Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Serge on do 23/06/2016 at 11:24:13,21. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: F:\Gebruikers\Serge\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 23/06/2016 11:24:41 Zoek.exe System Restore Point Created Successfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Empty Folders Check ====================== C:\PROGRA~2\TerminusStable deleted successfully C:\PROGRA~2\Wondershare deleted successfully C:\Program Files\log deleted successfully C:\Program Files\trend micro deleted successfully C:\PROGRA~3\ALM deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\Lenovo deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\Serge\AppData\Local\ActiveSync deleted successfully C:\Users\Serge\AppData\Local\Apps deleted successfully C:\Users\Serge\AppData\Local\CrashDumps deleted successfully C:\Users\Serge\AppData\Local\EmieSiteList deleted successfully C:\Users\Serge\AppData\Local\EmieUserList deleted successfully C:\Users\Serge\AppData\Local\NetworkTiles deleted successfully C:\Users\Serge\AppData\Local\PACE Anti-Piracy deleted successfully C:\Users\Serge\AppData\Local\Soldiers deleted successfully C:\Users\Serge\AppData\Local\Sparta deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent 4K Video Downloader 4.1 7-Zip 16.02 (x64) abrViewer.NET v2 Adobe Acrobat Reader DC - Nederlands Adobe Acrobat X Pro - English, Fran‡ais, Deutsch Adobe AIR Adobe Creative Suite 6 Master Collection Adobe Encore CS6 Library Adobe Flash Player 22 NPAPI Adobe Help Manager Adobe Premiere Pro CS6 Functional Content Adobe Refresh Manager Adobe Shockwave Player 12.1 Adobe Story Adobe Widget Browser Adobe© Content Viewer ANT Drivers Installer x64 Anti-Twin (Installation 30/08/2014) Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update Asmedia ASM106x SATA Host Controller Driver Belgium e-ID middleware 4.0.7 (build 7453) bl Bonjour BurnAware Free 7.3 Canon Easy-WebPrint EX Canon IJ Scan Utility Canon MG7100 series MP Drivers Canon MG7100 series On-screen Manual Canon My Image Garden Canon My Image Garden Design Files Canon My Printer Canon Quick Menu Catalyst Browse 1.2 CCleaner CDBurnerXP Color Cop 5.4 Corel PaintShop Pro X7 Corel PaintShop Pro X7 Corsair Link Corsair Link(TM) USB Dongle (Driver Removal) Critical Update for Microsoft Visual Studio 2010 Professional - ENU (KB2938807) Crystal Reports for Visual Studio Definition Update for Microsoft Office 2010 (KB3115247) 64-Bit Edition Defraggler Dotfuscator Software Services - Community Edition Elements 12 Organizer Elevated Installer Extended Asian Language font pack for Adobe Reader XI Free MKV To AVCHD Converter Garmin BaseCamp Garmin City Navigator Europe NT v9 Garmin Express Garmin Express Tray Garmin MapSource Garmin Trip and Waypoint Manager v5 Garmin USB Drivers Gebruikersregistratie voor Canon MG7100 series Google Earth Google Earth Pro Google Update Helper HandBrake 0.10.5 Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2890573) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2890573) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB3002340) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233) ICA ImgBurn Intel(R) Chipset Device Software Intel(R) Management Engine Components Intel(R) Network Connections 19.1.51.0 Intel(R) Rapid Storage Technology Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel© Trusted Connect Service Client IPM_PSP_COM IPM_PSP_COM64 iTunes Java 8 Update 91 Java Auto Updater K-Lite Codec Pack 7.2.0 (Basic) LAV Filters 0.55.3 Malwarebytes Anti-Malware versie 2.2.1.1043 MediaInfo 0.7.85 MergeModule_x64 MergeModule_x86 Microsoft .NET Framework 1.1 Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft ASP.NET MVC 2 Microsoft ASP.NET MVC 4 Runtime Microsoft Flight Simulator X Microsoft Help Viewer 1.1 Microsoft IntelliType Pro 8.2 Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 32-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft Silverlight 4 SDK Microsoft SQL Server 2008 (64-bit) Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 R2 Data-Tier Application Framework Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Management Objects (x64) Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server System CLR Types Microsoft SQL Server System CLR Types (x64) Microsoft SQL Server VSS Writer Microsoft Sync Framework Runtime v1.0 SP1 (x64) Microsoft Sync Framework SDK v1.0 SP1 Microsoft Sync Framework Services v1.0 SP1 (x64) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) Microsoft Team Foundation Server 2010 Object Model - ENU Microsoft Visual C++ Compilers 2010 Standard - enu - x64 Microsoft Visual C++ Compilers 2010 Standard - enu - x86 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual F# 2.0 Runtime Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Office Developer Tools (x64) Microsoft Visual Studio 2010 Professional - ENU Microsoft Visual Studio 2010 Service Pack 1 Microsoft Visual Studio 2010 SharePoint Developer Tools Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft Visual Studio Macro Tools Microsoft Xbox One Controller for Windows Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Microsoft_VC90_MFCLOC_x86 Microsoft_VC90_MFCLOC_x86_x64 Mozilla Firefox 47.0 (x86 nl) Mozilla Maintenance Service MSVCRT Redists MSXML 4.0 SP3 Parser (KB2721691) NVIDIA-configuratiescherm 353.82 NVIDIA 3D Vision controllerstuurprogramma 352.65 NVIDIA 3D Vision stuurprogramma 355.82 NVIDIA GeForce Experience 2.5.14.5 NVIDIA GeForce Experience Service NVIDIA Grafisch stuurprogramma 355.82 NVIDIA HD Audio-stuurprogramma 1.3.34.3 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Miracast virtuele audio 355.82 NVIDIA Network Service NVIDIA PhysX Systeem Software 9.15.0428 NVIDIA ShadowPlay 2.5.14.5 NVIDIA Stereoscopic 3D Driver NVIDIA Update 2.5.14.5 NVIDIA Update Core NVIDIA Virtual Audio 1.2.31 PDF Settings CS6 ph Pinnale Systems Software Keys PlayMemories Home PMB_ModeEditor PMB_ServiceUploader PRE12 STI 64Installer PSPPContent PSPPHelp PSPPro64 PxMergeModule Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Recuva Route Generator Samsung Kies Samsung USB Driver for Mobile Phones Security Update for Microsoft Access 2010 (KB3101544) 64-Bit Edition Security Update for Microsoft Excel 2010 (KB3115130) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB3114414) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2956073) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3054984) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3101520) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 64-Bit Edition Security Update for Microsoft Publisher 2010 (KB2817478) 64-Bit Edition Security Update for Microsoft Visio 2010 (KB3114872) 64-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2999465) 64-Bit Edition Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2644980) Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410) Security Update for Microsoft Visual Studio Macro Tools (KB2669970) Security Update for Microsoft Word 2010 (KB2965313) 64-Bit Edition Security Update for Microsoft Word 2010 (KB3115243) 64-Bit Edition Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition Setup SHIELD Streaming SHIELD Wireless Controller Driver Smart Switch Software voor Intel© Chipset-apparaten Sonic Radar II Sql Server Customer Experience Improvement Program Steam Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Stuurprogrammapakket voor Windows - Fedict SmartCard (03/25/2014 4.0.7.4) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) swMSM Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Tetris Topomap Benelux TP-LINK Archer T4U Driver TP-LINK Wireless Configuration Utility Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2999508) 64-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition Update for Microsoft Office 2010 (KB2553388) 64-Bit Edition Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition Update for Microsoft Office 2010 (KB2589318) 64-Bit Edition Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition Update for Microsoft Office 2010 (KB2791057) 64-Bit Edition Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition Update for Microsoft Office 2010 (KB2881030) 64-Bit Edition Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition Update for Microsoft Office 2010 (KB3054873) 64-Bit Edition Update for Microsoft Office 2010 (KB3054886) 64-Bit Edition Update for Microsoft Office 2010 (KB3054977) 64-Bit Edition Update for Microsoft Office 2010 (KB3055042) 64-Bit Edition Update for Microsoft Office 2010 (KB3055047) 64-Bit Edition Update for Microsoft Office 2010 (KB3114555) 64-Bit Edition Update for Microsoft Office 2010 (KB3114750) 64-Bit Edition Update for Microsoft Office 2010 (KB3114989) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 64-Bit Edition Update for Microsoft OneNote 2010 (KB3114410) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 64-Bit Edition Update for Microsoft Outlook 2010 (KB3114756) 64-Bit Edition Update for Microsoft Outlook 2010 (KB3115127) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB3114867) 64-Bit Edition Update for Microsoft Project 2010 (KB3115001) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition Visual Studio 2010 Prerequisites - English Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU VLC media player WCF RIA Services V1.0 SP1 WD Drive Utilities WD Security Web Deployment Tool Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) WinRAR 4.20 (32-bit) Wise Registry Cleaner 9.18 ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe C:\Windows\runSW.exe C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Windows\SwUSB.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe F:\Gebruikers\Serge\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Services(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R2 - [AdobeActiveFileMonitor12.0] - Adobe Active File Monitor V12 - c:\program files (x86)\adobe\elements 12 organizer\photoshopelementsfileagent.exe R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe R2 - [AGSService] - Adobe Genuine Software Integrity Service - c:\program files (x86)\common files\adobe\adobegcclient\agsservice.exe R2 - [Apple Mobile Device Service] - Apple Mobile Device Service - c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe R2 - [asComSvc] - ASUS Com Service - c:\program files (x86)\asus\axsp\1.02.00\atkexcomsvc.exe R2 - [Bonjour Service] - Bonjour-service - c:\program files\bonjour\mdnsresponder.exe R2 - [Garmin Device Interaction Service] - Garmin Device Interaction Service - c:\program files (x86)\garmin\device interaction service\garminservice.exe R2 - [GfExperienceService] - NVIDIA GeForce Experience Service - c:\program files\nvidia corporation\geforce experience service\gfexperienceservice.exe R2 - [IAStorDataMgrSvc] - Intel(R) Rapid Storage Technology - c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe R2 - [Intel(R) PROSet Monitoring Service] - Intel(R) PROSet Monitoring Service - c:\windows\system32\iprosetmonitor.exe R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe R2 - [MSSQL$SQLEXPRESS] - SQL Server (SQLEXPRESS) - c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\sqlservr.exe R2 - [NvNetworkService] - NVIDIA Network Service - c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe R2 - [NvStreamSvc] - NVIDIA Streamer Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamservice.exe R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe R2 - [PMBDeviceInfoProvider] - PMBDeviceInfoProvider - c:\program files (x86)\sony\playmemories home\pmbdeviceinfoprovider.exe R2 - [SQLWriter] - SQL Server VSS Writer - c:\program files\microsoft sql server\90\shared\sqlwriter.exe R2 - [ss_conn_service] - SAMSUNG Mobile Connectivity Service - c:\program files (x86)\samsung\usb drivers\27_ssconn\conn\ss_conn_service.exe R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe R2 - [WDDriveService] - WD Drive Manager - c:\program files (x86)\western digital\wd drive manager\wddriveservice.exe R2 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [diagnosticshub.standardcollector.service] - Microsoft(R) Diagnostics Hub Standard Collector-service - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe S3 - [IDriverT] - InstallDriver Table Manager - c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe S3 - [Intel(R) Capability Licensing Service TCP IP Interface] - Intel(R) Capability Licensing Service TCP IP Interface - c:\program files\intel\icls client\socketheciserver.exe S3 - [iPod Service] - iPod-service - c:\program files\ipod\bin\ipodservice.exe S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files\microsoft office\office14\groove.exe S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe S3 - [SensorDataService] - Sensor Data Service - c:\windows\system32\sensordataservice.exe S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe S3 - [SwitchBoard] - Adobe SwitchBoard - c:\program files (x86)\common files\adobe\switchboard\switchboard.exe S3 - [TieringEngineService] - Storage Tiers Management - c:\windows\system32\tieringengineservice.exe S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe S4 - [MSSQLServerADHelper100] - SQL Active Directory Helper Service - c:\program files\microsoft sql server\100\shared\sqladhlp.exe S4 - [SQLAgent$SQLEXPRESS] - SQL Server Agent (SQLEXPRESS) - c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\sqlagent.exe S4 - [SQLBrowser] - SQL Server Browser - c:\program files (x86)\microsoft sql server\90\shared\sqlbrowser.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Serge\AppData\Roaming\Profiles\b6ivwiwl.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20162306_1132_.backup ProfilePath: C:\Users\Serge\AppData\Roaming\Profiles\gnalfah8.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20162306_1132_.backup ProfilePath: C:\Users\Serge\AppData\Roaming\Profiles\yzzfdyu4.default user.js not found ---- Lines WebSearch removed from prefs.js ---- user_pref("extensions.mywebsearch.prevKwdEnabled", true); ---- FireFox user.js and prefs.js backups ---- prefs_20162306_1132_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\TerminusStable not found C:\PROGRA~2\Wondershare not found C:\Users\Serge\AppData\Local\Wondershare deleted C:\PROGRA~2\Dualless deleted C:\Users\Serge\AppData\Roaming\0C1I1L1R1J0C1F1G1G1P1R2Z deleted C:\Users\Serge\.android deleted C:\PROGRA~2\Wise\Wise Registry Cleaner deleted C:\PROGRA~2\COMMON~1\Wondershare deleted C:\PROGRA~3\Package Cache deleted C:\Users\Serge\AppData\Local\simedit.log deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted "C:\ProgramData\mntemp" deleted "C:\Users\Serge\AppData\Roaming\driver\driver.html" deleted "C:\Users\Serge\AppData\Roaming\driver" deleted "C:\Users\Serge\AppData\Roaming\Origin" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 16327 MB CPU Info: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz CPU Speed: 4093,0 MHz Sound Card: Luidsprekers (Realtek High Defi | ASUS PB287-4 (NVIDIA High Defin | Realtek Digital Output (Realtek | Display Adapters: NVIDIA GeForce GTX 780 Ti | NVIDIA GeForce GTX 780 Ti | NVIDIA GeForce GTX 780 Ti | NVIDIA GeForce GTX 780 Ti | NVIDIA GeForce GTX 780 Ti | NVIDIA GeForce GTX 780 Ti | NVIDIA GeForce GTX 780 Ti | NVIDIA GeForce GTX 780 Ti Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1707 X 960 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | TP-LINK Wireless USB Adapter | Intel(R) Ethernet Connection (2) I218-V CD / DVD Drives: 1x (D: | ) D: ASUS BC-12D2HT Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 465,0GB | F: 2794,4GB Hard Disks - Free: C: 215,9GB | F: 2484,6GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 07/16/14 | ALASKA - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. MAXIMUS VII HERO Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Default Browser: Firefox 47.0 Internet Explorer Version: 11.420.10586.0 Mozilla Firefox version: 47.0 (x86 nl) Adobe Reader version: 15.16.20045.188096 Sun Java version: 1.8.0_91 (32-bit) Sun Java version: 1.8.0_91 (64-bit) Flash Player version: 22.0.0.192 Shockwave Player version: 12.1.3r153 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-06-15 08:43:41 E15BEB03592BA12C5C99E2BA46146BDD 4515264 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\Serge\AppData\Local\Temp ==== ====== Java Cache ===== 2016-06-08 14:08:38 66D6B51B8301B6FC0DC9FD732AF32723 625130 ----a-w- C:\Users\Serge\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\61467f60-6ab83cc4 2016-06-08 14:06:01 4F85459CEC4F78A3987FFFD5B6A816C5 605 ----a-w- C:\Users\Serge\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-453946e4 2016-06-08 14:06:01 1EE2FC4B2F3EB1613DD383D191A74DDC 100 ----a-w- C:\Users\Serge\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap 2016-06-08 14:08:34 B759435C6F1667C133A48BCDF1A60789 93 ----a-w- C:\Users\Serge\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\2a9cf1ab-2409669082ac19a649b8c250405976089d6c83894ac53ce06ef59504d7bfe1c8-6.0.lap 2016-06-08 14:06:01 33E6A7F07217C4DAFA9AA4E7714A0CCA 8513 ----a-w- C:\Users\Serge\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-25d1088b 2016-06-08 14:06:11 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Serge\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-58ae5a16 ====== C:\WINDOWS\SysWOW64 ===== 2016-06-15 08:44:10 F58B6B20BB45E99C99D0F2B73B9EE373 1372312 ----a-w- C:\WINDOWS\SysWOW64\gdi32.dll 2016-06-15 08:44:10 B004992A381FCE04934893BB7D9BDD19 504320 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2016-06-15 08:44:08 F62430C1C9A23E5BAD5C4A43A66F662B 87040 ----a-w- C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-06-15 08:44:08 688687C8D860657E6BFDD77B0FFE1DE4 59904 ----a-w- C:\WINDOWS\SysWOW64\MosStorage.dll 2016-06-15 08:44:08 20D8DBFB40E025C2E99F7146E48116CD 800768 ----a-w- C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-06-15 08:44:08 1C09B75EF1869E7790444928F89E3D3C 50176 ----a-w- C:\WINDOWS\SysWOW64\MosHostClient.dll 2016-06-15 08:44:07 CA90D72C7249D79017057F1F48FD1958 711680 ----a-w- C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-06-15 08:44:07 73A58788F32A98E446220B5E48843967 349696 ----a-w- C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-06-15 08:44:07 3C563003AFDD2E6CDC199C2EBDB07886 784896 ----a-w- C:\WINDOWS\SysWOW64\NMAA.dll 2016-06-15 08:44:07 21D80595A8427CB6F1DDC134E948AECE 6295552 ----a-w- C:\WINDOWS\SysWOW64\mos.dll 2016-06-15 08:44:07 105DE7AF1C9763E56D5322CECF3465EB 5205504 ----a-w- C:\WINDOWS\SysWOW64\BingMaps.dll 2016-06-15 08:44:06 B981A07C0A0CCE68BD90DF3E3EC520DE 1707520 ----a-w- C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-06-15 08:44:06 388077FF1642D94BF81F9D814F22BBA2 499712 ----a-w- C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-06-15 08:43:58 E391DD57E6965C8D2DB05A4A52F80EC8 546456 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-06-15 08:43:58 5922C03A67F868265E5AB176DB6D641D 316256 ----a-w- C:\WINDOWS\SysWOW64\atmfd.dll 2016-06-15 08:43:57 B09DFF7CD8E40EA77559C87F3BF310DE 703840 ----a-w- C:\WINDOWS\SysWOW64\WWAHost.exe 2016-06-15 08:43:53 92347FC58A8BD2A45F440239EA9A4F04 12128256 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-06-15 08:43:53 6D879552B32CCD2536F66F4F88F54800 19344384 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-06-15 08:43:52 FB68B81CBD3F79D09E3EA1D0DFB424B6 37376 ----a-w- C:\WINDOWS\SysWOW64\atmlib.dll 2016-06-15 08:43:51 DDE33C05D644CC57429340ACB2DA53C5 18674176 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-06-15 08:43:50 DCAC3EE469A3B0C0EC5660D730DF6BDF 9918976 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-06-15 08:43:50 6762E4ACE8D11FCD80EA4011DD22B857 5660160 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-06-15 08:43:48 9BD17D372080234722C1139DAC039C9D 93696 ----a-w- C:\WINDOWS\SysWOW64\fontsub.dll 2016-06-15 08:43:48 7823862FA05558EB61C72D8A5A163ADA 3664896 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2016-06-15 08:43:48 02ABF6A6775B745CCCEAEB4594AA6354 5323776 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-06-15 08:43:47 D8C44C34BC206902947E55E2C94E8D38 2921880 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2016-06-15 08:43:47 1E497317417C1C68B5453DD04721B16D 614400 ----a-w- C:\WINDOWS\SysWOW64\winhttp.dll 2016-06-15 08:43:44 C3BB1475ABDFBC0BB5A37D8BAF3DE733 687616 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2016-06-15 08:43:44 A495EA4706387D12C00641D8C48BA527 890368 ----a-w- C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-06-15 08:43:43 71DF6482300C802BB104514F34B460F0 91648 ----a-w- C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-06-15 08:43:42 B9AD8E15F6641E328C1543688B5EE2E8 2061824 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-06-15 08:43:42 92A252E7DAF67D36BC81758A0F8596EB 2195632 ----a-w- C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-06-15 08:43:42 7FFD756E7DD8BA83B4B4EF41F51B7DF5 1582080 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-06-15 08:43:41 836DF245362A9E09CC050EB107E85D74 467456 ----a-w- C:\WINDOWS\SysWOW64\AppContracts.dll 2016-06-15 08:43:40 A142F1D0FF07C172FA90075B7848CCD0 521728 ----a-w- C:\WINDOWS\SysWOW64\StructuredQuery.dll 2016-06-15 08:43:40 8162BC2EC9E529AA90F196A12D887308 4268880 ----a-w- C:\WINDOWS\SysWOW64\setupapi.dll 2016-06-15 08:43:40 56339962C1448BA2CF4C4D25C89938D2 521664 ----a-w- C:\WINDOWS\SysWOW64\dxgi.dll 2016-06-15 08:43:39 E724CB02012CEBF773DC9FE304DCD946 501600 ----a-w- C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-06-15 08:43:39 B011360F95F911F025BC91CB17449798 1500160 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-06-15 08:43:38 FBBE8B9147474379F54F8A1BACBF9748 388384 ----a-w- C:\WINDOWS\SysWOW64\ws2_32.dll 2016-06-15 08:43:37 FB8900191867C5B4AA61AF85B8DD1869 4074160 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2016-06-15 08:43:37 F07AE86B2CD1C2CF6AE7812C60299032 535040 ----a-w- C:\WINDOWS\SysWOW64\rastls.dll 2016-06-15 08:43:37 1B4F03A9F11169672067ED4FD7504AD6 1445888 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-06-15 08:43:36 0B2EB30A9E987E8F85C9B28BDE04F028 254656 ----a-w- C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-06-15 08:43:35 9BBE7D1B5B0FC534CBA0B2444BD05204 957608 ----a-w- C:\WINDOWS\SysWOW64\ole32.dll 2016-06-15 08:43:33 B503CB64CC62265B914DA10A5CF87B05 2230272 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-06-15 08:43:33 1F5B5642253FC9760EEACD81900C38DC 312160 ----a-w- C:\WINDOWS\SysWOW64\mswsock.dll 2016-06-15 08:43:33 110EE87B0F4E38609AD73E9075EF82A4 97096 ----a-w- C:\WINDOWS\SysWOW64\ncryptsslp.dll 2016-06-15 08:43:28 D93D6F9BC1EE3329A9DCF3B9591EB156 219136 ----a-w- C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-06-15 08:43:28 56DEB6F17F290B8C4AF8B2AA10097B55 88576 ----a-w- C:\WINDOWS\SysWOW64\olepro32.dll 2016-06-15 08:43:27 551624F398703A90CAFCC5777CEA99E8 450560 ----a-w- C:\WINDOWS\SysWOW64\SyncController.dll 2016-06-15 08:43:27 2FDF5001427D457AC43942FADC742404 360480 ----a-w- C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-06-15 08:43:26 CD12A269274F2916A3661198E13CBBC4 799744 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll 2016-06-15 08:43:26 A3B6AED415AEEA114597E5043F45FF18 415232 ----a-w- C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-06-15 08:43:26 8000FB1D40149AC05F6BDE9248A6B956 230400 ----a-w- C:\WINDOWS\SysWOW64\dhcpcore6.dll 2016-06-15 08:43:25 861D71E2284DCEA5E9309CDE8D920252 485888 ----a-w- C:\WINDOWS\SysWOW64\newdev.dll 2016-06-15 08:43:25 53BD5A0B7D0B027984D99BEDB945CEE6 84832 ----a-w- C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-06-15 08:43:25 4DED20A327D15D69FB85310D14D67711 291328 ----a-w- C:\WINDOWS\SysWOW64\polstore.dll 2016-06-15 08:43:24 4243F729D260C0D6C6A3B605F51FD518 103424 ----a-w- C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-06-15 08:43:23 4F34CCC76E60CCE8BA12663A747EC05B 57344 ----a-w- C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2016-06-15 08:43:22 88A3958213B43EED8402D4496149924A 64000 ----a-w- C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2016-06-15 08:43:21 CEF14DB231B344BBDBF7C04A12D8336B 293888 ----a-w- C:\WINDOWS\SysWOW64\dhcpcore.dll 2016-06-15 08:43:21 5DC9ED2C89D94C47892DF237D604BDC8 200192 ----a-w- C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2016-06-15 08:43:21 4C6145BBEFDD7092ABFA5F7614BA2E66 53760 ----a-w- C:\WINDOWS\SysWOW64\FwRemoteSvr.dll 2016-06-15 08:43:20 A9E193BE154B7145EF06FD0FD10232A0 151040 ----a-w- C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-06-15 08:43:20 69E1CFC67F4A4043F01AD3513A73ED02 161280 ----a-w- C:\WINDOWS\SysWOW64\InstallAgent.exe ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-06-15 08:44:09 E7522EFA8A09808046F88BCF3F1B8827 1594416 ----a-w- C:\WINDOWS\Sysnative\gdi32.dll 2016-06-15 08:44:09 C1B13204994572C941C14A7FF410C4D6 24605696 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-06-15 08:44:09 7A654D6E586FDE14C8B805BED03D74B7 45568 ----a-w- C:\WINDOWS\Sysnative\atmlib.dll 2016-06-15 08:44:09 6521E1FB66B3E1897C4EFDECC7C95D4C 606208 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2016-06-15 08:44:08 730D45D8008EECC0BAD2CBEB48A5EA6F 853504 ----a-w- C:\WINDOWS\Sysnative\MapsStore.dll 2016-06-15 08:44:08 669A63116B94E259A6D583C099A6B48C 460800 ----a-w- C:\WINDOWS\Sysnative\MapConfiguration.dll 2016-06-15 08:44:08 3CF4B1B09166346F5CA6C3BFBEF2EB8C 1056256 ----a-w- C:\WINDOWS\Sysnative\JpMapControl.dll 2016-06-15 08:44:07 8E49ED08328FB7446228617B129DD377 7200256 ----a-w- C:\WINDOWS\Sysnative\BingMaps.dll 2016-06-15 08:44:06 EBE69568E527FD4EF37EDD0C62608B28 7977472 ----a-w- C:\WINDOWS\Sysnative\mos.dll 2016-06-15 08:44:06 E91AB87F7E533BA1566FDEC651347E07 988160 ----a-w- C:\WINDOWS\Sysnative\NMAA.dll 2016-06-15 08:44:06 4799A06F0BC0694E8D6FBF38110B7F65 939520 ----a-w- C:\WINDOWS\Sysnative\MapControlCore.dll 2016-06-15 08:44:05 CAB0FCF4F680E552329366614C83A808 630784 ----a-w- C:\WINDOWS\Sysnative\MessagingDataModel2.dll 2016-06-15 08:44:05 C49E5A83F5454A06A1306A8B1589B928 1996288 ----a-w- C:\WINDOWS\Sysnative\ActiveSyncProvider.dll 2016-06-15 08:44:05 2FEEF51C4A1DB9D1334D5B77DEC92865 22379008 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-06-15 08:44:02 FA2CDF42B3E9F53B12E506BA48BE16AA 72704 ----a-w- C:\WINDOWS\Sysnative\moshost.dll 2016-06-15 08:44:02 985F15F4F0922BD34BDD42AD2F5EC86A 89088 ----a-w- C:\WINDOWS\Sysnative\MapsCSP.dll 2016-06-15 08:44:02 77C9887E5E4A99F3A6F717DF24874E00 66560 ----a-w- C:\WINDOWS\Sysnative\MosHostClient.dll 2016-06-15 08:44:02 76A304EBFC5FF61C5F5B35259AA64EAE 269824 ----a-w- C:\WINDOWS\Sysnative\moshostcore.dll 2016-06-15 08:44:02 0DA05DFF1CFF34D421475DCEEB4F42A8 74752 ----a-w- C:\WINDOWS\Sysnative\MosStorage.dll 2016-06-15 08:44:02 0C1F4E23E2E834C7EE795D23EC383205 28672 ----a-w- C:\WINDOWS\Sysnative\mapsupdatetask.dll 2016-06-15 08:44:02 0272C6FF9DB6902D9958AC108EB7F7C2 120320 ----a-w- C:\WINDOWS\Sysnative\MapsBtSvc.dll 2016-06-15 08:44:01 3704397D35001B56B371B3395BD8B876 123392 ----a-w- C:\WINDOWS\Sysnative\tdlrecover.exe 2016-06-15 08:44:01 224DC52AE777A1B23A6774B6C4C04853 2609664 ----a-w- C:\WINDOWS\Sysnative\NetworkMobileSettings.dll 2016-06-15 08:43:59 F7A0927CE6772BD2B809DAB4C18F52F2 46784 ----a-w- C:\WINDOWS\Sysnative\CompatTelRunner.exe 2016-06-15 08:43:59 CE8A06FE15854BAEE15E5E87D1CB6EBA 1401024 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll 2016-06-15 08:43:59 AA2D40D4C045D014FD481BC17308A09A 118272 ----a-w- C:\WINDOWS\Sysnative\fontsub.dll 2016-06-15 08:43:58 F0DF375130CF8A135D9BF5459BD7691D 636304 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe 2016-06-15 08:43:58 5CE34C981833706A0B6051572AC5B6CE 379232 ----a-w- C:\WINDOWS\Sysnative\atmfd.dll 2016-06-15 08:43:58 05E07AE24F3BE69DEF01145C9BF99B8C 6973952 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll 2016-06-15 08:43:57 E53E383F2C47424BD793210CC3A17FE5 808288 ----a-w- C:\WINDOWS\Sysnative\WWAHost.exe 2016-06-15 08:43:56 9EDE32C8BEAF4E95CBCE3CA158984D2A 3585536 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsThresholdAdminFlowUI.dll 2016-06-15 08:43:56 26E32337D1525AE114645A53EBA9ECDE 13385728 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-06-15 08:43:55 80851FD6C1795071602244DDAC856C78 11545088 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-06-15 08:43:54 A68F4601A79556A0E912458703D30A1D 7832576 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-06-15 08:43:53 C9CF27CF340A5909B1C1953776957C87 567808 ----a-w- C:\WINDOWS\Sysnative\MBMediaManager.dll 2016-06-15 08:43:52 1CF69EF4E2844F9D297F309CF80122CB 2168320 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2016-06-15 08:43:51 D2A63D882C5A702C0E3081D4CC6855B0 3994624 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll 2016-06-15 08:43:50 5370350A591EC5A55801AA8378DFADCE 4896256 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2016-06-15 08:43:49 B89C353AFC8F56D961D07FF1FE7B4BCD 1339904 ----a-w- C:\WINDOWS\Sysnative\gpsvc.dll 2016-06-15 08:43:48 D4B30E23A3B373648F61290DAF432CB2 794624 ----a-w- C:\WINDOWS\Sysnative\winhttp.dll 2016-06-15 08:43:48 C3417E8791096AA0E211B201ACA66757 2582016 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2016-06-15 08:43:47 2C3C82F85556F91EC1621268DDCC7554 3675512 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2016-06-15 08:43:46 C39B97A8B3C193303D09A3C95AF46531 1322248 ----a-w- C:\WINDOWS\Sysnative\ole32.dll 2016-06-15 08:43:46 4B4439FE941574FDF7A757DF6E100705 3590144 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-06-15 08:43:46 131547B1C1D2ABD355C5DFE945BCB9A4 693600 ----a-w- C:\WINDOWS\Sysnative\NetSetupEngine.dll 2016-06-15 08:43:45 DDA0A83CA083DC6CBFAB7015B10F5377 1716736 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll 2016-06-15 08:43:45 BDF4623C41C0782EE640C2466510FDD7 784384 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2016-06-15 08:43:45 2BB3FACF2648595E14FAD596DC68DB65 7474528 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-06-15 08:43:45 186F9035AEF7E15C4D3F15C3536AB24C 2548944 ----a-w- C:\WINDOWS\Sysnative\d3d10warp.dll 2016-06-15 08:43:44 D56E06BE971D9AE99400D435D28D56ED 592896 ----a-w- C:\WINDOWS\Sysnative\AppContracts.dll 2016-06-15 08:43:44 CA2F55C653DEEEC99802103AD6C9E810 1797120 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Immersive.dll 2016-06-15 08:43:44 A8AFB8AD3E24134382BFA0EBE534F95C 290496 ----a-w- C:\WINDOWS\Sysnative\invagent.dll 2016-06-15 08:43:44 8D3AC00C88BC2A63D1D3CC320E0EAA19 2281472 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-06-15 08:43:44 7ECACE6D0B4C2D323408EB00FD93C682 503808 ----a-w- C:\WINDOWS\Sysnative\tileobjserver.dll 2016-06-15 08:43:43 729B7FF96EC3C2EC13EEBD12BBF15322 649792 ----a-w- C:\WINDOWS\Sysnative\dxgi.dll 2016-06-15 08:43:43 5AAB28A6AC2AAC9F66D4EAB6695D0474 963072 ----a-w- C:\WINDOWS\Sysnative\iphlpsvc.dll 2016-06-15 08:43:43 1A7C3451A5BD863F9FC4D7421D353374 982016 ----a-w- C:\WINDOWS\Sysnative\AppxPackaging.dll 2016-06-15 08:43:42 FA8E0A9C648035CA1B47C9DA77EDB7EA 380416 ----a-w- C:\WINDOWS\Sysnative\SystemEventsBrokerServer.dll 2016-06-15 08:43:42 A63889B4BCFDF67306AC239374F823B0 2066432 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2016-06-15 08:43:41 CD9F1B2F8D6FDDEB0501666542E31D96 990208 ----a-w- C:\WINDOWS\Sysnative\SharedStartModel.dll 2016-06-15 08:43:41 5B813FADEA5BE9195F01C83287F823F7 190464 ----a-w- C:\WINDOWS\Sysnative\wscsvc.dll 2016-06-15 08:43:41 248EE89220C4B1156EDA5F295C9133D3 1730560 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-06-15 08:43:40 E3B8996D970DB8926A817A4BFC3DA5FD 285184 ----a-w- C:\WINDOWS\Sysnative\VEEventDispatcher.dll 2016-06-15 08:43:40 57C88C15CEC97318F580D7F4327AAA46 163328 ----a-w- C:\WINDOWS\Sysnative\tetheringservice.dll 2016-06-15 08:43:39 F69610C2C741B025CE28BBAA7DA8A9EA 684544 ----a-w- C:\WINDOWS\Sysnative\StructuredQuery.dll 2016-06-15 08:43:39 F68AD4ACC7535D811F94A52233AE0457 430312 ----a-w- C:\WINDOWS\Sysnative\ws2_32.dll 2016-06-15 08:43:39 8DB6AE22A974739EB53C7FA3DBD7EAAA 1390080 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll 2016-06-15 08:43:39 3EAE04B6CBACAB9CF850A5009F02065E 730344 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Shell.Broker.dll 2016-06-15 08:43:38 F818A7A8BA20F9E20087248FFF1717C8 90624 ----a-w- C:\WINDOWS\Sysnative\DeviceEnroller.exe 2016-06-15 08:43:38 DD285F10B3AB2588FED953E559ABEADD 610816 ----a-w- C:\WINDOWS\Sysnative\rastls.dll 2016-06-15 08:43:38 BD5DD35352A6DEDBBF1472C06A123E27 965632 ----a-w- C:\WINDOWS\Sysnative\SRH.dll 2016-06-15 08:43:38 56622DFB0F03B7697B054F256C900A8E 303216 ----a-w- C:\WINDOWS\Sysnative\LockAppHost.exe 2016-06-15 08:43:38 4973B94DE96E78AF1128A557846E8411 4387680 ----a-w- C:\WINDOWS\Sysnative\setupapi.dll 2016-06-15 08:43:38 0D33D06EF42E3BC6A7BBC4F7F7517C25 368640 ----a-w- C:\WINDOWS\Sysnative\usocore.dll 2016-06-15 08:43:37 F3E636B2A747493206336114208918FB 173056 ----a-w- C:\WINDOWS\Sysnative\mdmmigrator.dll 2016-06-15 08:43:37 87F0A5CDFF9DE712B1F009EDBF8D9779 641536 ----a-w- C:\WINDOWS\Sysnative\enterprisecsps.dll 2016-06-15 08:43:37 861DE49C2ACE112CE1A83DF5E6A7AB97 239104 ----a-w- C:\WINDOWS\Sysnative\BrokerLib.dll 2016-06-15 08:43:37 2885631DD8DDB06C091310E6C837AFB0 92352 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll 2016-06-15 08:43:36 FFFDA814EE04E06DA9F0BADAA22ABBFD 145920 ----a-w- C:\WINDOWS\Sysnative\omadmclient.exe 2016-06-15 08:43:36 DF7A59E70F398EEB9FDCDD310987D8AE 1073152 ----a-w- C:\WINDOWS\Sysnative\RDXService.dll 2016-06-15 08:43:36 4F2621E187382D22045D0BC65B23858E 587776 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll 2016-06-15 08:43:35 BEE99FBB55E3BFFCF85D0C0A8D26261F 431296 ----a-w- C:\WINDOWS\Sysnative\bcryptprimitives.dll 2016-06-15 08:43:35 9547F6675FB25D558BB0F10F1EC9DDD8 591360 ----a-w- C:\WINDOWS\Sysnative\vpnike.dll 2016-06-15 08:43:35 6DC05FFA78B5E1D34AFDBA08D00B1A8B 22561256 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2016-06-15 08:43:34 75CC21C976BFF286E706AA2D133EB9D4 2755584 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-06-15 08:43:34 39231A451D553196A909D02C05945CED 428896 ----a-w- C:\WINDOWS\Sysnative\hal.dll 2016-06-15 08:43:33 2E6EBC6F331900D943EB5F58C1835AFB 417792 ----a-w- C:\WINDOWS\Sysnative\dmenrollengine.dll 2016-06-15 08:43:33 199298181CB86E5056D82BD1F86C8A97 357216 ----a-w- C:\WINDOWS\Sysnative\mswsock.dll 2016-06-15 08:43:32 4F99255A964A4009D434338D87A3610D 332288 ----a-w- C:\WINDOWS\Sysnative\polstore.dll 2016-06-15 08:43:30 6655228B16A6371BE3B45E7913B52250 111064 ----a-w- C:\WINDOWS\Sysnative\ncryptsslp.dll 2016-06-15 08:43:29 FEAFB991662BF0AD233CC090E83E4FD3 131248 ----a-w- C:\WINDOWS\Sysnative\gpapi.dll 2016-06-15 08:43:29 D67052BD0DA9C17BCBBF8AB5B6D354EE 392192 ----a-w- C:\WINDOWS\Sysnative\IPSECSVC.DLL 2016-06-15 08:43:28 9E79A2208A9ED205A7383CBC92C28053 79872 ----a-w- C:\WINDOWS\Sysnative\cryptsvc.dll 2016-06-15 08:43:28 9A293A4EE7C2283AD9689AB268B6CBA5 555520 ----a-w- C:\WINDOWS\Sysnative\SyncController.dll 2016-06-15 08:43:28 579BA42B70965456C170E98BD481E8F6 315392 ----a-w- C:\WINDOWS\Sysnative\RDXTaskFactory.dll 2016-06-15 08:43:27 6B585B45402B04EF80CB81969682DBE6 693760 ----a-w- C:\WINDOWS\Sysnative\internetmail.dll 2016-06-15 08:43:27 672694F7708B6531F7B3219D9FAE2845 199168 ----a-w- C:\WINDOWS\Sysnative\GnssAdapter.dll 2016-06-15 08:43:27 537CC506D45C691CD1FFF2D918E8C27C 174080 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_Privacy.dll 2016-06-15 08:43:26 D7C68ADAF1DA79072A44620CD3042E44 170848 ----a-w- C:\WINDOWS\Sysnative\NetworkUXBroker.exe 2016-06-15 08:43:26 D5F1729225B3D3B69F76A191320952C7 514752 ----a-w- C:\WINDOWS\Sysnative\devinv.dll 2016-06-15 08:43:26 D07172DFA6BD46545A7708DD78F02D14 1184960 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2016-06-15 08:43:26 26E9FC9FFDEF863021D3C18A30B4373F 267264 ----a-w- C:\WINDOWS\Sysnative\dhcpcore6.dll 2016-06-15 08:43:25 EFE15754302A2188C933164CFF9AEFD1 111104 ----a-w- C:\WINDOWS\Sysnative\updatepolicy.dll 2016-06-15 08:43:25 C91D271837F2A7DE9875CF50068BF503 511488 ----a-w- C:\WINDOWS\Sysnative\newdev.dll 2016-06-15 08:43:25 A83B4BBA591A3243C61DB825201BA024 115040 ----a-w- C:\WINDOWS\Sysnative\NetSetupApi.dll 2016-06-15 08:43:25 83BF0EE2DB8AB8059B8979E7DF143AF1 26408 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2016-06-15 08:43:25 38A4CE75D9E6FDC28393971ADFD6F9FB 218624 ----a-w- C:\WINDOWS\Sysnative\cdd.dll 2016-06-15 08:43:24 D461D2BECEFA661291EB1B748A8D2CCB 355840 ----a-w- C:\WINDOWS\Sysnative\dhcpcore.dll 2016-06-15 08:43:24 8561E653AEB0EFCAD88DE082C282E831 76800 ----a-w- C:\WINDOWS\Sysnative\ngcpopkeysrv.dll 2016-06-15 08:43:24 58BC9F0C8D92AD7E45F03596BE2E68B4 550912 ----a-w- C:\WINDOWS\Sysnative\StoreAgent.dll 2016-06-15 08:43:24 519E5DB2F227B7293EF94D18D5753738 157184 ----a-w- C:\WINDOWS\Sysnative\dmcertinst.exe 2016-06-15 08:43:23 FA0CCA622E2046BC47A81D9A2630F5E9 67072 ----a-w- C:\WINDOWS\Sysnative\dhcpcsvc6.dll 2016-06-15 08:43:23 201A90736B86C3478DD03FD238691944 1387520 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2016-06-15 08:43:22 E32F15E26724F3BB6423FB29FF3E2A8F 278016 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Management.dll 2016-06-15 08:43:22 47C395DAD8900E2E054FE3AE0FE7C345 406528 ----a-w- C:\WINDOWS\Sysnative\MusUpdateHandlers.dll 2016-06-15 08:43:22 3CFDA42F5C7914509CD660D1062A8E55 19456 ----a-w- C:\WINDOWS\Sysnative\httpprxp.dll 2016-06-15 08:43:22 163A6E3A267DBE416679A76D1FA57C4B 86016 ----a-w- C:\WINDOWS\Sysnative\dhcpcsvc.dll 2016-06-15 08:43:22 003A0EA097767462F3417B7857DCE1CC 79360 ----a-w- C:\WINDOWS\Sysnative\adhsvc.dll 2016-06-15 08:43:21 F605380B537201BD3BC0CDFB5AD53530 162816 ----a-w- C:\WINDOWS\Sysnative\enrollmentapi.dll 2016-06-15 08:43:21 E37D5E1BB9F53BD499125B3F0F27E94E 128512 ----a-w- C:\WINDOWS\Sysnative\httpprxm.dll 2016-06-15 08:43:21 D6DAEA66B2A9349DD38BFE528BBFAFA6 91136 ----a-w- C:\WINDOWS\Sysnative\browserbroker.dll 2016-06-15 08:43:21 265CCC1C1FEF749DC82458D114C2BE34 166400 ----a-w- C:\WINDOWS\Sysnative\MusNotification.exe 2016-06-15 08:43:21 0F98F18445707A9141F74B3C48F919A6 90112 ----a-w- C:\WINDOWS\Sysnative\FwRemoteSvr.dll 2016-06-15 08:43:20 A3AA03C0C5002F3D89397637B770A1BA 207360 ----a-w- C:\WINDOWS\Sysnative\NetSetupSvc.dll 2016-06-15 08:43:20 3E10999029D3D2C13F8AAA204E7D5B5F 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2016-06-15 08:43:20 1F933CB5AECF7484A0589633A75132A2 176640 ----a-w- C:\WINDOWS\Sysnative\mdmregistration.dll 2016-06-15 08:43:19 E527156DDC1367CD795AD231C5C439C4 414720 ----a-w- C:\WINDOWS\Sysnative\bcastdvr.exe 2016-06-15 08:43:19 A1E25DFE54E3D41CB528ACA5CE9480F7 199168 ----a-w- C:\WINDOWS\Sysnative\InstallAgent.exe 2016-06-15 08:43:19 6B7F0785FF5AA23B7005D969BED95DB2 86528 ----a-w- C:\WINDOWS\Sysnative\AppCapture.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2016-06-23 05:18:15 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys 2016-06-23 05:17:50 898415AC0B5F1D2A9A48ABCB68A6DC4B 65408 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2016-06-23 05:17:50 78BFF5425E044086E74E78650A359FBB 27008 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2016-06-23 05:17:50 1239597BAB7EED2BB16D035AF87E65D9 140672 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2016-06-21 14:34:56 8B084B611D6DC8A0882DD162793DECC3 80768 ----a-w- C:\WINDOWS\Sysnative\drivers\ucguard.sys 2016-06-21 14:30:02 93DF6F8B1FEC256710905DB825999F03 54664 ----a-w- C:\WINDOWS\Sysnative\drivers\blNetFilter.sys 2016-06-15 08:43:45 3996DF4D52FD6273750C7033D1447C0A 31744 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsdport.sys 2016-06-15 08:43:40 8B83335B6A86F39785FC7C9DE5F5B29F 1996640 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-06-15 08:43:37 425CFD45BDF5B9F8B790BEB20E0A8721 161632 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2016-06-15 08:43:36 CF78AF126B00C1B0A6FF45BD838E8EFE 331616 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2016-06-15 08:43:36 C03E926B0E7D66D68994067231DC3246 278528 ----a-w- C:\WINDOWS\Sysnative\drivers\netbt.sys 2016-06-15 08:43:36 2568B86F6A50D254324CB89022CA9EFC 690176 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2016-06-15 08:43:35 BE88248427A6AA548A904FD867667F70 406528 ----a-w- C:\WINDOWS\Sysnative\drivers\srv.sys 2016-06-15 08:43:35 3F7C80D9F16B94367646CBF8B8C052F4 604928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-06-15 08:43:34 8E9E48E4BC6EACB811FE6066ADACC7A5 577376 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-06-15 08:43:33 87B9ABB965F7AF987D52791F0DD1663D 211296 ----a-w- C:\WINDOWS\Sysnative\drivers\tpm.sys 2016-06-15 08:43:29 6E520D6B16EA8AE23D1F81C1194F00C8 237056 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2016-06-15 08:43:27 D330D74B5F99309B5CCA30AE41C57CDE 118624 ----a-w- C:\WINDOWS\Sysnative\drivers\partmgr.sys 2016-06-15 08:43:26 05DD22294A4F3F89E52351C7721E6D2C 258912 ----a-w- C:\WINDOWS\Sysnative\drivers\ufx01000.sys 2016-06-15 08:43:24 883A36E2FF7FA3E1281CB575579FE3AF 124928 ----a-w- C:\WINDOWS\Sysnative\drivers\Ndu.sys 2016-06-15 08:43:23 020F3FD207AFEDAC8E05E4C567547A78 155136 ----a-w- C:\WINDOWS\Sysnative\drivers\hidclass.sys 2016-05-31 13:15:07 D722BC26F7431A4DA9A183E56CA9FEE3 129152 ----a-w- C:\WINDOWS\Sysnative\drivers\ssudbus.sys 2016-05-31 13:15:07 600112EF97F1238B3B91B918BE12C6BD 221824 ----a-w- C:\WINDOWS\Sysnative\drivers\ssudserd.sys 2016-05-31 13:15:07 36C3697CA09B23C77BDF95A6B0B57310 221824 ----a-w- C:\WINDOWS\Sysnative\drivers\ssudmdm.sys 2016-05-31 13:15:00 5EB01E6148742C3EC2185AC92F6D16FD 188232 ----a-w- C:\WINDOWS\Sysnative\drivers\ssadmdm.sys 2016-05-31 13:15:00 0D7B007DEA662EE90C87CB0AEA5D692A 17736 ----a-w- C:\WINDOWS\Sysnative\drivers\ssadwhnt.sys 2016-05-31 13:14:59 FE9FA1AAE4D00CA73ADEF4437CD89679 17224 ----a-w- C:\WINDOWS\Sysnative\drivers\ssadcmnt.sys 2016-05-31 13:14:59 D6CFD3B2EABCF9327DE39C62BABFA1E3 21320 ----a-w- C:\WINDOWS\Sysnative\drivers\ssadmdfl.sys 2016-05-31 13:14:59 52D6F40B50ECFC051979FEC68E74F0F8 169288 ----a-w- C:\WINDOWS\Sysnative\drivers\ssadbus.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-06-08 13:08:57 -------- d---a-w- C:\Program Files\7-Zip ======= C:\PROGRA~2 ===== 2016-06-08 14:04:55 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Serge\AppData\Roaming ====== 2016-06-21 14:26:09 -------- d-----w- C:\Users\Serge\AppData\Local\Profiles ====== C:\Users\Serge ====== 2016-06-23 08:15:27 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2016-06-18 09:45:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2016-06-08 14:04:48 -------- d-----w- C:\Users\Serge\.oracle_jre_usage 2016-06-08 13:08:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip ====== C: exe-files == 2016-06-22 18:47:36 A65D09EC631ECE79A451ACB78D3991EB 8129032 ----a-w- C:\Users\Serge\AppData\Local\NVIDIA\NvBackend\Packages\00008e32\DAO.20874786.exe 2016-06-21 14:46:23 D6D2B64E441FED635993CDEE81DB3123 43008 ----a-w- C:\FRST\Quarantine\C\Users\Serge\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.0_0\bin\PPHelper\DriverInstallerX86.exe 2016-06-21 14:46:23 79356850FFA4F4146D7C6EA92482E7B9 688640 ----a-w- C:\FRST\Quarantine\C\Users\Serge\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.0_0\bin\PPHelper\PPAdbServer.exe 2016-06-21 14:46:23 64DA8FE5680C553E26F8BD9364BB7314 88832 ----a-w- C:\FRST\Quarantine\C\Users\Serge\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.0_0\bin\PPHelper\conx64.exe 2016-06-21 14:46:23 4DB1654048A8745CFDF47B5B54573B31 1656320 ----a-w- C:\FRST\Quarantine\C\Users\Serge\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.0_0\bin\PPHelper\ucppahelper.exe 2016-06-21 14:46:23 10AB3710B1837E0E1506649B7C3CC3F1 41984 ----a-w- C:\FRST\Quarantine\C\Users\Serge\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.0_0\bin\PPHelper\DriverInstallerX64.exe 2016-06-21 14:46:23 0D57231EF1A43430DC4A89EC7A8384DD 85248 ----a-w- C:\FRST\Quarantine\C\Users\Serge\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.0_0\bin\PPHelper\conx86.exe 2016-06-21 14:36:44 CCD57994AB59CA06C037918BA4B6712B 766976 ----a-w- C:\FRST\Quarantine\C\Users\Serge\AppData\Roaming\R0UNe\uninstaller.exe 2016-06-21 14:36:42 84F3660D31ACB866AD341F284D7C137E 565248 ----a-w- C:\FRST\Quarantine\C\Users\Serge\AppData\Roaming\R0UNe\windows screen manager.exe 2016-06-21 14:29:57 AAA01F3781127F2BA3529D9798B676B3 1883136 ----a-w- C:\FRST\Quarantine\C\Users\Serge\AppData\Roaming\UPUpdata\msiql.exe 2016-06-21 14:29:30 CF87E811DD8C051EF2009ED6461683C1 1945600 ----a-w- C:\FRST\Quarantine\C\Users\Serge\AppData\Roaming\UPUpdata\service90132.exe 2016-06-21 05:58:34 3833307E51D4D745687BEBAC791A45BE 701320 ----a-w- C:\Users\Serge\AppData\Local\NVIDIA\NvBackend\Packages\00008df3\CoProc update.20869136.exe === C: other files == 2016-06-23 05:18:15 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2016-06-23 05:17:50 898415AC0B5F1D2A9A48ABCB68A6DC4B 65408 ----a-w- C:\Windows\System32\drivers\mwac.sys 2016-06-23 05:17:50 78BFF5425E044086E74E78650A359FBB 27008 ----a-w- C:\Windows\System32\drivers\mbam.sys 2016-06-23 05:17:50 1239597BAB7EED2BB16D035AF87E65D9 140672 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2016-06-21 14:34:56 8B084B611D6DC8A0882DD162793DECC3 80768 ----a-w- C:\Windows\System32\drivers\ucguard.sys 2016-06-21 14:30:02 93DF6F8B1FEC256710905DB825999F03 54664 ----a-w- C:\Windows\System32\drivers\blNetFilter.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-2767470344-2418330843-2961721033-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CAHeadless"="C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" "OneDrive"="C:\Users\Serge\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WD Drive Unlocker"="C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe" "DriveUtilitiesHelper"="C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe" "Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" "AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin" "PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CAHeadless"="C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" "OneDrive"="C:\Users\Serge\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17/06/2016 13:40] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/09/2015 06:17] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/09/2015 06:17] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\AdobeAAMUpdater-1.0-TonesPC-Serge" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\KMS Activation for Office" [C:\Windows\KMSAct.exe] "C:\WINDOWS\SysNative\tasks\Start Corsair Link" ["C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{8DA3A96F-025D-42F4-830A-EC7454A96BC8}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2016-03-18 15:25:35 -------- d-----w- C:\PROGRA~3\Apowersoft 2016-03-29 12:22:46 -------- d-----w- C:\PROGRA~3\Movavi Video Converter 15 2016-03-31 09:24:24 -------- d-----w- C:\PROGRA~3\NortonInstaller 2016-03-31 09:24:26 -------- d-----w- C:\PROGRA~3\Norton 2016-05-01 08:38:15 -------- d-----w- C:\PROGRA~3\Wondershare 2016-06-23 05:17:50 -------- d-----w- C:\PROGRA~3\Malwarebytes ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Serge\AppData\Roaming\Profiles\b6ivwiwl.default user_pref("browser.startup.homepage", "WWW.HLN.BE"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn" [15/10/2015 08:36] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Serge\AppData\Roaming\Profiles\b6ivwiwl.default - Dictionnaire franais - %ProfilePath%\extensions\fr-dicollecte@dictionaries.addons.mozilla.org ProfilePath: C:\Users\Serge\AppData\Roaming\Profiles\gnalfah8.default - Dictionnaire franais - %ProfilePath%\extensions\fr-dicollecte@dictionaries.addons.mozilla.org ProfilePath: C:\Users\Serge\AppData\Roaming\Profiles\yzzfdyu4.default - Dictionnaire franais - %ProfilePath%\extensions\fr-dicollecte@dictionaries.addons.mozilla.org AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== ==== Chromium Look ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Search Bar"="http://www.google.com" "Use Search Asst"="yes" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com" "SearchAssistant"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.com" "Use Search Asst"="no" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC ==== Deleting Registry Keys ====================== HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\363FB0CBBA367FF4E81FEAD0F717B142 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\Serge\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O4 - Startup: Win32srv.lnk = C:\Windows\dfcc\Adobe_Premiere_Elements_12_Crack.exe O4 - Startup: Winsrv64.lnk = C:\Windows\cssr\setup.exe O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Active File Monitor V12 (AdobeActiveFileMonitor12.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: RunSwUSB - Unknown owner - C:\Windows\runSW.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Serge\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Serge\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Serge\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Serge\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=145 folders=68 115074833 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Serge\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 23/06/2016 at 11:36:34,49 ======================