Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Brian on ma 22-08-2016 at 23:20:10,88. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: O:\IE Downloads\Firefox\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 22-8-2016 23:21:15 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\Synology deleted successfully C:\Users\Brian\AppData\Local\ActiveSync deleted successfully C:\Users\Brian\AppData\Local\Drivers_For_Free deleted successfully C:\Users\Brian\AppData\Local\LogMeIn Rescue Applet deleted successfully C:\Users\Brian\AppData\Local\NetworkTiles deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== DriverSetupUtility Adobe Acrobat Reader DC - Nederlands Adobe AIR Adobe Flash Player 22 NPAPI Adobe Refresh Manager Alcor Micro USB Card Reader Driver Alcor Micro USB Card Reader Driver Ansel Apowersoft Online Launcher versie 1.4.4 Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update BitTorrent Bonjour CameraHelperMsi CCleaner D3DX10 Definition Update for Microsoft Office 2010 (KB3115475) 32-Bit Edition Driver Magician 4.82 erLT ESET Smart Security Evernote v. 6.0.6 File Shredder 2.5 Foscam Web Components 2.1.2.4066 Google Chrome Canary Google Update Helper HandBrake 0.10.2 HD Tune 2.55 HP Support Solutions Framework iCloud inSSIDer Home Intel(R) Rapid Storage Technology Internet Explorer (Enable DEP) IPCWebComponents 3.3.0.20 ISO to USB iTunes Java 8 Update 101 Junk Mail filter update Kodi Logitech-webcamsoftware LWS Facebook LWS Gallery LWS Help_main LWS Launcher LWS Motion Detection LWS Pictures And Video LWS Twitter LWS Webcam Software LWS WLM Plugin LWS YouTube Plugin Malwarebytes Anti-Malware versie 2.2.1.1043 Microsoft Application Error Reporting Microsoft ASP.NET MVC 4 Runtime Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Standard 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Mozilla Firefox 48.0 (x86 nl) Mozilla Maintenance Service MPC-HC 1.7.10 (64-bit) MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 Node.js NVIDIA-configuratiescherm 372.54 NVIDIA 3D Vision controllerstuurprogramma 369.04 NVIDIA 3D Vision stuurprogramma 372.54 NVIDIA GeForce Experience 2.11.4.0 NVIDIA GeForce Experience Service NVIDIA Grafisch stuurprogramma 372.54 NVIDIA HD Audio-stuurprogramma 1.3.34.15 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Network Service NVIDIA PhysX Systeem Software 9.16.0318 NVIDIA ShadowPlay 2.11.4.0 NVIDIA Stereoscopic 3D Driver NVIDIA Update 2.11.4.0 NVIDIA Update Core NVIDIA Virtual Audio 1.2.40 Photo Common Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Recuva Samsung Data Migration Samsung Magician Secunia PSI (3.0.0.11005) Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054984) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3101520) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3114400) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3114869) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB3114885) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB3115474) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB3115118) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2817478) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition Security Update for Microsoft Word 2010 (KB3115471) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SHIELD Streaming SHIELD Wireless Controller Driver SkypeT 7.25 SurveillancePlugin swMSM Synology Assistant (remove only) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TeamViewer 11 TorrentsTime Media Player TrackView version 3.1.0.0 Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Excel 2010 (KB3115476) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2881030) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3054977) 32-Bit Edition Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition Update for Microsoft Office 2010 (KB3114989) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2965297) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3114756) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition VLC media player Vulkan Run Time Libraries 1.0.11.1 WinBar (x86) WinCDEmu Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 5.20 (64-bit) ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Foscam Web Components\CloudIPCPlgSvr.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\TorrentsTime Media Player\bin\TTService.exe P:\Synology\Assistant\UsbClientService.exe P:\Teamviewer10\TeamViewer_Service.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Secunia\PSI\PSIA.exe P:\Teamviewer10\TeamViewer.exe P:\Teamviewer10\tv_w32.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe T:\Winbar\WinBar.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Users\Brian\Documents\Bureaublad 1\Telegram\Telegram\Telegram.exe T:\Samsung Magician\Samsung Magician.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe O:\IE Downloads\Firefox\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Users\Brian\AppData\Local\Google\Update\1.3.31.5\GoogleCrashHandler.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\UAB deleted C:\PROGRA~3\Package Cache deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted "C:\Users\Brian\AppData\Roaming\npm" deleted "C:\Users\Brian\AppData\Roaming\Fossdk" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 32675 MB CPU Info: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz CPU Speed: 3493,1 MHz Sound Card: Luidsprekers (Bose USB Audio) | Realtek Digital Output (Realtek | LG FULL HD-4 (NVIDIA High Defin | Display Adapters: NVIDIA GeForce GT 730 | NVIDIA GeForce GT 730 | NVIDIA GeForce GT 730 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1536 X 864 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller | Bluetooth Device (Personal Area Network) #2 CD / DVD Drives: 1x (D: | ) D: hp DVD RW AD-7251H5 Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 232,4GB | M: 440,0GB | O: 540,9GB | P: 293,0GB | T: 97,7GB Hard Disks - Free: C: 177,5GB | M: 407,8GB | O: 534,1GB | P: 292,2GB | T: 96,8GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 06/03/15 | ALASKA - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. B85-PLUS Country: Nederland Language: NLD ==== System Specs (Software) ====================== Default Browser: Firefox 48.0 Internet Explorer Version: 11.545.10586.0 Mozilla Firefox version: 48.0 (x86 nl) Adobe Reader version: 15.17.20050.192152 Sun Java version: 1.8.0_101 (32-bit) Sun Java version: 1.8.0_101 (64-bit) Flash Player version: 22.0.0.209 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Brian\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-08-16 10:21:29 9BB5A1BD4FFA52C687C35456BC01E75E 138808 ----a-w- C:\WINDOWS\SysWOW64\nvStreaming.exe 2016-08-16 10:21:26 B1F9C56E5F3C20FEF261E2510221F6E4 40224 ----a-w- C:\WINDOWS\SysWOW64\vulkaninfo.exe 2016-08-16 10:21:26 23EEB7034F3F7AA8554D9093B7EB319A 129824 ----a-w- C:\WINDOWS\SysWOW64\vulkan-1.dll 2016-08-16 10:21:17 D19803118E266F900696FD73FC5006C7 203320 ----a-w- C:\WINDOWS\SysWOW64\OpenCL.dll 2016-08-16 10:20:10 F43E5464D38A9EE3D01A23ACF518EB9F 35182648 ----a-w- C:\WINDOWS\SysWOW64\nvcompiler.dll 2016-08-16 10:20:10 CEAF1C9FC7074F4B53FEAB4720E56EC0 8681720 ----a-w- C:\WINDOWS\SysWOW64\nvcuda.dll 2016-08-16 10:20:10 A439CF6E4719B2299E43ED434765AEAE 8644456 ----a-w- C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2016-08-16 10:20:10 999502DB5E065B5D532E3B21D86C9265 159352 ----a-w- C:\WINDOWS\SysWOW64\nvinit.dll 2016-08-16 10:20:10 917802B03D2847ED310D430A16BBD0AC 961080 ----a-w- C:\WINDOWS\SysWOW64\NvFBC.dll 2016-08-16 10:20:10 88E652F9ED45E2623E249271B9C31652 584712 ----a-w- C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2016-08-16 10:20:10 879A03528CEBF36C4A7B5C43868DC78D 2553912 ----a-w- C:\WINDOWS\SysWOW64\nvcuvid.dll 2016-08-16 10:20:10 86CE0E71E109E24538D36EDFFE77DB32 348728 ----a-w- C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2016-08-16 10:20:10 5AE3B2480E1EAA0F1839B1DFA09FDF67 3443152 ----a-w- C:\WINDOWS\SysWOW64\nvapi.dll 2016-08-16 10:20:10 58C77B0A2F57EDEF48ECC475E1FF7AF0 131536 ----a-w- C:\WINDOWS\SysWOW64\nvoglshim32.dll 2016-08-16 10:20:10 536AC057888AC69A67D71199A25D01B8 14476904 ----a-w- C:\WINDOWS\SysWOW64\nvd3dum.dll 2016-08-16 10:20:10 5133E1919597F0D0792770113B9011EE 9086344 ----a-w- C:\WINDOWS\SysWOW64\nvopencl.dll 2016-08-16 10:20:10 46CA34918B5936F5BF77B5AF17BD9892 669 ----a-w- C:\WINDOWS\SysWOW64\nv-vk32.json 2016-08-16 10:20:10 4046F76E1493E843BD5EF7C28E2D7965 471424 ----a-w- C:\WINDOWS\SysWOW64\nvumdshim.dll 2016-08-16 10:20:10 3093858BA3422F54965191F8DC71C1CE 393664 ----a-w- C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2016-08-16 10:20:10 22CF33BF3F16C5A22DDABD296AC71D47 20208360 ----a-w- C:\WINDOWS\SysWOW64\nvwgf2um.dll 2016-08-16 10:20:10 2217B13BBA0DA1A43BCC0A42EB7163D6 897592 ----a-w- C:\WINDOWS\SysWOW64\NvIFR.dll 2016-08-16 10:20:10 16761D27ECFC71743055C10CE29027C3 28236856 ----a-w- C:\WINDOWS\SysWOW64\nvoglv32.dll 2016-08-16 10:20:10 164D0F05F6CF724FA095DF228F800F9D 345936 ----a-w- C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2016-08-16 10:20:10 00786026FB99C8EFEDF47D3006814922 644648 ----a-w- C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2016-08-12 10:58:15 A37F57E7D0C221456DB827B06B7AFC10 12585984 ----a-w- C:\WINDOWS\SysWOW64\wmp.dll 2016-08-12 10:58:15 6A85D494B213A6D0DD225D1E4A5575CB 2180096 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2016-08-12 10:58:15 5E6CDE8BF64ED54240C56C7D79749835 48128 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll 2016-08-12 10:58:15 2DF357BB5F7F38511A061DCD5249AFBF 48640 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-08-12 10:58:14 1AF2375F21C2CBE38BC63CB482D2006C 501592 ----a-w- C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-08-12 10:58:13 F4B7E20FF3CB74AE9D980FA3F0B8B210 84832 ----a-w- C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-08-12 10:58:13 4A660D57D0607569460DD0D38DF6BECC 51128 ----a-w- C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-08-12 10:58:13 393B5F91D15E12837F8B64E626691444 4078080 ----a-w- C:\WINDOWS\SysWOW64\dbgeng.dll 2016-08-12 10:58:13 0043DC9E479AADB7581A0C214C12981C 34088 ----a-w- C:\WINDOWS\SysWOW64\wldp.dll 2016-08-12 10:58:12 D9BEB680598B0F91D2F8160616534555 2921368 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-12 10:58:12 8C751452AED953068107928102CF0DB3 6743040 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll 2016-08-12 10:58:12 34FAB1BF0E226F861C7CE31EED76CF2E 703840 ----a-w- C:\WINDOWS\SysWOW64\WWAHost.exe 2016-08-12 10:58:11 DF671DD017F4CA34A6132C4A4F51478B 705536 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll 2016-08-12 10:58:11 CB84F62C5267E1D8D5754787B984DB36 13018112 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-08-12 10:58:11 810EEE24B05B19F8688AE1A63E4C763B 80896 ----a-w- C:\WINDOWS\SysWOW64\BluetoothApis.dll 2016-08-12 10:58:11 64686775DDFEB380810D7EAF65B091BD 51712 ----a-w- C:\WINDOWS\SysWOW64\wshbth.dll 2016-08-12 10:58:11 5BCC73C347DBE5DCDF12F6968742CD48 219136 ----a-w- C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-08-12 10:58:11 5B3F9B063B6C2BCBC787DE648E03A2F9 91648 ----a-w- C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-08-12 10:58:11 58721A724ACF9EB64FFC73CEA2E5AD18 434688 ----a-w- C:\WINDOWS\SysWOW64\LogonController.dll 2016-08-12 10:58:11 56C9D34DEA76A89175F7088354949612 957608 ----a-w- C:\WINDOWS\SysWOW64\ole32.dll 2016-08-12 10:58:11 4F4D63356F15B14FB4B7DBDD380C7EAD 792064 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2016-08-12 10:58:10 E648A70AAFA36321ABF93038831E06D7 178688 ----a-w- C:\WINDOWS\SysWOW64\wevtutil.exe 2016-08-12 10:58:10 C1272B9E6A81130CED8A35435F40B114 21123320 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2016-08-12 10:58:08 E7424977748B9CDCFE6C0BDDA5651292 400896 ----a-w- C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-08-12 10:58:08 B2A55F01906660ADD91299A2584B8473 18677760 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-08-12 10:58:08 AE17FADA552633E0C42EB0AD2DAEB5CA 255168 ----a-w- C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-08-12 10:58:08 AA551F342B77497149EA7E6C42836084 2501120 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-08-12 10:58:08 A75E17C4E41705FDAACB8BEB4EA8C57E 5323776 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-08-12 10:58:08 9D6A4CDEC72C48E8D4A2F4A107C0C152 465760 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-08-12 10:58:08 9754A48B3C6C24F458B8745FD474B718 1708032 ----a-w- C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-08-12 10:58:08 9091FD746F787DD88BC6984C4B3AC538 1467392 ----a-w- C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-12 10:58:07 CB52438601FC0C3781C82D17891B8FD0 5660672 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-08-12 10:58:07 C70AB2A6F3194C11A4EC5E626764AF3A 2050048 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-08-12 10:58:07 B46AD783A5B6323D98CDCF1CB4B3ECB4 1502208 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-12 10:58:07 7AE957004F39BCFC36C3F1F9D359A414 687616 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2016-08-12 10:58:07 58A1678722856F13021A1A0A77FB8604 92160 ----a-w- C:\WINDOWS\SysWOW64\IdCtrls.dll 2016-08-12 10:58:07 39FE6CAF16ED024603401AF9A0C468EB 3663360 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2016-08-12 10:58:07 1350A4FFEB34D501E2D029A17D24D5DE 19351040 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-08-12 10:58:06 278C808F4A7CCAD30D64CAA85AB3DFEF 12133376 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-08-12 10:58:04 1962CE5B946E523D218B1C9BDE927147 1526272 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-08-12 10:58:03 624C59AA9DD73DED86A2A23FE25C7A1B 286208 ----a-w- C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-08-12 10:58:03 17AF53CC930792A791A48B2AA8E17EBB 335872 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-08-16 10:21:26 D70BEDB9436DBCA77D3E470C1BAB373E 130848 ----a-w- C:\WINDOWS\Sysnative\vulkan-1.dll 2016-08-16 10:21:26 0597F21B1DCADAB5F28806671670CDE4 45344 ----a-w- C:\WINDOWS\Sysnative\vulkaninfo.exe 2016-08-16 10:21:23 FB88428DFB3A5CB86B005D8BF46084AC 69568 ----a-w- C:\WINDOWS\Sysnative\nvshext.dll 2016-08-16 10:21:23 BDEE6ED75B10B3F61846774A1DCA0A0A 1762752 ----a-w- C:\WINDOWS\Sysnative\nvsvcr.dll 2016-08-16 10:21:23 A0D21A3BD1EE9563419155EFEF131953 392128 ----a-w- C:\WINDOWS\Sysnative\nvmctray.dll 2016-08-16 10:21:23 90F814C51CD60E04CD4E0E6D1ED1D99D 6386048 ----a-w- C:\WINDOWS\Sysnative\nvcpl.dll 2016-08-16 10:21:23 8433FED979CDF074B84E4C1BC202F060 2468288 ----a-w- C:\WINDOWS\Sysnative\nvsvc64.dll 2016-08-16 10:21:23 6AC59584763FC5B99EBC66C36FC7A64A 7255045 ----a-w- C:\WINDOWS\Sysnative\nvcoproc.bin 2016-08-16 10:21:23 4D8D22124621CD1A0DE2A52C939E9776 548920 ----a-w- C:\WINDOWS\Sysnative\nv3dappshext.dll 2016-08-16 10:21:23 265E003D779EAEA6D339E347FA2E8D15 81856 ----a-w- C:\WINDOWS\Sysnative\nv3dappshextr.dll 2016-08-16 10:21:23 1D97F4D3B6D1F64E6419317EF0DA5768 1365048 ----a-w- C:\WINDOWS\Sysnative\nvvsvc.exe 2016-08-16 10:21:17 3ACD9DDA70FCA22E66273E92DEE9927A 213952 ----a-w- C:\WINDOWS\Sysnative\OpenCL.dll 2016-08-16 10:20:10 FF1A34691C3F2F671CA98C52769E7FF3 181488 ----a-w- C:\WINDOWS\Sysnative\nvinitx.dll 2016-08-16 10:20:10 FBA3E87C20E0F882761B5C49029A4858 803096 ----a-w- C:\WINDOWS\Sysnative\nvEncMFTH264.dll 2016-08-16 10:20:10 F1B4B12313282C2A5027A667FD084DA8 153184 ----a-w- C:\WINDOWS\Sysnative\nvoglshim64.dll 2016-08-16 10:20:10 EAE623E630C5D0A99252B28B901478AB 10728856 ----a-w- C:\WINDOWS\Sysnative\nvopencl.dll 2016-08-16 10:20:10 E25AE8309C7E8A564FEF189E5D459D43 442816 ----a-w- C:\WINDOWS\Sysnative\NvIFROpenGL.dll 2016-08-16 10:20:10 DE179A116C9884DDFA692AA7EDDC030E 2914752 ----a-w- C:\WINDOWS\Sysnative\nvcuvid.dll 2016-08-16 10:20:10 D8D4AB081D39631DD0B4699375FE1345 10273096 ----a-w- C:\WINDOWS\Sysnative\nvcuda.dll 2016-08-16 10:20:10 D1F43D453154386EBF8720B686881028 40070200 ----a-w- C:\WINDOWS\Sysnative\nvcompiler.dll 2016-08-16 10:20:10 D147B9DEDC26190CC433F48E44A481F9 945088 ----a-w- C:\WINDOWS\Sysnative\NvIFR64.dll 2016-08-16 10:20:10 C6F1B36AB700CE484DD733557A3F142D 54728 ----a-w- C:\WINDOWS\Sysnative\nvhdap64.dll 2016-08-16 10:20:10 B1123E3B30D814A6CA6150C5BCC00F5C 1585088 ----a-w- C:\WINDOWS\Sysnative\nvdispgenco6437254.dll 2016-08-16 10:20:10 A523C801B6B0DC16E9361B937A596DFF 669 ----a-w- C:\WINDOWS\Sysnative\nv-vk64.json 2016-08-16 10:20:10 9C876CBE71126E48B9E0F06301C83DBE 17619464 ----a-w- C:\WINDOWS\Sysnative\nvd3dumx.dll 2016-08-16 10:20:10 84C3A15DFD5E2B5FFD9C10B5AB1D0531 40827 ----a-w- C:\WINDOWS\Sysnative\nvinfo.pb 2016-08-16 10:20:10 7AB36F6E351E318CF86AA74CC4362506 694952 ----a-w- C:\WINDOWS\Sysnative\nvfatbinaryLoader.dll 2016-08-16 10:20:10 4897B553C21E611D68849BF89388E72F 23699584 ----a-w- C:\WINDOWS\Sysnative\nvwgf2umx.dll 2016-08-16 10:20:10 41713232A6FA406AFC32D7C374546942 413256 ----a-w- C:\WINDOWS\Sysnative\nvEncodeAPI64.dll 2016-08-16 10:20:10 3F4355A61C3FB228C9832CCDA39FCC98 34837952 ----a-w- C:\WINDOWS\Sysnative\nvoglv64.dll 2016-08-16 10:20:10 3512AABA1AC57589A6A35AB651242A3A 574120 ----a-w- C:\WINDOWS\Sysnative\nvumdshimx.dll 2016-08-16 10:20:10 202D66EC158CA96BF9C7F229BE4373E1 1023544 ----a-w- C:\WINDOWS\Sysnative\NvFBC64.dll 2016-08-16 10:20:10 1775321CA5B6FAA4CF4B3EE2C9A1ACF6 1922616 ----a-w- C:\WINDOWS\Sysnative\nvdispco6437254.dll 2016-08-16 10:20:10 16BA82803DFB0835EFF8FF0C6E4C7424 10530960 ----a-w- C:\WINDOWS\Sysnative\nvptxJitCompiler.dll 2016-08-16 10:20:10 0E2CD556A8C1C0CE96EA710EFCB1C77C 386104 ----a-w- C:\WINDOWS\Sysnative\nvDecMFTMjpeg.dll 2016-08-16 10:20:10 04CBADD8584ED12124F774E11D81BB80 1588688 ----a-w- C:\WINDOWS\Sysnative\nvhdagenco6420103.dll 2016-08-16 10:20:10 0321B6D3B9F980F8E48A52173E997C03 3901520 ----a-w- C:\WINDOWS\Sysnative\nvapi64.dll 2016-08-12 10:58:15 F7EB9C110D64DD627AEA36C055132ED7 515072 ----a-w- C:\WINDOWS\Sysnative\OneDriveSettingSyncProvider.dll 2016-08-12 10:58:15 CA9636181E7AB74A2482D22145CA2D65 84480 ----a-w- C:\WINDOWS\Sysnative\rdpudd.dll 2016-08-12 10:58:15 B31C35FD2F5FD7EC6C59679593B91216 189952 ----a-w- C:\WINDOWS\Sysnative\MusNotification.exe 2016-08-12 10:58:15 9419D31C232C0BB3EAA8CD11519A96E3 4171264 ----a-w- C:\WINDOWS\Sysnative\rdpcorets.dll 2016-08-12 10:58:15 5A54AE9F1538CC766725EC9778B643A5 58880 ----a-w- C:\WINDOWS\Sysnative\MusNotificationUx.exe 2016-08-12 10:58:15 5777F39D6C7442A856CDDC40E3A53727 566112 ----a-w- C:\WINDOWS\Sysnative\SettingSyncHost.exe 2016-08-12 10:58:14 EFC92FC5E9CEA5E3C21A00C1E6B37976 14252544 ----a-w- C:\WINDOWS\Sysnative\wmp.dll 2016-08-12 10:58:14 9508F06AC3C00680F0C76EEBDA42260D 808288 ----a-w- C:\WINDOWS\Sysnative\WWAHost.exe 2016-08-12 10:58:14 011E683E228B1A6B9F6C4A1CD96FB95E 6974464 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll 2016-08-12 10:58:13 D8CAB1807EA429C2C647FBC33C30CC88 211456 ----a-w- C:\WINDOWS\Sysnative\NetSetupSvc.dll 2016-08-12 10:58:13 C0B52E87C74E9C9F6BDF678987DF6835 1388032 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2016-08-12 10:58:13 BF6C588423B2F856015AE8F61D93D01F 379392 ----a-w- C:\WINDOWS\Sysnative\usocore.dll 2016-08-12 10:58:13 9A4FA67BAC171581BC3A8B397F17A6B2 47616 ----a-w- C:\WINDOWS\Sysnative\TpmTasks.dll 2016-08-12 10:58:13 6AD9CFA5567F79AD3508FA48065F0117 44544 ----a-w- C:\WINDOWS\Sysnative\musdialoghandlers.dll 2016-08-12 10:58:13 5F5F86A3B85785A51DD37E26A0D87B41 1997824 ----a-w- C:\WINDOWS\Sysnative\ActiveSyncProvider.dll 2016-08-12 10:58:13 5252AE36A3175861E1DAC322BF9A8DC9 247296 ----a-w- C:\WINDOWS\Sysnative\wevtutil.exe 2016-08-12 10:58:13 4E4D0693092F72EF41872A785B6ABD87 5123072 ----a-w- C:\WINDOWS\Sysnative\dbgeng.dll 2016-08-12 10:58:13 0932BEEE3B37E0CDE94E39D3F90B00F0 693600 ----a-w- C:\WINDOWS\Sysnative\NetSetupEngine.dll 2016-08-12 10:58:12 DE8218E572F2E1B62C2806D3E19C60BF 16985088 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2016-08-12 10:58:12 92F7552D4189CAA297D94CB3999B3309 3589120 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-08-12 10:58:12 5D7E0F09F1763FDC1E8B1F0F806C993F 7536640 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll 2016-08-12 10:58:11 F72B2B6066DDA315E94DCF9C3DF027A7 200192 ----a-w- C:\WINDOWS\Sysnative\WUDFPlatform.dll 2016-08-12 10:58:11 ED99282EABDAE41696B42E3BC9581026 1540224 ----a-w- C:\WINDOWS\Sysnative\sppobjs.dll 2016-08-12 10:58:11 CEB4C80F53DD880ED626A66E67EF6464 1717760 ----a-w- C:\WINDOWS\Sysnative\GdiPlus.dll 2016-08-12 10:58:11 C0A74EF101625756989F90162A6665D1 218624 ----a-w- C:\WINDOWS\Sysnative\cdd.dll 2016-08-12 10:58:11 BFB3F9076F9B6CBC540012842177DD63 2280960 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-08-12 10:58:11 A17D939E89831694963802A729191D1F 1213440 ----a-w- C:\WINDOWS\Sysnative\wwansvc.dll 2016-08-12 10:58:11 81AF2D59BCD0F784748D0D85E23B2ADC 1500160 ----a-w- C:\WINDOWS\Sysnative\RecoveryDrive.exe 2016-08-12 10:58:11 643A3DBB11ECF3169922BF628BEC3B98 115040 ----a-w- C:\WINDOWS\Sysnative\NetSetupApi.dll 2016-08-12 10:58:11 602060E8FD837EC184B10B32795D62AB 198144 ----a-w- C:\WINDOWS\Sysnative\winsrv.dll 2016-08-12 10:58:11 5C7C3479B1AC8C059B81DD0A28FA6DA4 1387520 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2016-08-12 10:58:11 496F741F5EA0A938742C60441288AB62 26408 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2016-08-12 10:58:11 12D19C047E87E2951F29D9B0688CF2A8 692136 ----a-w- C:\WINDOWS\Sysnative\sppwinob.dll 2016-08-12 10:58:10 D3938A0F10D2A4123F3C2AF61E27ABD5 848896 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll 2016-08-12 10:58:10 518492A1B8E10E7D544F9E83120DF61D 1732096 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-08-12 10:58:10 42FE5F8652308F9982130292A8CC2700 3675512 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2016-08-12 10:58:10 312C36630E019D8D0E8BF9D314291C7E 3025920 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-08-12 10:58:10 0D33A5A89A72736F540E96C8F0412377 63488 ----a-w- C:\WINDOWS\Sysnative\wshbth.dll 2016-08-12 10:58:10 0C62C32702621557AB2B97CEDB02CD8E 104448 ----a-w- C:\WINDOWS\Sysnative\BluetoothApis.dll 2016-08-12 10:58:10 0914E0B3AFF87F80605F097B675D6782 7469408 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-08-12 10:58:09 FF048B3BA431DCEBB79CDE396D7FCB86 50368 ----a-w- C:\WINDOWS\Sysnative\CompatTelRunner.exe 2016-08-12 10:58:09 EAB476E252CE866727624B5224A054E4 506880 ----a-w- C:\WINDOWS\Sysnative\tileobjserver.dll 2016-08-12 10:58:09 E9375CFB103F4D4A54EAB185F67E379B 123392 ----a-w- C:\WINDOWS\Sysnative\tdlrecover.exe 2016-08-12 10:58:09 DB98838EA2799AA094D7693A016B1633 2067968 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2016-08-12 10:58:09 DB8AF29D208C6496147BEA36D1B4CC27 285184 ----a-w- C:\WINDOWS\Sysnative\VEEventDispatcher.dll 2016-08-12 10:58:09 C65CA4C573AAE28CE068BBCE978860BB 92352 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll 2016-08-12 10:58:09 C277E33EA329821F6BCA443812B4E8D6 64000 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepositoryClient.dll 2016-08-12 10:58:09 C114604250CDC68E99F2F8A1AE3BEC4D 303216 ----a-w- C:\WINDOWS\Sysnative\LockAppHost.exe 2016-08-12 10:58:09 B3A0F11506D6CE8C7D1B346AABE617B8 59904 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepositoryBroker.dll 2016-08-12 10:58:09 99435AD1BC9E7E7CEA528868E5B1F9B2 2746368 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepository.dll 2016-08-12 10:58:09 9017B26672F5BD70501A9BA37990453F 1505984 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll 2016-08-12 10:58:09 736BC0930DF22D535C9667D78F8DEB71 2175488 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2016-08-12 10:58:09 28898A890CEE2BFD763A12FB54E8E618 110080 ----a-w- C:\WINDOWS\Sysnative\IdCtrls.dll 2016-08-12 10:58:08 5AB0796C22D7DBAF629A08C22494C5CE 127488 ----a-w- C:\WINDOWS\Sysnative\VEDataLayerHelpers.dll 2016-08-12 10:58:08 30C17CDD5108ED26EC983883348C7965 37744 ----a-w- C:\WINDOWS\Sysnative\wldp.dll 2016-08-12 10:58:07 5FE44212DD34A190819E49591AD142BE 784384 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2016-08-12 10:58:06 EB68DCC48742D6DDAF1B6DAA808B2BEF 13390336 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-08-12 10:58:06 A5A462B5948BC9BAF6C1CA6C2BB35D79 4895232 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2016-08-12 10:58:06 7C86F530A60EB5F70691124A7231172A 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2016-08-12 10:58:06 757357D0D97DCBB68FDF8F8C9EA41E51 7833088 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-08-12 10:58:06 4056766C783514E2786F13CCA59A8787 2127360 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2016-08-12 10:58:05 FD9C5FB457450D925E08454927CD9219 22384128 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-08-12 10:58:05 B0ADC6DEDD9EC1EEC686926484D8DD1B 381952 ----a-w- C:\WINDOWS\Sysnative\wuuhext.dll 2016-08-12 10:58:05 0CCC61F60F7B447F9F77CE55FD9F4690 24613888 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-08-12 10:58:04 EEF099B4F1DA73009565C1E70E76C587 529920 ----a-w- C:\WINDOWS\Sysnative\LogonController.dll 2016-08-12 10:58:04 DFD15944C2D56FF462EE33BC9AF71BE0 1752576 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2016-08-12 10:58:04 C034C41CAD5A0C805CE8BDCB4E75231A 1322760 ----a-w- C:\WINDOWS\Sysnative\ole32.dll 2016-08-12 10:58:04 9789FF6230BBE2D57F460E87E922D613 22561256 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2016-08-12 10:58:04 7BEA06396A13383998CD09E38C1AC53B 412160 ----a-w- C:\WINDOWS\Sysnative\MusUpdateHandlers.dll 2016-08-12 10:58:03 CEEC73833A4C6B31E2F376A3FD4DA73E 91136 ----a-w- C:\WINDOWS\Sysnative\bthserv.dll 2016-08-12 10:58:03 CA6F4D06FC3931775FA1F726CE01704E 383488 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2016-08-12 10:58:03 B687CA2B2FB902BF00B1127D61A84C00 359936 ----a-w- C:\WINDOWS\Sysnative\SensorsApi.dll 2016-08-12 10:58:03 89A9AA26EDF4CC2DA3820208CEA61CBB 58408 ----a-w- C:\WINDOWS\Sysnative\SensorsNativeApi.dll 2016-08-12 10:58:03 693C7B05D9E1D5B3BBC242A5569639AB 221696 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2016-08-12 10:58:03 3A96F324681545F135320A9E91793972 339968 ----a-w- C:\WINDOWS\Sysnative\SensorService.dll 2016-08-12 10:58:03 0A66FDBDE5FECC0BDF22D0CF59C66C78 970752 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2016-08-20 12:05:25 A6F9F501927DDAEF6E4D9E5E0F90EE33 153248 ----a-w- C:\WINDOWS\Sysnative\drivers\ekbdflt.sys 2016-08-20 12:05:24 CEC06D9024B6D8E3D70CFA524A209C19 61608 ----a-w- C:\WINDOWS\Sysnative\drivers\EpfwLWF.sys 2016-08-16 10:20:10 E65D6A80252ED289A1E381FE10C8CE3B 14199360 ----a-w- C:\WINDOWS\Sysnative\drivers\nvlddmkm.sys 2016-08-16 10:20:10 67B51A97733B10D716B366C2ED126763 223304 ----a-w- C:\WINDOWS\Sysnative\drivers\nvhda64v.sys 2016-08-12 10:58:15 FA7EE4E3DCF4C1159D4E78147D8F1A7B 84992 ----a-w- C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS 2016-08-12 10:58:14 2442F8CED09E5E4A8F1AA04C5DB22771 954368 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2016-08-12 10:58:13 C2138FE291C8235C3A26CD04EE629163 161632 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2016-08-12 10:58:13 72CC1F3397B4438C8B8830F004075038 112640 ----a-w- C:\WINDOWS\Sysnative\drivers\bthenum.sys 2016-08-12 10:58:13 5DCB6746E9880DED87EC2A239ED64EB4 181248 ----a-w- C:\WINDOWS\Sysnative\drivers\rfcomm.sys 2016-08-12 10:58:13 570BA8E8E1E3064A7D92F862B7F59B60 604928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-08-12 10:58:13 0A23A12396CE5AE78E13F8E2ADF9AE35 128512 ----a-w- C:\WINDOWS\Sysnative\drivers\bthpan.sys 2016-08-12 10:58:11 E61E8025B3FC30906B9BFF0E1602B1E8 576864 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-08-12 10:58:11 E5EF652F8C880EC48A4E827698416338 1988448 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-08-12 10:58:11 97269D0CF0C275A7DF5BFCA6692CC8B8 393056 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2016-08-12 10:58:11 34DDBE73E42A4EDED7BEFF66F270C1A4 99680 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys 2016-08-12 10:58:10 FAEBE339AB36831B77DC8F3B81DEDF75 465248 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys 2016-08-12 10:58:10 3F89E96BDA0A24A3D2DBB7CE1E625589 331616 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2016-08-12 10:58:03 1BB74617AE07539EC7C31C93F98644C7 422744 ----a-w- C:\WINDOWS\Sysnative\drivers\rdbss.sys ====== C:\WINDOWS\Tasks ====== 2016-08-12 11:14:05 DAE72F307C0ADFA5AFC29B610F034E5C 4200 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskUserS-1-5-21-1778768322-595465748-2038507635-1000UA 2016-08-12 11:14:05 8A3C0BADC7FA36185E5E9387A3F245E1 3824 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskUserS-1-5-21-1778768322-595465748-2038507635-1000Core 2016-08-12 11:14:05 6945BBE0D4833E71785E453097C89849 1084 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1778768322-595465748-2038507635-1000UA.job 2016-08-12 11:14:05 0F1C7F71793F424F3DD08A463D15B53A 1032 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1778768322-595465748-2038507635-1000Core.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-08-04 15:55:02 -------- d-----w- C:\Program Files\iPod ======= C:\PROGRA~2 ===== 2016-08-16 10:21:26 -------- d-----w- C:\PROGRA~2\VulkanRT 2016-08-04 15:55:03 -------- d-----w- C:\PROGRA~2\iTunes ======= C: ===== ====== C:\Users\Brian\AppData\Roaming ====== ====== C:\Users\Brian ====== 2016-08-04 15:55:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-07-26 10:30:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-07-26 10:27:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud ====== C: exe-files == 2016-08-22 21:27:03 6578FB85FB5432DA258702968C7F2735 1702216 ----a-w- C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\54.0.2836.0\Installer\setup.exe 2016-08-22 21:26:51 543DAE2CF21E3823DF4FC3F626EE4ED2 56303704 ----a-w- C:\Users\Brian\AppData\Local\Google\Update\Install\{16832FC0-BDEC-4463-8240-A945BDE4CA47}\54.0.2836.0_chrome_installer.exe 2016-08-22 21:26:50 543DAE2CF21E3823DF4FC3F626EE4ED2 56303704 ----a-w- C:\Users\Brian\AppData\Local\Google\Update\Download\{4EA16AC7-FD5A-47C3-875B-DBF4A2008C20}\54.0.2836.0\54.0.2836.0_chrome_installer.exe 2016-08-22 21:18:42 6DC461731E6D92804E0A75AA61683408 711816 ----a-w- C:\Users\Brian\AppData\Local\NVIDIA\NvBackend\Packages\00009261\CoProc update.21073398.exe 2016-08-22 21:18:39 D08C0324A6E9AA558B1A9A4EEC5B8279 8706672 ----a-w- C:\Users\Brian\AppData\Local\NVIDIA\NvBackend\Packages\00009276\DAO.21074911.exe 2016-08-22 18:00:46 183146F9CDFC736BA194A7AFB031CCE2 346552 ----a-w- C:\Users\Brian\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-08-22 18:00:42 71A62782E2BB676AA6F11D48AB69F7F6 403896 ----a-w- C:\Users\Brian\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-08-21 18:26:39 E47E0CD44B680016B6B9EEF04F71150B 1702216 ----a-w- C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\54.0.2835.0\Installer\setup.exe 2016-08-16 10:21:46 DCF597348DC1684C0DF1E0F71F5B3AAD 820160 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\SphericalEquirect64.exe 2016-08-16 10:21:46 BF251E48DA889D3E97BAACC34EE81C9C 881088 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\HighresBlender32.exe 2016-08-16 10:21:46 BA5F97ABCC7641E9F7F8704A9F1F2A0D 90560 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraConfiguration.exe 2016-08-16 10:21:46 9725283FC9EF260815CC55F4898DECEE 777272 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\SphericalEquirect32.exe 2016-08-16 10:21:46 8898B8CBAE1254D52AD3003D10399DD0 796096 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\NvImageConvert32.exe 2016-08-16 10:21:46 77D1E05772D2C509787FC66254288777 910272 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\NvImageConvert64.exe 2016-08-16 10:21:46 6EB16B4A8632D0994DE7FEFE54B491E6 1046072 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\HighresBlender64.exe 2016-08-16 10:21:46 42713DE48B58FB6C59D6C335FC1DCF45 1154616 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\TagTool32.exe 2016-08-16 10:21:46 2A43461E2493D15F8E851E74B91E74E8 112184 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraEnable.exe 2016-08-16 10:21:29 9BB5A1BD4FFA52C687C35456BC01E75E 138808 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2016-08-16 10:21:29 9927E9E0AC70FC9104E69943D310C921 2481720 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe 2016-08-16 10:21:29 86E93885D05EF3DE8561D4A4A7E3B1E4 426040 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe 2016-08-16 10:21:29 800DC16CF61F4BC7E2690F3CBF09B1B6 1765432 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe 2016-08-16 10:21:29 6B008A98C3C47C2C68FDE32277FFACFE 7876664 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe 2016-08-16 10:21:29 3E2DDC4C379486B9455015FF9FAA241E 904760 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe 2016-08-16 10:21:29 3BD3BFF4992363EA521360CE870686C7 446008 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe 2016-08-16 10:21:29 1420074EE33593D773C047BC54E7A20F 347192 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe 2016-08-16 10:21:29 128BFF46DE96947AB4789EB33E54AD81 627768 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe 2016-08-16 10:21:26 B1F9C56E5F3C20FEF261E2510221F6E4 40224 ----a-w- C:\Windows\SysWOW64\vulkaninfo.exe 2016-08-16 10:21:26 0597F21B1DCADAB5F28806671670CDE4 45344 ----a-w- C:\Windows\System32\vulkaninfo.exe 2016-08-16 10:21:23 B443237BFD304E677244ECD6C8A460AC 2456120 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 2016-08-16 10:21:23 9C60828CEAB8CAC1FE05ECDB9A32F0C2 218560 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp.exe 2016-08-16 10:21:23 7C90C388E4BC946A9132F282320CC4E5 12748736 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe 2016-08-16 10:21:23 55ADE469D2DF88B84AFB7C13BCD4DFE8 1288128 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 2016-08-16 10:21:23 50630F20172B39703B75DD6DEBE64214 3030976 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\NvGpuUtilization.exe 2016-08-16 10:21:23 30A4303D2B61D7115A725ED61906F0BC 219704 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp64.exe 2016-08-16 10:21:23 1D97F4D3B6D1F64E6419317EF0DA5768 1365048 ----a-w- C:\Windows\System32\nvvsvc.exe 2016-08-16 10:20:10 C2F9A6D7B3764A9AB0BE5EAA09442255 458296 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{2F744583-9903-42B0-BDAC-6F2A36D3151A}\dbInstaller.exe 2016-08-16 10:20:10 C2F9A6D7B3764A9AB0BE5EAA09442255 458296 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe 2016-08-16 10:20:10 A4893FB9A70049AE61C7A87E334E47E1 13605464 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{2F744583-9903-42B0-BDAC-6F2A36D3151A}\VulkanRT-Installer.exe 2016-08-16 10:20:10 976C4EB20633FB67103175D1B654AC2B 17194824 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{D996EF78-82C9-4535-88E3-2BF8A158AF50}\3DVision.exe 2016-08-16 10:20:10 8D88333414B97AA8674309E5D4CA1977 849976 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\MCU.exe 2016-08-16 10:20:10 7C599070791A1B2627C322983F9EB4C4 410560 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\nvdebugdump.exe 2016-08-16 10:20:10 55B6FDA32D2395214A1B91D8CC29B822 447936 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\nvidia-smi.exe 2016-08-16 10:20:10 2B51C2662C68B9A267F9B3442E56F209 96986952 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{2F744583-9903-42B0-BDAC-6F2A36D3151A}\NvCplSetupInt.exe 2016-08-16 10:19:25 2B683E39B76CA6722FDACF35550BA592 1879488 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{F9A52610-3D7D-4860-A8F7-302B532D1684}\NVNetworkService.exe === C: other files == 2016-08-22 21:26:57 D2F6A1B11344D9AC7BCFB75900D4ADE1 23668 ----a-w- C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\54.0.2836.0\default_apps\youtube.crx 2016-08-22 21:26:57 2E2E328E5BF6BE61203164B3E9EA8094 24040 ----a-w- C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\54.0.2836.0\default_apps\gmail.crx 2016-08-22 21:26:56 71E1283B8440F6264CEC99DF9AD81F5B 25561 ----a-w- C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\54.0.2836.0\default_apps\drive.crx 2016-08-22 21:26:56 2C71C49F991095A1848624907BACBB08 4578 ----a-w- C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\54.0.2836.0\default_apps\docs.crx 2016-08-21 19:09:54 F307F4FBFA3FF91CB02FF6D261A81D1D 12050 ----a-w- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\odhqtxrl.default\extensions\{996bb709-9ff1-4b3e-a865-b5820fd84345}.xpi 2016-08-21 18:58:17 DD3B074C879E2CD3442B0DCCA068709C 12404 ----a-w- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\odhqtxrl.default\extensions\smplayerplaylist@luperrouch.fr.xpi 2016-08-21 18:26:34 D2F6A1B11344D9AC7BCFB75900D4ADE1 23668 ----a-w- C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\54.0.2835.0\default_apps\youtube.crx 2016-08-21 18:26:33 71E1283B8440F6264CEC99DF9AD81F5B 25561 ----a-w- C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\54.0.2835.0\default_apps\drive.crx 2016-08-21 18:26:33 2E2E328E5BF6BE61203164B3E9EA8094 24040 ----a-w- C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\54.0.2835.0\default_apps\gmail.crx 2016-08-21 18:26:33 2C71C49F991095A1848624907BACBB08 4578 ----a-w- C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\54.0.2835.0\default_apps\docs.crx 2016-08-20 12:05:25 A6F9F501927DDAEF6E4D9E5E0F90EE33 153248 ----a-w- C:\Windows\System32\drivers\ekbdflt.sys 2016-08-20 12:05:24 CEC06D9024B6D8E3D70CFA524A209C19 61608 ----a-w- C:\Windows\System32\drivers\EpfwLWF.sys 2016-08-18 10:01:11 8923003ACCA092A8EE8939B52C7531B0 2034437 ----a-w- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\odhqtxrl.default\features\{5d8d20f2-c98e-470e-9a30-910f7ffe3959}\loop@mozilla.org.xpi 2016-08-18 10:01:11 42910AD54D5C1E030808FE0871BF87B1 781661 ----a-w- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\odhqtxrl.default\features\{5d8d20f2-c98e-470e-9a30-910f7ffe3959}\firefox@getpocket.com.xpi 2016-08-18 10:01:11 21D3AEE8E1C0F87AAC15B3AFA26C1FB8 6351 ----a-w- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\odhqtxrl.default\features\{5d8d20f2-c98e-470e-9a30-910f7ffe3959}\e10srollout@mozilla.org.xpi 2016-08-16 10:20:10 F9F912215C57ECAEBEF2A00DDB25A225 469568 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{96AAB86D-12FF-465D-B242-48E43CBDEFED}\nvstusb64.sys 2016-08-16 10:20:10 F06735B773B9F53D130A82A7F7F9588E 154320 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{E37B4060-324E-4F2C-A876-E0310F243DF2}\nvhda32.sys 2016-08-16 10:20:10 E65D6A80252ED289A1E381FE10C8CE3B 14199360 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2016-08-16 10:20:10 67B51A97733B10D716B366C2ED126763 223304 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys 2016-08-16 10:20:10 67B51A97733B10D716B366C2ED126763 223304 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{E37B4060-324E-4F2C-A876-E0310F243DF2}\nvhda64v.sys 2016-08-16 10:20:10 4D2B411E0D3C8203537ACA4EC908BA87 190536 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{E37B4060-324E-4F2C-A876-E0310F243DF2}\nvhda64.sys 2016-08-16 10:20:10 2DCD6B1CB0898522DEB9EEF30E266EAF 187856 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{E37B4060-324E-4F2C-A876-E0310F243DF2}\nvhda32v.sys 2016-08-16 10:20:10 1456EE1FD6C32F1116A2DD21E3A91316 453056 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{96AAB86D-12FF-465D-B242-48E43CBDEFED}\nvstusb32.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-1778768322-595465748-2038507635-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WinBar (x86)"="T:\Winbar\WinBar.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "Google Update"="C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LWS"="P:\Logitech\LWS\Webcam Software\LWS.exe -hide" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WinBar (x86)"="T:\Winbar\WinBar.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "Google Update"="C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe /c" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "iTunesHelper"="T:\iTunes\iTunesHelper.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\asComSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate] ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12-07-2016 12:47] C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job --a-------- C:\WINDOWS\explorer.exe [01-07-2016 06:33] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1778768322-595465748-2038507635-1000Core.job --a-------- C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe [12-08-2016 13:14] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1778768322-595465748-2038507635-1000UA.job --a-------- C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe [12-08-2016 13:14] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["P:\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateExplorerShellUnelevatedTask" [C:\WINDOWS\explorer.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1778768322-595465748-2038507635-1000Core" [C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1778768322-595465748-2038507635-1000UA" [C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\SamsungMagician" ["T:\Samsung Magician\Samsung Magician.exe"] "C:\WINDOWS\SysNative\tasks\Tweaking.com - Windows Repair Tray Icon" [T:\\WR_Tray_Icon.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{A6E02282-B74B-4878-B246-BE3C8D2FC6D4}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\{010D2214-1FC7-4C1E-959D-5F6C2DC88CEF}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\odhqtxrl.default user_pref("browser.startup.homepage", "http://www.google.nl/"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\odhqtxrl.default - YouTube AdBlock - %ProfilePath%\extensions\jid1-w4wG5nJhx4LJZr@jetpack.xpi - Smplayer context menu - %ProfilePath%\extensions\smplayerplaylist@luperrouch.fr.xpi - Plugins Toggler em:descriptionAdds a toolbarstatusbar button to enable and disable installed plugins em:creatorTrinh Nguyen em:homepageURLhttp:winged.info - %ProfilePath%\extensions\{996bb709-9ff1-4b3e-a865-b5820fd84345}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\odhqtxrl.default 08C3C6B144EB5EBDE93263237C53DB14 - P:\Vlc Player\VLC\npvlc.dll - VLC Web Plugin 62D98B286C805E193568037B70D936D2 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll - Shockwave Flash 3EE8AE0ECFE5D79DE1737A855AD1E84C - C:\Users\Brian\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll - Google Update ==== Chromium Look ====================== Chrome Web Store Payments - Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Speed Test - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aeghledigokaedmpimgnfplidhdhlchg Google Docs - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf TV - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh YouTube - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Facebook - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm Pool - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb selector is not a valid CSS selector - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Adblock for Youtube - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk Google Search - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf 3D Table Tennis - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eceoimpjbncjmhghmhfpmbkkkgkkchen Tetriz Challenge - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emidddocikgklceeeifefomdnbkldhng Google Sheets - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap This information is used only for diagnosing the problem you are reporting is available only to someone investigating your report and is retained for no more than 30 days. - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp Word search - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ggckablhhmjagmokplgnbamljajnhanm Google Docs Offline - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Youtube.&.Facebook.Downloader - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gngknpdbfgcbmhnpibhghkailicedhbi Space - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hifhddjdplehpbndiikdofeaopbimfmi Google Maps - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh Chrome Web Store Payments - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda 3D Bomb Destroyer - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okehlnjpihomkdokiiafpejniofjaoom Gmail - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router (Canary) - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.nl/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value ==== HijackThis Entries ====================== O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - P:\Evernote\EvernoteIE.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll O4 - HKLM\..\Run: [LWS] P:\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKCU\..\Run: [WinBar (x86)] T:\Winbar\WinBar.exe O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Startup: EvernoteClipper.lnk = P:\Evernote\EvernoteClipper.exe O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Startup: Telegram.lnk = C:\Users\Brian\Documents\Bureaublad 1\Telegram\Telegram\Telegram.exe O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Afbeelding knippen - P:\Evernote\\EvernoteIERes\Clip.html?clipAction=4 O8 - Extra context menu item: Afbeelding opnemen - P:\Evernote\EvernoteIERes\Clip.html?clipAction=4 O8 - Extra context menu item: Bladwijzer knippen - P:\Evernote\EvernoteIERes\Clip.html?clipAction=0 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Kopieer selectie - P:\Evernote\EvernoteIERes\Clip.html?clipAction=3 O8 - Extra context menu item: Nieuwe notitie - P:\Evernote\EvernoteIERes\NewNote.html O8 - Extra context menu item: Pagina opemen - P:\Evernote\EvernoteIERes\Clip.html?clipAction=1 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @P:\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - P:\Evernote\\EvernoteIERes\AddNote.html O9 - Extra 'Tools' menuitem: @P:\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - P:\Evernote\\EvernoteIERes\AddNote.html O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://help.eset.com (HKLM) O15 - ESC Trusted Zone: http://help.eset.com (HKLM) O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FosCloudSvrNacl - Unknown owner - C:\Program Files (x86)\Foscam Web Components\CloudIPCPlgSvr.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - P:\Teamviewer10\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: TTService - TorrentsTime - C:\Program Files (x86)\TorrentsTime Media Player\bin\TTService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: UsbClientService - Unknown owner - P:\Synology\Assistant\UsbClientService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Brian\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Brian\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Brian\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Brian\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Brian\AppData\Local\Mozilla\Firefox\Profiles\odhqtxrl.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=10 folders=14 6679704 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Brian\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 22-08-2016 at 23:32:50,53 ======================