Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by Stephan Reisig on za 25-03-2017 at 18:36:31,63. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\Stephan Reisig\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 25-3-2017 18:43:19 Zoek.exe System Restore Point Created Successfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Empty Folders Check ====================== C:\PROGRA~2\Apple Software Update deleted successfully C:\PROGRA~2\Bonjour deleted successfully C:\PROGRA~2\QuickTime deleted successfully C:\PROGRA~2\UnderCover10 deleted successfully C:\PROGRA~2\UniqueApps deleted successfully C:\PROGRA~2\Windows Live deleted successfully C:\PROGRA~2\COMMON~1\Windows Live deleted successfully C:\PROGRA~3\ioloGovernor deleted successfully C:\Users\Stephan Reisig\AppData\Roaming\Mozilla deleted successfully C:\Users\Stephan Reisig\AppData\Roaming\MPC-HC deleted successfully C:\Users\Stephan Reisig\AppData\Roaming\Opera Software deleted successfully C:\Users\Stephan Reisig\AppData\Local\CrashDumps deleted successfully C:\Users\Stephan Reisig\AppData\Local\EmieSiteList deleted successfully C:\Users\Stephan Reisig\AppData\Local\EmieUserList deleted successfully C:\Users\Stephan Reisig\AppData\Local\ESET deleted successfully C:\Users\Stephan Reisig\AppData\Local\Opera Software deleted successfully C:\Users\Stephan Reisig\AppData\Local\Samsung deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\ABN AMRO e.dentifier2\wss\becwssvr.exe C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Users\Stephan Reisig\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Services(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R2 - [becwssvr] - E.dentifier2 Connector Service - c:\program files (x86)\abn amro e.dentifier2\wss\becwssvr.exe R2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe R2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe R2 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe R2 - [MsMpSvc] - Microsoft Antimalware Service - c:\program files\microsoft security client\msmpeng.exe R2 - [ss_conn_service] - SAMSUNG Mobile Connectivity Service - c:\program files (x86)\samsung\usb drivers\27_ssconn\conn\ss_conn_service.exe R3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe R3 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe S3 - [AMD FUEL Service] - AMD FUEL Service - c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files (x86)\microsoft office\office14\groove.exe S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [NisSrv] - Microsoft Netwerkinspectie - c:\program files\microsoft security client\nissrv.exe S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe S3 - [WatAdminSvc] - Windows Activation Technologies-service - c:\windows\system32\wat\watadminsvc.exe S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe S4 - [aspnet_state] - ASP.NET-statusservice - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Apple Software Update not found C:\PROGRA~2\Bonjour not found C:\PROGRA~2\QuickTime not found C:\PROGRA~2\UnderCover10 not found C:\PROGRA~2\UniqueApps not found C:\PROGRA~2\Windows Live not found C:\PROGRA~2\Your Uninstaller! 7 deleted C:\PROGRA~3\{34D6BC7A-0709-4BD2-9A44-DED5E2F70A0A} deleted C:\PROGRA~3\{6CDCEBFA-D5FA-4ED0-A11F-AC1F8BD76DF2} deleted C:\PROGRA~3\Package Cache deleted C:\Windows\SysWow64\AI_RecycleBin deleted "C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001}" deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3968 MB CPU Info: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+ CPU Speed: 2550,3 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: ATI Radeon X1200 Series | ATI Radeon X1200 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen niet-PnP-beeldscherm | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) CD / DVD Drives: 1x (E: | ) E: Optiarc DVD RW AD-7200S Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 101,4GB | D: 196,6GB | F: 465,8GB | G: 74,5GB Hard Disks - Free: C: 38,9GB | D: 192,9GB | F: 110,7GB | G: 49,6GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 11/05/07 | DELL - 20071105 Time Zone: West-Europa (standaardtijd) Motherboard *: MICRO-STAR INTERANTIONAL CO.,LTD MS-7367 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 57.0.2987.110 Internet Explorer Version: 11.0.9600.18617 Google Chrome version: 57.0.2987.110 Shockwave Player version: 12.1.7r157 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2017-03-25 01:30:40 37BABEA44C50E8022324DB7A22A9679F 733696 ----a-w- C:\Windows\HelpPane.exe 2017-03-25 01:29:30 38AE1B3C38FAEF56FE4907922F0385BA 3229696 ----a-w- C:\Windows\explorer.exe 2017-03-23 22:37:46 A095B3E67C8EB8F2137EAC63687F2F5B 2839520 ----a-w- C:\Windows\RtlExUpd.dll ====== C:\Users\STEPHA~1\AppData\Local\Temp ==== 2017-03-25 02:56:29 CC82894A9ACA4349D660337F02AF4F7A 248984 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\psmachine_64.dll 2017-03-25 02:56:29 AE40C2387FB66C85B73D69DD5CFB886E 207000 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\psmachine.dll 2017-03-25 02:56:29 8CC32B1B14B131E650CC9DF4307D2DDA 207000 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\psuser.dll 2017-03-25 02:56:29 88E3B29BD820395FCD47607D924C1DF5 248984 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\psuser_64.dll 2017-03-25 02:56:28 F9D90EEC96E97411869E120E52B1AE0A 629400 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\npGoogleUpdate3.dll 2017-03-25 02:56:18 FCAEDFFAA41EA74BA53FDADABBB8B21A 1129376 ----a-w- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleUpdateSetup.exe 2017-03-25 02:56:18 914660657B081553206614FCE8590C06 40960 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleUpdateHelper.msi 2017-03-25 02:56:18 5E7ADCF81096860FED5AB569A8ADE3AB 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleUpdateOnDemand.exe 2017-03-25 02:56:18 33DF23DDDE222C6270C99885D7A70DE2 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleUpdateWebPlugin.exe 2017-03-25 02:56:18 1A6B6EE6B5C17A397D1685FDF7E20E90 1750680 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\goopdate.dll 2017-03-25 02:56:17 FE9E6388A039441098EB09C070EA5049 601752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleUpdateCore.exe 2017-03-25 02:56:17 FACC7DC5EEF8AF0D969BC2481AAA3EFC 174232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleUpdateComRegisterShell64.exe 2017-03-25 02:56:17 57769E78CCB9F3DE92B507B72D49AF99 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleUpdateBroker.exe 2017-03-25 02:56:14 FE40EC349D80C0ED24A5808DCFE9A0D2 288920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleCrashHandler.exe 2017-03-25 02:56:14 B5C7D56B6DB76C66E24B4B735BB66509 366232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleCrashHandler64.exe 2017-03-25 02:56:14 2D8BBF6C7241AAD9EDE7708EBB7B43A4 153752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleUpdate.exe 2017-03-25 01:26:52 F9D90EEC96E97411869E120E52B1AE0A 629400 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\npGoogleUpdate3.dll 2017-03-25 01:26:52 CC82894A9ACA4349D660337F02AF4F7A 248984 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\psmachine_64.dll 2017-03-25 01:26:52 AE40C2387FB66C85B73D69DD5CFB886E 207000 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\psmachine.dll 2017-03-25 01:26:52 8CC32B1B14B131E650CC9DF4307D2DDA 207000 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\psuser.dll 2017-03-25 01:26:52 88E3B29BD820395FCD47607D924C1DF5 248984 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\psuser_64.dll 2017-03-25 01:26:51 FE9E6388A039441098EB09C070EA5049 601752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleUpdateCore.exe 2017-03-25 01:26:51 FE40EC349D80C0ED24A5808DCFE9A0D2 288920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleCrashHandler.exe 2017-03-25 01:26:51 FCAEDFFAA41EA74BA53FDADABBB8B21A 1129376 ----a-w- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleUpdateSetup.exe 2017-03-25 01:26:51 FACC7DC5EEF8AF0D969BC2481AAA3EFC 174232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleUpdateComRegisterShell64.exe 2017-03-25 01:26:51 B5C7D56B6DB76C66E24B4B735BB66509 366232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleCrashHandler64.exe 2017-03-25 01:26:51 914660657B081553206614FCE8590C06 40960 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleUpdateHelper.msi 2017-03-25 01:26:51 5E7ADCF81096860FED5AB569A8ADE3AB 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleUpdateOnDemand.exe 2017-03-25 01:26:51 57769E78CCB9F3DE92B507B72D49AF99 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleUpdateBroker.exe 2017-03-25 01:26:51 33DF23DDDE222C6270C99885D7A70DE2 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleUpdateWebPlugin.exe 2017-03-25 01:26:51 2D8BBF6C7241AAD9EDE7708EBB7B43A4 153752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleUpdate.exe 2017-03-25 01:26:51 1A6B6EE6B5C17A397D1685FDF7E20E90 1750680 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\goopdate.dll 2017-03-25 01:25:06 F9D90EEC96E97411869E120E52B1AE0A 629400 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\npGoogleUpdate3.dll 2017-03-25 01:25:06 CC82894A9ACA4349D660337F02AF4F7A 248984 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\psmachine_64.dll 2017-03-25 01:25:06 AE40C2387FB66C85B73D69DD5CFB886E 207000 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\psmachine.dll 2017-03-25 01:25:06 8CC32B1B14B131E650CC9DF4307D2DDA 207000 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\psuser.dll 2017-03-25 01:25:06 88E3B29BD820395FCD47607D924C1DF5 248984 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\psuser_64.dll 2017-03-25 01:25:05 FE9E6388A039441098EB09C070EA5049 601752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleUpdateCore.exe 2017-03-25 01:25:05 FE40EC349D80C0ED24A5808DCFE9A0D2 288920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleCrashHandler.exe 2017-03-25 01:25:05 FCAEDFFAA41EA74BA53FDADABBB8B21A 1129376 ----a-w- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleUpdateSetup.exe 2017-03-25 01:25:05 FACC7DC5EEF8AF0D969BC2481AAA3EFC 174232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleUpdateComRegisterShell64.exe 2017-03-25 01:25:05 B5C7D56B6DB76C66E24B4B735BB66509 366232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleCrashHandler64.exe 2017-03-25 01:25:05 914660657B081553206614FCE8590C06 40960 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleUpdateHelper.msi 2017-03-25 01:25:05 5E7ADCF81096860FED5AB569A8ADE3AB 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleUpdateOnDemand.exe 2017-03-25 01:25:05 57769E78CCB9F3DE92B507B72D49AF99 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleUpdateBroker.exe 2017-03-25 01:25:05 33DF23DDDE222C6270C99885D7A70DE2 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleUpdateWebPlugin.exe 2017-03-25 01:25:05 2D8BBF6C7241AAD9EDE7708EBB7B43A4 153752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleUpdate.exe 2017-03-25 01:25:05 1A6B6EE6B5C17A397D1685FDF7E20E90 1750680 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\goopdate.dll 2017-03-25 01:14:02 8CC32B1B14B131E650CC9DF4307D2DDA 207000 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\psuser.dll 2017-03-25 01:14:02 88E3B29BD820395FCD47607D924C1DF5 248984 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\psuser_64.dll 2017-03-25 01:14:01 F9D90EEC96E97411869E120E52B1AE0A 629400 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\npGoogleUpdate3.dll 2017-03-25 01:14:01 CC82894A9ACA4349D660337F02AF4F7A 248984 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\psmachine_64.dll 2017-03-25 01:14:01 AE40C2387FB66C85B73D69DD5CFB886E 207000 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\psmachine.dll 2017-03-25 01:13:56 FCAEDFFAA41EA74BA53FDADABBB8B21A 1129376 ----a-w- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleUpdateSetup.exe 2017-03-25 01:13:56 33DF23DDDE222C6270C99885D7A70DE2 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleUpdateWebPlugin.exe 2017-03-25 01:13:56 1A6B6EE6B5C17A397D1685FDF7E20E90 1750680 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\goopdate.dll 2017-03-25 01:13:55 FE9E6388A039441098EB09C070EA5049 601752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleUpdateCore.exe 2017-03-25 01:13:55 FE40EC349D80C0ED24A5808DCFE9A0D2 288920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleCrashHandler.exe 2017-03-25 01:13:55 FACC7DC5EEF8AF0D969BC2481AAA3EFC 174232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleUpdateComRegisterShell64.exe 2017-03-25 01:13:55 B5C7D56B6DB76C66E24B4B735BB66509 366232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleCrashHandler64.exe 2017-03-25 01:13:55 914660657B081553206614FCE8590C06 40960 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleUpdateHelper.msi 2017-03-25 01:13:55 5E7ADCF81096860FED5AB569A8ADE3AB 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleUpdateOnDemand.exe 2017-03-25 01:13:55 57769E78CCB9F3DE92B507B72D49AF99 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleUpdateBroker.exe 2017-03-25 01:13:55 2D8BBF6C7241AAD9EDE7708EBB7B43A4 153752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleUpdate.exe 2017-03-24 18:52:44 !HASH: COULD NOT OPEN FILE !!!!! 12774864 ----a-w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\1360bd05-c735-4bb1-82c7-a74fcfb58def\0841FC7E-D18E-42E7-A43E-BEA147799CAFmpengine.dll 2017-03-24 18:51:39 8E21882367A201E4D574B3AAACDAB9E3 21433624 ----a-w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\mpam-8aeb48d4.exe 2017-03-24 01:21:50 6839564FED27BCE1C019D490CF00B5AC 21061912 ----a-w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\mpam-7815d56a.exe 2017-03-24 00:35:16 !HASH: COULD NOT OPEN FILE !!!!! 12774864 ----a-w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\1a583489-d5ce-4705-ae74-4c64329169e1\mpengine.dll 2017-03-24 00:34:44 6839564FED27BCE1C019D490CF00B5AC 21061912 ----a-w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\mpam-a2db877e.exe 2017-03-23 22:42:44 6839564FED27BCE1C019D490CF00B5AC 21061912 ----a-w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\mpam-fef284a4.exe 2017-03-13 06:09:24 6F3BB4116FFF2BCA858E68B8DD5D487B 3123480 ----a-w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\mpam-3f56600d.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2017-03-25 01:37:45 EE16D4205B0C692B9C3BA6DF7855FCDB 35328 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2017-03-25 01:37:45 B7EACDF250F0F9E3EEC97C29970C71C7 93696 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2017-03-25 01:37:45 9B2CA35A812596333B44AD59857AD07D 573440 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2017-03-25 01:37:45 4CD379CD6698D360B7005F09BC8EA655 174080 ----a-w- C:\Windows\SysWOW64\wuwebv.dll 2017-03-25 01:37:42 FBEA64C4AC884FC735A0C23216E9B562 30208 ----a-w- C:\Windows\SysWOW64\wups.dll 2017-03-25 01:37:41 307A6D4F7CD94E384ECFF05AFA30B42C 90624 ----a-w- C:\Windows\SysWOW64\olepro32.dll 2017-03-25 01:35:57 F681617A48EC4FA8E560D4F8F98DD94F 216064 ----a-w- C:\Windows\SysWOW64\InkEd.dll 2017-03-25 01:31:07 C08AD41B5253274957A3737EFCEA4A4A 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2017-03-25 01:31:06 C578DC9103D2B4E6826476A6C5547D18 130048 ----a-w- C:\Windows\SysWOW64\occache.dll 2017-03-25 01:31:06 BF96DE060BEDEB855A56904B3DD55558 2287104 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2017-03-25 01:31:06 6D96994DB5CF20537B7C34F763A408DB 91136 ----a-w- C:\Windows\SysWOW64\inseng.dll 2017-03-25 01:31:06 6A14ED0C0226EFA1A30144EAFD8BABCD 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2017-03-25 01:31:05 ABBC9FB92E83530AB40DA801873DE802 20281856 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2017-03-25 01:31:05 A33FB9B6EE78D3B53C87556B08A5B4FB 499200 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2017-03-25 01:31:05 77161EE47347557309EC6A2263D994AB 693248 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2017-03-25 01:31:05 590C07F1EE483DE6A73114E1A4764B6C 279040 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2017-03-25 01:31:05 4B2F5239818C2ABF4D6A6974E4C66018 1312768 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2017-03-25 01:31:05 4963A342603ECF8CB7762331F59A715B 346320 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2017-03-25 01:31:05 4404BA779D2D8587D68229E7480CED05 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2017-03-25 01:31:04 B649B3AF2584B56442CE5E0736EA7478 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2017-03-25 01:31:04 162150755ED2D0DCC5E1477FEB9C42D7 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2017-03-25 01:31:03 BCEFF19A6F0033D6E178FB8BB126BDD0 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2017-03-25 01:31:03 A0D5CC10CECED80765D3D6C14B42BE37 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2017-03-25 01:31:03 7F2CAA5219BC35F7BB896E19F532970B 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll 2017-03-25 01:31:03 5BB4B2D6896FA2AA03A2DA7A3D6F7A97 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2017-03-25 01:31:03 1B0CF058D1F47C20B4A199E28CA01B03 2055680 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2017-03-25 01:31:02 FAA76264CA4E8051AB2256543645BF19 13654528 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2017-03-25 01:31:02 814E742FF8FD642C150473D5898017B5 476160 ----a-w- C:\Windows\SysWOW64\ieui.dll 2017-03-25 01:31:02 0C8BE5125CEAA4910BB1C1F72107D91B 416256 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2017-03-25 01:31:00 EE596F4CFB59BB1FB178D5D1E57CC556 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2017-03-25 01:31:00 E3FFF78C5C2B8EE6A9EFD2FA89CF5D0D 4604416 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2017-03-25 01:31:00 C4D9F6C4B4B1D2C7C895255D98E46590 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2017-03-25 01:31:00 8CD829CA7ACCC8AF5FA246AC41F47D43 2767360 ----a-w- C:\Windows\SysWOW64\wininet.dll 2017-03-25 01:30:59 EF94AB9121C645BF505FC15EE524D38F 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2017-03-25 01:30:59 577FADCE566F3E19FAFD73A348AB5B2D 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2017-03-25 01:30:59 48C788BC9ED795CDCEE817B8C1CA8440 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2017-03-25 01:30:54 9CAD748C59DBD8EDB53ABDA364FF376A 11410432 ----a-w- C:\Windows\SysWOW64\wmp.dll 2017-03-25 01:30:54 82649C07FF6D8BA5B02B1AABE4773E3D 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2017-03-25 01:30:52 4439B021A5CA3D281391E6FFF752325A 1251328 ----a-w- C:\Windows\SysWOW64\DWrite.dll 2017-03-25 01:30:51 8EB808138DEE25BA53D331A14BFD39D8 3209216 ----a-w- C:\Windows\SysWOW64\mf.dll 2017-03-25 01:30:50 B9207CFAB9E4D7B4F015694FBAFBD8EA 744960 ----a-w- C:\Windows\SysWOW64\blackbox.dll 2017-03-25 01:30:49 9C11D851979D4E8BF71091580AA073C2 2365440 ----a-w- C:\Windows\SysWOW64\msi.dll 2017-03-25 01:30:49 9B4F4DBBC088BAFACF92890FC2D2A01A 988160 ----a-w- C:\Windows\SysWOW64\drmv2clt.dll 2017-03-25 01:30:48 8949A93520F7008C3B7AD320A0EEA267 1178112 ----a-w- C:\Windows\SysWOW64\WsmSvc.dll 2017-03-25 01:30:48 78C2B9F66D4242AA9CC0A8693E2001F9 2291712 ----a-w- C:\Windows\SysWOW64\MSVidCtl.dll 2017-03-25 01:30:48 4941C721FF630B718DD8C9F98CE98D9D 3945192 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2017-03-25 01:30:48 3283961AFA7723F8D480DD6FE2BDAE0C 4000488 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2017-03-25 01:30:47 7FFD2F8E8C9AB7ADFB2286B78CDCB031 1176064 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2017-03-25 01:30:47 730D1A6314222A79058F78D4CB96EC85 617984 ----a-w- C:\Windows\SysWOW64\wmdrmsdk.dll 2017-03-25 01:30:46 A9B552F2F039119661A388B986EF3DCA 489984 ----a-w- C:\Windows\SysWOW64\evr.dll 2017-03-25 01:30:46 7D64E699ED2153099A27681C50FF6286 497152 ----a-w- C:\Windows\SysWOW64\win32spl.dll 2017-03-25 01:30:46 75ED258371A0A40705B68B0EA8357A46 187392 ----a-w- C:\Windows\SysWOW64\UIAnimation.dll 2017-03-25 01:30:46 217E1BBAB85862194CA05333949CCA85 1806848 ----a-w- C:\Windows\SysWOW64\authui.dll 2017-03-25 01:30:45 DFA4FC62E591AFE142B21D11DE145687 581632 ----a-w- C:\Windows\SysWOW64\oleaut32.dll 2017-03-25 01:30:45 4C7A52467D41DE158258A551C49CC169 829952 ----a-w- C:\Windows\SysWOW64\msctf.dll 2017-03-25 01:30:45 16F6FD5300780620E0E57F7A00348D0A 553472 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2017-03-25 01:30:44 DC54D7A40B6E18E5C7F592F836D163FF 208896 ----a-w- C:\Windows\SysWOW64\WebClnt.dll 2017-03-25 01:30:44 8BA94352C881197F31FA6CAE2AF429B3 406016 ----a-w- C:\Windows\SysWOW64\drmmgrtn.dll 2017-03-25 01:30:44 3528127B3B004A5A41245E11DD14B64D 701440 ----a-w- C:\Windows\SysWOW64\IMJP10K.DLL 2017-03-25 01:30:44 248F7D11EEA0B85158343942B4967D0C 519680 ----a-w- C:\Windows\SysWOW64\qdvd.dll 2017-03-25 01:30:44 02F2D9E88472FBCA5A7F2EBAADBD5C6E 254464 ----a-w- C:\Windows\SysWOW64\schannel.dll 2017-03-25 01:30:43 596D1F332737FFC909E1C821A3238D28 308456 ----a-w- C:\Windows\SysWOW64\atmfd.dll 2017-03-25 01:30:42 CE257A97D20DD8BC28E8D720BE980F09 442368 ----a-w- C:\Windows\SysWOW64\AUDIOKSE.dll 2017-03-25 01:30:42 3E1B8536A26A9E9896BF69528D46D039 1314112 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2017-03-25 01:30:42 348B3A4DD922F590EB39DB231F7AEE4D 145920 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2017-03-25 01:30:42 31EB4BD6ED72AE69382F427A221D3498 249344 ----a-w- C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2017-03-25 01:30:41 A9DEBA92E58E4BA20D99E8C0EA911642 214016 ----a-w- C:\Windows\SysWOW64\WsmWmiPl.dll 2017-03-25 01:30:41 954974105C84D78C52595E2D4C02419B 179200 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2017-03-25 01:30:41 7B58A36E6BBA2EDF43FB1172B071A868 261120 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2017-03-25 01:30:41 78447010471493D83301BDC26A7DC178 374784 ----a-w- C:\Windows\SysWOW64\AudioEng.dll 2017-03-25 01:30:41 3AE4191A320803F49BA101C15221C0B3 199168 ----a-w- C:\Windows\SysWOW64\WSManHTTPConfig.exe 2017-03-25 01:30:40 D55A6842A7B9AF46DFE1990FAA802BED 1005056 ----a-w- C:\Windows\SysWOW64\cryptui.dll 2017-03-25 01:30:40 D14F44C54BE1418853E5ED90B4E4B346 87040 ----a-w- C:\Windows\SysWOW64\davclnt.dll 2017-03-25 01:30:40 6211282EDFB9577773CCFFFA8D97ED67 354816 ----a-w- C:\Windows\SysWOW64\mfplat.dll 2017-03-25 01:30:40 3CB096F266A52F65A571B2A3FC81D13E 1241088 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2017-03-25 01:30:40 3CB074875AC88A7C1010A2A7F9881A8C 833024 ----a-w- C:\Windows\SysWOW64\user32.dll 2017-03-25 01:30:40 0632439227EE10B807054F234C85FE8D 337408 ----a-w- C:\Windows\SysWOW64\msihnd.dll 2017-03-25 01:30:39 E12B2D6F3EB58CC23DED21FBB65F3B5D 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2017-03-25 01:30:39 B2ABA92F93B3B1BD241EC284BBF53DE1 195072 ----a-w- C:\Windows\SysWOW64\AudioSes.dll 2017-03-25 01:30:39 79FED832C161DFA33201352891478D7F 419648 ----a-w- C:\Windows\SysWOW64\locale.nls 2017-03-25 01:30:38 DACADD12EAB0D4105C67BC1A4CB0BE04 1027584 ----a-w- C:\Windows\SysWOW64\IMJP10.IME 2017-03-25 01:30:38 A06F5E8A501B45A69A47F5F049C7BC7B 644096 ----a-w- C:\Windows\SysWOW64\advapi32.dll 2017-03-25 01:30:38 918F91656FEB3D896A790A95FDAF47B8 146944 ----a-w- C:\Windows\SysWOW64\WsmAuto.dll 2017-03-25 01:30:38 7AC6ACDBF5FAF53F786E66D43635C819 90112 ----a-w- C:\Windows\SysWOW64\pintlgnt.ime 2017-03-25 01:30:38 59FC548ED8AF5D284EE6DF06F15E8131 666112 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2017-03-25 01:30:38 25820DDAF94FE89A211AA5BB74AF1F7E 106496 ----a-w- C:\Windows\SysWOW64\cryptnet.dll 2017-03-25 01:30:37 F25D967D460C600ADCE6DC3F87AA6857 690688 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2017-03-25 01:30:37 ADE1853922C226DC1A9EA154A2EDEE05 12574208 ----a-w- C:\Windows\SysWOW64\wmploc.DLL 2017-03-25 01:30:37 184ED3B35F9301AD0C9866A4BEA5E9A0 628736 ----a-w- C:\Windows\SysWOW64\usp10.dll 2017-03-25 01:30:36 FFE8DC32786ED2CFF21AB907A51B332D 126976 ----a-w- C:\Windows\SysWOW64\tintlgnt.ime 2017-03-25 01:30:36 82C6D41F1504658F9FC6B92A1E81E0B7 223232 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2017-03-25 01:30:36 15E87982DF3470CF4909149C11746C8B 141312 ----a-w- C:\Windows\SysWOW64\rpchttp.dll 2017-03-25 01:30:35 FDBF413693588026AEAE5D57017BFE9A 312832 ----a-w- C:\Windows\SysWOW64\gdi32.dll 2017-03-25 01:30:35 684BAA17ACE51B3CC309CF0521C8487E 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2017-03-25 01:30:35 596FE6FE6BDF5E354E9E1A85FF15D8F2 275456 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2017-03-25 01:30:35 12D0C919D64041CA141AD5CD3231698A 1329664 ----a-w- C:\Windows\SysWOW64\quartz.dll 2017-03-25 01:30:34 D4798407E750CDA7C3885D5B8E37403F 125952 ----a-w- C:\Windows\SysWOW64\chajei.ime 2017-03-25 01:30:34 D161CB594609D47C8E9B7599F3195E56 80896 ----a-w- C:\Windows\SysWOW64\cryptsp.dll 2017-03-25 01:30:34 C506E2BC1C96E12F947C649CBC76E731 342528 ----a-w- C:\Windows\SysWOW64\certcli.dll 2017-03-25 01:30:34 C45CD99002A4BA7F14842375E1C442F3 430080 ----a-w- C:\Windows\SysWOW64\imkr80.ime 2017-03-25 01:30:34 AF40161FD6CC6F243A6E3F2181CA7FD0 125952 ----a-w- C:\Windows\SysWOW64\cintlgnt.ime 2017-03-25 01:30:34 9FFE34F51517B4FA97B8C942323C2D0F 741888 ----a-w- C:\Windows\SysWOW64\inetcomm.dll 2017-03-25 01:30:34 5D32D5DF5540BCE030AFEF8A6B64259C 76800 ----a-w- C:\Windows\SysWOW64\adsmsext.dll 2017-03-25 01:30:34 579E21723234BB05DC46B19C3BC65CCD 125952 ----a-w- C:\Windows\SysWOW64\qintlgnt.ime 2017-03-25 01:30:34 474E6D5718A08617EF48699DAC1C67EE 125952 ----a-w- C:\Windows\SysWOW64\phon.ime 2017-03-25 01:30:34 435C9129A479D912F53292DBDA5B1191 125952 ----a-w- C:\Windows\SysWOW64\quick.ime 2017-03-25 01:30:34 0A8EA68893F47A4E6221280A67FC6D94 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2017-03-25 01:30:33 C8423D2FC1586DE4B31D346B2489A9BE 82944 ----a-w- C:\Windows\SysWOW64\bcrypt.dll 2017-03-25 01:30:33 31CA273CC39FB99AA8E784A190E58074 202240 ----a-w- C:\Windows\SysWOW64\input.dll 2017-03-25 01:30:33 0F9B73CA9BD4C4A2ABD7BE71CAA76695 103424 ----a-w- C:\Windows\SysWOW64\mfps.dll 2017-03-25 01:30:32 A116C624FF8D9522C0FB7271B8679075 67584 ----a-w- C:\Windows\SysWOW64\asycfilt.dll 2017-03-25 01:30:32 890C95C253D404480CD46867CB2A1D22 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2017-03-25 01:30:32 74321800F3584B7B6290C45F6A62C715 50688 ----a-w- C:\Windows\SysWOW64\appidapi.dll 2017-03-25 01:30:32 4315D6ECAE85024A0567DF2CB253B7B0 73216 ----a-w- C:\Windows\SysWOW64\msiexec.exe 2017-03-25 01:30:32 0E6A08BBAA27D52F77D5E502B13FDBFD 84992 ----a-w- C:\Windows\SysWOW64\hlink.dll 2017-03-25 01:30:31 BEB5C8CAC2EBD14295F155261F5C8762 215040 ----a-w- C:\Windows\SysWOW64\icm32.dll 2017-03-25 01:30:31 5507083BCC8EFC3E17C4A9787724F27C 481792 ----a-w- C:\Windows\SysWOW64\mscms.dll 2017-03-25 01:30:31 0E833F12D2B698604021E11AD0A7B14E 36352 ----a-w- C:\Windows\SysWOW64\cryptbase.dll 2017-03-25 01:30:30 3C48DAA0A29DCC3150CE6ABA291DB511 69120 ----a-w- C:\Windows\SysWOW64\nlsbres.dll 2017-03-25 01:30:30 148651465E24BB7D5F35FD87E5837025 504320 ----a-w- C:\Windows\SysWOW64\msscp.dll 2017-03-25 01:30:30 09D6C6EEAA6CDC8CC7E4989D8E7CA7AF 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2017-03-25 01:30:29 D9DF5C53DFE502D88A726DD6EFB3CCC3 32768 ----a-w- C:\Windows\SysWOW64\WcsPlugInService.dll 2017-03-25 01:30:29 C2E99F4D5AA70C492A6F0F5AB70ACB0E 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2017-03-25 01:30:29 B055121C3C62DD736F2A92DCA1010037 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2017-03-25 01:30:29 A8EF736348640772224859E1FEDFF7AE 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2017-03-25 01:30:29 8DD44644C93752ED10A063BEB392C560 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2017-03-25 01:30:29 57A806DF3C9F5E75B405152A5ACF71A6 265216 ----a-w- C:\Windows\SysWOW64\msnetobj.dll 2017-03-25 01:30:29 08204CB2905A1B62EA86F067526FBB84 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2017-03-25 01:30:28 B8C26E61ABBDD9F47FCA9EAA613A3A9F 23040 ----a-w- C:\Windows\SysWOW64\mfpmp.exe 2017-03-25 01:30:28 B6D5D5A08AC21B315B36849137FCF5BE 50176 ----a-w- C:\Windows\SysWOW64\rrinstaller.exe 2017-03-25 01:30:28 599F4B2D815704142A7EDD70F5C86D6D 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2017-03-25 01:30:28 45DE4000D932400D8A57CBEC8B5CA565 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2017-03-25 01:30:27 73BDA490A7B9FE900AFEF093F572EB42 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2017-03-25 01:30:27 4CFD96C18DC103E5D92E4333BB663EC1 10240 ----a-w- C:\Windows\SysWOW64\wsmplpxy.dll 2017-03-25 01:30:27 441766E9D3DC1548799F16F3B1464037 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll 2017-03-25 01:30:27 42F81C6A3835FE279B254AA2CB7B38FE 12288 ----a-w- C:\Windows\SysWOW64\wsmprovhost.exe 2017-03-25 01:30:26 FA36C46C3C35335093C36B8E28FBB0C4 8192 ----a-w- C:\Windows\SysWOW64\spwmp.dll 2017-03-25 01:30:26 9F55D5E1D7C62F51F021F2B81F51FC62 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll 2017-03-25 01:30:26 5E3D4F8374031C3BA390C5118E40F196 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2017-03-25 01:30:26 5E1AD856FC9D1676674EC08780609C1E 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll 2017-03-25 01:30:26 5E0DEF87D65768C38758254A8AB05180 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll 2017-03-25 01:30:26 1C6D96952BB8611E8FA66DFCA22340D0 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2017-03-25 01:30:25 D1231DA7AC171483B85685F0AD325DCE 54272 ----a-w- C:\Windows\SysWOW64\WsmRes.dll 2017-03-25 01:30:25 C9CE2AFB2E0CD1D4477E89D6E92B5D3A 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2017-03-25 01:30:25 C0F972C9D4E74545A94716329B28B31B 2048 ----a-w- C:\Windows\SysWOW64\mferror.dll 2017-03-25 01:30:25 A74D3086ADBC9EEBFA2CFFED5AFD3F06 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2017-03-25 01:30:25 7DE341A193485F1A1CD2B93C305E80F7 84480 ----a-w- C:\Windows\SysWOW64\INETRES.dll 2017-03-25 01:30:25 49AA29F3997392CF627767B0AD9D9CE9 25088 ----a-w- C:\Windows\SysWOW64\msimsg.dll 2017-03-25 01:30:25 3E81615CA44C00F84102079240A8048B 4096 ----a-w- C:\Windows\SysWOW64\msdxm.ocx 2017-03-25 01:30:25 3E81615CA44C00F84102079240A8048B 4096 ----a-w- C:\Windows\SysWOW64\dxmasf.dll 2017-03-25 01:30:24 C033029E10E1209B9267B9C702E273C4 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2017-03-25 01:30:24 A3D5E866C7CD38AF97DD54304674FDDB 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2017-03-25 01:29:31 ABC113054366C0102F134D181162CB86 12880384 ----a-w- C:\Windows\SysWOW64\shell32.dll 2017-03-25 01:29:30 6DDCA324434FFA506CF7DC4E51DB7935 2972672 ----a-w- C:\Windows\SysWOW64\explorer.exe 2017-03-25 01:29:29 6DDBA73DD781D6CC3CC5A2E8A3E99092 1499648 ----a-w- C:\Windows\SysWOW64\ExplorerFrame.dll 2017-03-25 01:19:25 81FCF3B7A0C63AB9C3EC37DF01C642B0 123904 ----a-w- C:\Windows\SysWOW64\poqexec.exe 2017-03-23 22:39:34 B9D5675A1B5F0098FE1C5C3751F863BE 341144 ----a-w- C:\Windows\SysWOW64\SRCOM.dll 2017-03-23 22:39:31 027845033298DF6DAAB213ACE979E0F5 83624 ----a-w- C:\Windows\SysWOW64\SFCOM.dll 2017-03-23 22:39:30 AFD0A39EDA2ED8A3D09EC733C3A484B3 866096 ----a-w- C:\Windows\SysWOW64\SEHDHF32.dll 2017-03-23 22:39:30 9F3DC9A0FECDE8E8F5D3EAE3BBC773B1 726112 ----a-w- C:\Windows\SysWOW64\SECOMN32.dll 2017-03-23 22:39:22 50ECC3A638E08F75608E6EA5D34146DC 2830480 ----a-w- C:\Windows\SysWOW64\RltkAPO.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2017-03-25 01:37:46 C17021807EEDE0695C1389EDDF06E425 37888 ----a-w- C:\Windows\Sysnative\wuapp.exe 2017-03-25 01:37:46 9A61B81B35B13ECAF2965B4371AF75C8 91136 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll 2017-03-25 01:37:46 8D85C1A3A9ABBF017E91CCE4F7B5C8EB 3156480 ----a-w- C:\Windows\Sysnative\wucltux.dll 2017-03-25 01:37:46 34356D8A4183B33E8097A3D80833FAAE 140288 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2017-03-25 01:37:45 82BADDAAC75360E26A0401EDEB11A1B8 709120 ----a-w- C:\Windows\Sysnative\wuapi.dll 2017-03-25 01:37:45 32F45ACEAEE42571D073B5B7BB472C99 98816 ----a-w- C:\Windows\Sysnative\wudriver.dll 2017-03-25 01:37:45 31F32E0C1A8BA9A37EEC23DE5F27F847 2607104 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2017-03-25 01:37:45 06D4BE9539D4CC0236272782E2257401 192512 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2017-03-25 01:37:42 9BA64DDB52B87FAC36C46886CFCA4C2B 37888 ----a-w- C:\Windows\Sysnative\wups2.dll 2017-03-25 01:37:42 4079968F0045D92422F720BB51C79F9F 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll 2017-03-25 01:37:42 23257822EAF8FC8CD4D683A1A82AA3AF 36864 ----a-w- C:\Windows\Sysnative\wups.dll 2017-03-25 01:35:57 799E20ADF08BB7EB5D0FF784C311F4B3 275456 ----a-w- C:\Windows\Sysnative\InkEd.dll 2017-03-25 01:31:07 BD8EC5815EFDD861C2EDB2ECC34A17A3 2895360 ----a-w- C:\Windows\Sysnative\iertutil.dll 2017-03-25 01:31:06 EA7854E2E68FE4D708BB9295C36C630D 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2017-03-25 01:31:06 C0C8D40056C36D3FF3D662DEBDD70B41 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2017-03-25 01:31:06 67D58D0AE663968039D06C3F138B3FC9 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2017-03-25 01:31:05 AB5576121AEC5386E15E6DCE469BB3C4 725504 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2017-03-25 01:31:05 A661B5183C88B8E6F8F54973D26BFE91 41984 ----a-w- C:\Windows\Sysnative\UtcResources.dll 2017-03-25 01:31:05 9252BB49336BB72C9C4D61888E82C16C 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2017-03-25 01:31:05 5AE0D30D2E8FCA7FA518D61BA3FB1187 107520 ----a-w- C:\Windows\Sysnative\inseng.dll 2017-03-25 01:31:04 4FC6F0C1B2A650029A419E5DFE2E9DA6 152064 ----a-w- C:\Windows\Sysnative\occache.dll 2017-03-25 01:31:03 EE9954237F15BE4DD9304D12E4D305ED 1386496 ----a-w- C:\Windows\Sysnative\diagtrack.dll 2017-03-25 01:31:03 B205415BDDC814679992B63B7927144B 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2017-03-25 01:31:03 7CFD2058D927ACA68D51C47490CC0A4F 394448 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2017-03-25 01:31:03 46FE9F2A19B3FCD631A4ED1C8C842EC6 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll 2017-03-25 01:31:02 EB40CBF1CF1004F7ED3D8D1815CEE842 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2017-03-25 01:31:02 DB80FD778F60133BF090CD7209EFAC03 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2017-03-25 01:31:02 30B22D4A7A47808A68A17FA24E39C990 315392 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2017-03-25 01:31:02 157936DD62B473A865D40123D5B8D194 806912 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2017-03-25 01:31:01 F225DEB52E3757EF629E59F22210D5E7 2131456 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2017-03-25 01:31:01 CDC403D0FC184B60F9D7295CB73CB633 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2017-03-25 01:31:00 C8CC071C009BCC47FD9CFB9312A30DC0 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2017-03-25 01:31:00 96FAB849FA00BDA629163ED8C75B185A 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2017-03-25 01:31:00 07A1471F80C70005C26C30885881E61D 576512 ----a-w- C:\Windows\Sysnative\vbscript.dll 2017-03-25 01:30:59 CFCB51E23DE4C10C05E6AFDC3CCF79CD 615936 ----a-w- C:\Windows\Sysnative\ieui.dll 2017-03-25 01:30:59 B5C8FC8ED30F72AFF207D1D5AF157299 489984 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2017-03-25 01:30:59 A1503E5D68A70E981474B89962F40A56 15259648 ----a-w- C:\Windows\Sysnative\ieframe.dll 2017-03-25 01:30:58 F73C6166B2B0978ADEE9D1804EF65AE0 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2017-03-25 01:30:58 920B71762AF7A6862F6971B8BCF82FD2 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2017-03-25 01:30:58 7ED0E921CD031A07CD534B14DFFF5342 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2017-03-25 01:30:58 4B3FEAA7CBF7DFDE93A3909CD432536D 817664 ----a-w- C:\Windows\Sysnative\jscript.dll 2017-03-25 01:30:58 3B6F83F5EE839C54B621F22CC07F1F92 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2017-03-25 01:30:57 A2A8C55D8C460CC4C0F28ADF45798069 6045696 ----a-w- C:\Windows\Sysnative\jscript9.dll 2017-03-25 01:30:57 46A4518E11FE8F136F14B8DD6F6AD3DC 417792 ----a-w- C:\Windows\Sysnative\html.iec 2017-03-25 01:30:57 12A878FBA402BA816EE868A423613A1B 3241984 ----a-w- C:\Windows\Sysnative\wininet.dll 2017-03-25 01:30:56 F1F004FA94F13DFC83DDA232326158A7 25746944 ----a-w- C:\Windows\Sysnative\mshtml.dll 2017-03-25 01:30:56 C2FB309423A66BB72FCA47E5E079F8A6 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2017-03-25 01:30:56 04935CAF11EDC348B4B615009C0EB637 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2017-03-25 01:30:55 1539E704316A2E9576F8557AD58B8764 14632960 ----a-w- C:\Windows\Sysnative\wmp.dll 2017-03-25 01:30:54 E1ED97AA716C2C42FBD507F2FABE708A 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2017-03-25 01:30:52 CF0108CBA6D1860563BA20E3D74C6646 1180160 ----a-w- C:\Windows\Sysnative\FntCache.dll 2017-03-25 01:30:52 9BFD7573A63315FE03FE636D9B739729 4121600 ----a-w- C:\Windows\Sysnative\mf.dll 2017-03-25 01:30:52 3FEC9281BCBFF170A34691D25F1C7667 1648128 ----a-w- C:\Windows\Sysnative\DWrite.dll 2017-03-25 01:30:52 255165A61A656F9F4157AF45536FF698 5548264 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2017-03-25 01:30:50 FB442A0B6833A871BDDE927A9E72E063 842240 ----a-w- C:\Windows\Sysnative\blackbox.dll 2017-03-25 01:30:50 EBDA1B0F15CB9B2CBCC6C94824E4E054 2023424 ----a-w- C:\Windows\Sysnative\WsmSvc.dll 2017-03-25 01:30:50 A81EFD2BF60C73A090C276AEC02A68D1 1202176 ----a-w- C:\Windows\Sysnative\drmv2clt.dll 2017-03-25 01:30:50 6CCAD181B5120CD5822D91A5583907F1 3649536 ----a-w- C:\Windows\Sysnative\MSVidCtl.dll 2017-03-25 01:30:50 3E64CB38D9F567DF2D7F3576EC258BE6 3220480 ----a-w- C:\Windows\Sysnative\win32k.sys 2017-03-25 01:30:49 439B0973C025FF5663A07D76FAB85EE2 3244032 ----a-w- C:\Windows\Sysnative\msi.dll 2017-03-25 01:30:48 BBF25B345B457322618E28585B6AD93C 461312 ----a-w- C:\Windows\Sysnative\scavengeui.dll 2017-03-25 01:30:48 379B8ACC7646F1309559F2AFB0AD48F0 1483264 ----a-w- C:\Windows\Sysnative\crypt32.dll 2017-03-25 01:30:48 2D7984E5338364234FB69BC7A1D3F8D9 1732864 ----a-w- C:\Windows\Sysnative\ntdll.dll 2017-03-25 01:30:48 0DEABF2C4569C12897CB4CD733D170F0 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2017-03-25 01:30:47 E8E711A87E873DCF40AECFBE74942C0D 1212928 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2017-03-25 01:30:47 8567C536C923941859615E0377EFF06A 877056 ----a-w- C:\Windows\Sysnative\oleaut32.dll 2017-03-25 01:30:47 8170DC98A586807273E2B8AE4353B91D 782848 ----a-w- C:\Windows\Sysnative\wmdrmsdk.dll 2017-03-25 01:30:47 65AFF15AB5EE98A2A025F9BBB7BFD0BD 1887744 ----a-w- C:\Windows\Sysnative\msxml3.dll 2017-03-25 01:30:46 D0A4CF477BC7D450F4BFD33699876C7B 345600 ----a-w- C:\Windows\Sysnative\schannel.dll 2017-03-25 01:30:46 C6F9222F39A035540D6D53C139C5740C 499712 ----a-w- C:\Windows\Sysnative\AUDIOKSE.dll 2017-03-25 01:30:46 C44560F142B85256707D688EEA23AC61 1941504 ----a-w- C:\Windows\Sysnative\authui.dll 2017-03-25 01:30:46 B0AAC0EC505E747596CF0AB2F8649170 730624 ----a-w- C:\Windows\Sysnative\kerberos.dll 2017-03-25 01:30:46 7F0729442EADB6425634505B743398F0 221184 ----a-w- C:\Windows\Sysnative\UIAnimation.dll 2017-03-25 01:30:46 7AED4A1659AAA0EC8F4C7AE58B8C560A 756736 ----a-w- C:\Windows\Sysnative\win32spl.dll 2017-03-25 01:30:46 67C717EC24FCAAE7B518D9E06AD036AB 680448 ----a-w- C:\Windows\Sysnative\audiosrv.dll 2017-03-25 01:30:46 27BACCB4856BEC0DD4A794531BB13AAA 1068544 ----a-w- C:\Windows\Sysnative\msctf.dll 2017-03-25 01:30:45 EE841B6D1F2B9508D3ABAE52AC05A94F 263680 ----a-w- C:\Windows\Sysnative\WebClnt.dll 2017-03-25 01:30:45 8D81291A03E00B76A14A4324FACE8487 878080 ----a-w- C:\Windows\Sysnative\IMJP10K.DLL 2017-03-25 01:30:45 88B02459B2E7FB56A9C64B36545D6AB8 632320 ----a-w- C:\Windows\Sysnative\evr.dll 2017-03-25 01:30:45 879F46C608C08E5FC24E0B9952E7E60E 497664 ----a-w- C:\Windows\Sysnative\drmmgrtn.dll 2017-03-25 01:30:45 67BACF78C7034AA407933BAD373B35FF 382696 ----a-w- C:\Windows\Sysnative\atmfd.dll 2017-03-25 01:30:45 441396172BF44FDADE2F3E4A0D89BCB4 880640 ----a-w- C:\Windows\Sysnative\advapi32.dll 2017-03-25 01:30:44 D02200FD73974A81F4C082C10B8A4C62 347136 ----a-w- C:\Windows\Sysnative\WSManMigrationPlugin.dll 2017-03-25 01:30:44 BEAF50AC3812C2D5809BAD0E2D04303E 310784 ----a-w- C:\Windows\Sysnative\WsmWmiPl.dll 2017-03-25 01:30:44 B8E545B9D9251D0EBCBFE39B45D15461 706792 ----a-w- C:\Windows\Sysnative\winload.efi 2017-03-25 01:30:44 A7B718F87A0FC44F9A53F1DB6DC7375A 631176 ----a-w- C:\Windows\Sysnative\winresume.efi 2017-03-25 01:30:44 9A2627F21BA3721FB8B2FAC05918CEB0 419840 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2017-03-25 01:30:44 77A271A950ADA116D6D740AC1466F520 633296 ----a-w- C:\Windows\Sysnative\winload.exe 2017-03-25 01:30:43 7EF99CA400C75A3FACD5986DFB0FD10D 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll 2017-03-25 01:30:43 6D336EFEEC96A80FC3532F6201730104 229376 ----a-w- C:\Windows\Sysnative\wintrust.dll 2017-03-25 01:30:43 584B8BAFF425BBD8F8A9A10CD49A0A32 316928 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2017-03-25 01:30:43 34BA256FBF83457F9D5E51A56DB54542 1009152 ----a-w- C:\Windows\Sysnative\user32.dll 2017-03-25 01:30:43 2C6632CECFDBBE793FDA8AF9CA55A9CC 190976 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2017-03-25 01:30:42 8BF9B33C595DD7382068F5BA5D372C5C 371712 ----a-w- C:\Windows\Sysnative\qdvd.dll 2017-03-25 01:30:42 571DA0C23404613A97FD06F940C81959 266752 ----a-w- C:\Windows\Sysnative\WSManHTTPConfig.exe 2017-03-25 01:30:42 3D67C27DD17B254D7915FA16A5AE3573 370920 ----a-w- C:\Windows\Sysnative\clfs.sys 2017-03-25 01:30:42 3B5411975BE627B9A705F76B82E0DA87 1068544 ----a-w- C:\Windows\Sysnative\cryptui.dll 2017-03-25 01:30:42 00BAC0B1E25713B5AEE92574210F0797 803328 ----a-w- C:\Windows\Sysnative\usp10.dll 2017-03-25 01:30:41 FBE484A6F52433170CAE73EC61A6018E 440320 ----a-w- C:\Windows\Sysnative\AudioEng.dll 2017-03-25 01:30:41 5B99E5F8CE20D32910FDA3EB9175FED6 1574912 ----a-w- C:\Windows\Sysnative\quartz.dll 2017-03-25 01:30:41 2188DE5FA5C741FB2B81EB9F37D26BA7 433152 ----a-w- C:\Windows\Sysnative\mfplat.dll 2017-03-25 01:30:40 F620F03630DD4BEAB76AC7246CB1B563 182272 ----a-w- C:\Windows\Sysnative\WsmAuto.dll 2017-03-25 01:30:40 DA9178604B988BF067BED58A3AB5D981 141824 ----a-w- C:\Windows\Sysnative\cryptnet.dll 2017-03-25 01:30:40 ABE3A0BCB2D57A5FE2B11545C066E148 108544 ----a-w- C:\Windows\Sysnative\davclnt.dll 2017-03-25 01:30:40 774A965EE0932641E0ABE88EB3FE7D12 295936 ----a-w- C:\Windows\Sysnative\AudioSes.dll 2017-03-25 01:30:40 3CD83692C43D87088E85E3C916146FFB 187904 ----a-w- C:\Windows\Sysnative\pcasvc.dll 2017-03-25 01:30:39 CB78427E136C6ABD3BAD4F8BD76B571C 190464 ----a-w- C:\Windows\Sysnative\rpchttp.dll 2017-03-25 01:30:39 79FED832C161DFA33201352891478D7F 419648 ----a-w- C:\Windows\Sysnative\locale.nls 2017-03-25 01:30:38 D45F8F5E0F5DBE8E5D1BDCCBFC89535D 405504 ----a-w- C:\Windows\Sysnative\gdi32.dll 2017-03-25 01:30:38 AC2E7152124CEED36846BD1B6592A00F 128512 ----a-w- C:\Windows\Sysnative\msiexec.exe 2017-03-25 01:30:38 96444A8B9376FA8154C0564E2577B7D8 284672 ----a-w- C:\Windows\Sysnative\EncDump.dll 2017-03-25 01:30:38 950C789B865F8BE63D034F178CB2FBE8 312320 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2017-03-25 01:30:37 BDDD20CEB520E59863C62BA74CDBA997 114408 ----a-w- C:\Windows\Sysnative\consent.exe 2017-03-25 01:30:37 A5D19345AE598AAB59F7160B0A8EE206 12574720 ----a-w- C:\Windows\Sysnative\wmploc.DLL 2017-03-25 01:30:37 7F2C1431B04E5F946740A5369F936955 690688 ----a-w- C:\Windows\Sysnative\adtschema.dll 2017-03-25 01:30:37 67A57A47EB806E1064A81A9B2291BD7A 346112 ----a-w- C:\Windows\Sysnative\bcdedit.exe 2017-03-25 01:30:37 55123EEC2DD8769E1425A2F5C920AE2B 206848 ----a-w- C:\Windows\Sysnative\mfps.dll 2017-03-25 01:30:37 0FFB69DB76B14FC1C7C035CB97E6B930 463872 ----a-w- C:\Windows\Sysnative\certcli.dll 2017-03-25 01:30:36 FF264858C5F34460BF7378F8B0C44F54 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2017-03-25 01:30:36 D204193AE858F18F901EF2B004A01CD6 125952 ----a-w- C:\Windows\Sysnative\audiodg.exe 2017-03-25 01:30:36 83C5ECD350D3A526EDCCA7D6100CECD7 976896 ----a-w- C:\Windows\Sysnative\inetcomm.dll 2017-03-25 01:30:36 62589BC2175B1B7025FD679EDB60213C 176128 ----a-w- C:\Windows\Sysnative\tintlgnt.ime 2017-03-25 01:30:36 1B48180971A608CF02118B164AEDC21C 148480 ----a-w- C:\Windows\Sysnative\appidpolicyconverter.exe 2017-03-25 01:30:35 EBDF13A76F776A46D8ACC6D9A9FA6E29 175104 ----a-w- C:\Windows\Sysnative\qintlgnt.ime 2017-03-25 01:30:35 E75C0FEF3E9DF899A58657C2D1115DB7 81920 ----a-w- C:\Windows\Sysnative\cryptsp.dll 2017-03-25 01:30:35 C5D926B411F7D1AF7933D93CAD77A4F0 1148416 ----a-w- C:\Windows\Sysnative\IMJP10.IME 2017-03-25 01:30:35 C1EDF38682613357B9B6393BDA8C7F4B 132608 ----a-w- C:\Windows\Sysnative\pintlgnt.ime 2017-03-25 01:30:35 B68AD91370FA58C1296DE9086BB4BA0A 215552 ----a-w- C:\Windows\Sysnative\winsrv.dll 2017-03-25 01:30:35 906414D610D234B69B9C000C5293A42C 175104 ----a-w- C:\Windows\Sysnative\cintlgnt.ime 2017-03-25 01:30:35 75A332618B54FE93AC2CABC27D5D8C37 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2017-03-25 01:30:35 526E62DEF3A178FF5BD920486A1E3FE8 175104 ----a-w- C:\Windows\Sysnative\quick.ime 2017-03-25 01:30:35 4B913C4E7EACC3A2441C78864DFA6D17 175104 ----a-w- C:\Windows\Sysnative\chajei.ime 2017-03-25 01:30:35 0622A1F4DBC57DB61D9C6F137E3188AE 175104 ----a-w- C:\Windows\Sysnative\phon.ime 2017-03-25 01:30:34 DE23E052E557580674785CDF45B613F3 70144 ----a-w- C:\Windows\Sysnative\appinfo.dll 2017-03-25 01:30:34 9880BD74BE764D04F303C03DB821FD7A 107520 ----a-w- C:\Windows\Sysnative\adsmsext.dll 2017-03-25 01:30:34 46650DE9BE080540F986433FB1802876 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2017-03-25 01:30:34 35659950FD28BFE314EC794166CAAB61 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2017-03-25 01:30:34 27F0DB1D8BC55C1073BC956262B3AEE8 210432 ----a-w- C:\Windows\Sysnative\wdigest.dll 2017-03-25 01:30:34 02B60F8FA4BAB8DC3B14782A7E60564B 34816 ----a-w- C:\Windows\Sysnative\appidsvc.dll 2017-03-25 01:30:33 CE476F23405AADC46039AC13127DF473 338432 ----a-w- C:\Windows\Sysnative\conhost.exe 2017-03-25 01:30:33 C6E26D95BEE05EDC8192D4EA582BBC0D 84992 ----a-w- C:\Windows\Sysnative\asycfilt.dll 2017-03-25 01:30:33 59445F8624C077BE502E190826D25B9F 123904 ----a-w- C:\Windows\Sysnative\bcrypt.dll 2017-03-25 01:30:33 47CF5397595827DD5E63D6E4115171DE 246784 ----a-w- C:\Windows\Sysnative\input.dll 2017-03-25 01:30:32 FAF3A8ED74438524DD041DFC8F705E8F 457216 ----a-w- C:\Windows\Sysnative\imkr80.ime 2017-03-25 01:30:32 FA5DB1F2D5E849E683C2DDDBF0CDE8E7 641024 ----a-w- C:\Windows\Sysnative\msscp.dll 2017-03-25 01:30:32 EB076BC497AEBB367B6FDCA38B759956 109568 ----a-w- C:\Windows\Sysnative\hlink.dll 2017-03-25 01:30:32 E7E48873829037FD33C7F88F51409032 44032 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2017-03-25 01:30:32 903AEA40BBF5A80A533FCB6961AB8B1E 250880 ----a-w- C:\Windows\Sysnative\icm32.dll 2017-03-25 01:30:32 3C6F193248CED4B13BCF73DE981A60CC 59904 ----a-w- C:\Windows\Sysnative\appidapi.dll 2017-03-25 01:30:32 192B3B21FDDBC21AA3E8ADFE8ADBC9AA 625664 ----a-w- C:\Windows\Sysnative\mscms.dll 2017-03-25 01:30:31 CC9D27AE621DFA994F06DC2779EC84A2 43520 ----a-w- C:\Windows\Sysnative\cryptbase.dll 2017-03-25 01:30:31 BC39870DE7CE2C2D8995C024F6152480 504320 ----a-w- C:\Windows\Sysnative\msihnd.dll 2017-03-25 01:30:31 A5D4ABE6ED23200DEEED3969421B1B4D 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2017-03-25 01:30:31 94EABE53D891DD70BD86E71BC66CEAB5 17920 ----a-w- C:\Windows\Sysnative\appidcertstorecheck.exe 2017-03-25 01:30:31 18F07105165405B192B70C6D83C277EC 112640 ----a-w- C:\Windows\Sysnative\smss.exe 2017-03-25 01:30:30 CA69E856332E2D85294665F6B7E97254 30720 ----a-w- C:\Windows\Sysnative\lsass.exe 2017-03-25 01:30:30 74033C3E75522F7707DFFAB1A169561B 69120 ----a-w- C:\Windows\Sysnative\nlsbres.dll 2017-03-25 01:30:30 5BB200BCAB35AF071C041FD478699358 325632 ----a-w- C:\Windows\Sysnative\msnetobj.dll 2017-03-25 01:30:30 404A0BC508274147067513D6CBA97DAB 135680 ----a-w- C:\Windows\Sysnative\sspicli.dll 2017-03-25 01:30:30 322ECB06DBD9932DB9A33DA98EC507A7 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2017-03-25 01:30:29 BC00873272B3771CCDA38336AF2B4D4B 40960 ----a-w- C:\Windows\Sysnative\WcsPlugInService.dll 2017-03-25 01:30:29 A9B5015BF958CA00BB3C0CA1A6ADCD07 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2017-03-25 01:30:29 A2D4C84FB6D01FCCF26C896C170AE117 37376 ----a-w- C:\Windows\Sysnative\pcadm.dll 2017-03-25 01:30:29 9C81C95036CCAD8934094A964833FCBF 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2017-03-25 01:30:29 55A24039653DA9EA95B0DF78F58AB06B 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2017-03-25 01:30:29 44A32C8651E53CA97E5A19025472A5DD 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2017-03-25 01:30:29 401B0E3E28D1B06F4B94B6525C234FF7 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2017-03-25 01:30:28 CBD0E56A0B75697C55933C32DB28588D 55808 ----a-w- C:\Windows\Sysnative\rrinstaller.exe 2017-03-25 01:30:28 AA1511B6284FA984305DA2D673B86ABE 24576 ----a-w- C:\Windows\Sysnative\mfpmp.exe 2017-03-25 01:30:28 31F6711317B39A232E388828A671A32E 63488 ----a-w- C:\Windows\Sysnative\setbcdlocale.dll 2017-03-25 01:30:27 FFBA0B0CD143EFB3EF4E5EF2ECC5F200 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll 2017-03-25 01:30:27 C6CA690108CD85F91D11EC49340D651F 9728 ----a-w- C:\Windows\Sysnative\pcalua.exe 2017-03-25 01:30:27 BA73F824C3C4943EC46BF1E908B7A61E 28672 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2017-03-25 01:30:27 AE1E16AACBFA9EC432C1E65847CB077A 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll 2017-03-25 01:30:27 9266E0DD597F313882AC3BE3D0A4FFB5 11264 ----a-w- C:\Windows\Sysnative\pcawrk.exe 2017-03-25 01:30:27 72164450A57F51D1100D982D84A9C976 41472 ----a-w- C:\Windows\Sysnative\lpk.dll 2017-03-25 01:30:27 4D7B44D937F9B927E8DD8FCCE395E886 11264 ----a-w- C:\Windows\Sysnative\msmmsp.dll 2017-03-25 01:30:27 4AB1E1E0ECF0BD2686574A0AD7DD4AA6 13824 ----a-w- C:\Windows\Sysnative\wsmprovhost.exe 2017-03-25 01:30:27 0DDDBF9B5EB614966C82069C1A30E5C4 12800 ----a-w- C:\Windows\Sysnative\wsmplpxy.dll 2017-03-25 01:30:26 EFC4DB251FF89949CC892AE025FED9D5 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll 2017-03-25 01:30:26 EAB56B1ABB511154630D149938359C88 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll 2017-03-25 01:30:26 D198B3EB6CA58D957F1791596A0A9221 9728 ----a-w- C:\Windows\Sysnative\spwmp.dll 2017-03-25 01:30:26 A5BCBA42E3D095EA64A46BE8336E32C0 5120 ----a-w- C:\Windows\Sysnative\msdxm.ocx 2017-03-25 01:30:26 A5BCBA42E3D095EA64A46BE8336E32C0 5120 ----a-w- C:\Windows\Sysnative\dxmasf.dll 2017-03-25 01:30:26 3B47D2ACF3D0005DAA62504AF82E3837 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll 2017-03-25 01:30:25 BA593BE5CDE09C8C2C4A358E654BC7C8 84480 ----a-w- C:\Windows\Sysnative\INETRES.dll 2017-03-25 01:30:25 A75960CA7EEA8E23F97986984BB67899 8704 ----a-w- C:\Windows\Sysnative\pcaevts.dll 2017-03-25 01:30:25 A0B5A130AFE29CCF62889808B0120515 54272 ----a-w- C:\Windows\Sysnative\WsmRes.dll 2017-03-25 01:30:25 32F5B725B0A52DE93B62A0F7B4197957 2048 ----a-w- C:\Windows\Sysnative\mferror.dll 2017-03-25 01:30:25 1CE0123D32E8EF0B3F2C1A4BB816AFDC 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2017-03-25 01:30:25 0E7257A86BB4BD0D61271BE578981737 25088 ----a-w- C:\Windows\Sysnative\msimsg.dll 2017-03-25 01:30:24 C1159189C928985FF9302719A79D2F25 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2017-03-25 01:30:24 0F988A3924AAF91267BF5E5E331BBD2B 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2017-03-25 01:29:32 F7961998A082806CF71CF63F0E81EAC8 14183424 ----a-w- C:\Windows\Sysnative\shell32.dll 2017-03-25 01:29:30 BCFAF911FE43F80124C3A68BB07130A9 1867776 ----a-w- C:\Windows\Sysnative\ExplorerFrame.dll 2017-03-25 01:19:25 126EB6B7C25D25ADB55D555E36EB4ABC 142336 ----a-w- C:\Windows\Sysnative\poqexec.exe 2017-03-23 22:39:37 33E78873083920A940DE13876434C20C 15202032 ----a-w- C:\Windows\Sysnative\YamahaAE3.dll 2017-03-23 22:39:36 CF342AF4279B262CABE68F4D450E5E31 3299816 ----a-w- C:\Windows\Sysnative\YamahaAE2.dll 2017-03-23 22:39:36 ABCB40F5FC01A4031BA6AAD92532F214 447176 ----a-w- C:\Windows\Sysnative\toseaeapo64.dll 2017-03-23 22:39:36 463BC99F36051E6D045E5C001D1FAE2C 601144 ----a-w- C:\Windows\Sysnative\tossaemaxapo64.dll 2017-03-23 22:39:36 419B4734E0A71DAA799CEF21EF7ACD5E 2110592 ----a-w- C:\Windows\Sysnative\WavesGUILib64.dll 2017-03-23 22:39:36 33883F7CFBA9F71F4AC87AE169B9CBC4 1337640 ----a-w- C:\Windows\Sysnative\tossaeapo64.dll 2017-03-23 22:39:36 0A512416BC6151EC3990676C0D98A2C8 2190984 ----a-w- C:\Windows\Sysnative\YamahaAE.dll 2017-03-23 22:39:35 D434CCA73B8F75F7BE55649FEFDA9C97 1382232 ----a-w- C:\Windows\Sysnative\tosade.dll 2017-03-23 22:39:35 CCEA5412B4F9F6CF1EDCE8034466FF96 571376 ----a-w- C:\Windows\Sysnative\tbb_waves.dll 2017-03-23 22:39:35 B3ECD5D0D6AFBB68FB51DFADC9641657 962128 ----a-w- C:\Windows\Sysnative\tosasfapo64.dll 2017-03-23 22:39:35 90AE833F2F5AF39A9E6E6B459147A644 75536 ----a-w- C:\Windows\Sysnative\tepeqapo64.dll 2017-03-23 22:39:35 7ACA6739138A1C63F4646582CAACA2F3 873464 ----a-w- C:\Windows\Sysnative\tadefxapo264.dll 2017-03-23 22:39:35 6B2660C5CC178AC34D1D2EE5B3186B71 158696 ----a-w- C:\Windows\Sysnative\tadefxapo.dll 2017-03-23 22:39:35 606737E65B40CB7241E4DECA2E77A972 166200 ----a-w- C:\Windows\Sysnative\SRSWOW64.dll 2017-03-23 22:39:35 5D839D25268FD52928AD5000A7E30D66 532376 ----a-w- C:\Windows\Sysnative\SRSTSX64.dll 2017-03-23 22:39:34 F063BF58ABFE8BDD566F568C0ED42D8B 467152 ----a-w- C:\Windows\Sysnative\SRAPO64.dll 2017-03-23 22:39:34 B9D5675A1B5F0098FE1C5C3751F863BE 341144 ----a-w- C:\Windows\Sysnative\SRCOM.dll 2017-03-23 22:39:34 ABAB8F14DF3BF0AA14978A91E5DED672 381408 ----a-w- C:\Windows\Sysnative\SRCOM64.dll 2017-03-23 22:39:34 41BB0624340B07E9DF507D6507107127 221968 ----a-w- C:\Windows\Sysnative\SRSTSH64.dll 2017-03-23 22:39:34 0D94C1BE16C92CC5E55111FBCAEA4CE9 209536 ----a-w- C:\Windows\Sysnative\SRSHP64.dll 2017-03-23 22:39:34 0ADD9332A7E05124A1CEE8EAB25F0DCB 1435136 ----a-w- C:\Windows\Sysnative\SRRPTR64.dll 2017-03-23 22:39:33 73C5B0085B0DAD66F13F8F315F674AAD 258864 ----a-w- C:\Windows\Sysnative\slprp64.dll 2017-03-23 22:39:33 33AD112CBFAE25A48F66754CD697CD6A 3122656 ----a-w- C:\Windows\Sysnative\sltech64.dll 2017-03-23 22:39:32 D230DC7D780494EE968450BD51318786 984912 ----a-w- C:\Windows\Sysnative\sl3apo64.dll 2017-03-23 22:39:32 9B880694E3968063D8DEB3F354037501 965024 ----a-w- C:\Windows\Sysnative\SFSS_APO.dll 2017-03-23 22:39:32 0D48472A9BA217622670D118EF5F9ADB 3410832 ----a-w- C:\Windows\Sysnative\slcnt64.dll 2017-03-23 22:39:31 CC76B688BEFAA345A2B704201F42207C 231912 ----a-w- C:\Windows\Sysnative\SFNHK64.dll 2017-03-23 22:39:31 B2073558889E8C6C99ECEE95B4C40236 90912 ----a-w- C:\Windows\Sysnative\SFCOM64.dll 2017-03-23 22:39:31 1D283A23C13039CA65805360CF3119CF 88320 ----a-w- C:\Windows\Sysnative\SFAPO64.dll 2017-03-23 22:39:30 C403E3F155BAF3630C15E1BFF04F24FC 859912 ----a-w- C:\Windows\Sysnative\SEHDRA64.dll 2017-03-23 22:39:30 88D7F1B402120229253699565BD2D395 1003512 ----a-w- C:\Windows\Sysnative\SEHDHF64.dll 2017-03-23 22:39:30 843FE27BD761D6894883797F1DD68DAA 854208 ----a-w- C:\Windows\Sysnative\SECOMN64.dll 2017-03-23 22:39:30 6BE1D89F0102B4BB7E5B23CFF8556F88 3014144 ----a-w- C:\Windows\Sysnative\RTSnMg64.cpl 2017-03-23 22:39:30 56B8B5761E1C2DE9C37C9EFB1E768F34 514872 ----a-w- C:\Windows\Sysnative\SEAPO64.dll 2017-03-23 22:39:30 37E99DCBBAA40AB5966769880DC08EFD 3203584 ----a-w- C:\Windows\Sysnative\RtPgEx64.dll 2017-03-23 22:39:28 BA1F74C16C0AC369216B809EFAD0C836 343704 ----a-w- C:\Windows\Sysnative\RtlCPAPI64.dll 2017-03-23 22:39:26 BBD25408971283FF3DAFCBFF5E7AC69E 88344 ----a-w- C:\Windows\Sysnative\RTEEG64A.dll 2017-03-23 22:39:26 741955555F45C5F47D6842C6A76E5DC8 23688 ----a-w- C:\Windows\Sysnative\RtkCoLDR64.dll 2017-03-23 22:39:26 6D9AE97FC54523EF6AEB33176857D43F 192976 ----a-w- C:\Windows\Sysnative\RtkCfg64.dll 2017-03-23 22:39:26 6761F8FDE0D4E40C0414F9EC12E6E734 110984 ----a-w- C:\Windows\Sysnative\RTEEL64A.dll 2017-03-23 22:39:26 527F2EF29CA7F7EA273250BFB1FC7475 387312 ----a-w- C:\Windows\Sysnative\RTEEP64A.dll 2017-03-23 22:39:26 0AF43C2537EE0300850752BC153A2A93 3503048 ----a-w- C:\Windows\Sysnative\RtkApi64.dll 2017-03-23 22:39:25 D809CF13963A6C8DA4D50BF77A75C62A 689880 ----a-w- C:\Windows\Sysnative\RtDataProc64.dll 2017-03-23 22:39:25 34B8A5B099CFEE287F859ED58D73A77E 214832 ----a-w- C:\Windows\Sysnative\RTEED64A.dll 2017-03-23 22:39:24 D59D2466B5640AD73B03B15A771040C5 321712 ----a-w- C:\Windows\Sysnative\RP3DHT64.dll 2017-03-23 22:39:24 47BB37B5AC3FDDD8D7330905CAC0781A 1353824 ----a-w- C:\Windows\Sysnative\RTCOM64.dll 2017-03-23 22:39:24 3498F4B440FC63AB55EEEEF90E5C25D4 321712 ----a-w- C:\Windows\Sysnative\RP3DAA64.dll 2017-03-23 22:39:23 D1F1A94CBA3EA34EFDC3781E4F5CDD45 3203424 ----a-w- C:\Windows\Sysnative\RltkAPO64.dll 2017-03-23 22:39:20 AD5F3ED4D0663B8078EDD29357431975 72520712 ----a-w- C:\Windows\Sysnative\RCoRes64.dat 2017-03-23 22:39:20 19A57878C198E339B11AB31D05A676A2 2201600 ----a-w- C:\Windows\Sysnative\RCoInstII64.dll 2017-03-23 22:39:19 CAEFD951EC111D63F5FA9DB85347B00D 134200 ----a-w- C:\Windows\Sysnative\R4EEA64A.dll 2017-03-23 22:39:19 B26F138415103FDB4DE3E74430812E94 84616 ----a-w- C:\Windows\Sysnative\R4EEG64A.dll 2017-03-23 22:39:19 7029297D5211F3FC58C41B896758D43E 151784 ----a-w- C:\Windows\Sysnative\R4EEL64A.dll 2017-03-23 22:39:19 22AE35C1982E93FE00BE49C87B7E6C91 7172912 ----a-w- C:\Windows\Sysnative\R4EEP64A.dll 2017-03-23 22:39:19 0956E952854B70BF9E3215FB555BA67C 447720 ----a-w- C:\Windows\Sysnative\R4EED64A.dll 2017-03-23 22:39:18 ED7057490C57F7EB663EC22564639228 5922376 ----a-w- C:\Windows\Sysnative\NAHIMICV2apo.dll 2017-03-23 22:39:18 8F63D76AF48A681D6ACA436A313DE187 6244200 ----a-w- C:\Windows\Sysnative\NAHIMICV3apo.dll 2017-03-23 22:39:18 5AD5BFA1BF62522F2C8A5A7D74D85446 923736 ----a-w- C:\Windows\Sysnative\MISS_APO.dll 2017-03-23 22:39:18 2DDDEE0C8940B38CB990554F8DD9F2CE 5593608 ----a-w- C:\Windows\Sysnative\NAHIMICAPOlfx.dll 2017-03-23 22:39:18 0E982B9701B0C60EF6E185C2DBAC84F3 1003856 ----a-w- C:\Windows\Sysnative\NahimicAPONSControl.dll 2017-03-23 22:39:14 1F08D75D15BBBD53A4400C30E132A0CB 677672 ----a-w- C:\Windows\Sysnative\MaxxVolumeSDAPO.dll 2017-03-23 22:39:11 ABF786F5FD3A0D0955B4A15D6FCF3C9C 12988344 ----a-w- C:\Windows\Sysnative\MaxxVoiceAPO4064.dll 2017-03-23 22:39:09 1D3ED19169F466672E2AB4019A04CDC6 13122576 ----a-w- C:\Windows\Sysnative\MaxxVoiceAPO3064.dll 2017-03-23 22:39:07 F64A9160F03A43582CC91F4E03679345 1334376 ----a-w- C:\Windows\Sysnative\MaxxSpeechAPO64.dll 2017-03-23 22:39:07 62CB7679784B15C73088775B40E3F703 999848 ----a-w- C:\Windows\Sysnative\MaxxVoiceAPO2064.dll 2017-03-23 22:39:05 98A88A5352635552BD8246D121922795 23447352 ----a-w- C:\Windows\Sysnative\MaxxAudioRender64.dll 2017-03-23 22:39:05 0158D18BFBF46C4205A0DE9D9167FF90 23547544 ----a-w- C:\Windows\Sysnative\MaxxAudioRenderAVX64.dll 2017-03-23 22:39:04 E34BE35E13906E4E23872CD26AF7B2AF 2050176 ----a-w- C:\Windows\Sysnative\MaxxAudioEQ64.dll 2017-03-23 22:39:04 E02D8DA675F4FC53193765927C07378B 17398616 ----a-w- C:\Windows\Sysnative\MaxxAudioCapture64.dll 2017-03-23 22:39:04 B4AC053C49ECE9B53335F95CAC57E08B 931616 ----a-w- C:\Windows\Sysnative\MaxxAudioAPOShell64.dll 2017-03-23 22:39:04 AD93E34D96B5660DC55B457BDC615991 678176 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO30.dll 2017-03-23 22:39:04 A5E2EE53BBA473B18C8AF62F9B33228B 1213656 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO5064.dll 2017-03-23 22:39:04 6E5F03BBE7E2C3AA43C6066BEBA303FF 2291304 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO7064.dll 2017-03-23 22:39:04 6D17C3F617DB95D7FB88CF5EDA188646 1422920 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO6064.dll 2017-03-23 22:39:04 6C206E0D2FEB6F04B7F4C06EEB0D092E 330560 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO20.dll 2017-03-23 22:39:04 1156905CC2C6EA17CAF91AD96C631989 14057248 ----a-w- C:\Windows\Sysnative\MaxxAudioRealtek64.dll 2017-03-23 22:39:04 0E79AC19BAFA465DA3DA82379342458F 1166152 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO4064.dll 2017-03-23 22:39:03 C4CBECCEEC38F1B50314F852B4647DE7 360344 ----a-w- C:\Windows\Sysnative\HMClariFi.dll 2017-03-23 22:39:03 B499C4B3709E489DF2B9DF9055427214 366120 ----a-w- C:\Windows\Sysnative\HMAPO.dll 2017-03-23 22:39:03 B374609588BFA138822487B97856C569 588032 ----a-w- C:\Windows\Sysnative\ICEsoundAPO64.dll 2017-03-23 22:39:03 AD1DC136028705EDADA55A5AA6C3BEC4 618184 ----a-w- C:\Windows\Sysnative\KAAPORT64.dll 2017-03-23 22:39:03 9885A9380FE810EE21AC5D85DE2091D3 203840 ----a-w- C:\Windows\Sysnative\HMHVS.dll 2017-03-23 22:39:03 8B23A413662272232E7AEF93419EDCCD 179592 ----a-w- C:\Windows\Sysnative\HMLimiter.dll 2017-03-23 22:39:03 6272733ED1C62440C7A213757B047B56 1186840 ----a-w- C:\Windows\Sysnative\IntelSstCApoPropPage.dll 2017-03-23 22:39:03 5CFD37F78FFA2775E147C591EB61746C 10536160 ----a-w- C:\Windows\Sysnative\IntelSSTAPO.dll 2017-03-23 22:39:03 56EC847AE22FD6FDB97C31C6B942450F 426568 ----a-w- C:\Windows\Sysnative\HiFiDAX2APIPCLL.dll 2017-03-23 22:39:03 4A7F527D021C619CE7C60F1F379D8639 190928 ----a-w- C:\Windows\Sysnative\HMEQ.dll 2017-03-23 22:39:03 444094E790A4EAD6FCFD00A852612574 416504 ----a-w- C:\Windows\Sysnative\HMUI.dll 2017-03-23 22:39:03 32C6AF0398C1351023EBBF860A535C02 190928 ----a-w- C:\Windows\Sysnative\HMEQ_Voice.dll 2017-03-23 22:39:02 52E5F9546EA518DB629D4C3BE5D79608 378384 ----a-w- C:\Windows\Sysnative\HiFiDAX2API.dll 2017-03-23 22:39:00 5826CEF758E9AE575E67184C68418E27 154360 ----a-w- C:\Windows\Sysnative\HarmanAudioInterface.dll 2017-03-23 22:38:59 F965EAB9C61576E99EC01456188F34D7 500552 ----a-w- C:\Windows\Sysnative\DTSU2PGFX64.dll 2017-03-23 22:38:59 EFFF7DDB82A8E23F864FE8B88B63F0AE 504304 ----a-w- C:\Windows\Sysnative\DTSNeoPCDLL64.dll 2017-03-23 22:38:59 D3AF4F1ED27B71233E21265A1DFB45F7 1591056 ----a-w- C:\Windows\Sysnative\DTSS2HeadphoneDLL64.dll 2017-03-23 22:38:59 CC00DFC73F48DDDCD43E7908E59D14A5 727432 ----a-w- C:\Windows\Sysnative\DTSSymmetryDLL64.dll 2017-03-23 22:38:59 894E02E6C6F9D228EFA23B3DA1807D04 1780616 ----a-w- C:\Windows\Sysnative\DTSS2SpeakerDLL64.dll 2017-03-23 22:38:59 3AED4C2A4BE57BF85322CD6287C67031 3302272 ----a-w- C:\Windows\Sysnative\FMAPO64.dll 2017-03-23 22:38:59 1902C3F4DC823D12257D42D6F1A8C20A 514520 ----a-w- C:\Windows\Sysnative\DTSU2PLFX64.dll 2017-03-23 22:38:59 13A4089269FF4116CF325E91753EFCDA 708312 ----a-w- C:\Windows\Sysnative\DTSVoiceClarityDLL64.dll 2017-03-23 22:38:59 0748A88646F7272F846C34DC9AA21538 428224 ----a-w- C:\Windows\Sysnative\DTSU2PREC64.dll 2017-03-23 22:38:58 F2664D44C4E91732F8EC4D354234A4F0 1508928 ----a-w- C:\Windows\Sysnative\DTSBoostDLL64.dll 2017-03-23 22:38:58 E88C92B7DC227820F140E789002758D4 253864 ----a-w- C:\Windows\Sysnative\DTSLFXAPO64.dll 2017-03-23 22:38:58 D925AB3AEE676AACF45D66FCB5D51007 743960 ----a-w- C:\Windows\Sysnative\DTSBassEnhancementDLL64.dll 2017-03-23 22:38:58 AC6A0D6CA3969BA86C3AD53340587725 445400 ----a-w- C:\Windows\Sysnative\DTSLimiterDLL64.dll 2017-03-23 22:38:58 98710A21F58F71431DB3BB9778454FAA 253896 ----a-w- C:\Windows\Sysnative\DTSGFXAPO64.dll 2017-03-23 22:38:58 8BF4EFB571687AB98692EE7EEDDB575D 1133584 ----a-w- C:\Windows\Sysnative\DolbyDAX2APOProp.dll 2017-03-23 22:38:58 6491DEC5C892178985748B9C5A794E08 5347000 ----a-w- C:\Windows\Sysnative\DolbyDAX2APOv211.dll 2017-03-23 22:38:58 3F007D6345CE6CF8481B0FD63EB4CBBD 785608 ----a-w- C:\Windows\Sysnative\DolbyDAX2APOvlldp.dll 2017-03-23 22:38:58 24039D70D6F4E142EBFB737FFB9E2EAE 252872 ----a-w- C:\Windows\Sysnative\DTSGFXAPONS64.dll 2017-03-23 22:38:58 0C4CEB9B1A3198A668D2FC0F74ED1A50 2444688 ----a-w- C:\Windows\Sysnative\DolbyDAX2APOv201.dll 2017-03-23 22:38:58 0C32EA4BF6E2D89F12658513C0364EAB 441264 ----a-w- C:\Windows\Sysnative\DTSGainCompensatorDLL64.dll 2017-03-23 22:38:57 F21F3FD20E5BC4C92D9B475158BAE4BC 1965808 ----a-w- C:\Windows\Sysnative\DDPD64A.dll 2017-03-23 22:38:57 DA58804DE8546A6416549FA655C295BF 327448 ----a-w- C:\Windows\Sysnative\DDPO64A.dll 2017-03-23 22:38:57 BF57C63A7FE92F63D78E469C23568AAE 6264632 ----a-w- C:\Windows\Sysnative\DDPP64AF3.dll 2017-03-23 22:38:57 BBF43241CB98AECBACEFFE27E2926E6C 1516896 ----a-w- C:\Windows\Sysnative\DAX3APOProp.dll 2017-03-23 22:38:57 AEBB3134C197EA403F6930EB53374B78 1363096 ----a-w- C:\Windows\Sysnative\DAX3APOv251.dll 2017-03-23 22:38:57 8BD016DEB1E4B12DB0A609D4ABE4FC55 310416 ----a-w- C:\Windows\Sysnative\DDPA64F3.dll 2017-03-23 22:38:57 87D44715D5B7E3DE3C46E9437C4E5C35 362048 ----a-w- C:\Windows\Sysnative\DDPO64AF3.dll 2017-03-23 22:38:57 635ED75CAFF51969F5C2E5F1ACD1083C 272712 ----a-w- C:\Windows\Sysnative\DDPA64.dll 2017-03-23 22:38:57 49398B8055DD97351A8E827CF01145EC 1959600 ----a-w- C:\Windows\Sysnative\DDPD64AF3.dll 2017-03-23 22:38:57 062408FB813E616C6C388B5DFBB6E111 7096184 ----a-w- C:\Windows\Sysnative\DDPP64A.dll 2017-03-23 22:38:56 717CD34B06124DC73FFBF5BD40AB4260 1615656 ----a-w- C:\Windows\Sysnative\CX64APO.dll 2017-03-23 22:38:56 63E3AA23557EB54D4A36FF08A8B68821 1529136 ----a-w- C:\Windows\Sysnative\CX64Proxy.dll 2017-03-23 22:38:56 2B4C3D9F114EE40FEAD6A86395F2FC89 5604 ----a-w- C:\Windows\Sysnative\cxapo.lncs 2017-03-23 22:38:56 26733CF9ABC6D107AF6CD704E62F8F5A 122320 ----a-w- C:\Windows\Sysnative\CONEQMSAPOGUILibrary.dll 2017-03-23 22:38:56 2619F745E44D4DF9D271657F7EE99F1B 736 ----a-w- C:\Windows\Sysnative\cxapo.prop 2017-03-23 22:38:55 C5DF35C92B5E30F5E39E64110B71EC9E 438688 ----a-w- C:\Windows\Sysnative\CAF64APO2.dll 2017-03-23 22:38:55 86307775BED487005BE5D1290942FDD5 112488 ----a-w- C:\Windows\Sysnative\Caf64api.dll 2017-03-23 22:38:55 7722B598B7FB7D7627A2C9A2646BED3C 2993720 ----a-w- C:\Windows\Sysnative\AudysseyEfx.dll 2017-03-23 22:38:54 269B9E793A48244E81FB4CC4C163A666 105304 ----a-w- C:\Windows\Sysnative\audioLibVc.dll 2017-03-23 22:38:53 A1FB136667F2674AE9DCEC2BF8268D83 574752 ----a-w- C:\Windows\Sysnative\AERTAC64.dll 2017-03-23 22:38:53 6EEF5548CD6F7151E9145117D6FF7442 118592 ----a-w- C:\Windows\Sysnative\AERTAR64.dll 2017-03-23 22:38:53 636C4D3C14289A5CE0FD29FDD51EE864 118592 ----a-w- C:\Windows\Sysnative\AcpiServiceVnA64.dll 2017-03-14 23:24:03 3C9508C3B515FDB5762DF5862C864301 110144 ----a-w- C:\Windows\Sysnative\WindowsAccessBridge-64.dll ====== C:\Windows\Sysnative\drivers ===== 2017-03-25 01:35:55 B2875D7ABB82867DC3AA03D991940201 1896168 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2017-03-25 01:35:55 7FE5586314EE7D6AA8483264A089E5AF 46080 ----a-w- C:\Windows\Sysnative\drivers\tcpipreg.sys 2017-03-25 01:35:55 5545D2CB5DC6855ADAE275D50FEC1CFF 377576 ----a-w- C:\Windows\Sysnative\drivers\netio.sys 2017-03-25 01:35:55 1140F1415D3CF49B4038CD346C2AE91A 287976 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2017-03-25 01:30:45 7F4FDC9528BCE6FB919615B6A77D5724 405504 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys 2017-03-25 01:30:43 EA4D67448BE493D543F1730D6CD04694 663552 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys 2017-03-25 01:30:42 EB15C46477EB84B6B520871ED5936CCF 462848 ----a-w- C:\Windows\Sysnative\drivers\srv.sys 2017-03-25 01:30:41 A98CED39AD91B445E2E442A9BD67E8B4 467392 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2017-03-25 01:30:40 98DB1790F0A584E0A2528B92B052417F 142336 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2017-03-25 01:30:40 85CB449B319AF69A3538BB1B97EEA2E5 291328 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2017-03-25 01:30:38 9B38580063D281A99E68EF5813022A5F 106496 ----a-w- C:\Windows\Sysnative\drivers\dfsc.sys 2017-03-25 01:30:38 8ADB5445B29941CB41AF2846FD5C93C7 94440 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys 2017-03-25 01:30:37 819426D736BCBD31CC7CA27221954E04 159744 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2017-03-25 01:30:37 7B7C28D4E71E4A4365F2B7528DA619F8 154856 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2017-03-25 01:30:36 C0B2DC34587FE163997055AA38EB883A 129536 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2017-03-25 01:30:36 ABA3984C822E4D3F889699912D85D6C5 90112 ----a-w- C:\Windows\Sysnative\drivers\bowser.sys 2017-03-25 01:30:35 3F20CD2A11872284BD667DAD6D4801CC 168960 ----a-w- C:\Windows\Sysnative\drivers\srvnet.sys 2017-03-25 01:30:33 3AAA10BAF3F194F7CD34F4C78F8222EE 95464 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2017-03-25 01:30:32 B84DDCCB03A9CEDC1E90A88EDA5306DB 62464 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2017-03-25 01:25:44 CFEAAF96E666E3DCBD8F6DFF516784AE 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2017-03-25 01:25:44 B626F048318DAE65A3317F0592BE592C 56320 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2017-03-25 01:25:44 B4DF0F4C1D9D25DFE1DAD1D8670F1D4F 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys 2017-03-25 01:25:44 614A71B78C6807D95A30A89B5A69669A 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2017-03-25 01:25:44 43F6BED028FA27D3F3CE852EDBBE0F81 327168 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2017-03-25 01:25:44 390109E8E05BA00375DCB1ED64DC60AF 343552 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2017-03-25 01:25:44 28B81917A195B67617AF7DCF4DFE5736 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2017-03-23 22:39:30 7D7FBC9504575D97885A858EA93684F5 5804772 ----a-w- C:\Windows\Sysnative\drivers\rtvienna.dat 2017-03-23 22:39:28 00D0BAD638E321E12A0A1F0D0CFF96B6 5545472 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys 2017-03-23 22:39:27 8C9D5C93843D130F6132AD2BAE710657 1920870 ----a-w- C:\Windows\Sysnative\drivers\rtkSSTsetting.dat 2017-03-23 22:39:24 963C68FAC6839EAA05CCD87533FAB46E 9124224 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2017-03-23 22:41:02 -------- d-----w- C:\Program Files\Realtek 2017-03-13 20:37:51 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2017-03-23 22:38:53 -------- d-----w- C:\PROGRA~2\Realtek 2017-03-23 22:37:47 -------- d--h--w- C:\PROGRA~2\Temp 2017-03-15 21:07:06 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2017-03-14 23:24:42 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Stephan Reisig\AppData\Roaming ====== 2017-03-24 19:50:46 C1A69385A83B6FA6112A022B6B97774A 4539696 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2017-03-24 02:51:51 -------- d-----w- C:\Users\Stephan Reisig\AppData\Roaming\Google 2017-03-24 01:18:45 -------- d-----w- C:\Users\Stephan Reisig\AppData\Local\Adobe 2017-03-16 17:24:11 -------- d-----w- C:\Users\Stephan Reisig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps 2017-03-14 23:24:17 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Sun 2017-03-07 18:41:25 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Adobe 2017-03-07 18:41:23 -------- d-----r- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2017-03-07 18:41:23 -------- d-----r- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2017-03-07 18:41:08 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Identities 2017-03-07 17:40:06 -------- d-s---w- C:\Users\Administrator\AppData\Roaming\Microsoft 2017-03-07 17:40:06 -------- d-----w- C:\Users\Administrator\AppData\Roaming\TuneUp Software 2017-03-07 17:40:06 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Media Center Programs 2017-03-07 17:40:06 -------- d-----w- C:\Users\Administrator\AppData\Local\Temp 2017-03-07 17:40:06 -------- d-----w- C:\Users\Administrator\AppData\Local\Microsoft Help 2017-03-07 17:40:06 -------- d-----w- C:\Users\Administrator\AppData\Local\Microsoft 2017-03-07 17:40:06 -------- d-----w- C:\Users\Administrator\AppData\Local\Google 2017-03-07 17:40:06 -------- d-----r- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2017-03-07 17:40:06 -------- d-----r- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories ====== C:\Users\Stephan Reisig ====== 2017-03-25 15:47:35 CAC2A9395DFA587DB4B62AA781C9432E 4031440 ----a-w- C:\Users\Stephan Reisig\Desktop\adwcleaner_6.044.exe 2017-03-25 02:29:12 -------- d-----r- C:\Users\Stephan Reisig\Saved Games 2017-03-24 16:57:50 -------- d-----w- C:\ProgramData\Adobe 2017-03-23 22:41:20 -------- d-----w- C:\ProgramData\Audyssey Labs 2017-03-23 22:32:50 571E83EDA0C694F1C6634073D88ED8B6 217553063 ----a-w- C:\Users\Stephan Reisig\Downloads\0008-64bit_Win7_Win8_Win81_Win10_R281.exe 2017-03-15 21:07:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-03-14 23:37:58 0B1D0382F12DB0F59C49A9E055A2CC16 1663904 ----a-w- C:\Users\Stephan Reisig\Downloads\JRT.exe 2017-03-14 23:24:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-03-14 23:21:45 A963C6B8A012E658A3D657C4897CF7C8 64153152 ----a-w- C:\Users\Stephan Reisig\Downloads\jre-8u121-windows-x64.exe 2017-03-14 23:05:57 5B028EACF3ED4DA6E5F4C41CED66D310 9274608 ----a-w- C:\Users\Stephan Reisig\Downloads\ccsetup528.exe 2017-03-13 20:37:32 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Stephan Reisig\Downloads\RSITx64.exe 2017-03-07 18:41:23 -------- d-----r- C:\Users\Administrator\Searches 2017-03-07 18:41:05 -------- d-----r- C:\Users\Administrator\Contacts 2017-03-07 17:40:06 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Administrator\ntuser.ini 2017-03-07 17:40:06 -------- d--h--w- C:\Users\Administrator\AppData 2017-03-07 17:40:06 -------- d-----r- C:\Users\Administrator\Videos 2017-03-07 17:40:06 -------- d-----r- C:\Users\Administrator\Saved Games 2017-03-07 17:40:06 -------- d-----r- C:\Users\Administrator\Pictures 2017-03-07 17:40:06 -------- d-----r- C:\Users\Administrator\Music 2017-03-07 17:40:06 -------- d-----r- C:\Users\Administrator\Links 2017-03-07 17:40:06 -------- d-----r- C:\Users\Administrator\Favorites 2017-03-07 17:40:06 -------- d-----r- C:\Users\Administrator\Downloads 2017-03-07 17:40:06 -------- d-----r- C:\Users\Administrator\Documents 2017-03-07 17:40:06 -------- d-----r- C:\Users\Administrator\Desktop ====== C: exe-files == 2017-03-25 15:47:35 CAC2A9395DFA587DB4B62AA781C9432E 4031440 ----a-w- C:\Users\Stephan Reisig\Desktop\adwcleaner_6.044.exe 2017-03-25 02:58:03 F361809960977232649F1C0D6D0A2304 46893672 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\57.0.2987.110\57.0.2987.110_chrome_installer.exe 2017-03-25 02:56:18 FCAEDFFAA41EA74BA53FDADABBB8B21A 1129376 ----a-w- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleUpdateSetup.exe 2017-03-25 02:56:18 5E7ADCF81096860FED5AB569A8ADE3AB 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleUpdateOnDemand.exe 2017-03-25 02:56:18 33DF23DDDE222C6270C99885D7A70DE2 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleUpdateWebPlugin.exe 2017-03-25 02:56:17 FE9E6388A039441098EB09C070EA5049 601752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleUpdateCore.exe 2017-03-25 02:56:17 FACC7DC5EEF8AF0D969BC2481AAA3EFC 174232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleUpdateComRegisterShell64.exe 2017-03-25 02:56:17 57769E78CCB9F3DE92B507B72D49AF99 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleUpdateBroker.exe 2017-03-25 02:56:14 FE40EC349D80C0ED24A5808DCFE9A0D2 288920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleCrashHandler.exe 2017-03-25 02:56:14 B5C7D56B6DB76C66E24B4B735BB66509 366232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleCrashHandler64.exe 2017-03-25 02:56:14 2D8BBF6C7241AAD9EDE7708EBB7B43A4 153752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{81155ABD-572C-4AB5-9039-5ADBC9B06F3A}\GoogleUpdate.exe 2017-03-25 01:37:46 C17021807EEDE0695C1389EDDF06E425 37888 ----a-w- C:\Windows\System32\wuapp.exe 2017-03-25 01:37:46 34356D8A4183B33E8097A3D80833FAAE 140288 ----a-w- C:\Windows\System32\wuauclt.exe 2017-03-25 01:37:45 EE16D4205B0C692B9C3BA6DF7855FCDB 35328 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2017-03-25 01:31:06 C0C8D40056C36D3FF3D662DEBDD70B41 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe 2017-03-25 01:31:05 AB5576121AEC5386E15E6DCE469BB3C4 725504 ----a-w- C:\Windows\System32\ie4uinit.exe 2017-03-25 01:31:05 638AA744E979A848C54C693C9C0163EB 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2017-03-25 01:31:04 9F30DCCC8194E87840364B3998A62478 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2017-03-25 01:31:03 BCEFF19A6F0033D6E178FB8BB126BDD0 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2017-03-25 01:31:03 B5FA5033CE72996C161769337F4B6E01 475648 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2017-03-25 01:31:03 8A590F790A98F3D77399BE457E01386A 815304 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2017-03-25 01:31:02 EB40CBF1CF1004F7ED3D8D1815CEE842 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2017-03-25 01:31:01 AFD94CB4D3B8C3CDD13AE192DA10B68F 492032 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2017-03-25 01:31:00 96FAB849FA00BDA629163ED8C75B185A 144384 ----a-w- C:\Windows\System32\ieUnatt.exe 2017-03-25 01:31:00 4EB098135821348270F27157F7A84E65 814288 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2017-03-25 01:30:52 255165A61A656F9F4157AF45536FF698 5548264 ----a-w- C:\Windows\System32\ntoskrnl.exe 2017-03-25 01:30:48 4941C721FF630B718DD8C9F98CE98D9D 3945192 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2017-03-25 01:30:48 3283961AFA7723F8D480DD6FE2BDAE0C 4000488 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2017-03-25 01:30:45 71B07DABF3A21C2099775F2C1FFFE0F7 509672 ----a-w- C:\Windows\Boot\PCAT\memtest.exe 2017-03-25 01:30:44 77A271A950ADA116D6D740AC1466F520 633296 ----a-w- C:\Windows\System32\winload.exe 2017-03-25 01:30:44 77A271A950ADA116D6D740AC1466F520 633296 ----a-w- C:\Windows\System32\Boot\winload.exe 2017-03-25 01:30:42 571DA0C23404613A97FD06F940C81959 266752 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe 2017-03-25 01:30:41 3AE4191A320803F49BA101C15221C0B3 199168 ----a-w- C:\Windows\SysWOW64\WSManHTTPConfig.exe 2017-03-25 01:30:40 FED1B1AD30E7F54BA3541B6E2F156559 2257920 ----a-w- C:\Program Files\DVD Maker\DVDMaker.exe 2017-03-25 01:30:40 37BABEA44C50E8022324DB7A22A9679F 733696 ----a-w- C:\Windows\HelpPane.exe 2017-03-25 01:30:38 AC2E7152124CEED36846BD1B6592A00F 128512 ----a-w- C:\Windows\System32\msiexec.exe 2017-03-25 01:30:38 0EBEC18BDCB6496E93BA39173450602D 406528 ----a-w- C:\Windows\System32\IME\IMEJP10\IMJPDCT.EXE 2017-03-25 01:30:37 BDDD20CEB520E59863C62BA74CDBA997 114408 ----a-w- C:\Windows\System32\consent.exe 2017-03-25 01:30:37 67A57A47EB806E1064A81A9B2291BD7A 346112 ----a-w- C:\Windows\System32\bcdedit.exe 2017-03-25 01:30:36 FD94C4FA1E867D04D4ECCB3C78CC7FAF 301568 ----a-w- C:\Windows\System32\IME\shared\IMEPADSV.EXE 2017-03-25 01:30:36 D609D1AE800D48128BDA1446A4720265 346112 ----a-w- C:\Windows\SysWOW64\IME\IMEJP10\IMJPDCT.EXE 2017-03-25 01:30:36 D204193AE858F18F901EF2B004A01CD6 125952 ----a-w- C:\Windows\System32\audiodg.exe 2017-03-25 01:30:36 1B48180971A608CF02118B164AEDC21C 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe 2017-03-25 01:30:35 C97B6AD59161B8502016C050A758552F 286208 ----a-w- C:\Windows\SysWOW64\IME\shared\IMCCPHR.exe 2017-03-25 01:30:35 AFF793C9EE33B7AFAA15698FE4F33252 307712 ----a-w- C:\Windows\System32\IME\shared\IMCCPHR.exe 2017-03-25 01:30:35 316FEB05EE3796DF7303E42DDCC2FB2A 269824 ----a-w- C:\Windows\SysWOW64\IME\shared\IMEPADSV.EXE 2017-03-25 01:30:34 7FB3FF956EC2C07DAB4E736A39EAB696 378368 ----a-w- C:\Windows\System32\IME\IMETC10\IMTCPROP.exe 2017-03-25 01:30:34 7F39233AA5807E8AC3C52ABD7DAF6B67 362496 ----a-w- C:\Windows\SysWOW64\IME\IMETC10\IMTCPROP.exe 2017-03-25 01:30:34 1777DF2F90A68F26A2B8E25E072C4032 82432 ----a-w- C:\Windows\System32\IME\IMEJP10\IMJPDSVR.EXE 2017-03-25 01:30:33 CE476F23405AADC46039AC13127DF473 338432 ----a-w- C:\Windows\System32\conhost.exe 2017-03-25 01:30:33 5DA59EFB062A0E36048394A04557B61F 59904 ----a-w- C:\Windows\SysWOW64\IME\IMEJP10\IMJPDSVR.EXE 2017-03-25 01:30:32 4315D6ECAE85024A0567DF2CB253B7B0 73216 ----a-w- C:\Windows\SysWOW64\msiexec.exe 2017-03-25 01:30:31 A5D4ABE6ED23200DEEED3969421B1B4D 296960 ----a-w- C:\Windows\System32\rstrui.exe 2017-03-25 01:30:31 94EABE53D891DD70BD86E71BC66CEAB5 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe 2017-03-25 01:30:31 3716DEC1E0B88BB19968BBC2659B02A1 30208 ----a-w- C:\Windows\System32\IME\IMEJP10\imjppdmg.exe 2017-03-25 01:30:31 18F07105165405B192B70C6D83C277EC 112640 ----a-w- C:\Windows\System32\smss.exe 2017-03-25 01:30:30 CA69E856332E2D85294665F6B7E97254 30720 ----a-w- C:\Windows\System32\lsass.exe 2017-03-25 01:30:30 6344EAE4813EAE521E3A03A884DB647D 26112 ----a-w- C:\Windows\SysWOW64\IME\IMEJP10\imjppdmg.exe 2017-03-25 01:30:29 A8EF736348640772224859E1FEDFF7AE 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2017-03-25 01:30:29 401B0E3E28D1B06F4B94B6525C234FF7 64000 ----a-w- C:\Windows\System32\auditpol.exe 2017-03-25 01:30:28 CBD0E56A0B75697C55933C32DB28588D 55808 ----a-w- C:\Windows\System32\rrinstaller.exe 2017-03-25 01:30:28 C5CCC59506C897319FA05FE9D8DF79C3 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe 2017-03-25 01:30:28 B8C26E61ABBDD9F47FCA9EAA613A3A9F 23040 ----a-w- C:\Windows\SysWOW64\mfpmp.exe 2017-03-25 01:30:28 B84FC7C031FF7B030E4AE6D08DC27DCD 49664 ----a-w- C:\Windows\servicing\GC64\tzupd.exe 2017-03-25 01:30:28 B6D5D5A08AC21B315B36849137FCF5BE 50176 ----a-w- C:\Windows\SysWOW64\rrinstaller.exe 2017-03-25 01:30:28 AA1511B6284FA984305DA2D673B86ABE 24576 ----a-w- C:\Windows\System32\mfpmp.exe 2017-03-25 01:30:28 599F4B2D815704142A7EDD70F5C86D6D 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2017-03-25 01:30:28 47FA191B50F64020EDBFC342C9AE478B 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe 2017-03-25 01:30:27 FE6FDF52A349BE028B3F9E6E62E3061B 102400 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpshare.exe 2017-03-25 01:30:27 CECAD79489798640383581EE028F3BF3 102912 ----a-w- C:\Program Files\Windows Media Player\wmpshare.exe 2017-03-25 01:30:27 C6CA690108CD85F91D11EC49340D651F 9728 ----a-w- C:\Windows\System32\pcalua.exe 2017-03-25 01:30:27 B974FD2EBECCEBB072AB28C653B5CE9A 79360 ----a-w- C:\Windows\System32\IME\IMEJP10\IMJPMGR.EXE 2017-03-25 01:30:27 9C0F01C9611DAA6297A028FFD55547E6 14848 ----a-w- C:\Windows\SysWOW64\IME\IMEJP10\IMJPDADM.EXE 2017-03-25 01:30:27 9BA982C33132DD8F483CB8BDB87156B6 58368 ----a-w- C:\Windows\SysWOW64\IME\IMEJP10\IMJPUEX.EXE 2017-03-25 01:30:27 9266E0DD597F313882AC3BE3D0A4FFB5 11264 ----a-w- C:\Windows\System32\pcawrk.exe 2017-03-25 01:30:27 8B6D70339A1B43C809B10A1020878826 90112 ----a-w- C:\Windows\SysWOW64\IME\IMESC5\IMSCPROP.exe 2017-03-25 01:30:27 4AB1E1E0ECF0BD2686574A0AD7DD4AA6 13824 ----a-w- C:\Windows\System32\wsmprovhost.exe 2017-03-25 01:30:27 42F81C6A3835FE279B254AA2CB7B38FE 12288 ----a-w- C:\Windows\SysWOW64\wsmprovhost.exe 2017-03-25 01:30:27 2AF77D396AF38BB18ECF1A60E9DF3444 111616 ----a-w- C:\Windows\System32\IME\IMESC5\IMSCPROP.exe 2017-03-25 01:30:27 17C04477B52838B3EAD25DD0CFF2F674 74240 ----a-w- C:\Windows\SysWOW64\IME\IMEJP10\IMJPMGR.EXE 2017-03-25 01:30:27 0FDE96DA078018BFD3B96B580D8F880F 61952 ----a-w- C:\Windows\System32\IME\IMEJP10\IMJPUEX.EXE 2017-03-25 01:30:27 084F16C138645BCF11AAD063E0FBE6C4 18432 ----a-w- C:\Windows\System32\IME\IMEJP10\IMJPDADM.EXE 2017-03-25 01:30:26 E6A33FB3ECE43B6FA169F54C2B7FAE5D 102400 ----a-w- C:\Program Files\Windows Media Player\wmpconfig.exe 2017-03-25 01:30:26 5E891A1A5B1AF83C928FC80CE9055551 101888 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpconfig.exe 2017-03-25 01:30:26 1C6D96952BB8611E8FA66DFCA22340D0 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2017-03-25 01:30:25 C9CE2AFB2E0CD1D4477E89D6E92B5D3A 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2017-03-25 01:29:30 6DDCA324434FFA506CF7DC4E51DB7935 2972672 ----a-w- C:\Windows\SysWOW64\explorer.exe 2017-03-25 01:29:30 38AE1B3C38FAEF56FE4907922F0385BA 3229696 ----a-w- C:\Windows\explorer.exe 2017-03-25 01:26:51 FE9E6388A039441098EB09C070EA5049 601752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleUpdateCore.exe 2017-03-25 01:26:51 FE40EC349D80C0ED24A5808DCFE9A0D2 288920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleCrashHandler.exe 2017-03-25 01:26:51 FCAEDFFAA41EA74BA53FDADABBB8B21A 1129376 ----a-w- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleUpdateSetup.exe 2017-03-25 01:26:51 FACC7DC5EEF8AF0D969BC2481AAA3EFC 174232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleUpdateComRegisterShell64.exe 2017-03-25 01:26:51 B5C7D56B6DB76C66E24B4B735BB66509 366232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleCrashHandler64.exe 2017-03-25 01:26:51 5E7ADCF81096860FED5AB569A8ADE3AB 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleUpdateOnDemand.exe 2017-03-25 01:26:51 57769E78CCB9F3DE92B507B72D49AF99 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleUpdateBroker.exe 2017-03-25 01:26:51 33DF23DDDE222C6270C99885D7A70DE2 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleUpdateWebPlugin.exe 2017-03-25 01:26:51 2D8BBF6C7241AAD9EDE7708EBB7B43A4 153752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{C9C385DD-EC01-4691-9353-9DB0EEF502EA}\GoogleUpdate.exe 2017-03-25 01:25:05 FE9E6388A039441098EB09C070EA5049 601752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleUpdateCore.exe 2017-03-25 01:25:05 FE40EC349D80C0ED24A5808DCFE9A0D2 288920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleCrashHandler.exe 2017-03-25 01:25:05 FCAEDFFAA41EA74BA53FDADABBB8B21A 1129376 ----a-w- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleUpdateSetup.exe 2017-03-25 01:25:05 FACC7DC5EEF8AF0D969BC2481AAA3EFC 174232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleUpdateComRegisterShell64.exe 2017-03-25 01:25:05 B5C7D56B6DB76C66E24B4B735BB66509 366232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleCrashHandler64.exe 2017-03-25 01:25:05 5E7ADCF81096860FED5AB569A8ADE3AB 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleUpdateOnDemand.exe 2017-03-25 01:25:05 57769E78CCB9F3DE92B507B72D49AF99 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleUpdateBroker.exe 2017-03-25 01:25:05 33DF23DDDE222C6270C99885D7A70DE2 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleUpdateWebPlugin.exe 2017-03-25 01:25:05 2D8BBF6C7241AAD9EDE7708EBB7B43A4 153752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{F4197807-70D7-4E6A-BC19-9B247E3A0D2F}\GoogleUpdate.exe 2017-03-25 01:19:25 81FCF3B7A0C63AB9C3EC37DF01C642B0 123904 ----a-w- C:\Windows\SysWOW64\poqexec.exe 2017-03-25 01:19:25 126EB6B7C25D25ADB55D555E36EB4ABC 142336 ----a-w- C:\Windows\System32\poqexec.exe 2017-03-25 01:13:56 FCAEDFFAA41EA74BA53FDADABBB8B21A 1129376 ----a-w- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleUpdateSetup.exe 2017-03-25 01:13:56 33DF23DDDE222C6270C99885D7A70DE2 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleUpdateWebPlugin.exe 2017-03-25 01:13:55 FE9E6388A039441098EB09C070EA5049 601752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleUpdateCore.exe 2017-03-25 01:13:55 FE40EC349D80C0ED24A5808DCFE9A0D2 288920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleCrashHandler.exe 2017-03-25 01:13:55 FACC7DC5EEF8AF0D969BC2481AAA3EFC 174232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleUpdateComRegisterShell64.exe 2017-03-25 01:13:55 B5C7D56B6DB76C66E24B4B735BB66509 366232 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleCrashHandler64.exe 2017-03-25 01:13:55 5E7ADCF81096860FED5AB569A8ADE3AB 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleUpdateOnDemand.exe 2017-03-25 01:13:55 57769E78CCB9F3DE92B507B72D49AF99 96920 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleUpdateBroker.exe 2017-03-25 01:13:55 2D8BBF6C7241AAD9EDE7708EBB7B43A4 153752 ----atw- C:\Users\Stephan Reisig\AppData\Local\Temp\{7670B4CF-5C1D-4E03-8AB3-01879CC85001}\GoogleUpdate.exe 2017-03-24 22:46:37 26EE79D064D7FBF0D7DEFF40EDE9BA9B 2424832 ----a-w- C:\Users\Stephan Reisig\Desktop\FRST\FRST64 (2).exe 2017-03-24 18:51:39 8E21882367A201E4D574B3AAACDAB9E3 21433624 ----a-w- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-8aeb48d4.exe 2017-03-24 01:21:50 6839564FED27BCE1C019D490CF00B5AC 21061912 ----a-w- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-7815d56a.exe 2017-03-24 00:34:44 6839564FED27BCE1C019D490CF00B5AC 21061912 ----a-w- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-a2db877e.exe 2017-03-23 22:42:44 6839564FED27BCE1C019D490CF00B5AC 21061912 ----a-w- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-fef284a4.exe 2017-03-23 22:42:00 11582F11BB29D413B11272F3DB8E8B0C 1786880 ----a-w- C:\Program Files (x86)\Realtek\Audio\InstallShield\Rtkupd64.exe 2017-03-23 22:39:38 11582F11BB29D413B11272F3DB8E8B0C 1786880 ------w- C:\Program Files (x86)\Realtek\Audio\Drivers\RtlUpd64.exe 2017-03-23 22:39:36 FCE7D1943651E8FFFE08BFE841F1BEED 571528 ----a-w- C:\Program Files\Realtek\Audio\HDA\vncutil64.exe 2017-03-23 22:39:29 11582F11BB29D413B11272F3DB8E8B0C 1786880 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe 2017-03-23 22:39:26 C58847223D7EA5AB3B1D26F0BEAFDF1F 320512 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 2017-03-23 22:39:26 6B89138EA6759DB1AB6F5C05CA97210D 9197568 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 2017-03-23 22:39:20 C75BEF5E0AA96799E8AD5E363009C125 1483264 ----a-w- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 2017-03-23 22:39:20 88FC2108F110C7B91A44D9865D63B67E 16781824 ----a-w- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 2017-03-23 22:39:00 980D4FCBD401384D89BDECC94EC1DAF7 150072 ----a-w- C:\Program Files\Realtek\Audio\HDA\FMAPP.exe 2017-03-23 22:38:59 A018292FBD7011B0ED91190C1E728B11 249320 ----a-w- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe 2017-03-23 22:38:58 EF184CD454A80C21101A35EA6CADFD0D 218760 ----a-w- C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe 2017-03-23 22:38:56 D404E08D92547FD8DE696E01425DAF9C 751328 ----a-w- C:\Program Files\Realtek\Audio\HDA\CXAPOAgent64.exe 2017-03-23 22:38:56 0F2BCEAE95C2DE3A4949F776731C808E 75512 ----a-w- C:\Program Files\Realtek\Audio\HDA\CreateRtkToastLnk.exe 2017-03-23 22:38:54 D32D96B6C02040C1496452853462C214 106944 ----a-w- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 2017-03-23 22:38:50 C853AA27AD9FF576D262A952F42D023B 1194976 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe 2017-03-23 22:32:50 571E83EDA0C694F1C6634073D88ED8B6 217553063 ----a-w- C:\Users\Stephan Reisig\Downloads\0008-64bit_Win7_Win8_Win81_Win10_R281.exe 2017-03-22 21:33:53 4E7CE4FF16B45B21196648A07311525F 2932216 ----a-w- C:\Users\Stephan Reisig\AppData\Local\Google\Chrome\User Data\SwReporter\17.97.3\software_reporter_tool.exe 2017-03-19 19:15:46 2C2E620BDB64B7F24ECD46D34B4F2472 3929704 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\57.0.2987.110\57.0.2987.110_57.0.2987.98_chrome_updater.exe === C: other files == 2017-03-25 16:00:46 511D7CE5E03622D3ABEF0C4DED18F23E 410 ----a-w- C:\Users\Stephan Reisig\AppData\Local\Temp\DeleteOnReboot.bat 2017-03-25 01:35:55 B2875D7ABB82867DC3AA03D991940201 1896168 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2017-03-25 01:35:55 7FE5586314EE7D6AA8483264A089E5AF 46080 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys 2017-03-25 01:35:55 5545D2CB5DC6855ADAE275D50FEC1CFF 377576 ----a-w- C:\Windows\System32\drivers\netio.sys 2017-03-25 01:35:55 1140F1415D3CF49B4038CD346C2AE91A 287976 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2017-03-25 01:30:50 3E64CB38D9F567DF2D7F3576EC258BE6 3220480 ----a-w- C:\Windows\System32\win32k.sys 2017-03-25 01:30:45 7F4FDC9528BCE6FB919615B6A77D5724 405504 ----a-w- C:\Windows\System32\drivers\srv2.sys 2017-03-25 01:30:43 EA4D67448BE493D543F1730D6CD04694 663552 ----a-w- C:\Windows\System32\drivers\PEAuth.sys 2017-03-25 01:30:42 EB15C46477EB84B6B520871ED5936CCF 462848 ----a-w- C:\Windows\System32\drivers\srv.sys 2017-03-25 01:30:42 3D67C27DD17B254D7915FA16A5AE3573 370920 ----a-w- C:\Windows\System32\clfs.sys 2017-03-25 01:30:41 A98CED39AD91B445E2E442A9BD67E8B4 467392 ----a-w- C:\Windows\System32\drivers\cng.sys 2017-03-25 01:30:40 98DB1790F0A584E0A2528B92B052417F 142336 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2017-03-25 01:30:40 85CB449B319AF69A3538BB1B97EEA2E5 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2017-03-25 01:30:38 9B38580063D281A99E68EF5813022A5F 106496 ----a-w- C:\Windows\System32\drivers\dfsc.sys 2017-03-25 01:30:38 8ADB5445B29941CB41AF2846FD5C93C7 94440 ----a-w- C:\Windows\System32\drivers\mountmgr.sys 2017-03-25 01:30:37 819426D736BCBD31CC7CA27221954E04 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2017-03-25 01:30:37 7B7C28D4E71E4A4365F2B7528DA619F8 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2017-03-25 01:30:36 C0B2DC34587FE163997055AA38EB883A 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2017-03-25 01:30:36 ABA3984C822E4D3F889699912D85D6C5 90112 ----a-w- C:\Windows\System32\drivers\bowser.sys 2017-03-25 01:30:35 3F20CD2A11872284BD667DAD6D4801CC 168960 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2017-03-25 01:30:33 3AAA10BAF3F194F7CD34F4C78F8222EE 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2017-03-25 01:30:32 B84DDCCB03A9CEDC1E90A88EDA5306DB 62464 ----a-w- C:\Windows\System32\drivers\appid.sys 2017-03-25 01:25:44 CFEAAF96E666E3DCBD8F6DFF516784AE 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2017-03-25 01:25:44 B626F048318DAE65A3317F0592BE592C 56320 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2017-03-25 01:25:44 B4DF0F4C1D9D25DFE1DAD1D8670F1D4F 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2017-03-25 01:25:44 614A71B78C6807D95A30A89B5A69669A 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2017-03-25 01:25:44 43F6BED028FA27D3F3CE852EDBBE0F81 327168 ----a-w- C:\Windows\System32\drivers\usbport.sys 2017-03-25 01:25:44 390109E8E05BA00375DCB1ED64DC60AF 343552 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2017-03-25 01:25:44 28B81917A195B67617AF7DCF4DFE5736 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2017-03-23 22:39:28 00D0BAD638E321E12A0A1F0D0CFF96B6 5545472 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3820285416-1422433888-2532357495-1001\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Google Update"="C:\Users\Stephan Reisig\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe" "GoogleChromeAutoLaunch_97C779258E62005D8547D81313898954"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3820285416-1422433888-2532357495-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Stephan Reisig\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Stephan Reisig\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Google Update"="C:\Users\Stephan Reisig\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe" "GoogleChromeAutoLaunch_97C779258E62005D8547D81313898954"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Stephan Reisig\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Stephan Reisig\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GwxControlPanelMonitor"="C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe /traymode" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeBridge] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeBridge" "hkey"="HKCU" "command"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Becwsupa] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Becwsupa" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\ABN AMRO e.dentifier2\\wss\\becwsupa.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Photos Backup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Photos Backup" "hkey"="HKCU" "command"="\"C:\\Users\\Stephan Reisig\\AppData\\Local\\Programs\\Google\\Google Photos Backup\\Google Photos Backup.exe\" /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MSC" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Sidebar" "hkey"="HKCU" "command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="StartCCC" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\amd64\\CLIStart.exe\" MSRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Stephan Reisig] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Stephan Reisig\AppData] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Stephan Reisig\AppData\Local] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Stephan Reisig\AppData\Local\Microsoft] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Stephan Reisig\AppData\Local\Microsoft\SkyDrive] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Stephan Reisig\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce" "item"="Uninstall C:\\Users\\Stephan Reisig\\AppData\\Local\\Microsoft\\SkyDrive\\17.0.4035.0328" "hkey"="HKCU" "command"="C:\\Windows\\system32\\cmd.exe /q /c rmdir /s /q \"C:\\Users\\Stephan Reisig\\AppData\\Local\\Microsoft\\SkyDrive\\17.0.4035.0328\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Stephan Reisig\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce" "item"="Uninstall C:\\Users\\Stephan Reisig\\AppData\\Local\\Microsoft\\SkyDrive\\17.3.1171.0714" "hkey"="HKCU" "command"="C:\\Windows\\system32\\cmd.exe /q /c rmdir /s /q \"C:\\Users\\Stephan Reisig\\AppData\\Local\\Microsoft\\SkyDrive\\17.3.1171.0714\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Stephan Reisig\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce" "item"="Uninstall C:\\Users\\Stephan Reisig\\AppData\\Local\\Microsoft\\SkyDrive\\17.3.1171.0714\\amd64" "hkey"="HKCU" "command"="C:\\Windows\\system32\\cmd.exe /q /c rmdir /s /q \"C:\\Users\\Stephan Reisig\\AppData\\Local\\Microsoft\\SkyDrive\\17.3.1171.0714\\amd64\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "item"="HP Digital Imaging Monitor" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk" "backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\HP\\DIGITA~1\\bin\\hpqtra08.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WMPNetworkSvc] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3820285416-1422433888-2532357495-1001UA.job --a------ C:\Users\Stephan Reisig\AppData\Local\Google\Update\GoogleUpdate.exe [30-12-2015 11:33] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-StephanReisig-Stephan Reisig" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3820285416-1422433888-2532357495-1001Core" [C:\Users\Stephan Reisig\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3820285416-1422433888-2532357495-1001UA" [C:\Users\Stephan Reisig\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3820285416-1422433888-2532357495-1001UA1d142ed8c2e54a1" [C:\Users\Stephan Reisig\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\{13C9B5CC-3FEE-4D5D-A6C3-6BC17203436B}" [C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe] "C:\Windows\SysNative\tasks\{2E52839A-5C9F-4A58-9D5F-9A676F60B764}" [C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe] "C:\Windows\SysNative\tasks\{7B6FB17C-8210-485D-A745-BA5E3F57B174}" [C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2016-09-27 22:52:07 -------- d-----w- C:\PROGRA~3\dllescort 2017-03-23 22:41:20 -------- d-----w- C:\PROGRA~3\Audyssey Labs 2017-03-24 16:57:50 -------- d-----w- C:\PROGRA~3\Adobe ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [21-03-2014 02:19] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{B64D9B05-48E1-4CEB-BF58-E0643994E900}"="C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff" [] ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted ==== Chromium Look ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Unaniem SER-advies over waarborgen be... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaoiadfohgkhkcfcphafcbikjnkcebfo 'Agatha et Les Lectures illimitées - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh Tombe Victor de Louis Arjaillès - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\afolbfaagllhlekkfbhcjbeejcebfhnb Watch The Transporter Online Free Put... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdgikadkdhcoklnbpbdloneeicajfbg A Roman Bath - YouTube - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\agmhbnaeiipibjaemaijkmcgcjlkjmoc Watch Videos Online | Cul-De-Sac (196... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\aigoinpokakdijfoffpgejkdfglaeikm Watch Fantastic Beast and Where To Fi... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ailggomhgfhpdoejapmimhkgjkkbfoga Why Beauty Matters - Por que a beleza... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\amekmlhanknocpomgfoecfjihheeolca Watch Game of Thrones Season 6 Episod... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampkckihpblflopcoifndcgkhakhonbh How Popular Music's Lyrics Perpetuate... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\anepkhognbkdhfmdjpohljdadhmkflbc Video Downloader - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\aobeeghhhohhefmlmbpmkcdndgebpfkf Free Movies Online 2015 in High Quali... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\apidehnecdoahkcdmbolghjigdmdlodo Watch Stan Lee's Lucky Man Season 1 E... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\baahfipdginijpafflbcbnlhjbgppdnp How to get into galleries. - ARTPUBLISH - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\baimafoemhiflmjhchpfabpbkholceei What Wine Snobs Get Wrong - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdciodfjpdjgheieljbkbidfcpofbkad France 3 Midi-Pyrénées - Actualités - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\beiekhobfnkagffemgiebnocmilohkcf Klacht Albert Heijn ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaclmnibjcbhcjidhjlpfldmahepieh (2) Actie-oproep 4 februari Den Haag:... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjnjejgkkpildegphkolcomgheaccdad Europe by People FabCity - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkoienhnigbnhfkccoinfladhiigninc TTIP leaks | Greenpeace Netherlands - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmggnnedhelgfmjhcmojiffapnklmpgb Stephen Fry: Out There (TV Mini-Serie... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnhdjddhdiojkdggjboofkpomphlncmb Watch I Smile Back For Free On 123Mov... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\bobgjgokekpfomkjnjlopbpolelafblp Overstapservice_overstapkaarten.pdf - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\bockkgmpnpjmefeecaidoebpgalgpold Kleine beurs? Laat geen geld liggen ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\bomdmmbcoadoeimhbkpcalpjeleiiacn Overstapservice_brochure_algemeen.pdf - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpbfjnleemiocmnaphgjhdkcjffpafpo Watch Caligula: 1400 Days of Terror O... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpfgheaaogbodpgimgbiiaifgpfjhnka The Guardian _ Hipsters - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\canaeebheapncghcnanhemjldcdkgcgj Museumnacht - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\canbnenkglancjapacfhlgekeohacjed Watch Sky Online Free Putlocker | Put... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbldflbpjdmlmmofppcodhofahoachco The Guardian - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\cchkoenjgagoabilbaehoojbeemeeajp Facebook - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciignkeokb selector is not a valid CSS selector - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Watch Poldark (2015) - Season 2 For F... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgidnjjcmcbebaaeiljbegkejlpfncpe VPRO Radio Archief Archive » Spleen... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgoamfbhpgpnahocjnfjclejnbmdkpkc Watch Videos Online | Fluestern Und S... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\chapbefpknacjljlkjnehnlfnglaneff Films Avec Comédie en Streaming - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifmodcaehbeiebniffjblnmambjbghj Inspectie Leefomgeving en Transport (... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigmbakgdfpkphbddihapcaoppcjkadb Film Complet Le Casanova de Fellini b... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjdielghkldlkiohblcgpkjglonklmid Is jouw stroomleverancier een voorlop... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjjhdnfllcmoncdkcfeeopebbigafdml Artefacts - Artefacts - Data Portal - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\daldiabflbdmaghaenmmplbekpnjmmnd Eden Classic Damast Koksmes 20 cm | V... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbolnonblpcjmjbjfllgdanofpllhikc Tektopdekop.nl • Tekst op de kop of i... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcaedncgcdagmnkmplkchopjifbmkefh Free Press Unlimited | People deserve... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcckeaenlagpdaohbibokhpjokpmlkho Pleasant Family Shopping: Search resu... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjjcapbbphenkkgehplnoodojmijlnp INSIDER GREEN smoothie - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddmkgpbdjbnhkmgmkiifofhebdmihkia Indishe recepten - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehabacmmgmjodeodahpomlhemekoign BBC - Mary Beard's Ultimate Rome: Emp... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhobddoofjknjdjdohikhgmmpdmhgndb (2) Rudy de Kieviet - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkklkhieckifkekfoboboejibapmdikk Tor Project: Bridges - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfbpmnapejikodfoomcoliddheehlfo Hacked Emails checker for GMail - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\dojhmchmanmobbleamomangagmoblcgf Amnesty arbeiders WK Qatar worden ui... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdgpnlbibaaogpenpccegmnabjkhple www.referendum-partij.be - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjnfleegbpmllehnpdkmadccoaljbfp Film Hibernatus (1969) - Regarder En ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\eamlclmpfkjgjnllijofbiphaliigmgp Among Rare Men: Bronzino and Homoerot... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\eangadcmodagohinchjopelcflhoekde Le Petit Poucet En Streaming - Film C... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\edhgpjgpbchogladhmhgffalcbkolfgp Sketch Toy - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ednofnkligfbacmlfggaccfhpkfopojb Watch A Bigger Splash Online Free Put... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\eelioklepmiclfpflalfmpolobjcgomm Watch The Secret Agent Season 1 Onlin... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\efjhekljleiehnohifldclbcibmkjmkl Niemand wil nog ruilen met Rockefelle... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmennmgmoiildpndcifkfmhphdjnbeb Watch Ice Age 4: Continental Drift On... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\elcbaincdimapjghbgjodhfiihmnajfe Bilderberg 2016 Releases Participant ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\elccpmlhgpcobpdfiackcmnijlkookcn Video Downloader professional - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil Europeana - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakfcgkggenbnicokliphhdiihabogl Lexicon Latinum Wiki - Wikia - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\enhlenogdlocbchhiohkmlnlgokaihdf FUCKINGNEONGREEN - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\epaejngjpjdbfhgcahhoekiohjnknjfe Watch Marvel's Iron Fist For Free On ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\faepjioiblokchliagflhhmgaeiafini Black Road 2016 - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbceabonphbcpineopmiajhmfnlifami Borát een vrolijke strijd tussen fic... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\fblnhlkaleldfknnaeojocepbopghacd Watch Newcomer Online Free Putlocker ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbnhpofdanfhmkhfdhjpoaniamobbeil Goeie Vraag - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcnalcldgopkjnbkddeikbaefnpndhpo Locky Virus File Removal (March 2017 ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcnhcfpamgblkdaodlglnobfibmonlbc Watch Nymphomaniac: Vol. Ii For Free ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepcllhjggenlbmgakdhcbnlcjhmffdb Geldscheppers - Geldscheppers - VPRO ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffonhompjnjedblddnbmbcjjkankbcce Westworld S1 E8: Trace DecayStream TV... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhmfjfjpbdddonbacnbjagnfopcndfno Oefeningen - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\fifinnkefmnegdelfohhhajpmkhiegac Site Maintenance. - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\fikecahikjcjkjneghomknacaddddlfg Watch Absolutely Fabulous Season 1 On... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjmbkhnddkbiiadefpfpplccnigpipi Le Fantôme de Canterville en Streamin... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkpcpdfmeangdokpldnblknhnpnmfdia Watch Phantom Boy For Free On 123Movi... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\fladfhlagdekcnbfjfleeepkgihefnll Het Uur van de Wolf: Mapplethorpe: Lo... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmaepiiafilenkchjfmfbdclmpgjgiak Watch Love and Death Online Free Putl... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnnnbhkeeodkgdlkekfmomlijgjpkhgp Indisch eten - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\fohgiacobblbmbgibaillgmmplfmnmmg Climate change meet your apocalyptic... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\foojobpekkibjggpbbceblkphdhfhlfj veganchallenge.nl - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\gakbmjfhlnilkmhdmmdjaogcgdjbhalb Watch Versailles - Season 1 For Free ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\galfalbphpdhbkdbkokjigialdeingho CETA Wat ze ons willen wijsmaken - J... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiigmmfimbinppjflegcfaeebhilcfg Watch Colonia Online Free Putlocker |... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegpgkcgflecfolcfhjggcpdkponofja Fitness Programs | Top 25 At-Home Exe... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\gekobjfhfojipklhocfckfgpiikgfegl VidBull - Online video portal - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghaioecablbcdbidfpiibjiiofkdlkng Trojan JS/Miuref.B - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbgbibgfggchenikdogeflkkalfdhka Dierlijke bijproducten: overzicht cod... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\gimbefiinndhmnbohlnemoohmaoefclp Putlocker The Fades (2011) Watch Onli... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkbjfdcndmdpdgkkhjjnjgcfdpokbhfg Art Renewal Center® Leading the Reviv... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmagnfjgcdjkaggmfompafoigpmeneac Aron Wiesenfeld - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmldcjdeoomoffgakenefihipbedjlbj El Ministerio Del Tiempo Saison 1 Epi... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\goaeahhhkgejoecjnfcegfolpmhaekcb Risen (2016) Full Movie | MovieOnz - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\goapnflmhbdlmpamcjlecajdemlmickc Watch Westworld Online Streaming | St... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\gohhjhojndngebcfbkehpgmpdfhcdpee Watch Online Victoria Season 1 Episod... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\gohicmmjcidabdmcaponmbkcjnaoedjd Watch The Club Online Free Putlocker ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpgglfeddbnghdjljfhkgipbfeemfbbm Watch Rogue One: A Star Wars Story Fo... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpmdegmeiknodoofcfkhdpjigplkolhd Peter van Ginkel - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbjcedoadppdanibblofdmgnnglpoebe Download Facebook Youtube Videos - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbpnkmpecohkchbckbeoijkfbognkjmf Poldark s1e3 – Episode 3Stream TV Vid... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcaenjncllkacghkmpgpbiomliddilgo Watch Sleep with Me For Free On 123Mo... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdkkfnlheebflgpcapbiopeiggplcbci Artikel 120 Grondwet 21 maart 2016 – ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hffgpefnmpgomfhpfjimchmihbkgijji A guide to this website - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgdddbfhdiimdiopdaiakeminebdcdhd Brother Obama › Cuba › Granma - Offic... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgeifnoahnfkoagflmnjeakolhegemjf Open brief: zes vragen van Doorbraak-... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgknfnaecccmlidgfdehcclebmhmmmcd MAK Sammlungen - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhcdcpifoljalgjkhcmfmjpacihninfj Watch Poldark Online Streaming | Stre... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhgpgfaglelgpmphdcihecnompmgmfpn Watch Espace Galaxy Sci Fi Live TV fr... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkemhdfjgdlhnombcdhlplhnkmemlgfd Speech by Prime Minister Mark Rutte a... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkppfjbaaddofklbopbjoknleoidbccm Speed Test Internet - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlhbmnfdcklajeaeikfinieljfegamko Woord.nl - Woord - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmmfjckfhmjheemchbbaphankcmjjebn COULEURS 2 - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hneeobpbaipanggoakpgfkjeafpkphah Watch The Man Who Fell To Earth For F... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpmndfnhdbimlddalfcknoffceffmflf Cleopatra Full Movie HQ - YouTube - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpocebebicphbbnbfbifbedefbaofjnl Watch Parasyte: Part 1 Online Free Pu... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\iamkmeiebfinibcfabkeebncbhnlekpk Watch Nobody Wants the Night Online F... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibdmmnhplhfldpgnppohcfnnbdhccgog ASN Bank - Betalen > Openen ASN Bankr... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibgmbpehafmlidloimbipdnmgjhppdpd Watch BBC Adventures Architecture 2of... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\icakjpiebbieeaocambfogbafbohfbdo #GAYPORN - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefaihdbelnbdfapfnheekgcjdfgbofi Watch Stan Lee's Lucky Man Season 1 E... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggmhahdjjieanlafgilbphidoafmnlb Watch Penny Dreadful - Season 1 For F... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihabjcmejpheegkhajofkakfomelking Flesh for Frankenstein (1973) - IMDb - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiaaoebgfmegccbalbgogofpnbpjnbff Ons Geld | Voer het debat over geldcr... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikogcaobmcgdjbcdploophdgchmpbppe Boaventura de Sousa Santos - Homepage - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioikbfgdipjknkbcdhkmihbcofbenckg Watch It Might Get Loud Online Free P... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipbhbbpdgmfgikkefjniaohnmmjgbloc El Ministerio Del Tiempo Saison 1 Epi... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbcffiekefigafmhcackgajpipgoaddc Watch Nosferatu the Vampyre Online Fr... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jclfgfeneifeompkakhjfljmdcmomfon Verzorging van oleander (Nerium) - De... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jebmfblfkceaomcgnjmndhobkdmfpeec Timeless S1 E4: Party at Castle Varla... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jemklimmlkndjkhnfapiccdhajohilhg SALMAGUNDI - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfoilfpdkigedjkfofhgdajigcedhibk Watch Aferim Online Free Putlocker |... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgbdnkmikhdihkmcijibeapjgkmeflgn 3Doc Addicted to my Phone kijk je op... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgbgfclagajndnlljkldbhapmainfimg Henk en Ingrid vertrouwen de mainstre... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgilafgplclacgmbgdbaaeklnpmladlp Marco Polo s1e3 – Season 1 Episode 3... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjffmkgfbfnnpocffhiigbnhicjppoej Watch Rome - Season 2 For Free On 123... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjjambfpcokghmhogklejjnlbdbdodbn Andrea Maier - VPRO Zomergasten - Zom... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkbfancjlblmelcfkmbnbpiabhmnoodh How the Art Gallery System Works - Ho... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkblfijkigfciagclgoednkmkmdafccc Watch Mr. Holmes Online Free Putlocke... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhclcmomokpplmoboikmemjjfdpdppj Internet Archive: Digital Library of ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljpbphpenijamfbhjdnbmahofbgpmbi Watch Restless (2011) Online Free Put... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmbajhjjkikpjdkiobdpbfoenbkchhkd Watch Penny Dreadful - Season 3 For F... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnabncnlnepmdajhmjponliklkbeebpi Watch Aloys For Free On 123Movies.to - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jniggnlmbffikohehjhoofjbgmfcggcg Thingful - a search engine for the In... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\jommefbkpgjkifgcngeloeghdfepgaao Putlocker Damage (1992) Watch Online ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanckpjcgikakmdmcjlnpcohiknpdmac Deuteronomium 23:12-13 - SVV - Gij zu... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbcpgngnocfgkbbeaepokkbgpmjjijpb History of the World Part 1 1981 Movi... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcggogdkbmmbmifpnjjgacjomngfokia etymologiebank.nl - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnibfgilecbhlddmjeeglnfkajolplh Watch Roman Polanski: A Film Memoir F... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\kegedmclkfapmgejamlfmenchbppjlkk Watch Notes on Blindness Online Free ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfhmjgiogdjbkbpoiaigkgjjabjgmiff L'Hermine streaming illimité complet ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkjdjddkdbgnkglgioiebiebdnmhng Energievergelijker van Ben Woldring: ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgfphephpahloaflkfnnappmploemggp Natural History Museum: 'We hope peop... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkiifdjncfbendagicncadceodelfcbh ‘De crisis is een bewuste strategie v... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhniidjlooocjdhkmhaldhndjjbmfim VPRO Radio Archief - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ladlcjnmeacdjpbhelmceiffdkcmccip Watch Mr Robot - Season 2 For Free On... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ladnoghbpccppomoijknmdjaphpobeog Plastics on Nabaroo - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\lebjnddnhipgdhgidledmgaaphecngkj Wat Gebeurt Er Met Onverkochte Auto\s... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgebgoipimlfmmgkhahokffnlhckdfnc Watch The White Queen Season 1 Episod... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\lghjaldalgenkakkamhfkgnbpgpjndif Thingful - a search engine for the In... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\lglpjomodadopebfohbcodgcehdcnjaf Stanno tutti bene streaming HD - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\lidggfllfkdalfoogogjlbcngceebeef Watch 'Water is Sacred' - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\lieddpnjankkgbjpglllehljaeehbpan Bosch BGL35MOV20 stofzuiger test | Co... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjledcmkmmpkkhdldeapbpbmdcemdob Ongewenste reclame op internet blokke... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmdicnngipbhlobcgjmendlfchcaleo Shadow World (2016) Full Documentary ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkfpmnekenikhnegpmgpmekoabmhepab Google Drive App Launcher - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh (7) Indischegerechten.com - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnhknngkmijfcdimeokfdommlpjmelme Putlocker The Space Between Us (2017)... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnnolflmfogknlikcdjichebjpkjngjj FAIRPHONE ONDERZOEKT TOP 10 MATERIALE... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\loffkhdeliodibfleamghbjnognhfgcp Watch Timeless Online Streaming | Str... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpdphplkpopbmjnlmmpgjmbhpbhkiedl BBC Beautiful Thing A Passion for Por... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\madbojfjbolkejlmlhceplmdbglikfgo kruidenthee - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\malbjpjnkjkadffofnpgbfhaobimjkfa Pinterest - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbbgdafocgfpdiehbfdlepofidihmgjb Hoe de gratis bril de prijs van brill... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdcemekmhfmkkkmkblmgmbndfgkdndga Putlocker We'll Take Manhattan (2012)... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffnjngcjgfohgghkdelbkopfjicnggk Food Inc. - YouTube - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgidogcgliedlkhagefmldijbhhelimm TEVA en Pharmachemie: Bittere pillen ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknbddehomnbojogggbemfpfhmaaihkn Home | Minds - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpabcedohejfpnielpkfpkekgoakfgm Watch Drowning by Numbers For Free On... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkhijgcehbplnkeelonacnolboolmmi Westworld S1 E7: Trompe L’OeilStream ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpkndojkjlbogkdhdmbhjokfimbinidf Foto's - Google Foto's - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpppndnbbnaogbjodhlacbmakggglbmm Watch Frantz (2016) Online Free Full ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafiiahngchlblfcmpapeipedppophjb Tibetan Pottery Villages - YouTube - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbdipbifhbkplkkddjpciikpepjppehl The pros and cons of lucid dreaming |... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncldljfibgngmienocnmponaijlpaebf Algemeen overleg: \ Midden-Oosten vre... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjdhlhgdpgbjlbbpnmmhmlhbiipjagf Watch Victoria 2016 Online Streaming ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\necojoejffbpdibdiplcabddpgojbpgn Watch The Jim Gaffigan Show Season 1 ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\niblocnfkkgdannoneikjjhjdoanabaa Corporate Europe Observatory | Exposi... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipkdlpcjabdgmiihclagjkhnadijang Chrome Web Store Payments - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Night.Has.Settled.2014.HDRip.X264PLAY... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnimkaknnlehglpicjppfknjnbljbmkp Film Il était Une Fois Un Flic … (197... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjcfenddngkikkhknffklbaflpbbjop Watch Versailles - Season 1 For Free ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaopkjigpchmpoikglagfnffpeccheb TZM - Orientation - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\npeppjbmakggbjkianckohahchcngckf Woord.nl - Het Grote Woord Vakantiepa... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfpoppjamokbjfjoeohggdnpbdjkced Watch A Cat In Paris For Free On 123M... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\occpoeignljdfaipnnljfbngihebidfa DEEZER - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocmdikaodoompfebkgiodomdeapbopgn Particulieren - Overstapservice - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgnjpnfpacgpkkakcmmkabdfliececb Watch Mr Robot - Season 1 For Free On... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohphiphdojcpnhhelnpbhchibjbjgpld Tacitus - Wikiquote - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\okjhckjkeldeokopbgcpljlpapbjheil Penny Dreadful Season 1 | Official Tr... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\oklpoiioopklppbmdbmfacpjhbpkakgc Watch The International (2009) Online... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\okplpciiaglenchhkihjbapjapmhhedo Boeren & Buren - Amsterdam - de Ceuvel - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\omhdampjgpmmphbcnbdmogpkhigjlhia Watch Game Of Thrones - Season 5 For ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\onifhjmlgghkllhngcolnfbfcdnlniih TinEye - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcblbfjnannhogpnedjdekojjnbnfdgm Watch German Angst For Free On 123Mov... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnnapelnmkahofijkknlgnpemlkfonb Financial Times - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfbidfedooelaboobfdeajemneeholel Readings in evolution genetics and ... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pichiocgkfgdiiidimgopekknlikndji GeenStijl SorosLeaks: Miljardair koo... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjmcjcoiaecpplkkhegijnckkcoeggcf Watch Upstart Crow Season 1 Online Fr... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjndnanhkkjilnbbiedhbeoaanhmioak Chrome Media Router - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm Watch Passengers For Free On 123Movie... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkgkkbciijajonmifghaoepdoomocjco Watch The Proposition 0:34 min - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\plbpclikpjcdfdialkcbnkohelclffcp Watch Hitler: The Last Ten Days Onlin... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pldjcgclmihjppdmnggmhebodnlpbiod Radio Kiss Kiss Italia - Italië - Liv... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pomfmemknjhfaekmbobcibgapljlflbj Het Uur van de Wolf: Boudewijn Büch -... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppbpaeecgkoplalbjnkkmdkpadokadmg Watch The Last Kingdom Season 1 Onlin... - Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppmmppkcfcmdafigbapkcdejlnngibod ==== Chromium Fix ====================== C:\Users\Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\anepkhognbkdhfmdjpohljdadhmkflbc deleted successfully C:\Users\Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\aobeeghhhohhefmlmbpmkcdndgebpfkf deleted successfully C:\Users\Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil deleted successfully C:\Users\Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjjcapbbphenkkgehplnoodojmijlnp deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {812B7708-C73A-48D5-8E61-C6497B3E163E} Google Url="https://www.google.com/search?q={searchTerms}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3820285416-1422433888-2532357495-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_USERS\S-1-5-21-3820285416-1422433888-2532357495-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_USERS\S-1-5-21-3820285416-1422433888-2532357495-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully HKEY_USERS\S-1-5-21-3820285416-1422433888-2532357495-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully HKEY_USERS\S-1-5-21-3820285416-1422433888-2532357495-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_USERS\S-1-5-21-3820285416-1422433888-2532357495-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3820285416-1422433888-2532357495-1001\Software\Mozilla\Firefox\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [Google Update] C:\Users\Stephan Reisig\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_97C779258E62005D8547D81313898954] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Stephan Reisig\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephan Reisig\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (file missing) O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing) O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (file missing) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: E.dentifier2 Connector Service (becwssvr) - ABN AMRO - C:\Program Files (x86)\ABN AMRO e.dentifier2\wss\becwssvr.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Stephan Reisig\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Stephan Reisig\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=190 folders=103 15720311 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Stephan Reisig\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\STEPHA~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Stephan Reisig\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil" deleted ==== EOF on za 25-03-2017 at 19:18:31,46 ======================