Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Daniel on do 16/06/2016 at 15:33:22,35. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Daniel\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 16/06/2016 15:34:24 Zoek.exe System Restore Point Created Successfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Empty Folders Check ====================== C:\Users\Daniel\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Daniel\AppData\Local\EmieSiteList deleted successfully C:\Users\Daniel\AppData\Local\EmieUserList deleted successfully C:\Users\Inge\AppData\Local\VirtualStore deleted successfully C:\Users\Inge.Intel-I7\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Inge.Intel-I7\AppData\Local\EmieSiteList deleted successfully C:\Users\Inge.Intel-I7\AppData\Local\EmieUserList deleted successfully C:\Users\Inge.Intel-I7\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Windows\SysWOW64\XSrvSetup.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Users\Daniel\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Services(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe R2 - [c2cautoupdatesvc] - Skype Click to Call Updater - c:\program files (x86)\skype\toolbars\autoupdate\skypec2cautoupdatesvc.exe R2 - [c2cpnrsvc] - Skype Click to Call PNR Service - c:\program files (x86)\skype\toolbars\pnrsvc\skypec2cpnrsvc.exe R2 - [GfExperienceService] - NVIDIA GeForce Experience Service - c:\program files\nvidia corporation\geforce experience service\gfexperienceservice.exe R2 - [LMIGuardianSvc] - LMIGuardianSvc - c:\program files (x86)\logmein hamachi\lmiguardiansvc.exe R2 - [MsMpSvc] - Microsoft Antimalware Service - c:\program files\microsoft security client\msmpeng.exe R2 - [NvNetworkService] - NVIDIA Network Service - c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe R2 - [NvStreamSvc] - NVIDIA Streamer Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamservice.exe R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe R2 - [ss_conn_service] - SAMSUNG Mobile Connectivity Service - c:\program files (x86)\samsung\usb drivers\27_ssconn\conn\ss_conn_service.exe R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R3 - [NvStreamNetworkSvc] - NVIDIA Streamer Network Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe R3 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe R3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [NisSrv] - Microsoft Netwerkinspectie - c:\program files\microsoft security client\nissrv.exe S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe S3 - [WatAdminSvc] - Windows Activation Technologies-service - c:\windows\system32\wat\watadminsvc.exe S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe S4 - [aspnet_state] - ASP.NET-statusservice - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "Shell"="explorer.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "Shell"="explorer.exe" ==== Deleting Files \ Folders ====================== C:\PROGRA~3\Package Cache deleted C:\Users\Inge\AppData\Local\Wondershare deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\Public\Desktop\Free YouTube Downloader.lnk deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8191 MB CPU Info: Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz CPU Speed: 2877,9 MHz Sound Card: OUT (UA-25) | Realtek Digital Output (Realtek | W2753-4 (NVIDIA High Definition | Realtek Digital Output(Optical) | Display Adapters: NVIDIA GeForce GTX 670 | NVIDIA GeForce GTX 670 | NVIDIA GeForce GTX 670 | NVIDIA GeForce GTX 670 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 2x; Algemeen PnP-beeldscherm | Algemeen PnP-beeldscherm | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller | Hamachi Network Interface CD / DVD Drives: 2x (D: | E: | ) D: HL-DT-STDVD-RAM GH22NS30 | E: PIONEER DVD-RW DVR-216D Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 119,2GB | F: 128,0GB | G: 100,0MB | H: 465,8GB | J: 64,0GB | K: 64,0GB | L: 104,9GB | M: 465,8GB | N: 146,4GB | O: 392,5GB | P: 392,5GB | Q: 21,1GB Hard Disks - Free: C: 54,2GB | F: 17,8GB | G: 60,7MB | H: 11,7GB | J: 31,6GB | K: 23,5GB | L: 8,2GB | M: 235,4GB | N: 45,5GB | O: 180,9GB | P: 1,5GB | Q: 12,0GB Manufacturer *: Award Software International, Inc. BIOS Info: AT/AT COMPATIBLE | 03/11/10 | GBT - 42302e31 Time Zone: Romance (standaardtijd) Motherboard *: Gigabyte Technology Co., Ltd. X58A-UD3R Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: Microsoft Security Essentials *Disabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95} SP: Microsoft Security Essentials *Disabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} Internet Explorer Version: 11.0.9600.18349 Google Chrome version: 51.0.2704.84 Adobe Reader version: 15.16.20045.188096 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2016-06-14 23:08:57 9DA3B83F80E205B6C601EEE1312FD0A0 3231232 ----a-w- C:\Windows\explorer.exe ====== C:\Users\Daniel\AppData\Local\Temp ==== 2016-06-15 16:07:55 F76D4ECF94DC677C13061EAEE9D6745A 312832 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\IntlProvider.dll 2016-06-15 16:07:55 EC664AAB47C27667256DDFBD13986239 127488 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\OSProvider.dll 2016-06-15 16:07:55 CD564F5637BBBEB6E5F3464EDD573C80 438272 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\DmiProvider.dll 2016-06-15 16:07:55 CCF6EC908566900E9626DC3360B9E35E 112128 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\DismCorePS.dll 2016-06-15 16:07:55 A909643B215FC0587A043C9C15959D41 186368 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\DismProv.dll 2016-06-15 16:07:55 A77A8EB5E9BA6D63A121811F0830F565 302080 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\UnattendProvider.dll 2016-06-15 16:07:55 8DF4C8E300C8D32468F6141D22BBAF24 271360 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\SmiProvider.dll 2016-06-15 16:07:55 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\wdscore.dll 2016-06-15 16:07:55 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\TransmogProvider.dll 2016-06-15 16:07:55 6EBC2138A3C9B3B7D1E69E0629B6C815 289792 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\DismCore.dll 2016-06-15 16:07:55 64B66A41B61D511E8EBE94625EC0E45A 53760 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\FolderProvider.dll 2016-06-15 16:07:55 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\DismHost.exe 2016-06-15 16:07:55 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\MsiProvider.dll 2016-06-15 16:07:55 3A9C49943047DE6C6F8DC68CB986A0EC 183296 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\CompatProvider.dll 2016-06-15 16:07:55 2961AB067AE61440ADF11C4BFE085151 1672192 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\CbsProvider.dll 2016-06-15 16:07:55 27EC9795973FB7790059892EF2F363B1 107008 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\LogProvider.dll 2016-06-15 16:07:55 26981358EA5F82938387F6998F861978 471040 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\WimProvider.dll 2016-06-15 15:45:38 1E4E9D9FBF241DBF6DD751A4CC485595 75309 ----a-w- C:\Users\Daniel\AppData\Local\Temp\Uninstall.exe 2016-06-15 15:00:22 7B298EFA16AC68E6E9BB02C8D34B9114 30533688 ----a-w- C:\Users\Daniel\AppData\Local\Temp\vlc-2.2.4-win32.exe 2016-06-14 16:08:58 7FED96FFF2C8C0678265139B6326C230 780104 ----a-w- C:\Users\Daniel\AppData\Local\Temp\nvStInst.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-06-14 23:09:13 B8A5B261A6E954C6E803A0EC69C6D3E1 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2016-06-14 23:09:11 E9B5C9DA17A9CFF70529DD63E3CEB1DD 223232 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2016-06-14 23:09:11 D1F77644D2AF4F1027B154C26196D00A 342528 ----a-w- C:\Windows\SysWOW64\certcli.dll 2016-06-14 23:09:11 A8B1D330B2ACD0AE690461F6E48DF20A 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2016-06-14 23:09:11 6B98026761228F913E9FA3F974920A20 249352 ----a-w- C:\Windows\SysWOW64\bcryptprimitives.dll 2016-06-14 23:09:10 FEC5842012D824607907687A9CDB130A 260608 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2016-06-14 23:09:10 BC554741B07E33BBB098C16189430868 251392 ----a-w- C:\Windows\SysWOW64\schannel.dll 2016-06-14 23:09:10 A339C42FD669BB5C6BB9C6A6053EE093 141312 ----a-w- C:\Windows\SysWOW64\rpchttp.dll 2016-06-14 23:09:10 A1C0D1BEF90B85763AC61C3FBC915483 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2016-06-14 23:09:10 8C783CF682130078814A3AF6D8EB8EB6 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2016-06-14 23:09:10 886833C3045AFA583844BB4C3B90117F 553472 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2016-06-14 23:09:10 82B76132964E3E9D2140F1BE62515055 36352 ----a-w- C:\Windows\SysWOW64\cryptbase.dll 2016-06-14 23:09:10 4F32D8C5F54B01EC771DB7CE20792609 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2016-06-14 23:09:10 24E109142E054E7FB3AC61CD7F4FDBEA 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2016-06-14 23:09:10 10E22461BE020A32A9A368808FA26127 666112 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2016-06-14 23:09:10 0EEE60ED8565E97C2B716697C3382548 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2016-06-14 23:09:09 D90C58DE8AFEF8C8491FEC7CE2EFD54A 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2016-06-14 23:09:09 CF91F88CBEDA021A5FC74BF52236C865 690688 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2016-06-14 23:09:09 59ACDD08ADA9AD86318129B715E44625 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2016-06-14 23:09:05 D5FEE6BBF541655933C6C929505CECE7 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll 2016-06-14 23:09:05 D005158695FD4C008CB29E20FF1A3B05 308456 ----a-w- C:\Windows\SysWOW64\atmfd.dll 2016-06-14 23:09:05 93E3BBAD34F731557E03899406214C68 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2016-06-14 23:09:05 7A79EF9EA95198DDBC3985B5904F7D2E 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll 2016-06-14 23:09:05 449115F5CF9FC43355177A19E8DF4636 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll 2016-06-14 23:09:05 22F2EFADEAEEB66D8C7E22D9457AB7E0 363520 ----a-w- C:\Windows\SysWOW64\StructuredQuery.dll 2016-06-14 23:09:04 EAD314F2142162AE4DE91355580F6607 351744 ----a-w- C:\Windows\SysWOW64\winhttp.dll 2016-06-14 23:09:04 A88241C2A519AFD2C99A40000F9113E6 231424 ----a-w- C:\Windows\SysWOW64\mswsock.dll 2016-06-14 23:09:04 895962CB2049447EFD2DBE61DEDE596A 26624 ----a-w- C:\Windows\SysWOW64\netbtugc.exe 2016-06-14 23:09:04 59EA5753EBDAE42CF92FD5B6E7AE4D53 206336 ----a-w- C:\Windows\SysWOW64\ws2_32.dll 2016-06-14 23:09:03 FBE4E7975289230F84D9DA2222448AC3 79360 ----a-w- C:\Windows\SysWOW64\gpapi.dll 2016-06-14 23:09:03 C0DC9F7398238C17E480BCBF2C080B25 24576 ----a-w- C:\Windows\SysWOW64\gpscript.exe 2016-06-14 23:09:03 84CDD4457746E78BC13B935B6C5B2635 274944 ----a-w- C:\Windows\SysWOW64\polstore.dll 2016-06-14 23:09:03 6FAB14EF21421A893B2117DF03087A75 44032 ----a-w- C:\Windows\SysWOW64\FwRemoteSvr.dll 2016-06-14 23:09:03 1ABEA9BAD90A14EC79923E63E3C09057 30720 ----a-w- C:\Windows\SysWOW64\gpscript.dll 2016-06-14 23:09:03 124380826D6CBA8B19DE4609017A6CF1 591872 ----a-w- C:\Windows\SysWOW64\gpprefcl.dll 2016-06-14 23:09:02 8C31021343FA64CDC9BCB69831744000 70144 ----a-w- C:\Windows\SysWOW64\winipsec.dll 2016-06-14 23:08:59 CB52DEF1B1E1B9950F29548F2F19115A 316416 ----a-w- C:\Windows\SysWOW64\webio.dll 2016-06-14 23:08:59 59E1493EA47EB958A4125DA4E9A71C34 312832 ----a-w- C:\Windows\SysWOW64\gdi32.dll 2016-06-14 23:08:58 7C66431E6293C4880F4DCBF55A8F68C2 12881408 ----a-w- C:\Windows\SysWOW64\shell32.dll 2016-06-14 23:08:57 6CB3E6B65B7A57797DE86C98A307ADF1 1499648 ----a-w- C:\Windows\SysWOW64\ExplorerFrame.dll 2016-06-14 23:08:57 3DA48EA028AD771C5B71727F0C3984E9 2973184 ----a-w- C:\Windows\SysWOW64\explorer.exe 2016-06-14 23:08:52 5A6D6365BE23EAD0AAC08B7EA0D75DB4 2365440 ----a-w- C:\Windows\SysWOW64\msi.dll 2016-06-14 23:08:52 14074E8BB687B71E9CF277ED5CE512A0 1806848 ----a-w- C:\Windows\SysWOW64\authui.dll 2016-06-14 23:08:51 CF061C629FF34B9D46DEDB1FD7B46B9A 337408 ----a-w- C:\Windows\SysWOW64\msihnd.dll 2016-06-14 23:08:51 8195BB598AF8F493DFE5B47688D8D862 25088 ----a-w- C:\Windows\SysWOW64\msimsg.dll 2016-06-14 23:08:51 27F7DD4A80CBCA5FCA2B188DC93FBC88 73216 ----a-w- C:\Windows\SysWOW64\msiexec.exe 2016-06-14 23:08:47 E5A0F9A132D506BCEFEE818E7D74A3F0 91136 ----a-w- C:\Windows\SysWOW64\inseng.dll 2016-06-14 23:08:47 A6DC793CCA2357C96FE02314003CB1EF 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2016-06-14 23:08:47 5562C4FD66AEE54979BDC1D0E022621A 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2016-06-14 23:08:47 48DCA3CB48F95A2C6398EF61C0A9A2CF 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2016-06-14 23:08:47 2E0227A7DB204B8BAEEC82708F30C016 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2016-06-14 23:08:46 FE55BDCEB1F9E12FEB0DE7B302C6331B 20341248 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2016-06-14 23:08:46 E75E3B84A96A632DC50DA9B4A72BADC2 693248 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2016-06-14 23:08:46 C00378A48390EB0D89AE110275C1B720 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-06-14 23:08:46 B060248F84C8DB2039BF4FACCC25F971 497664 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2016-06-14 23:08:46 9D706F2B9087FA1949373956BE5639D0 130048 ----a-w- C:\Windows\SysWOW64\occache.dll 2016-06-14 23:08:46 8D2B1ABC52FEEB7411153ABDD20E9E10 346312 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2016-06-14 23:08:46 49408A35D8CA83980F834D9DA6302258 279040 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2016-06-14 23:08:46 0D3E6ED5056221DBEE27ADD0FBB12AAE 1310208 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2016-06-14 23:08:45 CC69A28D14007B2AC7EC80739DA42C01 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2016-06-14 23:08:45 A50E6CA0E9B8C9F5A2018C69669F5A4B 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2016-06-14 23:08:45 7FAFEB395D806BA783A2DA134FC3D840 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2016-06-14 23:08:44 B6B994FDE6F10910D3DD217FC9148892 2287104 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2016-06-14 23:08:44 98DAAC9D09296A1471D5315A0BF6FD8A 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2016-06-14 23:08:44 5CA7DB66D6A2A8091C423C2E43463C86 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll 2016-06-14 23:08:44 5B89A8DE3B6E1B2BD460005829152F9E 2055680 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2016-06-14 23:08:44 3E06BE9F80BA1015FBAB76405102A98E 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2016-06-14 23:08:43 F40D68BEDB8C785F726D54540F5AC93C 476160 ----a-w- C:\Windows\SysWOW64\ieui.dll 2016-06-14 23:08:43 BF95219E932B347B9A96191E7596AA78 13815808 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2016-06-14 23:08:43 3FC216E6BE02DF77BA16B46F9629F5FF 416256 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2016-06-14 23:08:41 FDD35A049C278F21F475C488FDA918AB 2121216 ----a-w- C:\Windows\SysWOW64\wininet.dll 2016-06-14 23:08:41 D7A447FCDAAB634414A70A7FB43550D3 4610048 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2016-06-14 23:08:41 CF466A5A4ABCE68B0EEDF6FBF4D2C106 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2016-06-14 23:08:41 CED67573CD8200D6C1A4EA9DA8212CAC 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2016-06-14 23:08:41 8259A0130555DF37632F9E4CF2A46101 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2016-06-14 23:08:41 57C7497C3E182F58E747C62A8A6613C2 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2016-06-14 23:08:41 2D6D1EDE8C567B2F0B52D21E5C6305AC 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2016-06-14 16:10:55 9D8B0F6BA907C95DD5DFF9E91914A2B8 113208 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2016-06-14 16:10:26 B1F9C56E5F3C20FEF261E2510221F6E4 40224 ----a-w- C:\Windows\SysWOW64\vulkaninfo.exe 2016-06-14 16:10:26 23EEB7034F3F7AA8554D9093B7EB319A 129824 ----a-w- C:\Windows\SysWOW64\vulkan-1.dll 2016-06-14 16:08:48 3CFC92C43EE7723A3CD0C84FDD2DCA2D 102976 ----a-w- C:\Windows\SysWOW64\nvaudcap32v.dll 2016-06-14 16:08:46 E799ED9117336BF6C0C74E29227478D9 769984 ----a-w- C:\Windows\SysWOW64\NvFBC.dll 2016-06-14 16:08:46 D98415AC6298C6ED8924FB4987E89602 25377848 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll 2016-06-14 16:08:46 D92321865652E8433C37423A0E3DDEE2 707520 ----a-w- C:\Windows\SysWOW64\NvIFR.dll 2016-06-14 16:08:46 D6A677498A709AB65E517FBF2E929FF2 155768 ----a-w- C:\Windows\SysWOW64\nvinit.dll 2016-06-14 16:08:46 A91862D785EF1C42F885A8932C2D5641 379448 ----a-w- C:\Windows\SysWOW64\NvIFROpenGL.dll 2016-06-14 16:08:46 96A6FD2C85FC9E1A749F0D060DCD393B 8733608 ----a-w- C:\Windows\SysWOW64\nvptxJitCompiler.dll 2016-06-14 16:08:46 8F88154CF6324D10910E0CADB5758E0B 18143912 ----a-w- C:\Windows\SysWOW64\nvopencl.dll 2016-06-14 16:08:46 85863C243BABB2C8492A658B6B603434 394912 ----a-w- C:\Windows\SysWOW64\nvumdshim.dll 2016-06-14 16:08:46 6CA7B67E7E90493BFE4003C2DEF8F9E3 131768 ----a-w- C:\Windows\SysWOW64\nvoglshim32.dll 2016-06-14 16:08:45 FCE500F328D35857DCA6AF450FA1FA92 3065280 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll 2016-06-14 16:08:45 E7DE1E8FD721BFD89B9F586272FBA14C 594 ----a-w- C:\Windows\SysWOW64\nv-vk32.json 2016-06-14 16:08:45 DBD753B85C912F37838F5FB4390524EF 35115456 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll 2016-06-14 16:08:45 8E159BD339BB77FEBD259C0306C07A5D 565392 ----a-w- C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2016-06-14 16:08:45 53B01564975074C8C916268B22EC3A23 422752 ----a-w- C:\Windows\SysWOW64\nvEncodeAPI.dll 2016-06-14 16:08:45 23A12C1611432F5800524A72E8147CFE 17738592 ----a-w- C:\Windows\SysWOW64\nvcuda.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-06-14 23:09:13 6AB31C035A945F6515C0EC473C611426 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2016-06-14 23:09:11 CDA14CCE4D7495BB2FC4D7D664C4FD93 297984 ----a-w- C:\Windows\Sysnative\bcryptprimitives.dll 2016-06-14 23:09:11 8D1DA6D15045AAFCC1D61D66B0F0E7E3 1212928 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2016-06-14 23:09:11 54E0E2E06E5FE252105BFB239EA0E2DC 210432 ----a-w- C:\Windows\Sysnative\wdigest.dll 2016-06-14 23:09:11 52A258C29CD0CF20B21DC9E2B62B73EC 312320 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2016-06-14 23:09:11 44D3E6D1F32AE27553BA643E634FE48B 463872 ----a-w- C:\Windows\Sysnative\certcli.dll 2016-06-14 23:09:10 F6477D1DB27D045CEBA45F042F6959DA 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2016-06-14 23:09:10 F57EF761195519EE2D6BF2E5260598D1 135680 ----a-w- C:\Windows\Sysnative\sspicli.dll 2016-06-14 23:09:10 E5936E6F818736F75E14F9332613BBF8 730624 ----a-w- C:\Windows\Sysnative\kerberos.dll 2016-06-14 23:09:10 DFBAD986F3E17F9848707EECA2719FB1 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2016-06-14 23:09:10 CF617589837EDC523B6E8300820AF5DC 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2016-06-14 23:09:10 C8A7F80DB5C193DD67747A1BA4B1782E 30720 ----a-w- C:\Windows\Sysnative\lsass.exe 2016-06-14 23:09:10 A549864CD8F4EED956698C6DCCC04C2C 43520 ----a-w- C:\Windows\Sysnative\cryptbase.dll 2016-06-14 23:09:10 8034FFA7FC57BFF5CC655DBC15BC13D0 190464 ----a-w- C:\Windows\Sysnative\rpchttp.dll 2016-06-14 23:09:10 56105FCA3D602CE64A80274314935CEC 316416 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2016-06-14 23:09:10 3F0E9F9109EC12C5ED470FFBB0F18AE2 344064 ----a-w- C:\Windows\Sysnative\schannel.dll 2016-06-14 23:09:10 2D3A04EE9622AC91812C3ABF5488A2ED 1464320 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2016-06-14 23:09:10 269BCF54C39F3964607E43290EA34C87 28672 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2016-06-14 23:09:10 197E5F96FA05D9C975B28CF772CE2C3A 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2016-06-14 23:09:09 C7F146C235EA0E7D5B538CA07EC0A031 690688 ----a-w- C:\Windows\Sysnative\adtschema.dll 2016-06-14 23:09:09 C23FC5840562CD6D9DC491930138116C 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2016-06-14 23:09:09 2DAAA5A89ED7A0628FAC3EAF38C1D96E 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2016-06-14 23:09:06 E9C0AC5E3625B1E7473D40AF8945F917 1413120 ----a-w- C:\Windows\Sysnative\appraiser.dll 2016-06-14 23:09:06 A7ED244E74B4FC8EA842E08702FCC4E5 265216 ----a-w- C:\Windows\Sysnative\centel.dll 2016-06-14 23:09:06 79072803B05A1015C7687E846580E635 1204224 ----a-w- C:\Windows\Sysnative\aeinv.dll 2016-06-14 23:09:06 69EA596DB7E47BFF956FC06BF89973B9 276480 ----a-w- C:\Windows\Sysnative\invagent.dll 2016-06-14 23:09:06 695BC8DB86A4AEBA05EBFF4C6D2226C6 569856 ----a-w- C:\Windows\Sysnative\generaltel.dll 2016-06-14 23:09:06 0F0AD193BF34F532852DAA53F0557F3A 544256 ----a-w- C:\Windows\Sysnative\devinv.dll 2016-06-14 23:09:05 FF9BA40413E0F8E5E5199191BB8198D6 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll 2016-06-14 23:09:05 F9DB7B5878AA1A8816D4AF6042FA3794 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll 2016-06-14 23:09:05 E650EE5FF01E3035D14577A95C6C5F6D 382184 ----a-w- C:\Windows\Sysnative\atmfd.dll 2016-06-14 23:09:05 BA4107750C9F39D1FB9F65FC5C9E3E97 483840 ----a-w- C:\Windows\Sysnative\StructuredQuery.dll 2016-06-14 23:09:05 9AD372732620719102DDA47268B574F8 41704 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe 2016-06-14 23:09:05 939258F1561BF6238EFE51DC5AE3CEE9 76800 ----a-w- C:\Windows\Sysnative\acmigration.dll 2016-06-14 23:09:05 67D8EB188A5F235AC26473681CFDE7A1 41472 ----a-w- C:\Windows\Sysnative\lpk.dll 2016-06-14 23:09:05 3141DB743DAEF36A33816BB3AA33CCE4 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll 2016-06-14 23:09:04 FEF363423D73B3C7A895A5BC04F53A8E 3217408 ----a-w- C:\Windows\Sysnative\win32k.sys 2016-06-14 23:09:04 FBE1086227040618A569C27F74A12F3D 296448 ----a-w- C:\Windows\Sysnative\ws2_32.dll 2016-06-14 23:09:04 D375BC432646A4B7324A8F6CC31301C7 25088 ----a-w- C:\Windows\Sysnative\netbtugc.exe 2016-06-14 23:09:04 B2ED0DC061D3C83A1AF47626E1F23B78 444928 ----a-w- C:\Windows\Sysnative\winhttp.dll 2016-06-14 23:09:04 963D7FA2110EB9E03AB0D200E6AE2614 327168 ----a-w- C:\Windows\Sysnative\mswsock.dll 2016-06-14 23:09:03 E4AE497857409127ED57562AF913A903 794624 ----a-w- C:\Windows\Sysnative\gpsvc.dll 2016-06-14 23:09:03 B0759657CB9718C2CA21A7C239C93676 96256 ----a-w- C:\Windows\Sysnative\gpapi.dll 2016-06-14 23:09:03 AA63A902CF5AB1061EBF330DD85EE3B8 32768 ----a-w- C:\Windows\Sysnative\gpscript.dll 2016-06-14 23:09:03 8DDCEFC1270DEF544F0BE148532F698E 373760 ----a-w- C:\Windows\Sysnative\polstore.dll 2016-06-14 23:09:03 80D6B0563ED2BF10656B1D4748331082 502272 ----a-w- C:\Windows\Sysnative\IPSECSVC.DLL 2016-06-14 23:09:03 3B6769F724C179C18CA5C114F825512B 25600 ----a-w- C:\Windows\Sysnative\gpscript.exe 2016-06-14 23:09:03 366463C59B3D6D705403231DCE06D580 793088 ----a-w- C:\Windows\Sysnative\gpprefcl.dll 2016-06-14 23:09:02 E9032AF448904A9FA6F05AB3E542B6F8 105472 ----a-w- C:\Windows\Sysnative\winipsec.dll 2016-06-14 23:09:02 2150D5ACD6A55F606134665E3795C193 75776 ----a-w- C:\Windows\Sysnative\FwRemoteSvr.dll 2016-06-14 23:08:59 AAA4249F75F60ED8E07ADC75BEFC62F8 405504 ----a-w- C:\Windows\Sysnative\gdi32.dll 2016-06-14 23:08:59 1351A63BEC87BF81E540251966648C5D 396800 ----a-w- C:\Windows\Sysnative\webio.dll 2016-06-14 23:08:58 80B69594A2FCBC0B89345A6FB32ECA1C 14186496 ----a-w- C:\Windows\Sysnative\shell32.dll 2016-06-14 23:08:57 9C90990FF3BD65F92089154DC3768EC9 1867776 ----a-w- C:\Windows\Sysnative\ExplorerFrame.dll 2016-06-14 23:08:52 FA9029FA72DF7992B05AEBFD84B5AB7E 114408 ----a-w- C:\Windows\Sysnative\consent.exe 2016-06-14 23:08:52 B62867835B41BCD839D9896AB4D7DF09 70144 ----a-w- C:\Windows\Sysnative\appinfo.dll 2016-06-14 23:08:52 6CD7933487BEEC9951571AA749370342 3243520 ----a-w- C:\Windows\Sysnative\msi.dll 2016-06-14 23:08:52 67DBC9103BBB3BF2D196F91F1012FFB9 1941504 ----a-w- C:\Windows\Sysnative\authui.dll 2016-06-14 23:08:52 0EA5085832F92FE96FA4AF175CE0F631 128000 ----a-w- C:\Windows\Sysnative\msiexec.exe 2016-06-14 23:08:51 ECEF210181E5F75EE0618D32B7F4BED5 25088 ----a-w- C:\Windows\Sysnative\msimsg.dll 2016-06-14 23:08:51 21FFAF067E268BDCDF87F85580DA03A3 504320 ----a-w- C:\Windows\Sysnative\msihnd.dll 2016-06-14 23:08:47 AB37C5564640632269906D19AF8F018C 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2016-06-14 23:08:47 5F61F7806BBF1259B828D0F931CAAC64 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2016-06-14 23:08:47 3F8CCC8B3A3556681E71F5B7206BBBAC 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2016-06-14 23:08:46 E20E38E8CCC17B03506AFA3A59B5C722 725504 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2016-06-14 23:08:46 AB019878EC3810CA3BF68711386DF58A 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2016-06-14 23:08:46 47ADEC2154841BAE864B59211ED90CFE 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2016-06-14 23:08:46 00B399866BA0973A11E0C60DB5716531 107520 ----a-w- C:\Windows\Sysnative\inseng.dll 2016-06-14 23:08:44 FC2AFA50F1F9F0BB6D16D7CA4EDB4B63 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2016-06-14 23:08:44 9E35AECB1C5557541A546E81E47770AA 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2016-06-14 23:08:44 97105AEB06F9E3D28CC8D77015DF5EFC 1544192 ----a-w- C:\Windows\Sysnative\urlmon.dll 2016-06-14 23:08:44 4345519A5D93F6BE1F897C393E71F955 394960 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2016-06-14 23:08:44 152C622875652EEDE6365FAD3B234866 152064 ----a-w- C:\Windows\Sysnative\occache.dll 2016-06-14 23:08:43 C0F2AD0D8287BF12AD1634088A85EC0C 315392 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2016-06-14 23:08:43 8F10460B9E74F93D58536FBD09FAEF3A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2016-06-14 23:08:43 6CD1C2F991BFC518F98DDCE889D3FF03 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2016-06-14 23:08:43 68FCB2DE9B065939BC783C64210BACDB 806400 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2016-06-14 23:08:42 D4A12AC117664A2A3F958F9A8986DC8C 2131968 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2016-06-14 23:08:42 660BE1FBC5BEF8BEA1D38E3A532A5749 2895360 ----a-w- C:\Windows\Sysnative\iertutil.dll 2016-06-14 23:08:41 D87AB3135DD1024D0700C4DB9619E2B2 572416 ----a-w- C:\Windows\Sysnative\vbscript.dll 2016-06-14 23:08:41 072FBD775B5436C5BBDB655132FEAD13 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2016-06-14 23:08:40 FBAB7E930CF5FE2B639B50D2DA6B07E7 615936 ----a-w- C:\Windows\Sysnative\ieui.dll 2016-06-14 23:08:40 F2670D70722E12D61E9C3778434417A9 489984 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2016-06-14 23:08:40 3AF1BBD3EFDD53823A8687A3AD24E137 15420928 ----a-w- C:\Windows\Sysnative\ieframe.dll 2016-06-14 23:08:39 CF3143686E7B036A9A6A5B1EE911E648 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2016-06-14 23:08:39 8194F4EA4F0922EFB838659FD777618A 817664 ----a-w- C:\Windows\Sysnative\jscript.dll 2016-06-14 23:08:39 814777809CE12BA5C8C4367608B0AF8D 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2016-06-14 23:08:39 42F653F5E45F1A26243FEE0D08FB3302 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2016-06-14 23:08:39 425658930CD7FA25EB25B21D1AE365EA 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2016-06-14 23:08:39 0665043061380849B507E29E65303E8F 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2016-06-14 23:08:38 EA1B9D3C7D11CA407AA89CBB266139CF 2597888 ----a-w- C:\Windows\Sysnative\wininet.dll 2016-06-14 23:08:38 62EE27CE91167F082DF73E48C9ACE1CA 6051328 ----a-w- C:\Windows\Sysnative\jscript9.dll 2016-06-14 23:08:38 412514DBF4E926266C225D74167CED2D 417792 ----a-w- C:\Windows\Sysnative\html.iec 2016-06-14 23:08:37 0B57DA6F90B4C7859FFB7D22AB0D7E55 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2016-06-14 23:08:37 08E22D96E8FCFF87BD824952216C8D39 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2016-06-14 23:08:36 5D0EA73A910A2004A5A6598BDB26857B 25802752 ----a-w- C:\Windows\Sysnative\mshtml.dll 2016-06-14 16:12:08 B537BF43DB70CB9B316BEC73A59AED9F 112032 ----a-w- C:\Windows\Sysnative\NvRtmpStreamer64.dll 2016-06-14 16:10:26 D70BEDB9436DBCA77D3E470C1BAB373E 130848 ----a-w- C:\Windows\Sysnative\vulkan-1.dll 2016-06-14 16:10:26 0597F21B1DCADAB5F28806671670CDE4 45344 ----a-w- C:\Windows\Sysnative\vulkaninfo.exe 2016-06-14 16:10:10 F3551E46FC2C9655D660AF6C2B4C2864 534072 ----a-w- C:\Windows\Sysnative\nv3dappshext.dll 2016-06-14 16:10:10 AB7073587957C38A79DA522B1B5D7D0A 81856 ----a-w- C:\Windows\Sysnative\nv3dappshextr.dll 2016-06-14 16:08:47 8848D5DBFA0AF589FEFE0334B6FC30EB 46024 ----a-w- C:\Windows\Sysnative\nvhdap64.dll 2016-06-14 16:08:47 700BB5E42A4D3F361EA0627519F547E0 1581624 ----a-w- C:\Windows\Sysnative\nvhdagenco64.dll 2016-06-14 16:08:46 EB30793E77717F6F924F36EA6213CCEF 10643240 ----a-w- C:\Windows\Sysnative\nvptxJitCompiler.dll 2016-06-14 16:08:46 CA52286DCBFA4D838235E9C8990370D4 21802280 ----a-w- C:\Windows\Sysnative\nvopencl.dll 2016-06-14 16:08:46 BC251536851AC22184176FA22E38DF47 425016 ----a-w- C:\Windows\Sysnative\NvIFROpenGL.dll 2016-06-14 16:08:46 B1B0E56F28AEBACC15F8A950C41F0157 476664 ----a-w- C:\Windows\Sysnative\nvumdshimx.dll 2016-06-14 16:08:46 7FFF54E259B0243F94AD7E3DACB0F34E 178136 ----a-w- C:\Windows\Sysnative\nvinitx.dll 2016-06-14 16:08:46 538AB538D3B2C44F610B2FE84B339B1F 985144 ----a-w- C:\Windows\Sysnative\NvFBC64.dll 2016-06-14 16:08:46 38CDD45BD4E985CC66DF3323524761B4 31603768 ----a-w- C:\Windows\Sysnative\nvoglv64.dll 2016-06-14 16:08:46 298C076A9F7E44988D2D290588D98B8A 908736 ----a-w- C:\Windows\Sysnative\NvIFR64.dll 2016-06-14 16:08:46 2015D9F67A405112B08ABC03D39276C0 153416 ----a-w- C:\Windows\Sysnative\nvoglshim64.dll 2016-06-14 16:08:45 D8B2E3472A8954AD8C123A94B7C8D7F5 3512888 ----a-w- C:\Windows\Sysnative\nvcuvid.dll 2016-06-14 16:08:45 A97106F1CC9DCD4A7B6BF0D554292F05 1922616 ----a-w- C:\Windows\Sysnative\nvdispco6436839.dll 2016-06-14 16:08:45 86A698106F3C3426ADD58220FAC4D55C 669952 ----a-w- C:\Windows\Sysnative\nvfatbinaryLoader.dll 2016-06-14 16:08:45 78B1DD0BE630C276E98347088A76CE30 594 ----a-w- C:\Windows\Sysnative\nv-vk64.json 2016-06-14 16:08:45 4D9F9754BF427EA72B72EB6D65EDB0E0 1571776 ----a-w- C:\Windows\Sysnative\nvdispgenco6436839.dll 2016-06-14 16:08:45 4B7827B4B511DC03105C367A907922CB 502080 ----a-w- C:\Windows\Sysnative\nvEncodeAPI64.dll 2016-06-14 16:08:45 34A4698BB1C2E37302E82B08E03FA944 39979576 ----a-w- C:\Windows\Sysnative\nvcompiler.dll 2016-06-14 16:08:45 09A959DB8414D20EB595C22E84C4DC5F 21346712 ----a-w- C:\Windows\Sysnative\nvcuda.dll ====== C:\Windows\Sysnative\drivers ===== 2016-06-14 23:09:11 FD0008BEDD2723170CCA7D61837DFD52 405504 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys 2016-06-14 23:09:11 F2F4B895296EE3ECCE781CC2A296A5D1 464896 ----a-w- C:\Windows\Sysnative\drivers\srv.sys 2016-06-14 23:09:11 6E85615A86FE86E76DAE49BF9F227483 154856 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-06-14 23:09:11 63B5845D9379262083655D5C6AB8DFC5 168960 ----a-w- C:\Windows\Sysnative\drivers\srvnet.sys 2016-06-14 23:09:11 3974E5264A0481600370C5BEED061DDF 95464 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2016-06-14 23:09:11 3323F76352B0AF14B2CDC4DFBF3E980A 459640 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2016-06-14 23:09:10 DCC4343B422A13B42C7678998449CE8A 291328 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-06-14 23:09:10 46C4F5BEE8D98BB1688752EAD0ABB7C0 129536 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-06-14 23:09:10 10112D850C844606419C79EE24EE6016 159744 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-06-14 23:09:04 E47D571FEC2C76E867935109AB2A770C 262144 ----a-w- C:\Windows\Sysnative\drivers\netbt.sys 2016-06-14 16:08:48 F37FE6B15A987AEEC08EEF531F2FAED7 56384 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys 2016-06-14 16:08:47 1F99AD85DC4F9E322CDE2363378CD374 141256 ----a-w- C:\Windows\Sysnative\drivers\nvhda64v.sys 2016-06-14 16:08:46 F1AD55BE455B70D8348C08EC891BA263 13460536 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys ====== C:\Windows\Tasks ====== 2016-06-15 15:10:39 CABD59B51960D9B8F4D51469C8F23431 3640 ----a-w- C:\Windows\Sysnative\Tasks\DivXUpdate ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-06-15 16:33:46 -------- d-----w- C:\Program Files\trend micro 2016-06-15 15:10:16 -------- d-----w- C:\Program Files\DivX ======= C:\PROGRA~2 ===== 2016-06-15 15:09:51 -------- d-----w- C:\PROGRA~2\COMMON~1\DivX Shared 2016-06-15 15:05:27 -------- d-----w- C:\PROGRA~2\DivX 2016-06-15 01:26:05 -------- d-----w- C:\PROGRA~2\LogMeIn Hamachi 2016-06-14 16:10:22 -------- d-----w- C:\PROGRA~2\VulkanRT ======= C: ===== ====== C:\Users\Daniel\AppData\Roaming ====== 2016-06-15 15:45:23 -------- d-----w- C:\Users\Inge.Intel-I7\AppData\Local\GWX 2016-06-15 15:44:55 -------- d-----w- C:\Users\Inge.Intel-I7\AppData\Roaming\DivX 2016-06-15 15:44:55 -------- d-----w- C:\Users\Inge.Intel-I7\AppData\Local\LogMeIn Hamachi 2016-06-15 15:44:55 -------- d-----w- C:\Users\Inge.Intel-I7\AppData\Local\LogMeIn 2016-06-15 15:10:58 D00CB2B80768CEBDEF02C85B81F333D4 3817 ----a-w- C:\Users\Daniel\AppData\Locallow\lpm.dat 2016-06-15 15:10:11 -------- d-----w- C:\Users\Daniel\AppData\Roaming\DivX 2016-06-15 14:14:05 -------- d-----w- C:\Users\Daniel\AppData\Locallow\BitTorrent 2016-06-14 16:43:31 -------- d-----w- C:\Users\Daniel\AppData\Local\CrashDumps ====== C:\Users\Daniel ====== 2016-06-15 16:33:30 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Daniel\Downloads\RSITx64.exe 2016-06-15 15:10:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX 2016-06-15 15:05:00 -------- d-----w- C:\ProgramData\DivX 2016-06-15 01:26:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi ====== C: exe-files == 2016-06-15 16:33:47 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Daniel.exe 2016-06-15 16:33:30 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Daniel\Downloads\RSITx64.exe 2016-06-15 16:33:07 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3GUILU9A\RSITx64.exe 2016-06-15 16:16:11 088E53E426AEF69ADEBE912016003C7A 700448 ----a-w- C:\Users\Daniel\AppData\Local\NVIDIA\NvBackend\Packages\00008d0b\CoProc update.20851393.exe 2016-06-15 16:16:01 684D126997C7F2D7A9E01CA96C7FB54A 8101672 ----a-w- C:\Users\Daniel\AppData\Local\NVIDIA\NvBackend\Packages\00008d52\DAO.20852700.exe 2016-06-15 16:07:55 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Daniel\AppData\Local\Temp\E57F8CB5-AB83-4013-9F7A-A43B82F651FF\DismHost.exe 2016-06-15 16:01:12 088E53E426AEF69ADEBE912016003C7A 700448 ----a-w- C:\Users\Inge.Intel-I7\AppData\Local\NVIDIA\NvBackend\Packages\00008d0b\CoProc update.20851393.exe 2016-06-15 16:01:03 85931B5F5AFDCC101B86BD3CB4C6E8EA 8083400 ----a-w- C:\Users\Inge.Intel-I7\AppData\Local\NVIDIA\NvBackend\Packages\00008d11\DAO.20852156.exe 2016-06-15 15:45:38 1E4E9D9FBF241DBF6DD751A4CC485595 75309 ----a-w- C:\Users\Daniel\AppData\Local\Temp\Uninstall.exe 2016-06-15 15:26:52 BF9E2EC2FA5049882053D2AF1FBA8333 346552 ----a-w- C:\Users\Daniel\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-06-15 15:26:48 D4FA93A0821E31FB4E6CEA30A43566E1 403896 ----a-w- C:\Users\Daniel\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-06-15 15:10:46 7B49D63FD06EFBD775ADC60792592BF5 216032 ----a-w- C:\ProgramData\DivX\Setup\RunAsUser\RUNASUSERPROCESS.exe 2016-06-15 15:10:46 61B99A2AB95560CB4D68E9624178BAD8 2419144 ----a-w- C:\ProgramData\DivX\Setup\DivXSetup.exe 2016-06-15 15:10:43 6C004BF8F0652E94843DA28470E69129 418087 ----a-w- C:\ProgramData\DivX\BundleLicenses\Uninstaller.exe 2016-06-15 15:10:41 F982FEB732F96BC850FBD5FE7A3868AF 418784 ----a-w- C:\ProgramData\DivX\WebPlayer\Uninstaller.exe 2016-06-15 15:10:38 14C4490C2AF16B4B802DFC17A2ECADFD 418392 ----a-w- C:\ProgramData\DivX\Update\Uninstaller.exe 2016-06-15 15:10:37 E15E598E8E6BA05B8B61923FFF0C8927 421041 ----a-w- C:\ProgramData\DivX\Player\Uninstaller.exe 2016-06-15 15:10:31 D791FF64A60C87CEB0A187C5B8B31787 417857 ----a-w- C:\ProgramData\DivX\TransferWizard\Uninstaller.exe 2016-06-15 15:10:29 1F89BDA659CE33BE83BF13C5EB80A264 417519 ----a-w- C:\ProgramData\DivX\DivXMediaServer\Uninstaller.exe 2016-06-15 15:10:27 68076A6DD788155E51F68ADCB8B72DE2 63144 ----a-w- C:\ProgramData\DivX\DesktopService\Uninstaller.exe 2016-06-15 15:10:26 58ECC52D5B04E9FAEA356627AB18F987 414924 ----a-w- C:\ProgramData\DivX\DPC\Uninstaller.exe 2016-06-15 15:10:20 395C7745DF8E9C790E253508C01757BC 414936 ----a-w- C:\ProgramData\DivX\DFXPlugin\Uninstaller.exe 2016-06-15 15:10:19 A42B1F77BC65384562653F6942B13F6D 420058 ----a-w- C:\ProgramData\DivX\Converter\Uninstaller.exe 2016-06-15 15:10:18 D6A793850DB140E93944CA4BA7136DC9 414998 ----a-w- C:\ProgramData\DivX\DivXComponentManager\Uninstaller.exe 2016-06-15 15:10:17 2EEF0B5226C6E101BD844894CC2F8F1C 415497 ----a-w- C:\ProgramData\DivX\OVSHelper\Uninstaller.exe 2016-06-15 15:10:15 BADA97414AD3C624FFEA758DCACD2D33 420172 ----a-w- C:\ProgramData\DivX\TranscodeEngine\Uninstaller.exe 2016-06-15 15:10:10 CD1EE09EF3936E259C94AB7205914B0F 54101 ----a-w- C:\ProgramData\DivX\MPEG2Plugin\Uninstaller.exe 2016-06-15 15:10:09 34F6D9CA202E3BBDA87400D829747267 413909 ----a-w- C:\ProgramData\DivX\MSVC120CRTRedist\Uninstaller.exe 2016-06-15 15:10:01 C30F9DA406F1164D15708E98A86315B0 419803 ----a-w- C:\ProgramData\DivX\ControlPanel\Uninstaller.exe 2016-06-15 15:09:59 1EA5BE63C8D19F623A0C080C3F2649A2 413946 ----a-w- C:\ProgramData\DivX\MSVC80CRTRedist\Uninstaller.exe 2016-06-15 15:09:57 0A154EB8EE92CD4656F43441F5FDCFD8 415063 ----a-w- C:\ProgramData\DivX\Qt5.5.1\Uninstaller.exe 2016-06-15 15:09:53 EA766A4DD2208C6E148853F51041981F 415167 ----a-w- C:\ProgramData\DivX\Qt4.8\Uninstaller.exe 2016-06-15 15:00:22 7B298EFA16AC68E6E9BB02C8D34B9114 30533688 ----a-w- C:\Users\Daniel\AppData\Local\Temp\vlc-2.2.4-win32.exe 2016-06-15 14:14:05 A5E7176781E2CE545180BEC462515BF9 387072 ----a-w- C:\Users\Daniel\AppData\Roaming\BitTorrent\updates\7.9.7_42331\utorrentie.exe 2016-06-15 13:56:49 96015C913F4638C44C23AAEB89C81518 1972232 ----a-w- C:\Users\Daniel\AppData\Roaming\BitTorrent\updates\7.9.7_42331.exe 2016-06-15 10:17:44 FA9E648A7EDD1360D79EA9AF6A03EC64 346552 ----a-w- C:\Users\Inge.Intel-I7\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-06-15 10:17:42 6D9DBAF638EEF8441825D0F81ABD9F74 403896 ----a-w- C:\Users\Inge.Intel-I7\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-06-14 23:09:13 88C67ED6011F3D028B89DEE23C6293A7 49664 ----a-w- C:\Windows\servicing\GC64\tzupd.exe 2016-06-14 23:09:10 DFBAD986F3E17F9848707EECA2719FB1 64000 ----a-w- C:\Windows\System32\auditpol.exe 2016-06-14 23:09:10 C8A7F80DB5C193DD67747A1BA4B1782E 30720 ----a-w- C:\Windows\System32\lsass.exe 2016-06-14 23:09:10 24E109142E054E7FB3AC61CD7F4FDBEA 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2016-06-14 23:09:05 9AD372732620719102DDA47268B574F8 41704 ----a-w- C:\Windows\System32\CompatTelRunner.exe 2016-06-14 23:09:04 D375BC432646A4B7324A8F6CC31301C7 25088 ----a-w- C:\Windows\System32\netbtugc.exe 2016-06-14 23:09:04 895962CB2049447EFD2DBE61DEDE596A 26624 ----a-w- C:\Windows\SysWOW64\netbtugc.exe 2016-06-14 23:09:03 C0DC9F7398238C17E480BCBF2C080B25 24576 ----a-w- C:\Windows\SysWOW64\gpscript.exe 2016-06-14 23:09:03 3B6769F724C179C18CA5C114F825512B 25600 ----a-w- C:\Windows\System32\gpscript.exe 2016-06-14 23:08:57 9DA3B83F80E205B6C601EEE1312FD0A0 3231232 ----a-w- C:\Windows\explorer.exe 2016-06-14 23:08:57 3DA48EA028AD771C5B71727F0C3984E9 2973184 ----a-w- C:\Windows\SysWOW64\explorer.exe 2016-06-14 23:08:52 FA9029FA72DF7992B05AEBFD84B5AB7E 114408 ----a-w- C:\Windows\System32\consent.exe 2016-06-14 23:08:52 0EA5085832F92FE96FA4AF175CE0F631 128000 ----a-w- C:\Windows\System32\msiexec.exe 2016-06-14 23:08:51 27F7DD4A80CBCA5FCA2B188DC93FBC88 73216 ----a-w- C:\Windows\SysWOW64\msiexec.exe 2016-06-14 23:08:47 AB37C5564640632269906D19AF8F018C 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe 2016-06-14 23:08:46 E20E38E8CCC17B03506AFA3A59B5C722 725504 ----a-w- C:\Windows\System32\ie4uinit.exe 2016-06-14 23:08:46 A57B672B81201CCA994086F7500850F7 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2016-06-14 23:08:44 FC2AFA50F1F9F0BB6D16D7CA4EDB4B63 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2016-06-14 23:08:44 BF4177E1EE0290C97DBC796E37D9DC75 815312 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2016-06-14 23:08:44 2486BD246674B0A4BD1718542DAFC76A 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2016-06-14 23:08:44 03554344F25FE498153DFCD49AB40204 474112 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2016-06-14 23:08:42 99BC1A154FFB79F16DB4BEE65C3772FF 814288 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2016-06-14 23:08:42 8AAE6B5625B088303A79B601EA3E39D3 491008 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2016-06-14 23:08:41 57C7497C3E182F58E747C62A8A6613C2 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2016-06-14 23:08:39 CF3143686E7B036A9A6A5B1EE911E648 144384 ----a-w- C:\Windows\System32\ieUnatt.exe 2016-06-14 16:12:07 7ABFEA88D74CA4B0308E8F5ED9FBB2F3 321312 ----a-w- C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe 2016-06-14 16:11:25 77BE9E1AFCE995652A1C4FF4C8A0F839 2522680 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe 2016-06-14 16:11:25 3E7E1E950F123521C5CE072E61929DA4 21328952 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe 2016-06-14 16:10:56 AC9484A45C97F78DCDE90BAF33915EEA 7856184 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe 2016-06-14 16:10:55 E0DDAB2B6756801694CE51F811CBD73D 326712 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe 2016-06-14 16:10:55 A794328BDDFDEA5271AF97E8701AC335 904760 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe 2016-06-14 16:10:55 9D8B0F6BA907C95DD5DFF9E91914A2B8 113208 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2016-06-14 16:10:55 99D0E401FD83184E12C9721FE72C837A 1724984 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe 2016-06-14 16:10:55 7254E6F2E7336DBC0AF70CBD1FDBB5BD 446008 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe 2016-06-14 16:10:55 6F72E9747A59A7E01E15948CC44DCD4B 2436664 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe 2016-06-14 16:10:55 50D8FE6F02A7B27E34F5B512E568D87F 607800 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe 2016-06-14 16:10:53 E1AAD79D0C59C157258845C998715575 426040 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe 2016-06-14 16:10:26 B1F9C56E5F3C20FEF261E2510221F6E4 40224 ----a-w- C:\Windows\SysWOW64\vulkaninfo.exe 2016-06-14 16:10:26 0597F21B1DCADAB5F28806671670CDE4 45344 ----a-w- C:\Windows\System32\vulkaninfo.exe 2016-06-14 16:08:58 7FED96FFF2C8C0678265139B6326C230 780104 ----a-w- C:\Users\Daniel\AppData\Local\Temp\nvStInst.exe 2016-06-14 16:08:47 69C05AD57EDDB3922241300C337CF8C0 17152544 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{0F97D0C3-6ADC-4AE1-B448-56A50F980654}\3DVision.exe 2016-06-14 16:08:46 A4893FB9A70049AE61C7A87E334E47E1 13605464 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{5146AE43-C936-46B1-9B72-451FF7513005}\VulkanRT-Installer.exe 2016-06-14 16:08:45 6258F08EFADEE2ADAA592E3A777DC439 457664 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{5146AE43-C936-46B1-9B72-451FF7513005}\dbInstaller.exe 2016-06-14 16:08:45 6258F08EFADEE2ADAA592E3A777DC439 457664 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe 2016-06-14 16:08:45 2FC52CA16D2CF0A17BA4CF7701E449B3 96974936 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{5146AE43-C936-46B1-9B72-451FF7513005}\NvCplSetupInt.exe 2016-06-14 16:06:49 3D297A54E41922FBB551909CA2645646 422456 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{AA34109E-039D-4990-95B8-4E6C6525331E}\setup.exe 2016-06-14 16:06:48 B6A2F63C7488E3D974D3F08CB1BD82B9 1881144 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{1BCB755B-F35C-46FB-BCA9-591749040FB1}\NVNetworkService.exe 2016-06-14 16:06:23 0DEE58F2F210B109A614438E4CB36AAB 204856 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\Update.Core\WLMerger.exe 2016-06-14 16:06:22 E27630EF005FAC8F8248C1B2D25F7339 541632 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\Display.NView\nvTaskBar.exe 2016-06-14 16:06:22 C7187AC06DAFD0628587F86742945601 7188536 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\MSVCRT\vcredist_x64_13.exe 2016-06-14 16:06:22 A4893FB9A70049AE61C7A87E334E47E1 13605464 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\Display.Driver\VulkanRT-Installer.exe 2016-06-14 16:06:22 99E3D99D8ED70AC88F59E31757ED3D62 6498200 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\MSVCRT\vcredist_x86_13.exe 2016-06-14 16:06:22 7BF382B62ECB239BB57EF87F10DDAE06 2171960 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\Display.NView\nwiz.exe 2016-06-14 16:06:22 3D297A54E41922FBB551909CA2645646 422456 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\setup.exe 2016-06-14 16:06:21 EA3EC0327337EA61663451C091CD7BD0 4591160 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe 2016-06-14 16:06:21 E7B17C27178F31143CCF4C63D44A2E25 19035192 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\NvStreamUserAgent.exe 2016-06-14 16:06:21 CE62928FE66157169B267113A8E92908 290120 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\ShadowPlay\nvsphelper.exe 2016-06-14 16:06:21 AF5BE3694A76365874B8967331049F2C 3634232 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\NvStreamNetworkService.exe 2016-06-14 16:06:21 7ABFEA88D74CA4B0308E8F5ED9FBB2F3 321312 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\ShadowPlay\nvsphelper64.exe 2016-06-14 16:06:21 77BE9E1AFCE995652A1C4FF4C8A0F839 2522680 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\NvStreamService.exe 2016-06-14 16:06:21 7140A97303678A1145B0786E7C51DE16 2018360 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\NvStreamService.exe 2016-06-14 16:06:21 4134C74C2BFCB291E47F21747878BA28 2905656 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\NvStreamNetworkService.exe 2016-06-14 16:06:21 3E7E1E950F123521C5CE072E61929DA4 21328952 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\NvStreamUserAgent.exe 2016-06-14 16:06:21 07C26F71321756338FAB26D558BFD7EF 5577784 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe 2016-06-14 16:06:19 D1D7B5CB955C586AAEA7934C02135DFE 6438968 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\ShadowPlay\nvspcaps.exe 2016-06-14 16:06:19 B61738BECE78656B26C3D466AA2C23B4 7543864 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\ShadowPlay\nvspcaps64.exe 2016-06-14 16:06:18 FA9BC0048ED46C5FB5C93EAFFC97F63D 1881144 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\Network.Service\NVNetworkService.exe 2016-06-14 16:06:18 B6A2F63C7488E3D974D3F08CB1BD82B9 1881144 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\NVI2\NVNetworkService.exe 2016-06-14 16:06:17 F31E21B641B4FF8642C9588B625EAF05 1171904 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\Display.NView\nViewMain.exe 2016-06-14 16:06:17 DCA6BC9D242A4ADB2596C8B10930FB2F 646200 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe 2016-06-14 16:06:17 A94DFAF1DDC7F70EFB634469FB10FDB0 1295296 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\Display.NView\nViewMain64.exe 2016-06-14 16:06:17 3C9F1AFED2F9D7323D2F37D6639800F9 86904 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\LEDVisualizer\NvLedServiceHost.exe 2016-06-14 16:06:17 0F87B91D2394FB3909506D810098F960 126328 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\LEDVisualizer\NvLedVisualizer.exe 2016-06-14 16:06:16 D34232BB49E97E221EF38A8A2231C34B 4761656 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GFExperience\GFExperience.exe 2016-06-14 16:06:16 C8AC55CCB8AB33713522B4CAAFAC0F59 2398776 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\Update.Core\NvBackend.exe 2016-06-14 16:06:16 75DE83F03F566D6105F308349FEFAF5E 810944 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\Display.NView\nvAppBar.exe 2016-06-14 16:06:16 63D51C2CCAD97CD7C7B32BAF898064FA 931896 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GfExperienceService\GfExperienceService32.exe 2016-06-14 16:06:16 4CEDC66C726F7BE116BE7694B3CD22CD 1165368 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GfExperienceService\GfExperienceService64.exe 2016-06-14 16:06:16 34553332FAF5CF3E41FA68D496565266 1067064 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GFExperience\LaunchGFExperience.exe 2016-06-14 16:06:16 2FC52CA16D2CF0A17BA4CF7701E449B3 96974936 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\Display.Driver\NvCplSetupInt.exe 2016-06-14 16:06:15 EECFE1293591789741C37DBFF7E7D567 604216 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GFExperience\7z.exe 2016-06-14 16:06:15 69C05AD57EDDB3922241300C337CF8C0 17152544 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\NV3DVision\3DVision.exe 2016-06-14 16:06:15 6258F08EFADEE2ADAA592E3A777DC439 457664 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\Display.Driver\dbInstaller.exe 2016-06-14 16:06:15 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\MS.NET\dotNetFx40_Full_setup.exe 2016-06-14 16:06:15 52BA8CA1F83766647C2D23CA33BEF261 528440 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\ShadowPlay\DXSETUP.exe 2016-06-12 12:20:56 7AC3709C6ED0E4CC76F092F0366AEE49 980568 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\51.0.2704.84\51.0.2704.84_51.0.2704.79_chrome_updater.exe 2016-06-12 12:20:56 4FE45B73CB23E4E77FCF6463F93C85FB 1245848 ----a-w- C:\Windows\Temp\CR_4C926.tmp\setup.exe 2016-06-12 11:35:42 F283C5A8D6063C2A38F0F4207B28397E 5737488 ----a-w- C:\Users\Daniel\AppData\Local\NVIDIA\NvBackend\Packages\00008c01\vops-battlefield_4.20835767.exe 2016-06-12 11:35:35 4D39289A86926F96E451A08A979D846B 3302592 ----a-w- C:\Users\Daniel\AppData\Local\NVIDIA\NvBackend\Packages\00008c10\vops-call_of_duty_black_ops_2_zombies.20835767.exe 2016-06-12 11:35:35 1BE6383486BDB5A5FC74C2A08EC4162F 3303944 ----a-w- C:\Users\Daniel\AppData\Local\NVIDIA\NvBackend\Packages\00008c0f\vops-call_of_duty_black_ops_2_singleplayer.20835767.exe 2016-06-12 11:35:35 002862F642838B84FAD8153148A76A1B 3302600 ----a-w- C:\Users\Daniel\AppData\Local\NVIDIA\NvBackend\Packages\00008c0e\vops-call_of_duty_black_ops_2_multiplayer.20835767.exe === C: other files == 2016-06-14 23:09:11 FD0008BEDD2723170CCA7D61837DFD52 405504 ----a-w- C:\Windows\System32\drivers\srv2.sys 2016-06-14 23:09:11 F2F4B895296EE3ECCE781CC2A296A5D1 464896 ----a-w- C:\Windows\System32\drivers\srv.sys 2016-06-14 23:09:11 6E85615A86FE86E76DAE49BF9F227483 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2016-06-14 23:09:11 63B5845D9379262083655D5C6AB8DFC5 168960 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2016-06-14 23:09:11 3974E5264A0481600370C5BEED061DDF 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2016-06-14 23:09:11 3323F76352B0AF14B2CDC4DFBF3E980A 459640 ----a-w- C:\Windows\System32\drivers\cng.sys 2016-06-14 23:09:10 DCC4343B422A13B42C7678998449CE8A 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2016-06-14 23:09:10 46C4F5BEE8D98BB1688752EAD0ABB7C0 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2016-06-14 23:09:10 10112D850C844606419C79EE24EE6016 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2016-06-14 23:09:04 FEF363423D73B3C7A895A5BC04F53A8E 3217408 ----a-w- C:\Windows\System32\win32k.sys 2016-06-14 23:09:04 E47D571FEC2C76E867935109AB2A770C 262144 ----a-w- C:\Windows\System32\drivers\netbt.sys 2016-06-14 16:08:53 9D9CAD70EA640AB8D3EB77BFAE6CABE2 28344 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{AC4D89B5-2104-448F-918F-4F05A1516019}\NVSWCFilter64.sys 2016-06-14 16:08:53 7ABD081BB7A1A8CF7E3B1E64183AB812 24760 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{AC4D89B5-2104-448F-918F-4F05A1516019}\NVSWCFilter32.sys 2016-06-14 16:08:48 F37FE6B15A987AEEC08EEF531F2FAED7 56384 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys 2016-06-14 16:08:48 F37FE6B15A987AEEC08EEF531F2FAED7 56384 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{7BE54351-243F-4F4A-9C46-2D258526AF8F}\nvvad64v.sys 2016-06-14 16:08:48 174AAAEB00A5982DF968824ED92D5621 50744 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{7BE54351-243F-4F4A-9C46-2D258526AF8F}\nvvad32v.sys 2016-06-14 16:08:47 B3B6697779D78FCCE6D18CB87B17CB31 100664 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{0FAF690A-DE2B-4684-83CB-8DB3274B07EE}\nvhda32.sys 2016-06-14 16:08:47 73071A75C08872226A070CC1D0FF5F60 467912 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{54E83C65-F56C-487B-9083-2446616DE16F}\nvstusb64.sys 2016-06-14 16:08:47 71492A2A9BC390CCBB9B0B3EFAF2DFEB 116168 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{0FAF690A-DE2B-4684-83CB-8DB3274B07EE}\nvhda32v.sys 2016-06-14 16:08:47 670DA633CB393CF5DBD5C7DC20ACC169 451400 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{54E83C65-F56C-487B-9083-2446616DE16F}\nvstusb32.sys 2016-06-14 16:08:47 6567123E7C874715A72D23CFAB29BB07 119864 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{0FAF690A-DE2B-4684-83CB-8DB3274B07EE}\nvhda64.sys 2016-06-14 16:08:47 1F99AD85DC4F9E322CDE2363378CD374 141256 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys 2016-06-14 16:08:47 1F99AD85DC4F9E322CDE2363378CD374 141256 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{0FAF690A-DE2B-4684-83CB-8DB3274B07EE}\nvhda64v.sys 2016-06-14 16:08:46 F1AD55BE455B70D8348C08EC891BA263 13460536 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2016-06-14 16:06:49 75DA7CD49903EA85F0C6F1BC651675E8 23096 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{AA34109E-039D-4990-95B8-4E6C6525331E}\NVI2SystemService32.sys 2016-06-14 16:06:49 693AF177CF3C37646861F75E4673DC95 22464 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{AA34109E-039D-4990-95B8-4E6C6525331E}\NVI2SystemService64.sys 2016-06-14 16:06:48 F37FE6B15A987AEEC08EEF531F2FAED7 56384 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\NvVAD\nvvad64v.sys 2016-06-14 16:06:48 DEF76B479C3525952D0BD71E881E07B0 28216 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys 2016-06-14 16:06:48 B2D605398C52D71F51E00A9083C234FE 27192 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys 2016-06-14 16:06:48 9D9CAD70EA640AB8D3EB77BFAE6CABE2 28344 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\ShieldWirelessController\NVSWCFilter64.sys 2016-06-14 16:06:48 7ABD081BB7A1A8CF7E3B1E64183AB812 24760 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\ShieldWirelessController\NVSWCFilter32.sys 2016-06-14 16:06:48 75DA7CD49903EA85F0C6F1BC651675E8 23096 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\NVI2\NVI2SystemService32.sys 2016-06-14 16:06:48 73071A75C08872226A070CC1D0FF5F60 467912 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb64.sys 2016-06-14 16:06:48 693AF177CF3C37646861F75E4673DC95 22464 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\NVI2\NVI2SystemService64.sys 2016-06-14 16:06:48 670DA633CB393CF5DBD5C7DC20ACC169 451400 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb32.sys 2016-06-14 16:06:48 6567123E7C874715A72D23CFAB29BB07 119864 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\HDAudio\nvhda64.sys 2016-06-14 16:06:48 2CBC64D8821F3C534FB34EF4B4FB2CF1 46016 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\Miracast.VirtualAudio\nvvadarm.sys 2016-06-14 16:06:48 1F99AD85DC4F9E322CDE2363378CD374 141256 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\HDAudio\nvhda64v.sys 2016-06-14 16:06:48 174AAAEB00A5982DF968824ED92D5621 50744 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\NvVAD\nvvad32v.sys 2016-06-14 16:06:47 B3B6697779D78FCCE6D18CB87B17CB31 100664 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\HDAudio\nvhda32.sys 2016-06-14 16:06:47 71492A2A9BC390CCBB9B0B3EFAF2DFEB 116168 ----a-w- C:\NVIDIA\DisplayDriver\368.39\Win8_WinVista_Win7_64\International\HDAudio\nvhda32v.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" "NUSB3MON"="C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start" "DivXMediaServer"="C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" ==== Startup Folders ====================== 2015-04-06 16:52:30 2003 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14/05/2016 18:01] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21/09/2015 16:56] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21/09/2015 16:56] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\DivXUpdate" [C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2016-02-23 15:34:34 -------- d-----w- C:\PROGRA~3\LogMeIn 2016-03-29 15:48:54 -------- d-----w- C:\PROGRA~3\Samsung 2016-06-15 15:05:00 -------- d-----w- C:\PROGRA~3\DivX ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Inge.Intel-I7\AppData\Local\Google\Chrome deleted ==== Chromium Look ====================== Google Slides - Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/?gws_rd=ssl" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/?gws_rd=ssl" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Inge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Inge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Inge.Intel-I7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Inge.Intel-I7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3GUILU9A will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=18 folders=18 14052855 bytes) ==== Empty Temp Folders ====================== C:\Users\Daniel\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Inge\AppData\Local\Temp emptied successfully C:\Users\Inge.Intel-I7\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Daniel\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3GUILU9A" deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on do 16/06/2016 at 15:47:37,46 ======================