Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Richard on zo 14-08-2016 at 10:32:00,42. Microsoft Windows 8.1 Enterprise 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Richard\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2016-08-14-081910.log 49986 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\IObit deleted successfully C:\Users\Richard\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\IObit not found C:\Program Files (x86)\AVG Web TuneUp not found C:\Program Files (x86)\IObit\Advanced SystemCare 3 not found C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater not found "C:\Program Files (x86)\PP??2.0" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Richard\AppData\Local\Temp ==== 2016-08-14 08:29:30 97544B909AFA6819B1064F09CD699E7E 63029248 ----a-w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\mpam-b2a576b6.exe 2016-08-14 08:27:19 CC1827FAAC97AE29826A2E9BBF709A0A 1362424 ----a-w- C:\Users\Richard\AppData\Local\Temp\SafeZone Installer\installer.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-08-14 07:56:12 F78D2BF2C551BE9DF6A2F3210A2964C1 97856 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-08-11 05:49:03 7FA4D74CC9940BD4FDF248C64FE19F20 15158272 ----a-w- C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2016-08-11 05:48:58 BFF7119B5E232F36EEFCFF1CC53C0160 19788688 ----a-w- C:\Windows\SysWOW64\shell32.dll 2016-08-11 05:48:52 F6B88F20C88E78867FE9C2E8960385A4 1613528 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2016-08-11 05:48:48 AC7D7440632FD5F6A9259CE39334E856 626176 ----a-w- C:\Windows\SysWOW64\winhttp.dll 2016-08-11 05:48:48 45B32760EE7F74AE0D8657286C2B274C 2317824 ----a-w- C:\Windows\SysWOW64\CertEnroll.dll 2016-08-11 05:48:45 CAB4F6336C48C0959DB06D0EE46CCAD7 800768 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2016-08-11 05:48:45 C195D52B97F1F2909794E566B04C7C82 1212256 ----a-w- C:\Windows\SysWOW64\ole32.dll 2016-08-11 05:48:45 4A9D63560E7753F666E5EEADAD1F6025 862720 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2016-08-11 05:48:44 34D7B359AF1BB7FCB9E3786D5CE51773 413184 ----a-w- C:\Windows\SysWOW64\webio.dll 2016-08-11 05:48:43 0226079EFADB4BBDF849EC3FBD23C845 91416 ----a-w- C:\Windows\SysWOW64\ncryptsslp.dll 2016-08-11 05:48:42 F6BC658320F67F8689A13792B11A9F3A 357376 ----a-w- C:\Windows\SysWOW64\schannel.dll 2016-08-11 05:48:42 8C5DD41EBAC8116DBD935427C5FE4255 727040 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2016-08-11 05:48:42 2BF465ADC668730CE14181262FDDE065 3273728 ----a-w- C:\Windows\SysWOW64\rdpcore.dll 2016-08-11 05:48:41 8DF6158250D75654F0A95E9486FFD74E 3607040 ----a-w- C:\Windows\SysWOW64\msi.dll 2016-08-11 05:48:40 26B03453376E375C8598F456C2A238D3 218112 ----a-w- C:\Windows\SysWOW64\Windows.Devices.Geolocation.dll 2016-08-11 05:48:39 5294CF018BF48C3C5C40C073CAD9BC00 99136 ----a-w- C:\Windows\SysWOW64\cryptxml.dll 2016-08-11 05:48:39 0F885F103D107B2BADFC0D53036862C0 281088 ----a-w- C:\Windows\SysWOW64\LocationApi.dll 2016-08-11 05:48:38 AA5E14276A0AF0BB3D3E6305A24AC02A 30984 ----a-w- C:\Windows\SysWOW64\UserAccountBroker.exe 2016-08-11 05:48:38 0257B25DAE13FF41CF60261EDC6DF516 59904 ----a-w- C:\Windows\SysWOW64\msiexec.exe 2016-08-11 05:48:36 A39157A0B76BF555489CCA3736C73F67 543232 ----a-w- C:\Windows\SysWOW64\FirewallAPI.dll 2016-08-11 05:48:35 E8CA62A0B12DF8E30551C837F46E3EFC 199168 ----a-w- C:\Windows\SysWOW64\WebClnt.dll 2016-08-11 05:48:23 95B8C952D389F5CEE49AC55F99C864CB 20480 ----a-w- C:\Windows\SysWOW64\wfapigp.dll 2016-08-11 05:48:22 D365B46072B17B6DD3B1E54BF8E1A57F 86016 ----a-w- C:\Windows\SysWOW64\olepro32.dll 2016-08-11 05:48:22 CD9FDE5828EDDB4CF0E2144CAA5B0BA1 192512 ----a-w- C:\Windows\SysWOW64\gpresult.exe 2016-08-11 05:48:22 91B5B5CED8DC6C1592522DE33BE2536F 66560 ----a-w- C:\Windows\SysWOW64\hbaapi.dll 2016-08-11 05:48:20 E4B7BA1919B8A9C701DC4CC12FEAF499 1060352 ----a-w- C:\Windows\SysWOW64\certutil.exe 2016-08-11 05:48:20 1AC127FB0FAE1AD2C209981EC68CB384 44032 ----a-w- C:\Windows\SysWOW64\certenc.dll 2016-08-11 05:48:19 06968346AA40C9778AFD8BA45D153A4E 124928 ----a-w- C:\Windows\SysWOW64\wuwebv.dll 2016-08-11 05:48:18 D0DE3C0181F7500068F69AD566D26DB3 29696 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2016-08-11 05:48:18 B06DD7654204874D3C807CD1E2EA4051 81920 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2016-08-11 05:48:18 42F28B3DF34071375AC0BBD953965FB1 2464768 ----a-w- C:\Windows\SysWOW64\authui.dll 2016-08-11 05:44:29 E8CEA5719397854CA520A2D5AEFDE2FE 5270016 ----a-w- C:\Windows\SysWOW64\glcndFilter.dll 2016-08-11 05:44:29 7B90F2C94EEDA61F3B168204C3D3A27B 5265920 ----a-w- C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2016-08-11 05:44:23 B234B83E0EFCA74F50E9EB6F6F899928 20343808 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2016-08-11 05:44:19 C8DD4301F421E2B5633F86A94F7E2F56 13808128 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2016-08-11 05:44:16 64829F4ED34D8339EC39D32204718ADD 2393088 ----a-w- C:\Windows\SysWOW64\wininet.dll 2016-08-11 05:44:16 586B9F1848F16DC8DD5E706ED1A3F27F 1316352 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2016-08-11 05:44:16 3398621BF58F9A352B01E56FB52C5EEE 2286592 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2016-08-11 05:44:15 917A2834DD5B0715967C2B570B0F6307 497664 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2016-08-11 05:44:15 616FE9AB9C7A398500CA7D0921F0FF85 4608000 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2016-08-11 05:44:14 BBB27A2EE8AB99A045A119972C03B8C3 880128 ----a-w- C:\Windows\SysWOW64\inetcomm.dll 2016-08-11 05:44:14 8560664EC9AFDB4DB83F32A326509259 2055680 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2016-08-11 05:44:14 0EC9E3CA8AFD25FD2DF1C1051C07C754 692736 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2016-08-11 05:44:13 29AA0A28C71C3DF34B651C43FCCACC6A 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll 2016-08-11 05:44:13 10D8F6B20CDC95F058446A0A6468BB34 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2016-08-11 05:44:13 03753352C11357D2B9B385913F10FC2D 330752 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2016-08-11 05:42:35 CDFE0EFBB3247E57EE3C8DFFF344DEDC 696832 ----a-w- C:\Windows\SysWOW64\netlogon.dll 2016-08-11 05:42:35 14571A53A8D68CE72AEBAE110D63D3EF 332632 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2016-08-11 05:41:56 23D3AB23F0D22087330483C56EEA7DCC 1491456 ----a-w- C:\Windows\SysWOW64\GdiPlus.dll 2016-08-11 05:41:54 48507B2874E3CDBF90BF8FFC72627102 324096 ----a-w- C:\Windows\SysWOW64\certcli.dll 2016-08-11 05:41:54 026B0CB0683E48164F43AADBE50E5506 340880 ----a-w- C:\Windows\SysWOW64\bcryptprimitives.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-08-11 05:49:10 F264662C057A54AA2DE41B3C7551712F 6521800 ----a-w- C:\Windows\Sysnative\sppsvc.exe 2016-08-11 05:49:06 10231E6C0208C02B18F80F52917DB49A 18825216 ----a-w- C:\Windows\Sysnative\Windows.UI.Xaml.dll 2016-08-11 05:49:00 6E3782BE7D6BAF9105BAE32D0BF376F1 22361344 ----a-w- C:\Windows\Sysnative\shell32.dll 2016-08-11 05:48:56 FAA6C62D571B195977CE4B4756C542E9 1487992 ----a-w- C:\Windows\Sysnative\sppobjs.dll 2016-08-11 05:48:54 F3F60C88A6BBC8D0C68FE5B1C91181AF 3667968 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2016-08-11 05:48:54 795DF565EE288691436C5C8B6FA425A8 1970968 ----a-w- C:\Windows\Sysnative\crypt32.dll 2016-08-11 05:48:52 BD5F83AE5106A131E7C6E7A4CB15B6BE 1080320 ----a-w- C:\Windows\Sysnative\IKEEXT.DLL 2016-08-11 05:48:51 F8BFE5788C36737A2DAC8AFCA2D4BEC3 2635264 ----a-w- C:\Windows\Sysnative\CertEnroll.dll 2016-08-11 05:48:51 C0C38B16E805C0D9429010E8197DBB9D 261376 ----a-w- C:\Windows\Sysnative\sppwinob.dll 2016-08-11 05:48:50 069E783593D7B7BEA0F714605FA1968B 3547136 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2016-08-11 05:48:49 0E70990EC2E5D2331AA5E88DB0CFB826 796672 ----a-w- C:\Windows\Sysnative\winhttp.dll 2016-08-11 05:48:48 D82430B432E6C02F33A6CA01ED3C641D 1661072 ----a-w- C:\Windows\Sysnative\ole32.dll 2016-08-11 05:48:48 7830CEA509693DE0817DF2F3F2D80E89 816128 ----a-w- C:\Windows\Sysnative\rpcss.dll 2016-08-11 05:48:47 EFCCB19AFEEE2109EFB02C7BF53C82D7 1134768 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2016-08-11 05:48:47 628D62A47D2722FEDAE0451B799AAE76 987136 ----a-w- C:\Windows\Sysnative\kerberos.dll 2016-08-11 05:48:46 9E51190D36AFD8443F11D1CAF51F3B83 897024 ----a-w- C:\Windows\Sysnative\wuapi.dll 2016-08-11 05:48:46 306F94640CEDDDD0530BA322E1C6A55C 509440 ----a-w- C:\Windows\Sysnative\webio.dll 2016-08-11 05:48:45 EF12AB4D0F764B2393673B86AA73EC29 2230784 ----a-w- C:\Windows\Sysnative\wucltux.dll 2016-08-11 05:48:45 D1418745A5472F3930A288E05B9E2C05 881152 ----a-w- C:\Windows\Sysnative\MPSSVC.dll 2016-08-11 05:48:45 B452623C1DE60544054E784D94A7AA47 927744 ----a-w- C:\Windows\Sysnative\iphlpsvc.dll 2016-08-11 05:48:44 E02FC70CEC1524033085ECAB7CA24D0F 3820544 ----a-w- C:\Windows\Sysnative\rdpcore.dll 2016-08-11 05:48:44 C19EB92E4595E65633C8ED0E3E44DD34 482304 ----a-w- C:\Windows\Sysnative\tpmvsc.dll 2016-08-11 05:48:43 89C6173374214448BF38E513B36313EA 432128 ----a-w- C:\Windows\Sysnative\schannel.dll 2016-08-11 05:48:43 88D8A63BBB3F6DB76D315D2E730CD0C4 3320832 ----a-w- C:\Windows\Sysnative\msi.dll 2016-08-11 05:48:43 7696A58F8CECF246FD6C6D4AEEE9DD93 1291776 ----a-w- C:\Windows\Sysnative\certutil.exe 2016-08-11 05:48:43 678AC77833B3C2BC83640C17CCF75C09 306176 ----a-w- C:\Windows\Sysnative\Windows.Devices.Geolocation.dll 2016-08-11 05:48:40 B4121C79FEB8A9A7D9ABA60F8F8ED404 216576 ----a-w- C:\Windows\Sysnative\gpresult.exe 2016-08-11 05:48:40 3C91A6E3469C26D81107409CEA6305AD 107984 ----a-w- C:\Windows\Sysnative\ncryptsslp.dll 2016-08-11 05:48:40 0E1CF052693E178C561BE82A7FEE9175 346112 ----a-w- C:\Windows\Sysnative\LocationApi.dll 2016-08-11 05:48:39 666154E6F1C38B5CE7E5624127A0817E 34600 ----a-w- C:\Windows\Sysnative\UserAccountBroker.exe 2016-08-11 05:48:39 50B9ADE67C5B9E0C6F4D989FE5503E94 125024 ----a-w- C:\Windows\Sysnative\cryptxml.dll 2016-08-11 05:48:38 26C47F054F740413C965F69FB3A04689 65024 ----a-w- C:\Windows\Sysnative\msiexec.exe 2016-08-11 05:48:37 D628F8470F5D8008736270F5B02B5311 136904 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2016-08-11 05:48:36 A70CAF5EA36CBA5FCA24244306D4D5C6 228864 ----a-w- C:\Windows\Sysnative\WebClnt.dll 2016-08-11 05:48:35 D995BA4297D24814C2CFDA1D7981D618 26112 ----a-w- C:\Windows\Sysnative\wfapigp.dll 2016-08-11 05:48:35 CCFB52A0CBCA72AF991600E7B5D7EBC8 754176 ----a-w- C:\Windows\Sysnative\FirewallAPI.dll 2016-08-11 05:48:35 CC052D7666EBCD73E06471157AE32AF0 409088 ----a-w- C:\Windows\Sysnative\WUSettingsProvider.dll 2016-08-11 05:48:35 9FA3832668F7E9886D154C143E5ACC1E 108032 ----a-w- C:\Windows\Sysnative\BdeHdCfgLib.dll 2016-08-11 05:48:32 91223E065C114F470140C427CD9ADFFC 83456 ----a-w- C:\Windows\Sysnative\hbaapi.dll 2016-08-11 05:48:27 EC8C9B46310D93B09CCC9EE74648C3A2 737280 ----a-w- C:\Windows\Sysnative\fveapi.dll 2016-08-11 05:48:22 174394F4EF93C117BF7BE3878046A1B1 348672 ----a-w- C:\Windows\Sysnative\bdesvc.dll 2016-08-11 05:48:20 A4005F7621C409ADB8E5DE1B807768B4 77824 ----a-w- C:\Windows\Sysnative\adhsvc.dll 2016-08-11 05:48:20 A3A4CCD28306A67BF1E0DC2662C650FD 125440 ----a-w- C:\Windows\Sysnative\httpprxm.dll 2016-08-11 05:48:20 7E3D1C99C6DF74DEC1050481536C2830 322048 ----a-w- C:\Windows\Sysnative\fvecpl.dll 2016-08-11 05:48:20 0AB5E2073DC87AEBD35F783BC5A6B150 53248 ----a-w- C:\Windows\Sysnative\certenc.dll 2016-08-11 05:48:19 7E7ABD8687D4BEC20A95E5F15C954D4D 140288 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2016-08-11 05:48:19 653B9F9BFB9F7CDC506A4A6ABE49E362 18944 ----a-w- C:\Windows\Sysnative\httpprxp.dll 2016-08-11 05:48:19 1B52CBE104E10DD392A78F7932A1ACEE 95744 ----a-w- C:\Windows\Sysnative\wudriver.dll 2016-08-11 05:48:19 08EBC23D6118A3364407BBFC17D441BE 2778624 ----a-w- C:\Windows\Sysnative\authui.dll 2016-08-11 05:48:18 A784ADB74CE02D7BF236FBDC2CD5EA92 35840 ----a-w- C:\Windows\Sysnative\wuapp.exe 2016-08-11 05:48:18 A0B0BD83DF86073C86D4111FDF4B82AB 130560 ----a-w- C:\Windows\Sysnative\BdeHdCfg.exe 2016-08-11 05:44:32 C48274ADC82BF1C1D8C3483FF13A8894 4169216 ----a-w- C:\Windows\Sysnative\win32k.sys 2016-08-11 05:44:30 B1A8E0BE0157A5AF507C197DC72D67C7 7793152 ----a-w- C:\Windows\Sysnative\Windows.Data.Pdf.dll 2016-08-11 05:44:30 6F58E0A4FE3AD1AD95CF4AD349433100 7075328 ----a-w- C:\Windows\Sysnative\glcndFilter.dll 2016-08-11 05:44:24 E3E3B1226692DB497226CCD7F43AD7DF 25808384 ----a-w- C:\Windows\Sysnative\mshtml.dll 2016-08-11 05:44:21 311416EBB1CFB6F39D0AE6176E79D2C2 15412224 ----a-w- C:\Windows\Sysnative\ieframe.dll 2016-08-11 05:44:17 C7C7C333FDBECF16C29A39635B84A1EA 2894336 ----a-w- C:\Windows\Sysnative\iertutil.dll 2016-08-11 05:44:17 8BE7C72DB66A760B2DC57DE1D99EDCA1 6047744 ----a-w- C:\Windows\Sysnative\jscript9.dll 2016-08-11 05:44:17 33821B684222F236711F7F8C78AA9247 2868224 ----a-w- C:\Windows\Sysnative\wininet.dll 2016-08-11 05:44:16 7EE91314F7FFC8A566ADDCD13DD51242 806400 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2016-08-11 05:44:16 3E154893570038A59F73A8F7418DCF75 1550848 ----a-w- C:\Windows\Sysnative\urlmon.dll 2016-08-11 05:44:15 50828D61E8A3205B337DC49A7C3FFF38 2131456 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2016-08-11 05:44:14 F34FCCD107EEE8F32E973B88B1B6879F 724992 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2016-08-11 05:44:14 CA73619BE9ADCEB3934551C223F6ADD0 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2016-08-11 05:44:14 AA2FC1FC080EBD74C25F6C379CBDCE48 378880 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2016-08-11 05:44:14 76A937F27F14BE9AB31901319335CED6 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2016-08-11 05:44:14 67DF76F8C1B70A2183EC0D9729D26F5D 1032704 ----a-w- C:\Windows\Sysnative\inetcomm.dll 2016-08-11 05:44:14 679442D0595FBF5A6D91705D364784A3 615936 ----a-w- C:\Windows\Sysnative\ieui.dll 2016-08-11 05:44:13 F685AC29447B34F623D85C973E028287 572416 ----a-w- C:\Windows\Sysnative\vbscript.dll 2016-08-11 05:44:13 429E72773966866CE5F6BBA9E07B750D 817664 ----a-w- C:\Windows\Sysnative\jscript.dll 2016-08-11 05:44:13 22336934420C6862F0847DED6C437B76 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2016-08-11 05:42:35 CFD130F7BF843AF713F12A51A89ECD97 442712 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2016-08-11 05:42:35 A684BDABBC62B8EC08F30DCD7663BA93 840704 ----a-w- C:\Windows\Sysnative\netlogon.dll 2016-08-11 05:41:56 31B0E7083616454BE6D9DDF5EAA800F4 1753600 ----a-w- C:\Windows\Sysnative\GdiPlus.dll 2016-08-11 05:41:55 9D2E095CD9B1EC23B5F75A6E7C00A2C6 1445376 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2016-08-11 05:41:54 6872A6AD0612105A50CB8BF43A587BBC 445440 ----a-w- C:\Windows\Sysnative\certcli.dll 2016-08-11 05:41:54 480AA477D0FE00F3966BDF8870E1E53E 397232 ----a-w- C:\Windows\Sysnative\bcryptprimitives.dll 2016-08-11 05:41:45 52C95098F6EA96F4A9780CE64B4DEFFF 175616 ----a-w- C:\Windows\Sysnative\TpmTasks.dll ====== C:\Windows\Sysnative\drivers ===== 2016-08-11 05:48:53 D67ED4AB59D1EF66B05AD1A81AC28B26 402432 ----a-w- C:\Windows\Sysnative\drivers\rdbss.sys 2016-08-11 05:48:51 D4AB6EE3D715BC44C00277FD934FAACF 590688 ----a-w- C:\Windows\Sysnative\drivers\fvevol.sys 2016-08-11 05:48:51 5408A71E47FF21E357192FD4126B3002 138240 ----a-w- C:\Windows\Sysnative\drivers\dfsc.sys 2016-08-11 05:48:47 438EA7A2D8D4F9B8AFB64748ACA70BA8 114528 ----a-w- C:\Windows\Sysnative\drivers\mup.sys 2016-08-11 05:48:46 C3755FCF9A0B5C6FE8ED9E873B85D3CE 205824 ----a-w- C:\Windows\Sysnative\drivers\ndiswan.sys 2016-08-11 05:48:44 5BC3C5C66EBF939128B0EC7CA66C0EAB 379232 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2016-08-11 05:48:43 177D76B32D417537FAADFF90237A508B 111616 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys 2016-08-11 05:48:42 C5196B53CA2F8FC637D20DEC386CFBE2 72408 ----a-w- C:\Windows\Sysnative\drivers\dumpfve.sys 2016-08-11 05:48:42 0270B74E1A81AB3A3E977A88B2B0438D 559104 ----a-w- C:\Windows\Sysnative\drivers\csc.sys 2016-08-11 05:48:41 F9ED4FFE6EBAC59F564323848974C3B4 331608 ----a-w- C:\Windows\Sysnative\drivers\Classpnp.sys 2016-08-11 05:48:41 49676FEC898AB2A11B157F848269A56E 32768 ----a-w- C:\Windows\Sysnative\drivers\hidusb.sys 2016-08-11 05:48:41 0EDD1F4D470C775740625B06A60C9DD5 57184 ----a-w- C:\Windows\Sysnative\drivers\stornvme.sys 2016-08-11 05:48:39 74B2D810FC976CCDB80193AB8BFBF281 66560 ----a-w- C:\Windows\Sysnative\drivers\storvsp.sys 2016-08-11 05:48:35 5DB4AFA10A488EC4DDB3DA09B0425BE5 551256 ----a-w- C:\Windows\Sysnative\drivers\vhdmp.sys 2016-08-11 05:48:19 24E6C1F418BACEE4E7D18266F48FF2EA 32512 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys 2016-08-11 05:41:55 4065615E836BF8C61AF6278EB2A9D1D6 201728 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-08-11 05:41:54 5CBF8B3E27D824D2AA2A34AFB406F1D0 563024 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2016-08-11 05:41:54 3D4AE520CD6F6FFE549DD195C1F515BE 178016 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== 2016-08-13 08:43:43 F8BE45B276093C11373EC5FA0D9920AD 3086 ----a-w- C:\Windows\Sysnative\Tasks\AWC Update 2016-08-13 08:43:43 21BA2E460E30E960151E9DCAF14FF828 438 ----a-w- C:\Windows\Tasks\AWC Update.job 2016-08-13 08:43:41 9EB00AE9E5DCDAA26BF4986217BDBF99 2772 ----a-w- C:\Windows\Sysnative\Tasks\AWC AutoSweep 2016-08-13 08:43:41 5F67FBAFAD6699B8579CA6F874DEB050 426 ----a-w- C:\Windows\Tasks\AWC AutoSweep.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-08-11 17:22:11 -------- d-----w- C:\Program Files\VMware ======= C:\PROGRA~2 ===== 2016-08-14 07:56:25 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2016-08-14 07:55:50 -------- d-----w- C:\PROGRA~2\Java ======= C: ===== ====== C:\Users\Richard\AppData\Roaming ====== 2016-08-14 08:19:10 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2016-08-14 08:19:10 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2016-08-14 08:19:09 -------- d-----w- C:\Users\Richard\AppData\Local\Temp 2016-08-14 08:19:09 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2016-08-14 08:19:09 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2016-08-14 07:56:20 -------- d-----w- C:\Users\Richard\AppData\Roaming\Sun 2016-08-13 08:40:48 -------- d-----w- C:\Users\Richard\AppData\Roaming\IObit 2016-08-10 15:24:24 -------- d-----w- C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotnet 2016-08-10 15:24:14 -------- d-----w- C:\Users\Richard\AppData\Local\SquirrelTemp ====== C:\Users\Richard ====== 2016-08-14 08:25:36 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\.oracle_jre_usage 2016-08-14 07:56:20 -------- d-----w- C:\Users\Richard\.oracle_jre_usage 2016-08-14 07:56:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-08-14 07:44:31 -------- d-----w- C:\ProgramData\Sun 2016-08-14 07:41:26 271BD1D1A794BAFCC4A197E14C071A4E 739904 ----a-w- C:\Users\Richard\Downloads\chromeinstall-8u101.exe 2016-08-13 08:40:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 3 2016-08-10 15:39:19 247291179EAA4DB0C97AAABF4B8AF56C 25143808 ----a-w- C:\Users\Richard\Downloads\Spotnet.last.setup.release.exe 2016-08-10 15:24:41 247291179EAA4DB0C97AAABF4B8AF56C 25143808 ----a-w- C:\Users\Richard\Downloads\Spotnet_v2.0.0.207.exe 2016-07-21 15:40:24 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\opera autoupdate ====== C: exe-files == 2016-08-14 08:29:30 97544B909AFA6819B1064F09CD699E7E 63029248 ----a-w- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-b2a576b6.exe 2016-08-14 08:27:19 CC1827FAAC97AE29826A2E9BBF709A0A 1362424 ----a-w- C:\Users\Richard\AppData\Local\Temp\SafeZone Installer\installer.exe 2016-08-14 07:56:12 F8211DB97BF852C3292C3E9C710C19D9 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2016-08-14 07:56:12 E3E51A21B00CDDE757E4247257AA7891 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2016-08-14 07:56:12 48C96771106DBDD5D42BBA3772E4B414 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2016-08-14 07:56:04 F434A8AC7F1C8C0E2587B9A9F30E397B 52800 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssvagent.exe 2016-08-14 07:56:04 ED3F3D8E4C382BF8095B9DE217511E29 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\policytool.exe 2016-08-14 07:56:04 E9AA62B1696145A08D223E7190785E25 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\pack200.exe 2016-08-14 07:56:04 CA17B8CBD623477C5D1D334B79890225 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\klist.exe 2016-08-14 07:56:04 C15F0FE651B05F4288CBC3672F6DC3CE 159296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\unpack200.exe 2016-08-14 07:56:04 B4AD335E868693F009B7644E2ED555C1 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\ktab.exe 2016-08-14 07:56:04 9A4CF09834F086568DF469E3F670BF07 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\keytool.exe 2016-08-14 07:56:04 7DA6AA3CC4763C6F9C20B43E6C9A9547 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\orbd.exe 2016-08-14 07:56:04 7624A9B769CDCF3A75FE5A9FEAADD61F 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\tnameserv.exe 2016-08-14 07:56:04 5F85F7F2DFAC397D642834B61809240F 82496 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2launcher.exe 2016-08-14 07:56:04 4DE6BFE6EA98BC42A5358ED8307107B2 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\kinit.exe 2016-08-14 07:56:04 43C1D1D0E248604CB3B643C0BDF4EC9A 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\servertool.exe 2016-08-14 07:56:04 31C0CED43A07A2DFF3AFC557EBABBE0F 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\rmiregistry.exe 2016-08-14 07:56:04 12B6E1C3205A8B17AC20E00A889DFC43 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\rmid.exe 2016-08-14 07:56:03 F8211DB97BF852C3292C3E9C710C19D9 269888 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\javaws.exe 2016-08-14 07:56:03 E3E51A21B00CDDE757E4247257AA7891 191040 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\java.exe 2016-08-14 07:56:03 CF2F023D2B5F0BFB2ECF8AEEA7C51481 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\java-rmi.exe 2016-08-14 07:56:03 C2A59C7343D370BC57765896490331E5 70208 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe 2016-08-14 07:56:03 530D5597E565654D378F3C87654CCABA 30784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\jabswitch.exe 2016-08-14 07:56:03 4F11D43AA2215CE771DA528878F01C8E 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\jjs.exe 2016-08-14 07:56:03 48C96771106DBDD5D42BBA3772E4B414 191552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\bin\javaw.exe 2016-08-14 07:41:26 271BD1D1A794BAFCC4A197E14C071A4E 739904 ----a-w- C:\Users\Richard\Downloads\chromeinstall-8u101.exe 2016-08-13 08:40:01 75BC803CA536F2513754AF6FCFF0FD13 8858504 ----a-w- C:\Users\Richard\Downloads\Advanced System Care Pro v372\Advanced System Care Pro [Setup].exe 2016-08-13 08:20:11 B88B8DA6B88D10319658833BF4C01CFD 62751 ----a-w- C:\Users\Richard\Downloads\GrabIt Downloads\0052-T227d75bb4e04ce1d7d59ce6dab7d6be5\reverse-tools\WINDOWS\Setup.exe 2016-08-11 18:14:23 B88B8DA6B88D10319658833BF4C01CFD 62751 ----a-w- C:\Users\Richard\Downloads\GrabIt Downloads\the witch 2015\reverse-tools\WINDOWS\Setup.exe 2016-08-11 18:11:33 B88B8DA6B88D10319658833BF4C01CFD 62751 ----a-w- C:\Users\Richard\Downloads\GrabIt Downloads\13.Hours.The.Secret.Soldiers.of.Benghazi.2016\reverse-tools\WINDOWS\Setup.exe 2016-08-11 17:54:17 B88B8DA6B88D10319658833BF4C01CFD 62751 ----a-w- C:\Users\Richard\Downloads\GrabIt Downloads\Whiskey.Tango.Foxtrot.2016\reverse-tools\WINDOWS\Setup.exe 2016-08-11 17:49:08 B88B8DA6B88D10319658833BF4C01CFD 62751 ----a-w- C:\Users\Richard\Downloads\GrabIt Downloads\spotlight 2015\reverse-tools\WINDOWS\Setup.exe 2016-08-11 17:42:54 B88B8DA6B88D10319658833BF4C01CFD 62751 ----a-w- C:\Users\Richard\Downloads\GrabIt Downloads\x men apocalypse 2016\reverse-tools\WINDOWS\Setup.exe 2016-08-11 17:36:02 B88B8DA6B88D10319658833BF4C01CFD 62751 ----a-w- C:\Users\Richard\Downloads\GrabIt Downloads\Batman.v.Superman.Dawn.of.Justice.2016\reverse-tools\WINDOWS\Setup.exe 2016-08-11 15:43:44 B88B8DA6B88D10319658833BF4C01CFD 62751 ----a-w- C:\Users\Richard\Downloads\GrabIt Downloads\Batman The Killing Joke (2016) 720p BRRip HQ AC3 DD5.1 (Ingebakken Subs)\reverse-tools\WINDOWS\Setup.exe 2016-08-11 15:39:22 B88B8DA6B88D10319658833BF4C01CFD 62751 ----a-w- C:\Users\Richard\Downloads\GrabIt Downloads\The Legend of Tarzan (2016) # BLURRED # HQ AC3 DD2.0 (Ingebakken Subs)\reverse-tools\WINDOWS\Setup.exe 2016-08-11 15:35:03 B88B8DA6B88D10319658833BF4C01CFD 62751 ----a-w- C:\Users\Richard\Downloads\GrabIt Downloads\The Jungle Book (2016) 720p BRRip HQ AC3 DD5.1 (Ingebakken Subs)\reverse-tools\WINDOWS\Setup.exe 2016-08-11 05:49:10 F264662C057A54AA2DE41B3C7551712F 6521800 ----a-w- C:\Windows\System32\sppsvc.exe 2016-08-11 05:48:43 7696A58F8CECF246FD6C6D4AEEE9DD93 1291776 ----a-w- C:\Windows\System32\certutil.exe 2016-08-11 05:48:40 B4121C79FEB8A9A7D9ABA60F8F8ED404 216576 ----a-w- C:\Windows\System32\gpresult.exe 2016-08-11 05:48:39 666154E6F1C38B5CE7E5624127A0817E 34600 ----a-w- C:\Windows\System32\UserAccountBroker.exe 2016-08-11 05:48:38 AA5E14276A0AF0BB3D3E6305A24AC02A 30984 ----a-w- C:\Windows\SysWOW64\UserAccountBroker.exe 2016-08-11 05:48:38 26C47F054F740413C965F69FB3A04689 65024 ----a-w- C:\Windows\System32\msiexec.exe 2016-08-11 05:48:38 0257B25DAE13FF41CF60261EDC6DF516 59904 ----a-w- C:\Windows\SysWOW64\msiexec.exe 2016-08-11 05:48:37 D628F8470F5D8008736270F5B02B5311 136904 ----a-w- C:\Windows\System32\wuauclt.exe 2016-08-11 05:48:22 CD9FDE5828EDDB4CF0E2144CAA5B0BA1 192512 ----a-w- C:\Windows\SysWOW64\gpresult.exe 2016-08-11 05:48:20 E4B7BA1919B8A9C701DC4CC12FEAF499 1060352 ----a-w- C:\Windows\SysWOW64\certutil.exe 2016-08-11 05:48:18 D0DE3C0181F7500068F69AD566D26DB3 29696 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2016-08-11 05:48:18 A784ADB74CE02D7BF236FBDC2CD5EA92 35840 ----a-w- C:\Windows\System32\wuapp.exe 2016-08-11 05:48:18 A0B0BD83DF86073C86D4111FDF4B82AB 130560 ----a-w- C:\Windows\System32\BdeHdCfg.exe 2016-08-11 05:44:14 F34FCCD107EEE8F32E973B88B1B6879F 724992 ----a-w- C:\Windows\System32\ie4uinit.exe 2016-08-10 15:40:44 CFE6B55048B0CF32EB88F91C10B753F0 104960 ----a-w- C:\Users\Richard\AppData\Local\Spotnet\app-2.0.0.207\phpar2.exe 2016-08-10 15:40:44 8BB9851BAC534CAB565561B142E5213A 303616 ----a-w- C:\Users\Richard\AppData\Local\Spotnet\app-2.0.0.207\UnRAR.exe 2016-08-10 15:40:44 3872FB58554A9429EB26CC51314F9010 42568 ----a-w- C:\Users\Richard\AppData\Local\Spotnet\app-2.0.0.207\awesomium_process.exe 2016-08-10 15:40:44 189B5239AEF1D2BD77F845D17C8422F1 3287040 ----a-w- C:\Users\Richard\AppData\Local\Spotnet\app-2.0.0.207\Spotnet.exe 2016-08-10 15:40:44 156A56C3206E0F8B2C138768A7A87EF5 1541632 ----a-w- C:\Users\Richard\AppData\Local\Spotnet\app-2.0.0.207\Squirrel.exe 2016-08-10 15:39:19 247291179EAA4DB0C97AAABF4B8AF56C 25143808 ----a-w- C:\Users\Richard\Downloads\Spotnet.last.setup.release.exe 2016-08-10 15:24:41 247291179EAA4DB0C97AAABF4B8AF56C 25143808 ----a-w- C:\Users\Richard\Downloads\Spotnet_v2.0.0.207.exe 2016-08-10 15:24:16 156A56C3206E0F8B2C138768A7A87EF5 1541632 ----a-w- C:\Users\Richard\AppData\Local\Spotnet\Update.exe 2016-08-10 15:23:24 F57045BBD495D2A444274C596556E8C2 73736 ----a-w- C:\Program Files (x86)\Opera\39.0.2256.48\wow_helper.exe 2016-08-10 15:23:17 57883767323700134D23571546076B36 597000 ----a-w- C:\Program Files (x86)\Opera\39.0.2256.48\opera_crashreporter.exe 2016-08-10 15:23:14 F3F8C8C300EA3C4169248725A0334812 727048 ----a-w- C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe 2016-08-10 15:23:14 7BA7900EB199317315CD7865CB1125B2 2370056 ----a-w- C:\Program Files (x86)\Opera\39.0.2256.48\opera_autoupdate.exe 2016-08-10 15:23:13 D42FEEBAAF6179A09E5B0F4DB8C6A0B0 1641992 ----a-w- C:\Program Files (x86)\Opera\39.0.2256.48\installer.exe 2016-08-08 18:53:46 31F7F27C53BD819E2D70EFA47ED3D36A 7386200 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\52.0.2743.116\52.0.2743.116_51.0.2704.103_chrome_updater.exe 2016-08-08 14:41:45 F55390FF0DC7115B1A46F91F5DF23FD9 731920 ----a-w- C:\Program Files (x86)\AVG\Setup\avgntdumpx.exe 2016-08-08 14:41:45 6E51C13BDC773EA228AC021E936CFDC6 1820944 ----a-w- C:\Program Files (x86)\AVG\Setup\avgsetupwrkx.exe 2016-08-08 14:41:45 5144B2AD776298D0E718F7B3B6DB6CA7 3328784 ----a-w- C:\Program Files (x86)\AVG\Setup\avgsetupx.exe 2016-08-08 12:27:26 2905913604330358E3ABEC97D8F06A00 1635368 ----a-w- C:\Program Files (x86)\Opera\opera autoupdate\installer.exe 2016-08-08 09:03:21 946E8C3705E54367A10DB76B0E3B19BA 1554424 ----a-w- C:\Users\Richard\AppData\Local\Google\Chrome\User Data\SwReporter\8.62.4\software_reporter_tool.exe === C: other files == 2016-08-14 07:56:04 91052ADB799AEF68EA76931997C40CE4 14156 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_101\lib\deploy\ffjcext.zip 2016-08-11 05:48:53 D67ED4AB59D1EF66B05AD1A81AC28B26 402432 ----a-w- C:\Windows\System32\drivers\rdbss.sys 2016-08-11 05:48:51 D4AB6EE3D715BC44C00277FD934FAACF 590688 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2016-08-11 05:48:51 5408A71E47FF21E357192FD4126B3002 138240 ----a-w- C:\Windows\System32\drivers\dfsc.sys 2016-08-11 05:48:47 438EA7A2D8D4F9B8AFB64748ACA70BA8 114528 ----a-w- C:\Windows\System32\drivers\mup.sys 2016-08-11 05:48:46 C3755FCF9A0B5C6FE8ED9E873B85D3CE 205824 ----a-w- C:\Windows\System32\drivers\ndiswan.sys 2016-08-11 05:48:44 5BC3C5C66EBF939128B0EC7CA66C0EAB 379232 ----a-w- C:\Windows\System32\drivers\storport.sys 2016-08-11 05:48:43 177D76B32D417537FAADFF90237A508B 111616 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2016-08-11 05:48:42 C5196B53CA2F8FC637D20DEC386CFBE2 72408 ----a-w- C:\Windows\System32\drivers\dumpfve.sys 2016-08-11 05:48:42 0270B74E1A81AB3A3E977A88B2B0438D 559104 ----a-w- C:\Windows\System32\drivers\csc.sys 2016-08-11 05:48:41 F9ED4FFE6EBAC59F564323848974C3B4 331608 ----a-w- C:\Windows\System32\drivers\Classpnp.sys 2016-08-11 05:48:41 49676FEC898AB2A11B157F848269A56E 32768 ----a-w- C:\Windows\System32\drivers\hidusb.sys 2016-08-11 05:48:41 0EDD1F4D470C775740625B06A60C9DD5 57184 ----a-w- C:\Windows\System32\drivers\stornvme.sys 2016-08-11 05:48:39 74B2D810FC976CCDB80193AB8BFBF281 66560 ----a-w- C:\Windows\System32\drivers\storvsp.sys 2016-08-11 05:48:35 5DB4AFA10A488EC4DDB3DA09B0425BE5 551256 ----a-w- C:\Windows\System32\drivers\vhdmp.sys 2016-08-11 05:48:19 24E6C1F418BACEE4E7D18266F48FF2EA 32512 ----a-w- C:\Windows\System32\drivers\hidparse.sys 2016-08-11 05:44:32 C48274ADC82BF1C1D8C3483FF13A8894 4169216 ----a-w- C:\Windows\System32\win32k.sys 2016-08-11 05:41:55 4065615E836BF8C61AF6278EB2A9D1D6 201728 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2016-08-11 05:41:54 5CBF8B3E27D824D2AA2A34AFB406F1D0 563024 ----a-w- C:\Windows\System32\drivers\cng.sys 2016-08-11 05:41:54 3D4AE520CD6F6FFE549DD195C1F515BE 178016 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2016-08-10 15:23:24 B9E7A356DBFD03D6EC62607A3F7A267B 53056 ----a-w- C:\Program Files (x86)\Opera\39.0.2256.48\resources\standard_themes\reine.zip 2016-08-10 15:23:24 62228B983D05274DE44E7D8BB013873A 265703 ----a-w- C:\Program Files (x86)\Opera\39.0.2256.48\resources\standard_themes\mesh.zip 2016-08-10 15:23:23 F6B685306C89EE40A4B687A1F0758DCA 218650 ----a-w- C:\Program Files (x86)\Opera\39.0.2256.48\resources\standard_themes\default_theme.zip 2016-08-10 15:23:23 9BB699BFD48DC443711F1BE8077B5677 289 ----a-w- C:\Program Files (x86)\Opera\39.0.2256.48\resources\standard_themes\grey.zip 2016-08-10 15:23:23 8B86C14C2676D3611194F6E932A0C71A 299162 ----a-w- C:\Program Files (x86)\Opera\39.0.2256.48\resources\standard_themes\landscape_photo.zip 2016-08-10 15:23:23 57BD727A9E6668CEA21EA9A52CA65767 243193 ----a-w- C:\Program Files (x86)\Opera\39.0.2256.48\resources\standard_themes\darkbreeze.zip 2016-08-10 15:23:23 1127D381AF5E0E02DA0B4FF4D264F899 360861 ----a-w- C:\Program Files (x86)\Opera\39.0.2256.48\resources\standard_themes\feathers.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1362600902-398865207-1712361184-1001\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_29A699B01FEEF335BD09EDAD4C8A90AE"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Phrozen Mon_KP"="C:\Users\Richard\AppData\Roaming\PhrozenSoft\PKLL\pkllagent.exe /h" "Advanced SystemCare 3"="C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe /startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AllShareAgent"="C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe" "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe /lps=fmw" "vProt"="C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_29A699B01FEEF335BD09EDAD4C8A90AE"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Phrozen Mon_KP"="C:\Users\Richard\AppData\Roaming\PhrozenSoft\PKLL\pkllagent.exe /h" "Advanced SystemCare 3"="C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe /startup" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Samsung Link"="C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "VMware User Process"="C:\Program Files\VMware\VMware Tools\vmtoolsd.exe -n vmusr" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12-07-2016 15:46] C:\Windows\tasks\AWC AutoSweep.job --a-------- C:\Program Files (x86)\IObit\Advanced SystemCare 3\AutoSweep.exe [] C:\Windows\tasks\AWC Update.job --a-------- C:\Program Files (x86)\IObit\Advanced SystemCare 3\IObitUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31-08-2015 15:19] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31-08-2015 15:19] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AWC AutoSweep" [C:\Program Files (x86)\IObit\Advanced SystemCare 3\AutoSweep.exe] "C:\Windows\SysNative\tasks\AWC Update" [C:\Program Files (x86)\IObit\Advanced SystemCare 3\IObitUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1406027739" [C:\Program Files (x86)\Opera\launcher.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{FB0AB834-5202-4D9E-B49A-21A4F537F5C4}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\AVAST Software\Avast settings backup" [C:\Program Files\Common Files\AV\avast Antivirus\backup.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\nd1tjilh.default DCB0BCEF594E2C410793C4A823C318F3 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll - Shockwave for Director / Shockwave for Director ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 Google Docs - Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Docs Offline - Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Avast Online Security - Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Chrome Web Store Payments - Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Reset Google Chrome ====================== C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Richard\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Richard\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Richard\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Richard\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Richard\AppData\Local\Mozilla\Firefox\Profiles\nd1tjilh.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=906 folders=4048 279634189 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Richard\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Richard\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF284bb27b.TMP" not found "C:\Program Files (x86)\PP??2.0" not deleted "C:\Program Files (x86)\PP??2.0" not deleted ==== EOF on zo 14-08-2016 at 10:45:55,41 ======================