503296 ----a-w- C:\WINDOWS\SysWOW64\SettingSync.dll 2016-05-11 03:24:42 A1A9DDD5C6A335C0B97423A2F75C9299 453472 ----a-w- C:\WINDOWS\SysWOW64\directmanipulation.dll 2016-05-11 03:24:42 30F680D95B0CCABE46C775672C912C0A 306832 ----a-w- C:\WINDOWS\SysWOW64\wlanapi.dll 2016-05-11 03:24:41 9F8A026A9643F89B4E451539A7AAC0C9 50176 ----a-w- C:\WINDOWS\SysWOW64\MosHostClient.dll 2016-05-11 03:24:41 5AEDC6D333BC8D8B1DE5928FCE2150DB 400896 ----a-w- C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-05-11 03:24:41 460CDD92C5283DCB9E35AF2B8DB7F200 461824 ----a-w- C:\WINDOWS\SysWOW64\CoreMessaging.dll 2016-05-11 03:24:41 1159023FAA938BF54C7C033D2BC643BE 59904 ----a-w- C:\WINDOWS\SysWOW64\MosStorage.dll 2016-05-11 03:24:40 FAD56D0A789345614220D9B770DF400A 465760 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-05-11 03:24:40 B91176A909798C7EAC28AB4FE786CA53 705536 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll 2016-05-11 03:24:39 25B0BAA64D6D62873FAA7719DB64015C 183904 ----a-w- C:\WINDOWS\SysWOW64\rsaenh.dll 2016-05-11 03:24:37 AB48B90C4DB88D2F31D1A6F460F76D29 241664 ----a-w- C:\WINDOWS\SysWOW64\cryptngc.dll 2016-05-11 03:24:36 E9E7FA1FC796ADC16A1169736EFC7AF3 84480 ----a-w- C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll 2016-05-11 03:24:36 9CAC58EBAFB3E32711920568810CDCD7 307200 ----a-w- C:\WINDOWS\SysWOW64\ieproxy.dll 2016-05-11 03:24:35 DA97C8A8C517210E4ACA90E45C836E80 80896 ----a-w- C:\WINDOWS\SysWOW64\BluetoothApis.dll 2016-05-11 03:24:35 96101F3B90BDE894A862CDF1B808A03F 84832 ----a-w- C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-05-11 03:24:35 8E8FBA400CD678AB46D46BB24921A051 342528 ----a-w- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-05-11 03:24:35 0D19695F93813C63B4656E42536892FA 47104 ----a-w- C:\WINDOWS\SysWOW64\hmkd.dll 2016-05-11 03:24:34 AA7CBB3B7A7BFC41E9EC4EF645797DFA 502104 ----a-w- C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-05-11 03:24:34 98DA8D97E83C73E7AD7A142A801E1898 2193408 ----a-w- C:\WINDOWS\SysWOW64\actxprxy.dll 2016-05-11 03:24:33 89C06DA6E3B3C06F69E2CAFB3431CAF5 31232 ----a-w- C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe 2016-05-11 03:24:33 359765C7C700F7CED909A69C5DBBD943 140800 ----a-w- C:\WINDOWS\SysWOW64\BrowserSettingSync.dll 2016-05-11 03:24:33 3166A46AA132AACD035C7163108F2DA1 103936 ----a-w- C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-05-11 03:24:32 F5814ED9E8B83F872FBDCB139B001C8A 23552 ----a-w- C:\WINDOWS\SysWOW64\wups.dll 2016-05-11 03:24:30 CD94405BB0A90B179E94BE23F4D2B79D 39424 ----a-w- C:\WINDOWS\SysWOW64\wfdprov.dll 2016-05-11 03:24:30 486919689633D1C0DADA718DF1A3E7FB 219648 ----a-w- C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-05-11 03:24:30 3D3BBD2DA5660B0B6C9F6A8B9401648C 337920 ----a-w- C:\WINDOWS\SysWOW64\wlanmsm.dll 2016-05-11 03:24:29 8450005F7BA8662A64E3FB7B0C3EE836 51712 ----a-w- C:\WINDOWS\SysWOW64\wshbth.dll 2016-05-11 03:24:29 6BC0E961EA78AFD90348C8E05896A7DC 784896 ----a-w- C:\WINDOWS\SysWOW64\NMAA.dll 2016-05-11 03:24:29 51DF6FC12B5EF8CA87414D79C98CBC7A 395264 ----a-w- C:\WINDOWS\SysWOW64\wlansec.dll 2016-05-11 03:24:28 40591C3BEBAEA638423B10863315D93F 87040 ----a-w- C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-05-11 03:24:26 9B034D049D1C6EC9BED55D2F27D86ED9 2186 ----a-w- C:\WINDOWS\SysWOW64\AppxProvisioning.xml 2016-05-03 06:21:35 BB0446E2924F4DF09EEDC64EBA4DF7DF 15464 ----a-w- C:\WINDOWS\SysWOW64\Upgrd.exe ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-05-16 07:12:36 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\Sysnative\smrgdf.txt 2016-05-11 03:25:33 D2EF3FDF915BBA7C9832FA890DD4D85A 16984576 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2016-05-11 03:25:32 FA05A804701A1BF900577A0F7C14B59E 24604672 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-05-11 03:25:30 A1144CA95D4C30449331D3DF39F295F9 970752 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2016-05-11 03:25:29 3602BE2186C15362DF2B5C489AC1B1D1 22379008 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-05-11 03:25:20 0BECECA1B6DA7B022FC9502D22B9E9B3 22561256 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2016-05-11 03:25:19 DBD087566420D945303C278A4FD90E60 440320 ----a-w- C:\WINDOWS\Sysnative\CredProvDataModel.dll 2016-05-11 03:25:19 75A22EF6AC813D4FE63E30C3C292F871 11545088 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-05-11 03:25:18 8F225A78F60DB08D4691C1C27CF644F2 6974464 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll 2016-05-11 03:25:18 24F2141493C1A2F6FDEC8C3FA5A95CDE 6605504 ----a-w- C:\WINDOWS\Sysnative\windows.storage.dll 2016-05-11 03:25:17 614EF7EFFE6896791CC8E4D045F37579 7977472 ----a-w- C:\WINDOWS\Sysnative\mos.dll 2016-05-11 03:25:16 5EED294E19B8293E4F0845CED31489BA 13383168 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-05-11 03:25:15 62D33462C8781DA354519488A571A9AD 7832576 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-05-11 03:25:13 5BDA53E18911DEAB35F03AA1C3213A78 3673424 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2016-05-11 03:25:12 03DE6DE0019FFC0DE60759A893BD8B3F 1819208 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2016-05-11 03:25:11 89FE1A65D15DE2AA9CBF86AA6A731557 7474528 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-05-11 03:25:10 F6718A9F2B5BFA1A42618F63BC890713 5502976 ----a-w- C:\WINDOWS\Sysnative\d2d1.dll 2016-05-11 03:25:09 7E500CCA3EC66C419F2E4BBDE8617647 4894208 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2016-05-11 03:25:08 1B8A57EC632457E909A06957CB216806 7200256 ----a-w- C:\WINDOWS\Sysnative\BingMaps.dll 2016-05-11 03:25:07 E4B5C9FEF4C8978CF75B584188868AF8 2582016 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2016-05-11 03:25:07 7539A3BF1DC12C53D6DDE078BE888951 190144 ----a-w- C:\WINDOWS\Sysnative\DeviceCensus.exe 2016-05-11 03:25:06 F83E3BAEF5931399978A31753B22D0BE 713920 ----a-w- C:\WINDOWS\Sysnative\generaltel.dll 2016-05-11 03:25:06 3F943A9A21814C6A394FBB8F1D4E622D 1401024 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll 2016-05-11 03:25:06 2A643E48326E427C6A43005EC29F314D 2444288 ----a-w- C:\WINDOWS\Sysnative\twinui.appcore.dll 2016-05-11 03:25:05 8A88DBA247BFF23BD284C2189F41FDA5 2280960 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-05-11 03:25:03 087FBBC026DCC0F693E91079B9901B7E 2166784 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2016-05-11 03:25:02 1A944DC7982279E73C4181DD5D50E021 3591168 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-05-11 03:25:02 19D88BF131158F4286294C372B4410B3 1946112 ----a-w- C:\WINDOWS\Sysnative\dwmcore.dll 2016-05-11 03:25:01 F172E5709824756634091047826E7A9F 1319424 ----a-w- C:\WINDOWS\Sysnative\wifinetworkmanager.dll 2016-05-11 03:25:01 C57CBD3D0A4B832F3DC18250FC02C3DE 46784 ----a-w- C:\WINDOWS\Sysnative\CompatTelRunner.exe 2016-05-11 03:25:01 AB17E08B47FECDAF0E1349797A6C41A4 1184960 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2016-05-11 03:25:01 082DC7D3704A17FF022D70C577785254 2066432 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2016-05-11 03:25:00 0C8655AAC4EA262F62B00DCDA4639819 2598912 ----a-w- C:\WINDOWS\Sysnative\NetworkMobileSettings.dll 2016-05-11 03:24:59 FD60606E2E7F74D7104A5DA1210D38E6 460800 ----a-w- C:\WINDOWS\Sysnative\MapConfiguration.dll 2016-05-11 03:24:59 78A9EBBAC348ACD9AF5B72ECF90944A7 853504 ----a-w- C:\WINDOWS\Sysnative\MapsStore.dll 2016-05-11 03:24:58 DA5108028A00B865BBECB1980EB05EB8 1997328 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2016-05-11 03:24:58 C1D51970E74AB5FFE46FE624BFE900C6 1731072 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-05-11 03:24:58 A5C14F8FE076B41778C56F2414F5D246 650304 ----a-w- C:\WINDOWS\Sysnative\dxgi.dll 2016-05-11 03:24:58 6D8365722FBB3E58FC2B10FEA00BE840 514752 ----a-w- C:\WINDOWS\Sysnative\devinv.dll 2016-05-11 03:24:57 F75A1710366B5C6B02D3C061DAA4C578 529920 ----a-w- C:\WINDOWS\Sysnative\LogonController.dll 2016-05-11 03:24:57 5FD7FDCE260C2ADE6CFFBC141657E8C0 939520 ----a-w- C:\WINDOWS\Sysnative\MapControlCore.dll 2016-05-11 03:24:57 54D6AEA7933377556BBBEC5F45539922 673280 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.dll 2016-05-11 03:24:57 090AAD83736B45769D2688E3BC1AB80A 1092464 ----a-w- C:\WINDOWS\Sysnative\mfplat.dll 2016-05-11 03:24:56 A8ECAFE7C58ABABA7CB1C377B7A7E309 984576 ----a-w- C:\WINDOWS\Sysnative\SettingSyncCore.dll 2016-05-11 03:24:56 5C156EC4E44E30331BCC865A3B61D839 585728 ----a-w- C:\WINDOWS\Sysnative\winlogon.exe 2016-05-11 03:24:56 0BF8D8C7EC9FB15D6480A12101E88B71 606720 ----a-w- C:\WINDOWS\Sysnative\wcmsvc.dll 2016-05-11 03:24:55 EBE067467C144B097CEF5F609F6ABF43 865792 ----a-w- C:\WINDOWS\Sysnative\AzureSettingSyncProvider.dll 2016-05-11 03:24:55 79BF53E386256057C30EF606DC3CFDFB 870400 ----a-w- C:\WINDOWS\Sysnative\modernexecserver.dll 2016-05-11 03:24:55 00A8CD22CCF7FA34501038C3C35186BD 498960 ----a-w- C:\WINDOWS\Sysnative\MFCaptureEngine.dll 2016-05-11 03:24:54 D5D0D1345DEAC9D08A6A5B146A29ADBE 1390080 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll 2016-05-11 03:24:54 0676A6C9A6EECA48E14B9AE13B0E3508 1387520 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2016-05-11 03:24:53 ECF260CA5837CE3174AAAE450C1888C6 605184 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2016-05-11 03:24:53 86BE19C6A177AEB93302EA5C4FBE2D11 754664 ----a-w- C:\WINDOWS\Sysnative\CoreMessaging.dll 2016-05-11 03:24:53 85A676350B7A349B1DFB47654FBF8C71 804352 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2016-05-11 03:24:53 2453622FF2CCB1BA1DFA588207E9C7A4 294592 ----a-w- C:\WINDOWS\Sysnative\invagent.dll 2016-05-11 03:24:53 1D7F891D7ADCE1A6824FCB57D6768E14 689152 ----a-w- C:\WINDOWS\Sysnative\ieproxy.dll 2016-05-11 03:24:53 191A50C760243B5B8E08E0A1CA0B1F7C 821760 ----a-w- C:\WINDOWS\Sysnative\TokenBroker.dll 2016-05-11 03:24:52 6EA247B3631FE0181583566B9D828B22 413536 ----a-w- C:\WINDOWS\Sysnative\wifitask.exe 2016-05-11 03:24:52 5DA95027DF2317174E8C39B4A8D1FCD8 1213440 ----a-w- C:\WINDOWS\Sysnative\wwansvc.dll 2016-05-11 03:24:51 ACC6B16066D073AA0E20B044BFEF9CD1 471552 ----a-w- C:\WINDOWS\Sysnative\NetSetupShim.dll 2016-05-11 03:24:50 99DDB4A100F6013E6B6B269880F0C936 988160 ----a-w- C:\WINDOWS\Sysnative\NMAA.dll 2016-05-11 03:24:50 93C28A95FC5CA7F420343AC9693E05E6 1594920 ----a-w- C:\WINDOWS\Sysnative\gdi32.dll 2016-05-11 03:24:50 82BC3D304654F8EBEFABDDC2AD70AFE3 497152 ----a-w- C:\WINDOWS\Sysnative\tileobjserver.dll 2016-05-11 03:24:50 70C5D325E1BBD9C771542375F9DE5711 303216 ----a-w- C:\WINDOWS\Sysnative\LockAppHost.exe 2016-05-11 03:24:49 F5F7CE3E32536F1A37FB3972F27A814F 1399224 ----a-w- C:\WINDOWS\Sysnative\user32.dll 2016-05-11 03:24:49 A29004CC4FE3A06B5C71969F6411FD41 287232 ----a-w- C:\WINDOWS\Sysnative\provhandlers.dll 2016-05-11 03:24:49 810B7BA7636930BD6A21A93296FBCA51 292864 ----a-w- C:\WINDOWS\Sysnative\provengine.dll 2016-05-11 03:24:49 52C95CFC459242ECBD8A557A197F6FF6 725776 ----a-w- C:\WINDOWS\Sysnative\SHCore.dll 2016-05-11 03:24:49 453EEF8F903DE266D9CB16313B5FA796 215040 ----a-w- C:\WINDOWS\Sysnative\aepic.dll 2016-05-11 03:24:49 3CFA0EA6ABC10436D998F7958912387C 1848072 ----a-w- C:\WINDOWS\Sysnative\crypt32.dll 2016-05-11 03:24:48 F7DD01F464ED3ADB8477CD5FD1DE6CF4 356864 ----a-w- C:\WINDOWS\Sysnative\ActivationManager.dll 2016-05-11 03:24:48 F1CC271FBAD94FBD3D69BC6BE443C33B 1056256 ----a-w- C:\WINDOWS\Sysnative\JpMapControl.dll 2016-05-11 03:24:48 F00A2E895B61858DBB3FE870495E37FA 210432 ----a-w- C:\WINDOWS\Sysnative\wcmcsp.dll 2016-05-11 03:24:48 ABF13620065E258771320165E0759761 1776768 ----a-w- C:\WINDOWS\Sysnative\WindowsCodecs.dll 2016-05-11 03:24:48 82C4028BABC9BADCD89600F5084E4543 479232 ----a-w- C:\WINDOWS\Sysnative\schannel.dll 2016-05-11 03:24:47 7F0318ECC1E6E566D02F218DD59CEA84 484352 ----a-w- C:\WINDOWS\Sysnative\DataSenseHandlers.dll 2016-05-11 03:24:47 489EDA0C433F5B0AA54033F523F2C80E 269824 ----a-w- C:\WINDOWS\Sysnative\moshostcore.dll 2016-05-11 03:24:47 37E893F5A0BB0DCF89D8464F4D5E0C3D 217440 ----a-w- C:\WINDOWS\Sysnative\AppxAllUserStore.dll 2016-05-11 03:24:46 C49BB15138D9A7AE2901692CA30E11D1 181248 ----a-w- C:\WINDOWS\Sysnative\shacct.dll 2016-05-11 03:24:46 8B4111E094EDDBED23EFA1FF8B5F314A 613376 ----a-w- C:\WINDOWS\Sysnative\SettingSync.dll 2016-05-11 03:24:46 5470B002C5E5D4DC8C4C330EAE8A685D 619296 ----a-w- C:\WINDOWS\Sysnative\d3d10level9.dll 2016-05-11 03:24:46 50E41D3203DA334DBBD2B3B6C7EA64CD 988672 ----a-w- C:\WINDOWS\Sysnative\SharedStartModel.dll 2016-05-11 03:24:46 1997A751EF0FB9889E6642428DC4CAB2 1161120 ----a-w- C:\WINDOWS\Sysnative\rpcrt4.dll 2016-05-11 03:24:45 FE42F8A07885E518ED1E846C93E4B78C 617984 ----a-w- C:\WINDOWS\Sysnative\StorSvc.dll 2016-05-11 03:24:45 F1DF87BCF5429D48484E78FB1933326B 848896 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll 2016-05-11 03:24:45 A55AB67676D0E90C279E36AF78EECCFA 515072 ----a-w- C:\WINDOWS\Sysnative\OneDriveSettingSyncProvider.dll 2016-05-11 03:24:45 734B3E9E4DA94DD093C6759CA0C2AA1E 4775424 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2016-05-11 03:24:45 56B24B359838BE86B013C2CFD38BDFC4 72704 ----a-w- C:\WINDOWS\Sysnative\moshost.dll 2016-05-11 03:24:45 33C215D1F36A184FB0C0F83ECBE12B5B 351232 ----a-w- C:\WINDOWS\Sysnative\NgcCtnr.dll 2016-05-11 03:24:44 E650C69B5CA9B786AD91E3E7F962A0EE 848896 ----a-w- C:\WINDOWS\Sysnative\samsrv.dll 2016-05-11 03:24:44 C1C81AAF533552B3C4D9F11A5FF97700 291360 ----a-w- C:\WINDOWS\Sysnative\wininit.exe 2016-05-11 03:24:44 0B28F2ACE5103586D322AD98FAA01309 870912 ----a-w- C:\WINDOWS\Sysnative\MPSSVC.dll 2016-05-11 03:24:43 EED30CDEAB6E4B45CBF1BD5298952049 550656 ----a-w- C:\WINDOWS\Sysnative\directmanipulation.dll 2016-05-11 03:24:43 CFF943806EBAD5CFAC26FD3DF304E79F 1073152 ----a-w- C:\WINDOWS\Sysnative\RDXService.dll 2016-05-11 03:24:43 C991F0E48492D1550279F901AB2332B0 390496 ----a-w- C:\WINDOWS\Sysnative\wlanapi.dll 2016-05-11 03:24:43 981F6C7FB2338CC7889BA4D37C1A9DCE 69632 ----a-w- C:\WINDOWS\Sysnative\EnterpriseDesktopAppMgmtCSP.dll 2016-05-11 03:24:43 3C52661045548D78EC0EB76495CB978F 66560 ----a-w- C:\WINDOWS\Sysnative\MosHostClient.dll 2016-05-11 03:24:43 242DA5F2A6D9C5DFE2F99127BD2077A4 92352 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll 2016-05-11 03:24:43 0CFE0F27EC828D9659FD8BF3A529F7B1 166400 ----a-w- C:\WINDOWS\Sysnative\SubscriptionMgr.dll 2016-05-11 03:24:42 7AAA9916AA10F4B0E9743798A5BA6549 649216 ----a-w- C:\WINDOWS\Sysnative\ngcsvc.dll 2016-05-11 03:24:42 679DD4763AA8028B2F26651D3D02A2E1 582656 ----a-w- C:\WINDOWS\Sysnative\ngccredprov.dll 2016-05-11 03:24:42 0FB83658FBB2C5A18AB98C5C94DB9FAF 289792 ----a-w- C:\WINDOWS\Sysnative\NgcCtnrSvc.dll 2016-05-11 03:24:41 B9B902C12D6872DE9135B0A7C1ACA5A8 565600 ----a-w- C:\WINDOWS\Sysnative\SettingSyncHost.exe 2016-05-11 03:24:41 B985F4CC9D63594D8D3DCADAC07F257E 130560 ----a-w- C:\WINDOWS\Sysnative\CloudDomainJoinDataModelServer.dll 2016-05-11 03:24:41 B28EA19205448B34303D006D50E9E65A 74752 ----a-w- C:\WINDOWS\Sysnative\MosStorage.dll 2016-05-11 03:24:41 5907323899BCEFA32BF6B002F2493C09 76288 ----a-w- C:\WINDOWS\Sysnative\ngcpopkeysrv.dll 2016-05-11 03:24:40 E706406D61508D207F6B41CA4AD30891 127488 ----a-w- C:\WINDOWS\Sysnative\VEDataLayerHelpers.dll 2016-05-11 03:24:40 A1BFD44C6343BDF582828EAB6B4CBDE5 630784 ----a-w- C:\WINDOWS\Sysnative\PhoneProviders.dll 2016-05-11 03:24:40 72229D3836EA9697F5E13AAEA85F8688 204048 ----a-w- C:\WINDOWS\Sysnative\rsaenh.dll 2016-05-11 03:24:39 3655A59A1E16307F2F6475AC037C1EE4 87040 ----a-w- C:\WINDOWS\Sysnative\MDMAppInstaller.exe 2016-05-11 03:24:38 EDF39F56DDF4116DCC8779A65EF8D6C5 58208 ----a-w- C:\WINDOWS\Sysnative\dwminit.dll 2016-05-11 03:24:38 7CEC266216126BC9A0E1072E1A7E5702 279040 ----a-w- C:\WINDOWS\Sysnative\ListSvc.dll 2016-05-11 03:24:37 C1FCA0AED814F1E814700833EF8E0616 179712 ----a-w- C:\WINDOWS\Sysnative\BrowserSettingSync.dll 2016-05-11 03:24:37 45FA01F8B7971ACB65202038E34D04A3 86528 ----a-w- C:\WINDOWS\Sysnative\wpdbusenum.dll 2016-05-11 03:24:36 D906EFF6ADB6704071C903E62867AC23 696672 ----a-w- C:\WINDOWS\Sysnative\NetSetupEngine.dll 2016-05-11 03:24:36 5E903356FCDC2C7011E5341A1C2D48E9 192000 ----a-w- C:\WINDOWS\Sysnative\provisioningcsp.dll 2016-05-11 03:24:36 4766A523BD8265F3082662A49C382680 26408 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2016-05-11 03:24:35 DCC42EF91745E4AB13602B9A4D86DDC4 115040 ----a-w- C:\WINDOWS\Sysnative\NetSetupApi.dll 2016-05-11 03:24:35 C417C35D0B714320708A1C18673ACE6C 104448 ----a-w- C:\WINDOWS\Sysnative\BluetoothApis.dll 2016-05-11 03:24:35 5DBA65D48CB7B17E241BB7430745C2E0 59392 ----a-w- C:\WINDOWS\Sysnative\hmkd.dll 2016-05-11 03:24:34 D0F9C288251907FD44B96837DBDF0A50 320000 ----a-w- C:\WINDOWS\Sysnative\cryptngc.dll 2016-05-11 03:24:34 A2953084546B1F46B5CCC7FC57A72C1B 314880 ----a-w- C:\WINDOWS\Sysnative\RDXTaskFactory.dll 2016-05-11 03:24:34 90A52EBAC043CFCA92E5F3DEAD4BBB4C 48128 ----a-w- C:\WINDOWS\Sysnative\wups.dll 2016-05-11 03:24:34 0BFEB4862FC2422DAC67EE95C278ECE0 111616 ----a-w- C:\WINDOWS\Sysnative\updatepolicy.dll 2016-05-11 03:24:33 33931A5F8E8B4446C547B020409D66C4 436736 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentClient.dll 2016-05-11 03:24:31 AB1738C51C1C1F41A885467E7BB0D37B 285696 ----a-w- C:\WINDOWS\Sysnative\VEEventDispatcher.dll 2016-05-11 03:24:30 ED309332DA910BE791F40F09F6FC50B5 38400 ----a-w- C:\WINDOWS\Sysnative\ByteCodeGenerator.exe 2016-05-11 03:24:30 DE1C434F0F89C37687D34FB8A8E77B46 120320 ----a-w- C:\WINDOWS\Sysnative\MapsBtSvc.dll 2016-05-11 03:24:30 7DDC2D8133CC1CA646134CC450C02C15 28672 ----a-w- C:\WINDOWS\Sysnative\mapsupdatetask.dll 2016-05-11 03:24:30 315CFB6974B5111E3E62E9A512C92B25 151040 ----a-w- C:\WINDOWS\Sysnative\VEStoreEventHandlers.dll 2016-05-11 03:24:30 09098FB07B47765865492C53B66E29E5 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2016-05-11 03:24:29 FE3A72E9BC5515509517D9BF41144252 414720 ----a-w- C:\WINDOWS\Sysnative\bcastdvr.exe 2016-05-11 03:24:29 C3534256AF526A16AADBA335AA99D58F 63488 ----a-w- C:\WINDOWS\Sysnative\wshbth.dll 2016-05-11 03:24:29 77DE2FC672F423C2DFCF2A12DB74197C 89088 ----a-w- C:\WINDOWS\Sysnative\MapsCSP.dll 2016-05-11 03:24:29 1AF7E0BA5D1AEA3DEF1CF05B070803FA 89600 ----a-w- C:\WINDOWS\Sysnative\NFCProvisioningPlugin.dll 2016-05-11 03:24:28 BD3F339FE542C30BB4A88F34A597728C 134656 ----a-w- C:\WINDOWS\Sysnative\wificonnapi.dll 2016-05-11 03:24:28 9C6EE1DE9CF7B77FF550A737816EB6DB 207360 ----a-w- C:\WINDOWS\Sysnative\NetSetupSvc.dll 2016-05-11 03:24:27 F70CB98E5669D44CBFA6F3EBF534977F 86528 ----a-w- C:\WINDOWS\Sysnative\AppCapture.dll 2016-05-11 03:24:26 9B034D049D1C6EC9BED55D2F27D86ED9 2186 ----a-w- C:\WINDOWS\Sysnative\AppxProvisioning.xml 2016-05-06 05:33:35 7E8152C231FF349CEEEB12146D90E952 398152 ----a-w- C:\WINDOWS\Sysnative\aswBoot.exe ====== C:\WINDOWS\Sysnative\drivers ===== 2016-05-11 03:25:04 48D8729FACC784900B831212AE56F824 1996640 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-05-11 03:24:54 01C01ED15ED56B98088CE1D5A0965E6A 577368 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-05-11 03:24:47 B880BE37452AB1D4AA93845F58EF7960 95072 ----a-w- C:\WINDOWS\Sysnative\drivers\sdport.sys 2016-05-11 03:24:46 CFFE69B6C276A3418687109EA8AC9E7D 330072 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2016-05-11 03:24:42 357910142E9285B978689B1DB4EFA00A 393568 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2016-05-11 03:24:39 E7463CE8579A0418A98BE9BE42C647D7 534872 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2016-05-11 03:24:39 C330883C06E2D4CE4F6982F048265D37 335712 ----a-w- C:\WINDOWS\Sysnative\drivers\fastfat.sys 2016-05-11 03:24:39 50DFE05C698E9B0A63D95E3D669A105C 638816 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys 2016-05-11 03:24:37 C0752D58193603B6ED762B4027C65E1B 155136 ----a-w- C:\WINDOWS\Sysnative\drivers\hidclass.sys 2016-05-11 03:24:37 2A87EA182EA333D79AA0B03833EA67F2 131424 ----a-w- C:\WINDOWS\Sysnative\drivers\ufxsynopsys.sys 2016-05-11 03:24:36 8F2523C9D8F1448FF2156452AF60FA00 87552 ----a-w- C:\WINDOWS\Sysnative\drivers\filecrypt.sys 2016-05-11 03:24:36 82D3B1F4D80057826AA649D78147DE36 63488 ----a-w- C:\WINDOWS\Sysnative\drivers\UcmCx.sys 2016-05-11 03:24:36 67B9684B8272D5EBD1CCBB1DBD425EC8 99680 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys 2016-05-11 03:24:34 4AAD6547953D373A1EB5B2DF583D868B 67072 ----a-w- C:\WINDOWS\Sysnative\drivers\usbser.sys 2016-04-27 05:28:56 1A490555FD330CA2764D89191177C867 285696 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys 2016-04-27 05:28:41 E582DA849A58524E645545FB68B6625D 1152864 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2016-04-27 05:28:41 935823F79CBEDB91637B63D37E3A5A36 148480 ----a-w- C:\WINDOWS\Sysnative\drivers\dfsc.sys 2016-04-27 05:28:41 19BD8A88AAC580592668B070AC0727D9 2152280 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2016-04-27 05:28:41 0B3B0C1D86050355676640488FA897D3 430944 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2016-04-27 05:28:41 083A727D784009F9CCFB120C7841B7AF 2403680 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2016-04-27 05:28:37 EDDB0D726DBECDFC1DBCC6DB464E5A13 146272 ----a-w- C:\WINDOWS\Sysnative\drivers\appid.sys 2016-04-27 05:28:37 E3C82823B22463BC38AA4F8ADA852624 104960 ----a-w- C:\WINDOWS\Sysnative\drivers\rasl2tp.sys 2016-04-27 05:28:37 AA4CD20708B7E0412A5316D7E2875103 530432 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2016-04-27 05:28:37 A4411C522D41707D5BCA817A5BB9E30B 114688 ----a-w- C:\WINDOWS\Sysnative\drivers\bridge.sys 2016-04-27 05:28:37 63C3F74DC398A1C1A77E39DFB9C312CA 1089888 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2016-04-27 05:28:37 2BC2E99623119521EEF7910A11D0FDE0 694784 ----a-w- C:\WINDOWS\Sysnative\drivers\WdiWiFi.sys 2016-04-27 05:28:32 F279536122B83FD0D8E158AA753E1B7C 238592 ----a-w- C:\WINDOWS\Sysnative\drivers\xboxgip.sys 2016-04-27 05:28:32 DA0807D87A62D076C29C4E30F1E84F46 26112 ----a-w- C:\WINDOWS\Sysnative\drivers\xinputhid.sys 2016-04-27 05:28:32 B24408471C1BCB17FC44F5B47EA8DEA3 277856 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2016-04-27 05:28:32 9E9D58F5E1702955B2F4D62996F80E8E 378208 ----a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2016-04-27 05:28:32 8949F77132A4F8F3BA17C6727099F002 127840 ----a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS 2016-04-27 05:28:32 8359F776CA899E761852F2293B724EAE 185184 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2016-04-27 05:28:32 469441BAE3FF8A16826FC62C51EF5E18 563552 ----a-w- C:\WINDOWS\Sysnative\drivers\acpi.sys 2016-04-27 05:28:32 3B866F8CB10719A5AF9E410B1B149714 605440 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-04-27 05:28:32 28B8E1C6CBCF9FFE2FABFF3160C26ADF 258912 ----a-w- C:\WINDOWS\Sysnative\drivers\ufx01000.sys 2016-04-27 05:28:32 249A563C48DFD9E42A37587653E003BB 83968 ----a-w- C:\WINDOWS\Sysnative\drivers\serial.sys 2016-04-27 05:28:32 0731E8F4D8D3B8D3FD98A46A8ABFE0A0 333824 ----a-w- C:\WINDOWS\Sysnative\drivers\portcls.sys 2016-04-27 04:37:57 64AEB5790901EA8854884981F104CAA6 18960 ----a-w- C:\WINDOWS\Sysnative\drivers\LNonPnP.sys 2016-04-27 04:36:11 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf 2016-04-25 09:57:46 584528BF596A54B2BF6BE5067ADDA44A 1254464 ----a-w- C:\WINDOWS\Sysnative\drivers\AE2500w764.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-05-10 18:01:32 -------- d-----w- C:\Program Files\WinZip 2016-04-30 01:19:52 -------- d-----w- C:\Program Files\trend micro 2016-04-27 05:21:00 -------- d-----w- C:\Program Files\Reference Assemblies 2016-04-27 05:21:00 -------- d-----w- C:\Program Files\MSBuild 2016-04-27 04:45:16 -------- d-----w- C:\Program Files\Common Files\SpeechEngines 2016-04-27 04:37:37 -------- d-----w- C:\Program Files\Realtek 2016-04-27 04:36:56 -------- d-----w- C:\Program Files\Intel ======= C:\PROGRA~2 ===== 2016-05-03 19:46:16 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2016-04-27 05:21:00 -------- d---a-w- C:\PROGRA~2\MSBuild 2016-04-27 05:21:00 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2016-04-27 04:45:22 -------- d-----w- C:\PROGRA~2\COMMON~1\SpeechEngines 2016-04-27 04:36:52 -------- d-----w- C:\PROGRA~2\COMMON~1\Intel 2016-04-20 22:47:33 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Alex\AppData\Roaming ====== 2016-05-15 18:17:27 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\PeerDistRepub 2016-05-10 18:01:39 -------- d-----w- C:\Users\Alex\AppData\Local\WinZip 2016-05-10 18:01:32 -------- d-----w- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 20.5 2016-05-03 08:22:37 -------- d-----w- C:\Users\Alex\AppData\Local\Mozilla 2016-04-27 05:14:39 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing 2016-04-27 05:04:20 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages 2016-04-27 04:57:01 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Zemana 2016-04-27 04:50:38 -------- d-----w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools 2016-04-27 04:50:38 -------- d-----w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility 2016-04-27 04:50:38 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help 2016-04-27 04:50:38 -------- d-----w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools 2016-04-27 04:50:38 -------- d-----w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility 2016-04-27 04:50:38 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help 2016-04-27 04:41:55 -------- d-s---r- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-04-27 04:41:55 -------- d-----w- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-04-27 04:41:55 -------- d-----w- C:\Users\Alex\AppData\Roaming 2016-04-27 04:41:55 -------- d-----w- C:\Users\Alex\AppData\Local\Temp 2016-04-27 04:41:55 -------- d-----w- C:\Users\Alex\AppData\Local\Microsoft 2016-04-27 04:41:55 -------- d-----w- C:\Users\Alex\AppData\Local 2016-04-27 04:41:55 -------- d-----r- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-04-27 04:41:55 -------- d-----r- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-04-27 04:41:55 -------- d-----r- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-04-27 04:41:55 -------- d-----r- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-04-27 04:41:54 -------- d-s---r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-04-27 04:41:54 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-04-27 04:41:54 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-04-27 04:41:54 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming 2016-04-27 04:41:54 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\Temp 2016-04-27 04:41:54 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\Microsoft 2016-04-27 04:41:54 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local 2016-04-27 04:41:54 -------- d-----r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-04-27 04:41:54 -------- d-----r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-04-27 04:41:54 -------- d-----r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-04-27 04:36:26 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2016-04-25 23:38:05 -------- d-----w- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo ====== C:\Users\Alex ====== 2016-05-14 04:06:52 -------- d-----w- C:\ProgramData\UniqueId 2016-05-10 18:01:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5 2016-05-03 19:44:53 CF2073CF7DF06C2E0B13570B14B08822 242216 ----a-w- C:\Users\Alex\Downloads\Firefox Setup Stub 46.0 (1).exe 2016-05-03 08:21:05 CF2073CF7DF06C2E0B13570B14B08822 242216 ----a-w- C:\Users\Alex\Downloads\Firefox Setup Stub 46.0.exe 2016-05-01 03:42:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware 2016-04-27 10:54:22 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\DefaultAppPool\ntuser.ini 2016-04-27 05:28:03 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Alex\ntuser.ini 2016-04-27 04:57:19 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\.oracle_jre_usage 2016-04-27 04:41:55 -------- d--h--w- C:\Users\Alex\AppData 2016-04-27 04:41:54 -------- d--h--w- C:\Users\DefaultAppPool\AppData 2016-04-27 04:41:14 9AC2C7D47A7E4B9385BD3F295F23117B 4194304 ----a-w- C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bin 2016-04-27 04:41:14 57DC6B4C4113BDD3E9408CAA7AFA6C51 262144 ----a-w- C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bak 2016-04-27 04:38:02 -------- d--h--w- C:\ProgramData\CanonBJ 2016-04-27 04:37:49 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\ProgramData\DP45977C.lfl 2016-04-26 12:09:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID 2016-04-25 22:56:14 -------- d-----w- C:\Users\Alex\.QtWebEngineProcess 2016-04-25 22:56:13 -------- d-----w- C:\Users\Alex\.LSC 2016-04-20 11:43:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiLogger ====== C: exe-files == 2016-05-13 00:44:02 967B748ECB8AC2345B8D10F19D1E31AC 1295448 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\50.0.2661.102\50.0.2661.102_50.0.2661.94_chrome_updater.exe 2016-05-11 19:28:16 3DEE4978E0484EFAE64998AAB938B3E3 343 ----a-w- C:\Users\Alex\AppData\Roaming\Orange\OrangeInside\two\OrangeInside.exe 2016-05-11 03:24:35 E004E3D268827C6F2E500411D95DF85E 493056 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2016-05-11 03:24:35 97FF7539F4E46E86A802CD5876549ACA 476160 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2016-05-10 22:38:48 E8B364111F317A60DF073826E628FF6F 92824 ----atw- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe 2016-05-10 22:38:48 54D932590CEAB260ADC4FF79797B21D9 92824 ----atw- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdateWebPlugin.exe 2016-05-10 22:38:48 108CB30A5B4C5247E414A3086458FCFC 92824 ----atw- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdateBroker.exe 2016-05-10 22:38:47 A425CDCEB9D26E9A5ABAFA259799D447 312472 ----atw- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe 2016-05-10 22:38:47 5AB2C2DBC3108A2F7275A2F232FA8036 987040 ----a-w- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdateSetup.exe 2016-05-10 22:38:47 13FF5C375BD0C702EA1252E79592692F 135832 ----atw- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdateComRegisterShell64.exe 2016-05-10 22:38:46 56FE3C885B0901601549E23E7A435984 250008 ----atw- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe 2016-05-10 22:38:46 50FCC5C822A6B4FC6F377EE9F9F37C7B 152216 ----atw- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdate.exe 2016-05-10 22:38:45 5AB2C2DBC3108A2F7275A2F232FA8036 987040 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.30.3\GoogleUpdateSetup.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3855733098-1480899646-1222437621-1000\SOFTWARE\iolo\System Mechanic\startup manager\configuration\Disabled\registry\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\Alex\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_USERS\S-1-5-21-3855733098-1480899646-1222437621-1000\SOFTWARE\iolo\System Mechanic\startup manager\configuration\Disabled\registry\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "WD Quick View"="C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" [HKEY_USERS\S-1-5-21-3855733098-1480899646-1222437621-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Alex\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "OneDrive"="C:\Users\Alex\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "MailNotifier"="C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe" "OrangeInside"="C:\Users\Alex\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Power Manager Startup Utility"="C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "DriveUtilitiesHelper"="C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe" "CanonQuickMenu"="C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon" "AntiLogger"="C:\Program Files (x86)\AntiLogger\AntiLogger.exe /minimized" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Alex\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "OneDrive"="C:\Users\Alex\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "MailNotifier"="C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe" "OrangeInside"="C:\Users\Alex\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "Skd8821"="C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe" "Fences"="C:\Program Files (x86)\Stardock\Fences\Fences.exe /startup" "Enhanced Performance Keyboard"="C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe" "ZAM"="C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe /minimized" "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\KEYCRY~1\\KE1E1C~1.DLL" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [15-07-2015 19:06] C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job --a-------- C:\WINDOWS\explorer.exe [23-04-2016 07:08] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-09-2015 11:18] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CLMLSvc" [C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\iolo DNS Fix" [C:\WINDOWS\ioloDNSFix.lnk] "C:\WINDOWS\SysNative\tasks\iolo Process Governor" [C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe] "C:\WINDOWS\SysNative\tasks\RtHDVBg_LENOVO_MICPKEY" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"] "C:\WINDOWS\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"] "C:\WINDOWS\SysNative\tasks\SafeZone scheduled Autoupdate 1453858174" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe] "C:\WINDOWS\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{12C96A43-52FF-4C3B-B5DC-4C577A2BF1F5}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\{325F20E2-752E-4F86-B8AB-154E68E0F0F4}" [C:\Program Files (x86)\Steam\steamapps\common\Soldiers Heroes of World War 2\Soldiers.exe] "C:\WINDOWS\SysNative\tasks\{34A5C64C-DA6C-4054-A7C3-40540E4E5C0B}" [C:\Program Files (x86)\Steam\steamapps\common\Soldiers Heroes of World War 2\Soldiers.exe] "C:\WINDOWS\SysNative\tasks\{89155D90-739A-4E70-8A87-A8A8315FCB17}" [C:\Program Files (x86)\Steam\steamapps\common\Soldiers Heroes of World War 2\Soldiers.exe] "C:\WINDOWS\SysNative\tasks\{A044E811-5F5C-4574-A249-BB77D4E42B80}" [C:\Program Files (x86)\Steam\steamapps\common\Soldiers Heroes of World War 2\Soldiers.exe] "C:\WINDOWS\SysNative\tasks\{BBA678F6-C35B-43CA-B3C5-A93D7B396FEC}" [C:\Program Files (x86)\Steam\steamapps\common\Soldiers Heroes of World War 2\Soldiers.exe] "C:\WINDOWS\SysNative\tasks\{C6408989-4C4B-4D51-B294-1C1ACFFDF2F1}" [C:\Program Files (x86)\Steam\steamapps\common\Soldiers Heroes of World War 2\Soldiers.exe] "C:\WINDOWS\SysNative\tasks\{DD75BCDE-EB9A-4520-88BF-4826C55AFE3C}" [E:\setup.exe] "C:\WINDOWS\SysNative\tasks\{EA75E4DC-FF5F-4DCD-BB2D-235C07CB170B}" [C:\Program Files (x86)\Steam\steamapps\common\Soldiers Heroes of World War 2\Soldiers.exe] "C:\WINDOWS\SysNative\tasks\{F1EEBAFF-48FC-4BCE-820C-D7BD11152F09}" [C:\Program Files (x86)\Steam\steamapps\common\Soldiers Heroes of World War 2\Soldiers.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program" ["%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64 35" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Solution Center Launcher" [%programfiles%\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\Message Center Plus Launcher" ["%programfiles(x86)%\Lenovo\message center plus\mcplaunch.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\REACHit Agent Startup" ["C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\REACHit Agent Update" ["C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3855733098-1480899646-1222437621-1000" ["C:\WINDOWS\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms] "C:\WINDOWS\SysNative\tasks\Lenovo\LSC\Lenovo Solution Center Notifications" [%programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\LSC\LSCTaskService" [C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\WINDOWS\SysNative\tasks\TVT\TVSUUpdateTask" ["C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06-05-2016 07:33] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06-05-2016 07:33] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\9kd1y0o4.default - Menu contextuel Orange - %ProfilePath%\extensions\menu_contextuel_orange@orange.fr AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\9kd1y0o4.default CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Alex\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Alex\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[12-09-2014 11:43] gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[06-05-2016 07:33] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[29-04-2016 15:53] Blank new tab page - Alex\AppData\Local\Adventurer\User Data\Default\Extensions\bgmlaoodeefkgdmdkfdnckhpkpcieaal Orange Toolbox - Alex\AppData\Local\Adventurer\User Data\Default\Extensions\bljlhbiifcmchajnfbdhhghknicenobj Avast Online Security - Alex\AppData\Local\Adventurer\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Orange social - Alex\AppData\Local\Adventurer\User Data\Default\Extensions\hedciejpicncjcgjlgblpfaakdmoafmd Menu contextuel Orange - Alex\AppData\Local\Adventurer\User Data\Default\Extensions\nfkdglgjjpicgkbfdflchobhdiblbjgf Chrome Web Store Payments - Alex\AppData\Local\Adventurer\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Deezer - Alex\AppData\Local\Adventurer\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh PDF Viewer - Alex\AppData\Local\Adventurer\User Data\Default\Extensions\oemmndcbldboiebfnladdacbdfmadadm Google Slides - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Belfius Smart Card Reader Chrome Extension - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\agicnfmechmlphpjmeefookfjhifbmhi Google Docs - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Adobe Acrobat - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj Google Sheets - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia undetermined - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Chromium Startpages ====================== C:\Users\Alex\AppData\Local\Adventurer\User Data\Default\Preferences "homepage": "http://r.orange.fr/r/Oodc_home_adv", "homepage": "http://r.orange.fr/r/Oodc_home_adv", "startup_urls": [ "http://r.orange.fr/r/Oadventurer_home" ] ==== Chromium Fix ====================== C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx deleted successfully C:\Users\Alex\AppData\Local\Adventurer\User Data\Default\Local Storage\http_ad.fr.doubleclick.net_0.localstorage deleted successfully C:\Users\Alex\AppData\Local\Adventurer\User Data\Default\Local Storage\http_ad.fr.doubleclick.net_0.localstorage-journal deleted successfully C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adsomenoise.cdn01.rambla.be_0.localstorage deleted successfully C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully C:\Users\Alex\AppData\Local\Adventurer\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Alex\AppData\Local\Adventurer\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Alex\AppData\Local\Adventurer\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Alex\AppData\Local\Adventurer\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage deleted successfully C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d30ke5tqu2tkyx.cloudfront.net_0.localstorage deleted successfully C:\Users\Alex\AppData\Local\Adventurer\User Data\Default\Local Storage\http_www.home24.fr_0.localstorage deleted successfully C:\Users\Alex\AppData\Local\Adventurer\User Data\Default\Local Storage\http_www.home24.fr_0.localstorage-journal deleted successfully C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.2dehands.be_0.localstorage deleted successfully C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.goodshomedesign.com_0.localstorage deleted successfully C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.landleven.nl_0.localstorage deleted successfully C:\Users\Alex\AppData\Local\Adventurer\User Data\Default\Extensions\bgmlaoodeefkgdmdkfdnckhpkpcieaal deleted successfully C:\Users\Alex\AppData\Local\Adventurer\User Data\Default\Local Storage\chrome-extension_bgmlaoodeefkgdmdkfdnckhpkpcieaal_0.localstorage deleted successfully C:\Users\Alex\AppData\Local\Adventurer\User Data\Default\Local Storage\chrome-extension_bgmlaoodeefkgdmdkfdnckhpkpcieaal_0.localstorage-journal deleted successfully C:\Users\Alex\AppData\Local\Adventurer\User Data\Default\Local Extension Settings\bgmlaoodeefkgdmdkfdnckhpkpcieaal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.zita.be/" "Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.zita.be/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} - No_Url_Value HKLM\SearchScopes\{A733149C-A4C9-443C-9DA1-A1B91DA923D1} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LNJB HKLM\Wow6432Node\SearchScopes "DefaultScope"="{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} - http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKLM\Wow6432Node\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} - http://www.default-search.net/search?sid=476&aid=135&itype=n&ver=14591&tm=537&src=ds&p={searchTerms} HKLM\Wow6432Node\SearchScopes\{A733149C-A4C9-443C-9DA1-A1B91DA923D1} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LNJB HKLM\Wow6432Node\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?trackid=sp-006&q={searchTerms} HKCU\SearchScopes "DefaultScope"="{1D5433AE-9C2D-474C-84A6-A19B33AE0A14}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKCU\SearchScopes\{1D5433AE-9C2D-474C-84A6-A19B33AE0A14} - https://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} - No_Url_Value HKCU\SearchScopes\{A733149C-A4C9-443C-9DA1-A1B91DA923D1} - No_Url_Value ==== Deleting Registry Keys ====================== HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll O4 - HKLM\..\Run: [Power Manager Startup Utility] C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon O4 - HKLM\..\Run: [AntiLogger] "C:\Program Files (x86)\AntiLogger\AntiLogger.exe" /minimized O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Alex\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\Alex\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [MailNotifier] C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe O4 - HKCU\..\Run: [OrangeInside] C:\Users\Alex\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAHConsole.exe O4 - Global Startup: UltraMon.lnk = ? O4 - Global Startup: Update-melder.lnk = C:\Program Files\WinZip\WZUpdateNotifier.exe O4 - Global Startup: WinZip Preloader.lnk = C:\Program Files\WinZip\WzPreloader.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Accéder au portail Orange - C:\Users\Alex\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer par SMS Orange le texte sélectionné - C:\Users\Alex\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html O8 - Extra context menu item: Rechercher le texte sélectionné - C:\Users\Alex\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.belgium.be O15 - Trusted Zone: *.vlaanderen.be O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dutch Canon IJ Scan Utility register event (CIJSRegister) - CANON INC. - C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Orange update Core Service - Unknown owner - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\WINDOWS\SysWOW64\rpcnet.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: ShareItSvc - SHAREit Technologies Co.Ltd - C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe O23 - Service: Skdaemon Service (Sks8821) - Unknown owner - C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAM Controller Service (ZAMSvc) - Zemana Ltd. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\Default.migrated\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Alex\AppData\Local\Mozilla\Firefox\Profiles\9kd1y0o4.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Alex\AppData\Local\Adventurer\User Data\Default\Cache emptied successfully C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=147 folders=59 364599532 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Alex\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Alex\AppData\Local\AVAST Software\APM\Alex\ppRyCrhCqWReAtrN\kv_pam.db" not found "C:\Users\Alex\AppData\Local\AVAST Software\APM\Alex\ppRyCrhCqWReAtrN\kv_pamcore.db" not found "C:\Users\Alex\AppData\Local\AVAST Software\APM\Alex\ppRyCrhCqWReAtrN\kv_pampub.db" not found "C:\Users\Alex\AppData\Local\AVAST Software\APM\Alex\ppRyCrhCqWReAtrN\pam.db" not found "C:\Users\Alex\AppData\Local\AVAST Software" not found ==== EOF on ma 16-05-2016 at 10:09:16,42 ======================