Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by GK5 on ma 18-04-2016 at 8:44:22,60. Microsoft Windows 10 Pro 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: E:\MAILBOX\zoek.exe [Scan all users] [Checkboxes used] ==== System Restore Info ====================== 18-4-2016 08:46:23 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\ProductData deleted successfully C:\Users\GK5\AppData\Local\ActiveSync deleted successfully C:\Users\GK5\AppData\Local\PeerDistRepub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Acrobat Reader DC - Nederlands Adobe Flash Player 21 NPAPI Adobe Refresh Manager Adobe Shockwave Player 11.5 AnyDVD AVG AVG 2016 AVG Protection aXmag ePublisher3 Belgium e-ID middleware 4.0.7 (build 7466) Box Sync CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Internet Library for ZoomBrowser EX Canon MOV Decoder Canon MOV Encoder Canon MovieEdit Task for ZoomBrowser EX Canon MP Navigator EX 1.0 Canon MP610 series Canon PowerShot Utilities PhotoStitch 3.1 Canon Utilities CameraWindow Canon Utilities CameraWindow DC 8 Canon Utilities Easy-PhotoPrint EX Canon Utilities My Printer Canon Utilities MyCamera Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility CCleaner CloneCD CloneDVD2 Corel Paint Shop Pro Photo X2 Directory Printer 3.6 DYMO Label v.8 erLT FMW 1 FormatFactory 3.6.0.0 Foxit Reader Google Chrome Google Earth Plug-in Google Update Helper HEMA fotoalbum be-nl Java 8 Update 77 Java 8 Update 77 (64-bit) Java Auto Updater Logitech Harmony Remote Software Logitech SetPoint 6.67 Microsoft .NET Framework 4.5.2 Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) Microsoft Office Professional Plus 2016 - nl-nl Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Mozilla Firefox 45.0.2 (x86 nl) Mozilla Maintenance Service MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) MyFreeCodec NEC Electronics USB 3.0 Host Controller Driver Netop Remote Control Guest Netop Remote Control Host NiceLabel 5 Office 16 Click-to-Run Extensibility Component Office 16 Click-to-Run Licensing Component Office 16 Click-to-Run Localization Component POP Peeper PrimoPDF -- brought to you by Nitro PDF Software Realtek USB 2.0 Card Reader Samsung Magician SAMSUNG USB Driver for Mobile Phones Security Update for CAPICOM (KB931906) Snagit 11 SoundMAX Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Taalpakket voor Visual Studio Tools for Office 3.0 Runtime - NLD TeamViewer 11 TextPad 4.7 ThumbHTML 2.9.1, Build 360 tools-freebsd tools-linux tools-netware tools-solaris tools-windows tools-winPre2k Total Commander 64-bit (Remove or Repair) TrueCrypt UltraISO Premium V8.6 VASCO Card Reader Plug-In (64-Bit) VASCO Smart Card Reader Plug-In (User) Visual C++ 8.0 Runtime Setup Package (x64) Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Visual Studio Tools for the Office system 3.0 Runtime Visual Studio Tools for the Office system 3.0 Runtime Language Pack - NLD Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) VLC media player 2.1.2 VMware Workstation Windows Desktop Gadgets Windows Media Player Firefox Plugin WinToUSB version 2.7 Xara Designer Pro X11 ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe C:\StandAlone Apps\Autorun Organizer V1.30 Portable\StartupCheckingService.exe C:\Program Files (x86)\Common Files\EuroPlus Shared\LblServices.exe C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE C:\WINDOWS\SYSWOW64\VMNAT.EXE C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe C:\Windows\SysWOW64\PSIService.exe C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\StandAlone Apps\Keyboard LEDs V2.5.0.51 Portable\KeyboardLeds.exe C:\StandAlone Apps\ArsClip V5.0.6\ArsClip.exe C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe C:\Program Files (x86)\TechSmith\Snagit 11\TSCHelp.exe C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe C:\Program Files (x86)\AVG\Av\avgui.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\TechSmith\Snagit 11\snagiteditor.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\StandAlone Apps\IObit Uninstaller V5.1.0 NL Portable\UninstallMonitor.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe E:\MAILBOX\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\GK5\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\0renmqtb.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_18-04-2016_0910_.backup ProfilePath: C:\Users\GK5\AppData\Roaming\KompoZer\Profiles\mk27mpyp.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_18-04-2016_0910_.backup ProfilePath: C:\Users\GK5\AppData\Roaming\kompozer.net\KompoZer\Profiles\4hhozq3t.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_18-04-2016_0910_.backup ProfilePath: C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default user.js not found ---- Lines yahoo removed from prefs.js ---- user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"private user_pref("capability.policy.maonoscript.sites", "addons.mozilla.org afx.ms ajax.aspnetcdn.com cdnjs.cloudflare.com code.jquery.com firstdata.com firs ---- FireFox user.js and prefs.js backups ---- prefs_18-04-2016_0910_.backup ProfilePath: C:\Users\GK5\AppData\Roaming\Nvu\Profiles\mvumoytv.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_18-04-2016_0910_.backup ==== Deleting Files \ Folders ====================== C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default\searchplugins\avg-secure-search.xml deleted C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default\extensions\firefox@ghostery.com.xpi deleted C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default\jetpack deleted C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default\extensions\support@lastpass.com deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8062 MB CPU Info: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz CPU Speed: 2329,9 MHz Sound Card: Luidsprekers (High Definition A | Hoofdtelefoon (High Definition | Display Adapters: ATI Radeon HD 2400 XT | ATI Radeon HD 2400 XT Monitors: 1x; Dell 2208WFP(Digital) | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: Intel(R) 82566DM-2 Gigabit Network Connection | VMware Virtual Ethernet Adapter for VMnet1 | VMware Virtual Ethernet Adapter for VMnet8 CD / DVD Drives: 1x (L: | ) L: PLDS DVD+-RW DH-16A6S Ports: COM1 LPT1 Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 120,4GB | E: 146,7GB | F: 154,8GB | G: 97,7GB | V: 112,4GB | X: 197,0GB Hard Disks - Free: C: 70,3GB | E: 63,1GB | F: 59,0GB | G: 81,2GB | V: 27,0GB | X: 56,4GB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | 06/11/12 | DELL - 15 Time Zone: Romance (standaardtijd) Motherboard *: Dell Inc. 0GM819 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Default Browser: Firefox 45.0.2 Internet Explorer Version: 11.212.10586.0 Mozilla Firefox version: 45.0.2 (x86 nl) Google Chrome version: 49.0.2623.112 Adobe Reader version: 15.10.20056.167417 Sun Java version: 1.8.0_77 (32-bit) Sun Java version: 1.8.0_77 (64-bit) Flash Player version: 21.0.0.213 Shockwave Player version: 11.5.7r609 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\GK5\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-04-17 17:38:46 446734E63D58CB28A6FA5ACC828F22B3 97856 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-04-13 10:40:26 E07F85C08C025B08F25150E60CB69B44 37376 ----a-w- C:\WINDOWS\SysWOW64\atmlib.dll 2016-04-13 10:40:26 529ADF562993ACA4B8AB43847F42F9B0 18673664 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-04-13 10:40:26 49A21B514FC10B2D55499D58DC78E862 45568 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll 2016-04-13 10:40:24 C31E805C9AD3DBEA0A75337312967E77 792064 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2016-04-13 10:40:24 B4102814D9B1D1FC6C39869D7F224E12 303104 ----a-w- C:\WINDOWS\SysWOW64\atmfd.dll 2016-04-13 10:40:24 2BFF4D19D7FC686C150879A2FD5BAE77 2229760 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-04-13 10:40:24 17998B6098C06B8FAA32890D6E1F7A58 19340800 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-13 10:40:23 FD639F1372389D7C5990663D6A100CFE 541304 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-04-13 10:40:23 D5BF10F0C309C82820813A7190CE1F5F 65536 ----a-w- C:\WINDOWS\SysWOW64\wininetlui.dll 2016-04-13 10:40:23 51A5FD6E5EF1E9A2C63C615F238961F9 1500672 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-13 10:40:22 F172B5FDEACA0C57A4892208F617AB91 12125184 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-13 10:40:21 D28C3C4AAB51D00FD6EFA07F6DCC1CBA 1862008 ----a-w- C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-04-13 10:40:10 C57E960CD2C7F64AE0295DF0423FE071 1444352 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-04-13 10:40:10 B74C5FA6221607F864C62090F74FDB80 799744 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll 2016-04-13 10:40:08 3D74763FFF3EF03D8CC9233B5A0EBBB2 13018624 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-04-13 10:40:07 65930B7D5917CB0D76CAA51A46F3850B 9918976 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-04-13 10:40:06 408AF8141C4A44BC120F4204F8F79A75 1944576 ----a-w- C:\WINDOWS\SysWOW64\InputService.dll 2016-04-13 10:40:05 0822CB125008CFCA3DFB52C9DF118273 5662208 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-04-13 10:40:03 287FAD133D3E5F47DB367B86DC523631 2798080 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-04-13 10:40:03 15C9692077BA7E20D64E34AE6210B438 5202944 ----a-w- C:\WINDOWS\SysWOW64\BingMaps.dll 2016-04-13 10:40:02 265DB46FE368D8F701A74976D3823ADC 986976 ----a-w- C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-04-13 10:40:01 4B6F30BA21606440EC91852F15B296A9 1626624 ----a-w- C:\WINDOWS\SysWOW64\dwmcore.dll 2016-04-13 10:40:00 CC2F923F02D8EB36D0C442CE709B6CD9 1139712 ----a-w- C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2016-04-13 10:40:00 402A33FCE08200518FB0012A6BF2E966 2722816 ----a-w- C:\WINDOWS\SysWOW64\esent.dll 2016-04-13 10:40:00 395AC69CCD9E2D590775AA6ADD2AE1D2 649728 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-04-13 10:39:59 2C313D0D6CAF3467664058F15742CC98 354304 ----a-w- C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-04-13 10:39:59 127D1DD4E7385AB56A32D72CF948DB9B 711680 ----a-w- C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-04-13 10:39:58 E46FCEC3EAC209AFCDB2825386E51423 415232 ----a-w- C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-04-13 10:39:58 D57F7D9FB771CA0B434E975F76413430 1072128 ----a-w- C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2016-04-13 10:39:58 70128BC69D515F2D38577D2438861424 133632 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-04-13 10:39:58 52A1E3042711C59E316936C9EDE560F8 502104 ----a-w- C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-04-13 10:39:58 4135F625D8F20D76FB29F86FE7A4CC48 93696 ----a-w- C:\WINDOWS\SysWOW64\fontsub.dll 2016-04-13 10:39:57 BED401741C226F05FCD2C2678F9E9F14 350720 ----a-w- C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-04-13 10:39:57 B8AC85F66A12455FB3F2FDB916B1C679 498176 ----a-w- C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-04-13 10:39:57 B71A99EC3D8818A6662A6A9D26FE5807 346624 ----a-w- C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-04-13 10:39:57 B1D8636E375413D57B50BDE20CA5E710 358400 ----a-w- C:\WINDOWS\SysWOW64\AccountsRt.dll 2016-04-13 10:39:57 897906025BD3616BF9C30A3979A73DEE 712704 ----a-w- C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2016-04-13 10:39:57 88E6A274B44C66EDBD26F2BA9E0ACE8F 253088 ----a-w- C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-04-13 10:39:57 6D062C6E2C47B3DCDE8F4C3FDB634DEE 83456 ----a-w- C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-04-13 10:39:56 FEB304F6F577D923E390F5D6BE7DF870 800768 ----a-w- C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-04-13 10:39:56 C31BB8559C52E389B82A4B533C2FB39A 764928 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2016-04-13 10:39:56 3ABE2040F4F9BDDD008EC5D4713D5ABE 294752 ----a-w- C:\WINDOWS\SysWOW64\msv1_0.dll 2016-04-13 10:39:55 F29EDA4FE119EBF4881C9BA9AE7B27E7 84832 ----a-w- C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-04-13 10:39:55 CC68ABFB0AA40F62E7BD740101A0C92B 1117184 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2016-04-13 10:39:55 CA3C908B5C24293F1F1FB89301D63F16 1588224 ----a-w- C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-13 10:39:55 6A7ACABAE92C837F5C1330188EAE36AE 535080 ----a-w- C:\WINDOWS\SysWOW64\dnsapi.dll 2016-04-13 10:39:55 64229C17CFE9262689EAE3E852D3975F 296488 ----a-w- C:\WINDOWS\SysWOW64\policymanager.dll 2016-04-13 10:39:55 594D1C58958A1F980336964B643784F3 3671040 ----a-w- C:\WINDOWS\SysWOW64\msi.dll 2016-04-13 10:39:55 1F19665881A6167CC9E31A42C1F98AC3 638464 ----a-w- C:\WINDOWS\SysWOW64\TokenBroker.dll 2016-04-13 10:39:55 0BF6FDE72035DDC32FAF24344853B80B 777728 ----a-w- C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2016-04-13 10:39:54 C122D52ED9662F09EC2650B010544468 73872 ----a-w- C:\WINDOWS\SysWOW64\srvcli.dll 2016-04-13 10:39:54 ACE2B02BA07DF7F13F59D07F7A38AA18 161792 ----a-w- C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-13 10:39:54 7D276C5DF303462091092C3311027D30 129024 ----a-w- C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2016-04-13 10:39:54 7C7CC816CEEB07022EBCC6B779B16E1D 521728 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2016-04-13 10:39:54 7C557ABB26C2B2D930AA005FF6A8C025 592384 ----a-w- C:\WINDOWS\SysWOW64\Windows.Web.dll 2016-04-13 10:39:54 2C0BBF7FC5526D7285BEAD239895C473 682496 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2016-04-13 10:39:54 2BDB397DC5EC7D3186358F7F2388A009 59904 ----a-w- C:\WINDOWS\SysWOW64\MosStorage.dll 2016-04-13 10:39:53 D1600085065675F98F41A01DCD03AA6E 854528 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2016-04-13 10:39:53 C5F501F481234D821457CA3A270BFCE7 83968 ----a-w- C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll 2016-04-13 10:39:53 B9378EA1892974391D15D54E57056130 151040 ----a-w- C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-04-13 10:39:53 B65D241B81A010B6A78CCEEA900CCFC0 56320 ----a-w- C:\WINDOWS\SysWOW64\wkscli.dll 2016-04-13 10:39:53 AD1EC1102124182624F1224768FFAE96 564224 ----a-w- C:\WINDOWS\SysWOW64\WSDApi.dll 2016-04-13 10:39:53 8D9CB9BB31AC17112D75456E928C3839 103936 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2016-04-13 10:39:53 7D51637A2E604113F1A4E96FF3F2727C 51128 ----a-w- C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-04-13 10:39:53 6C2B2CA75F486449921ED10A39DB9799 69744 ----a-w- C:\WINDOWS\SysWOW64\netapi32.dll 2016-04-13 10:39:53 6920DEFBFA38033B2438ED9760231C12 219648 ----a-w- C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-04-13 10:39:53 5E52C817BCF919CF11CD523A2EC4A456 638464 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.dll 2016-04-13 10:39:53 35B0826C3EF8A0E16DF4F4A8D30246C7 705536 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll 2016-04-13 10:39:53 1A341701906986F1865766C6849269FC 323072 ----a-w- C:\WINDOWS\SysWOW64\oleacc.dll 2016-04-13 10:39:52 F0D9C0E953ACE5E5B8D3DD799B089B00 306176 ----a-w- C:\WINDOWS\SysWOW64\ieproxy.dll 2016-04-13 10:39:52 B4643C990D071EE99D9713336052F97B 193024 ----a-w- C:\WINDOWS\SysWOW64\credprovhost.dll 2016-04-13 10:39:52 92B98A16E41005D74CF7B2EF28AB1FCF 26112 ----a-w- C:\WINDOWS\SysWOW64\wsdchngr.dll 2016-04-13 10:39:52 806D3A66BBC91F7F2B4FCC337C13EFAE 239104 ----a-w- C:\WINDOWS\SysWOW64\NotificationObjFactory.dll 2016-04-13 10:39:51 F297B1F54D3FF42732C89C738AEC041F 141824 ----a-w- C:\WINDOWS\SysWOW64\easwrt.dll 2016-04-13 10:39:51 EAF904785CA7849C66F6DC2EF0A0E0E7 22528 ----a-w- C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe 2016-04-13 10:39:51 E9B121C13C171C28E8AF4871B52AABA0 450560 ----a-w- C:\WINDOWS\SysWOW64\SyncController.dll 2016-04-13 10:39:51 9A9CDAB4049BDB383C5CA8746F44E4CB 269824 ----a-w- C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-13 10:39:51 3EB91A44E6BCD05CA257E113FCA1DA0C 43520 ----a-w- C:\WINDOWS\SysWOW64\browcli.dll 2016-04-13 10:39:51 2E947792E9B1C738E33FD5794B1650F9 30208 ----a-w- C:\WINDOWS\SysWOW64\tbauth.dll 2016-04-13 10:39:50 E793B893135F3B6942B6230D45E27610 61440 ----a-w- C:\WINDOWS\SysWOW64\samlib.dll 2016-04-13 10:39:50 DDD613E502D30A6E2E407F3280521311 87040 ----a-w- C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-04-13 10:39:50 DBC451C2509141BFA9F851004A5DF99B 2193408 ----a-w- C:\WINDOWS\SysWOW64\actxprxy.dll 2016-04-13 10:39:50 C9D7861D1C984E1997A3778A97DD1AF9 162816 ----a-w- C:\WINDOWS\SysWOW64\MTF.dll 2016-04-13 10:39:50 BF769A5BEA8E50F12264746D30D57C6F 52736 ----a-w- C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll 2016-04-13 10:39:50 BC5D8155DBA7DC0E4F92430701C19901 161280 ----a-w- C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-04-13 10:39:50 979CCB709243FE7B0E75E9CDCCF8C9A8 784896 ----a-w- C:\WINDOWS\SysWOW64\NMAA.dll 2016-04-13 10:39:50 96BFB1E4B3F38D999E418D286BE45BFB 118272 ----a-w- C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-13 10:39:50 91ED19257EAA98C1C95A7E5F0FF07FF0 10240 ----a-w- C:\WINDOWS\SysWOW64\oleacchooks.dll 2016-04-13 10:39:50 2823A28AB08EE9DCE85436C700799D66 80384 ----a-w- C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll 2016-04-13 10:39:50 144B4EDF56E0D48C501F4AAEE5E032B0 6297088 ----a-w- C:\WINDOWS\SysWOW64\mos.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-04-17 17:40:05 B95C3BE37AE9B3AFB1CBB788C46AA798 110144 ----a-w- C:\WINDOWS\Sysnative\WindowsAccessBridge-64.dll 2016-04-13 10:40:24 7A0E065E46156F9288AE32B1E0399247 52224 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll 2016-04-13 10:40:23 E2B2525EF375D716E0DE6FE8F3ADCEDB 365568 ----a-w- C:\WINDOWS\Sysnative\atmfd.dll 2016-04-13 10:40:23 AE6A68A065D4C26AF4BEFAA53623B266 2755584 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-04-13 10:40:23 4025493B778984A65B1A310864C4F08C 970752 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2016-04-13 10:40:22 CD885F960066DDD538CD1BBD509A0EC0 69632 ----a-w- C:\WINDOWS\Sysnative\wininetlui.dll 2016-04-13 10:40:21 F7391A45172C10D8B79A239CDD8BA88B 209408 ----a-w- C:\WINDOWS\Sysnative\storewuauth.dll 2016-04-13 10:40:21 B21B08D436D2B9E7D280FCF9BCBB5DDE 22378496 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-04-13 10:40:21 60C04811AC0BB0BFC5E00D293B8F4464 630632 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe 2016-04-13 10:40:21 0F85790D9E32FA0B8798AECBBEF6F5F4 1731584 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-04-13 10:40:20 A6A8B92FBADFA793794C0EEFA77941C3 13382656 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-04-13 10:40:19 A2B2198B126C8BB489585994A453B064 7474016 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-04-13 10:40:19 7F7591CCC146EC7D9EB77C1277D605F4 1213440 ----a-w- C:\WINDOWS\Sysnative\wwansvc.dll 2016-04-13 10:40:19 3D0DE8170ECCEC20CBF205D79C535BA1 2275328 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-04-13 10:40:19 14D75B31BA6A28F4A46D7432B48C26B3 45568 ----a-w- C:\WINDOWS\Sysnative\atmlib.dll 2016-04-13 10:40:18 DBADA23940BA56E3D96762C961145654 24602112 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-04-13 10:40:18 92FB4032354D2074DA0DC9E70D8305B1 1388032 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2016-04-13 10:40:18 703F15FBAEA94F88FD5E12EFA94A0F7E 2656952 ----a-w- C:\WINDOWS\Sysnative\CoreUIComponents.dll 2016-04-13 10:40:18 5417FA7098B9A1F5A6EECB198A7B4BFC 3592704 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-04-13 10:40:10 6870232D80480DA4FF1FBE3373FCA06E 965632 ----a-w- C:\WINDOWS\Sysnative\SRH.dll 2016-04-13 10:40:10 2F9B478546FC00827CB269BAD949D98B 16985600 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2016-04-13 10:40:10 290D24F50396B379338790B8E8D1C503 1714688 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll 2016-04-13 10:40:07 2291CACFF9BE4252C2D39D1A6D27B4E4 11545600 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-04-13 10:40:06 99D5C132D5085DACBFF909C3AAF832AC 2624512 ----a-w- C:\WINDOWS\Sysnative\InputService.dll 2016-04-13 10:40:06 775B118277B9A81BF9B23AA386A9196D 7836160 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-04-13 10:40:06 04EDE78320552097AC7EB3CE69A4A0BD 118272 ----a-w- C:\WINDOWS\Sysnative\fontsub.dll 2016-04-13 10:40:05 F8FAB3E1281FB937DB1C8109842A9534 3994624 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll 2016-04-13 10:40:04 32F3BA2C4849ED727508C021F999E147 3428864 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll 2016-04-13 10:40:03 5DFAF8BE5A3CABAABF6795BC09EB7876 948736 ----a-w- C:\WINDOWS\Sysnative\XblAuthManager.dll 2016-04-13 10:40:02 D0CCDC8D0D00DA363F9D87C2E9A803EF 1297752 ----a-w- C:\WINDOWS\Sysnative\LicenseManager.dll 2016-04-13 10:40:02 BE7D6EA3650F1C25076335A9C1F3D59B 1098240 ----a-w- C:\WINDOWS\Sysnative\dosvc.dll 2016-04-13 10:40:02 93E597D2B5C653E94680E8B8E1C59B36 641536 ----a-w- C:\WINDOWS\Sysnative\enterprisecsps.dll 2016-04-13 10:40:02 92840BF0817C457BB011220BA21BAE9B 1832448 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2016-04-13 10:40:02 5276C6CCA158FD73D20642C6A7A507E7 1946112 ----a-w- C:\WINDOWS\Sysnative\dwmcore.dll 2016-04-13 10:40:02 2A2C0983B6FE62F02E7183335B1F5C20 1054208 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2016-04-13 10:40:02 0C015924C6DA5368E6B102CC597AC640 1390080 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll 2016-04-13 10:40:01 EFA3EFE172FDA2EE7C3F64F17277181C 7199232 ----a-w- C:\WINDOWS\Sysnative\BingMaps.dll 2016-04-13 10:40:01 DB0C2721BE0E21EAA0C4C70B07F481DE 3078144 ----a-w- C:\WINDOWS\Sysnative\esent.dll 2016-04-13 10:40:01 B471A4DA6F8DFF957B6F109FA182C366 3575296 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsThresholdAdminFlowUI.dll 2016-04-13 10:40:01 2F844EBBB6BAA883BDDC472C44B738AE 1388544 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2016-04-13 10:40:00 F99D8BF6ACA4728C9E285BD161C22BCB 938496 ----a-w- C:\WINDOWS\Sysnative\MapControlCore.dll 2016-04-13 10:40:00 E8A201E7ACF39359D99EEDD3D059E5AC 1395712 ----a-w- C:\WINDOWS\Sysnative\UIAutomationCore.dll 2016-04-13 10:40:00 E5421101B84007FBC3D11501A6887F42 471552 ----a-w- C:\WINDOWS\Sysnative\NetSetupShim.dll 2016-04-13 10:40:00 D8F3E820C39808C00A687AED554D23C0 859136 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll 2016-04-13 10:40:00 9065EB3B7E982A5370790BF729EDBBA7 696664 ----a-w- C:\WINDOWS\Sysnative\NetSetupEngine.dll 2016-04-13 10:40:00 49FDB6B2E192AD639F09EF90C32A0395 852480 ----a-w- C:\WINDOWS\Sysnative\MapsStore.dll 2016-04-13 10:40:00 42C6780C909074A1879F8BBA34920FE6 988160 ----a-w- C:\WINDOWS\Sysnative\SharedStartModel.dll 2016-04-13 10:39:59 EF953237B34D1468B81A6AB260A3C524 1317640 ----a-w- C:\WINDOWS\Sysnative\winload.efi 2016-04-13 10:39:59 C59CF7385D070450643D61C8ADEFFE3C 958976 ----a-w- C:\WINDOWS\Sysnative\RemoteNaturalLanguage.dll 2016-04-13 10:39:59 BFE2669F7B0EB1EBAF587490E9E591AA 630272 ----a-w- C:\WINDOWS\Sysnative\PhoneProviders.dll 2016-04-13 10:39:59 92291BFE95AD37CF486BD3E4B31F746B 1141504 ----a-w- C:\WINDOWS\Sysnative\winload.exe 2016-04-13 10:39:59 77981E6F98F4A8743D3AEB1A8AF4DE09 108544 ----a-w- C:\WINDOWS\Sysnative\InputLocaleManager.dll 2016-04-13 10:39:59 518A992A6700A86A47F79388F91737C0 1090048 ----a-w- C:\WINDOWS\Sysnative\RDXService.dll 2016-04-13 10:39:59 492FB85E61768950CDD27C87AED6E8FA 587776 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll 2016-04-13 10:39:59 1BF000CFA56FD272B4ECAC167CDF6A8F 1211904 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Cred.dll 2016-04-13 10:39:59 0F3C165B71F8140F50A1DB5DE3E6D695 2158592 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2016-04-13 10:39:58 C1C169EFA8E5E30A0A521C0409CAC153 874968 ----a-w- C:\WINDOWS\Sysnative\winresume.exe 2016-04-13 10:39:58 B0236F0FB7402381A50F2EBF031C49CF 1030416 ----a-w- C:\WINDOWS\Sysnative\winresume.efi 2016-04-13 10:39:58 834D1648124F0F2729462BF79DB0C2CD 369912 ----a-w- C:\WINDOWS\Sysnative\audiodg.exe 2016-04-13 10:39:58 728146F5877FD08DE65B21817ABB19A8 765952 ----a-w- C:\WINDOWS\Sysnative\fveapi.dll 2016-04-13 10:39:58 6A0745D04DFB6E37A6D0FEE339A0B742 556032 ----a-w- C:\WINDOWS\Sysnative\PsmServiceExtHost.dll 2016-04-13 10:39:58 62300878366762EABAC7834543964A6E 498688 ----a-w- C:\WINDOWS\Sysnative\tileobjserver.dll 2016-04-13 10:39:58 46E51F35566F8B73540D56EAA0A97E46 175616 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Core.TextInput.dll 2016-04-13 10:39:58 45D26646E3AD737E5DE3DB91CCCE7DBA 339968 ----a-w- C:\WINDOWS\Sysnative\SensorService.dll 2016-04-13 10:39:58 3F4C879B631C77878B42F89990518F72 460288 ----a-w- C:\WINDOWS\Sysnative\MapConfiguration.dll 2016-04-13 10:39:58 258BCD1FE978849EDB02D131FD1F7893 989536 ----a-w- C:\WINDOWS\Sysnative\SecConfig.efi 2016-04-13 10:39:58 1AE232355968BBCA3787B5B35DCA0FD0 550912 ----a-w- C:\WINDOWS\Sysnative\StoreAgent.dll 2016-04-13 10:39:58 0271B5C23A375E008C34024088D0F396 1575936 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Speech.dll 2016-04-13 10:39:57 E5C3042B68D4EA89B3C52E150E553DA0 617984 ----a-w- C:\WINDOWS\Sysnative\StorSvc.dll 2016-04-13 10:39:57 D842C2B65E77C13273B626317A5BC5C4 555520 ----a-w- C:\WINDOWS\Sysnative\SyncController.dll 2016-04-13 10:39:57 C5DEEC4F7ED591D1E322899ADC4EE45F 207360 ----a-w- C:\WINDOWS\Sysnative\NetSetupSvc.dll 2016-04-13 10:39:57 C1FD242DB2679B7E8F9D54955131A603 1056256 ----a-w- C:\WINDOWS\Sysnative\JpMapControl.dll 2016-04-13 10:39:57 B7C13F4BE0263F3A8303404A96F4246D 358752 ----a-w- C:\WINDOWS\Sysnative\msv1_0.dll 2016-04-13 10:39:57 87F0EA669FB37C03207A8870C3B91174 1410560 ----a-w- C:\WINDOWS\Sysnative\Windows.Web.Http.dll 2016-04-13 10:39:57 8790833B243AB6DD22A1F86FFB26B689 1052160 ----a-w- C:\WINDOWS\Sysnative\MsSpellCheckingFacility.dll 2016-04-13 10:39:57 85EE46E85C3E76809BC454A50564ECD6 418304 ----a-w- C:\WINDOWS\Sysnative\dmenrollengine.dll 2016-04-13 10:39:57 7ED9629564A44BF0ECAEDEDE7B1BC1FF 988160 ----a-w- C:\WINDOWS\Sysnative\NMAA.dll 2016-04-13 10:39:57 7ECAE31725C1DC35CC448FA8D0EA09D9 324608 ----a-w- C:\WINDOWS\Sysnative\RDXTaskFactory.dll 2016-04-13 10:39:57 3C994D13A234D0E33D592CDF55F09B01 628736 ----a-w- C:\WINDOWS\Sysnative\MessagingDataModel2.dll 2016-04-13 10:39:57 281C61D772D6F267FEABDF71E38C621C 821760 ----a-w- C:\WINDOWS\Sysnative\TokenBroker.dll 2016-04-13 10:39:57 1F3D69B0AE210874DDC300C3EF1C9CCD 438784 ----a-w- C:\WINDOWS\Sysnative\AccountsRt.dll 2016-04-13 10:39:57 1E1631970DDFD63EDD4483D33E18EC89 300104 ----a-w- C:\WINDOWS\Sysnative\LockAppHost.exe 2016-04-13 10:39:57 167176E3A8B095C2E807D27CBE6AB0D3 1902592 ----a-w- C:\WINDOWS\Sysnative\msxml3.dll 2016-04-13 10:39:56 F374C27099807E99A156953F8416D34A 361472 ----a-w- C:\WINDOWS\Sysnative\bdesvc.dll 2016-04-13 10:39:56 DB2911201B4AAC79AF712C5551F0C41D 688640 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.Connectivity.dll 2016-04-13 10:39:56 AB3F697651DDAE1C424C9B2412EFBB59 1239552 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Bluetooth.dll 2016-04-13 10:39:56 82A4EFF3567A00EAAA5929C64C42F22D 269824 ----a-w- C:\WINDOWS\Sysnative\moshostcore.dll 2016-04-13 10:39:56 8024D7BDD26E9C1280B8B6D605488179 848896 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll 2016-04-13 10:39:56 335995302980B83CA6B1974A84AC6009 730344 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Shell.Broker.dll 2016-04-13 10:39:55 E15D10FA246ADC4DC59B93C13F417AA3 440320 ----a-w- C:\WINDOWS\Sysnative\CredProvDataModel.dll 2016-04-13 10:39:55 B82C04128A96A05139F9F58ED07D0DB2 3351040 ----a-w- C:\WINDOWS\Sysnative\msi.dll 2016-04-13 10:39:55 AC71C0A77ED618382D5422C6AB1747E4 169472 ----a-w- C:\WINDOWS\Sysnative\mdmmigrator.dll 2016-04-13 10:39:55 9A3E17CDB177913C2A111C80F3D0DBB4 686976 ----a-w- C:\WINDOWS\Sysnative\dnsapi.dll 2016-04-13 10:39:55 5CB565C1A0A30D76D7B099EEF9654297 256000 ----a-w- C:\WINDOWS\Sysnative\accountaccessor.dll 2016-04-13 10:39:55 51449675B00C62F970B497A2FBF1BC46 787456 ----a-w- C:\WINDOWS\Sysnative\Windows.Web.dll 2016-04-13 10:39:55 5066575F39AEECAA7A9E03C0FA007A90 881664 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Input.Inking.dll 2016-04-13 10:39:55 4C5D035670EB045123DCF87EE2FDB33B 162816 ----a-w- C:\WINDOWS\Sysnative\enrollmentapi.dll 2016-04-13 10:39:55 2F0FA6F60BC9A971BFBF31D1D2C8AF08 167936 ----a-w- C:\WINDOWS\Sysnative\dafBth.dll 2016-04-13 10:39:55 03416DA86664FF2141A5820868B0B9B1 88576 ----a-w- C:\WINDOWS\Sysnative\AppxSysprep.dll 2016-04-13 10:39:54 FDBDA93BA9CD3B78060705B41BFCF92D 288256 ----a-w- C:\WINDOWS\Sysnative\fveui.dll 2016-04-13 10:39:54 F432ACF44EABBE3EB98F613E1573DA6F 334736 ----a-w- C:\WINDOWS\Sysnative\policymanager.dll 2016-04-13 10:39:54 DF0321E30FD7D00BC8178FC58550B8C0 115040 ----a-w- C:\WINDOWS\Sysnative\NetSetupApi.dll 2016-04-13 10:39:54 D3406F98BD98633780820C5EDBA9A5B4 166400 ----a-w- C:\WINDOWS\Sysnative\AboveLockAppHost.dll 2016-04-13 10:39:54 CFF6A3799F83060D3FF538564E4264CA 374008 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsAdminFlows.exe 2016-04-13 10:39:54 C8B840675B83DC8A257B075BFE5F9357 261376 ----a-w- C:\WINDOWS\Sysnative\LsaIso.exe 2016-04-13 10:39:54 B232CE503C6666873E7B9E4BA769C524 92160 ----a-w- C:\WINDOWS\Sysnative\policymanagerprecheck.dll 2016-04-13 10:39:54 AF13258A6E8FD57CE0B9C6BEDCDF80CB 144896 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Devices.dll 2016-04-13 10:39:54 AA5E227F977D03198227E09804394A24 127488 ----a-w- C:\WINDOWS\Sysnative\VEDataLayerHelpers.dll 2016-04-13 10:39:54 A6969BAD3166EDA1C79988DD782A87CF 888320 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.dll 2016-04-13 10:39:54 9FDAC1F65E074C1CF12C3E80BD5195E4 176640 ----a-w- C:\WINDOWS\Sysnative\mdmregistration.dll 2016-04-13 10:39:54 7E0078F1EFEB6F8F47CF85C1D73C7EBC 328192 ----a-w- C:\WINDOWS\Sysnative\profsvc.dll 2016-04-13 10:39:54 542C143FA639E4F488005E889C8A9CFD 74752 ----a-w- C:\WINDOWS\Sysnative\MosStorage.dll 2016-04-13 10:39:54 24146738C422814EEB2A98FF1FC5C6E1 338432 ----a-w- C:\WINDOWS\Sysnative\ncbservice.dll 2016-04-13 10:39:54 21045DC8C67DA8600529FED2A6F90D6A 848896 ----a-w- C:\WINDOWS\Sysnative\samsrv.dll 2016-04-13 10:39:54 11C782F631D915895E56FC1CD8214E51 100232 ----a-w- C:\WINDOWS\Sysnative\omadmapi.dll 2016-04-13 10:39:53 E5E09ABD5171EB8622821059D8757F43 239616 ----a-w- C:\WINDOWS\Sysnative\credprovhost.dll 2016-04-13 10:39:53 E34A89A196F45473D61CCDAB193293D1 119808 ----a-w- C:\WINDOWS\Sysnative\BitLockerDeviceEncryption.exe 2016-04-13 10:39:53 DA4F2FBA02ADB65797953219ABEF0C44 58400 ----a-w- C:\WINDOWS\Sysnative\SensorsNativeApi.dll 2016-04-13 10:39:53 CFF415024C353DA284731CB72FE3F8FF 770640 ----a-w- C:\WINDOWS\Sysnative\iuilp.dll 2016-04-13 10:39:53 B3B3BF36976D72C06C2D3524AC040643 81144 ----a-w- C:\WINDOWS\Sysnative\netapi32.dll 2016-04-13 10:39:53 AEBD5FCFBFF0294A2D87048D4F5417CB 74424 ----a-w- C:\WINDOWS\Sysnative\easinvoker.exe 2016-04-13 10:39:53 998015F786B2B9EE029FB556393CF848 78040 ----a-w- C:\WINDOWS\Sysnative\wkscli.dll 2016-04-13 10:39:53 95A03F67830FDCB950E70261128D540D 957952 ----a-w- C:\WINDOWS\Sysnative\IKEEXT.DLL 2016-04-13 10:39:53 6758ABE6A73AE709A6C74F121C666CC1 841216 ----a-w- C:\WINDOWS\Sysnative\win32spl.dll 2016-04-13 10:39:53 5839A317C25F70979433E0905DFABB1B 284672 ----a-w- C:\WINDOWS\Sysnative\dnsrslvr.dll 2016-04-13 10:39:53 4BE54893EC2A3B26140DF44E7B6D4E99 230400 ----a-w- C:\WINDOWS\Sysnative\DAFWSD.dll 2016-04-13 10:39:53 3385A5D97C974EA03D6E17E97830F340 686592 ----a-w- C:\WINDOWS\Sysnative\ieproxy.dll 2016-04-13 10:39:53 2804ACDD73835F051CE71DA4DB25337D 110584 ----a-w- C:\WINDOWS\Sysnative\srvcli.dll 2016-04-13 10:39:53 12D83590FEF1C8C28DBF3323C61E831A 31232 ----a-w- C:\WINDOWS\Sysnative\wsdchngr.dll 2016-04-13 10:39:53 0C8955B4BB1E9D588B4B62D0BD2E5E78 411648 ----a-w- C:\WINDOWS\Sysnative\oleacc.dll 2016-04-13 10:39:52 F72F137EEFF89D0B5A2FB8867B4ACEED 402432 ----a-w- C:\WINDOWS\Sysnative\FWPUCLNT.DLL 2016-04-13 10:39:52 F5B8CC586CE9D6187F412B5DFE932468 33280 ----a-w- C:\WINDOWS\Sysnative\wuautoappupdate.dll 2016-04-13 10:39:52 F40C5151476B066A4061E67DFA641657 128512 ----a-w- C:\WINDOWS\Sysnative\dmcsps.dll 2016-04-13 10:39:52 B8293D5BCBCE179870AAB09CCF21B120 151040 ----a-w- C:\WINDOWS\Sysnative\VEStoreEventHandlers.dll 2016-04-13 10:39:52 A2902A998C3A8A049D26235A75DBE300 174592 ----a-w- C:\WINDOWS\Sysnative\easwrt.dll 2016-04-13 10:39:52 94612B9F7FC2B1A5C6D337C649B346F1 278528 ----a-w- C:\WINDOWS\Sysnative\NotificationObjFactory.dll 2016-04-13 10:39:52 81B78E1782DB1BA758FDA7B993C9FEB5 91136 ----a-w- C:\WINDOWS\Sysnative\browserbroker.dll 2016-04-13 10:39:52 722A68A4CC2BC8BC3C0B776B0711A3C9 285696 ----a-w- C:\WINDOWS\Sysnative\VEEventDispatcher.dll 2016-04-13 10:39:52 7119946D6A8D221C65514267D9F4D520 4774912 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2016-04-13 10:39:52 56C238ACFE4CB020D3E38508249039EA 87040 ----a-w- C:\WINDOWS\Sysnative\tzautoupdate.dll 2016-04-13 10:39:52 38C87ECB57CB973AA5DA633B91778670 676352 ----a-w- C:\WINDOWS\Sysnative\WSDApi.dll 2016-04-13 10:39:51 F0BBBF8807D5725102A9EB06AEB9C1C5 58368 ----a-w- C:\WINDOWS\Sysnative\browcli.dll 2016-04-13 10:39:51 E083BE4900FCBB6BC42943438DCF2CAD 176128 ----a-w- C:\WINDOWS\Sysnative\SystemSettings.DeviceEncryptionHandlers.dll 2016-04-13 10:39:51 D9A795240A84C9E3DA78BC1B9E239FCF 95744 ----a-w- C:\WINDOWS\Sysnative\samlib.dll 2016-04-13 10:39:51 D22A2DEC01300ECEB41D22AB60B1E4B3 66048 ----a-w- C:\WINDOWS\Sysnative\OnDemandConnRouteHelper.dll 2016-04-13 10:39:51 C10E0567A0C9541F839EC5B4758795DA 48128 ----a-w- C:\WINDOWS\Sysnative\wups.dll 2016-04-13 10:39:51 A617BE5E429A035A1CA8217C1B16F0BB 134656 ----a-w- C:\WINDOWS\Sysnative\browser.dll 2016-04-13 10:39:51 A15D9F32A84660FA62F9D27577B0F105 324608 ----a-w- C:\WINDOWS\Sysnative\fvecpl.dll 2016-04-13 10:39:51 9BC40C5A140B5F380042E391CC95993F 66560 ----a-w- C:\WINDOWS\Sysnative\moshost.dll 2016-04-13 10:39:51 91F08041D932816D0D9607F68578A87E 34816 ----a-w- C:\WINDOWS\Sysnative\dmenterprisediagnostics.dll 2016-04-13 10:39:51 8FFFDB163436D790369E39700B8A7DC1 27648 ----a-w- C:\WINDOWS\Sysnative\LicenseManagerShellext.exe 2016-04-13 10:39:51 82E25186617BA6C15010F0D47C705705 65536 ----a-w- C:\WINDOWS\Sysnative\basesrv.dll 2016-04-13 10:39:51 727E03710FB2320AC0C114A9BF40AB40 7979008 ----a-w- C:\WINDOWS\Sysnative\mos.dll 2016-04-13 10:39:51 712AE16ED8FC7F2363F7EA1D8F6D546A 821248 ----a-w- C:\WINDOWS\Sysnative\fvewiz.dll 2016-04-13 10:39:51 63939B50C5C103FA71A419BCEA5B1CF0 26112 ----a-w- C:\WINDOWS\Sysnative\TokenBrokerCookies.exe 2016-04-13 10:39:51 594FDF2DB7568C73C282B282845E30CF 36352 ----a-w- C:\WINDOWS\Sysnative\tbauth.dll 2016-04-13 10:39:51 5300F190147040AECDA4F8D669B7D673 28672 ----a-w- C:\WINDOWS\Sysnative\mapsupdatetask.dll 2016-04-13 10:39:51 3F4461644840A3C5572DDC726C36BDF7 92160 ----a-w- C:\WINDOWS\Sysnative\SensorsNativeApi.V2.dll 2016-04-13 10:39:51 37F5E2385CB4D10AB42186974B9C241A 794112 ----a-w- C:\WINDOWS\Sysnative\BFE.DLL 2016-04-13 10:39:51 0D9E0BDCCCE10F07A7B66A61B27C1F71 116224 ----a-w- C:\WINDOWS\Sysnative\FontProvider.dll 2016-04-13 10:39:51 091D5AE5E663A66EE73B539AF7C32EC5 69632 ----a-w- C:\WINDOWS\Sysnative\fveskybackup.dll 2016-04-13 10:39:50 F4F6D943E788447DAE29DA217B6743E6 147456 ----a-w- C:\WINDOWS\Sysnative\mtxoci.dll 2016-04-13 10:39:50 E95C204F9042223B355C4D04CE675D50 86528 ----a-w- C:\WINDOWS\Sysnative\AppCapture.dll 2016-04-13 10:39:50 E81A803BE3E7D49DE669FB8C30B18BA4 414720 ----a-w- C:\WINDOWS\Sysnative\bcastdvr.exe 2016-04-13 10:39:50 CA24B0764C9DFE243D15A8708580673B 107520 ----a-w- C:\WINDOWS\Sysnative\BdeHdCfgLib.dll 2016-04-13 10:39:50 C3BB5D3E3DD24AC0BFA9223F2877F136 76800 ----a-w- C:\WINDOWS\Sysnative\NetCfgNotifyObjectHost.exe 2016-04-13 10:39:50 AB416599057FFDC84E28BBB6DA69EADC 235008 ----a-w- C:\WINDOWS\Sysnative\MTF.dll 2016-04-13 10:39:50 A4CA6FE3F02C6299EED8B7296DC902D6 12800 ----a-w- C:\WINDOWS\Sysnative\oleacchooks.dll 2016-04-13 10:39:50 81D0BDE09DA9D13C4A5A47A8ADCE0993 120320 ----a-w- C:\WINDOWS\Sysnative\MapsBtSvc.dll 2016-04-13 10:39:50 6B5963BC0C0074448A502FD19209D1BB 89088 ----a-w- C:\WINDOWS\Sysnative\MapsCSP.dll 2016-04-13 10:39:50 5118193C56A2F8D07554395B78A6FDCC 223232 ----a-w- C:\WINDOWS\Sysnative\fveapibase.dll 2016-04-13 10:39:50 446882966C68D7EF2783E6B327421493 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2016-04-13 10:39:50 087FF4F0D29833949962F8EE60DA345E 199168 ----a-w- C:\WINDOWS\Sysnative\InstallAgent.exe ====== C:\WINDOWS\Sysnative\drivers ===== 2016-04-13 10:40:21 19BD8A88AAC580592668B070AC0727D9 2152280 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2016-04-13 10:40:02 3B866F8CB10719A5AF9E410B1B149714 605440 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-04-13 10:39:57 63C3F74DC398A1C1A77E39DFB9C312CA 1089888 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2016-04-13 10:39:56 083A727D784009F9CCFB120C7841B7AF 2403680 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2016-04-13 10:39:55 28B8E1C6CBCF9FFE2FABFF3160C26ADF 258912 ----a-w- C:\WINDOWS\Sysnative\drivers\ufx01000.sys 2016-04-13 10:39:54 E582DA849A58524E645545FB68B6625D 1152864 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2016-04-13 10:39:54 DA0807D87A62D076C29C4E30F1E84F46 26112 ----a-w- C:\WINDOWS\Sysnative\drivers\xinputhid.sys 2016-04-13 10:39:54 9E9D58F5E1702955B2F4D62996F80E8E 378208 ----a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2016-04-13 10:39:54 935823F79CBEDB91637B63D37E3A5A36 148480 ----a-w- C:\WINDOWS\Sysnative\drivers\dfsc.sys 2016-04-13 10:39:53 B24408471C1BCB17FC44F5B47EA8DEA3 277856 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2016-04-13 10:39:53 AA4CD20708B7E0412A5316D7E2875103 530432 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2016-04-13 10:39:53 8359F776CA899E761852F2293B724EAE 185184 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2016-04-13 10:39:53 2BC2E99623119521EEF7910A11D0FDE0 694784 ----a-w- C:\WINDOWS\Sysnative\drivers\WdiWiFi.sys 2016-04-13 10:39:51 249A563C48DFD9E42A37587653E003BB 83968 ----a-w- C:\WINDOWS\Sysnative\drivers\serial.sys 2016-04-13 10:39:51 0731E8F4D8D3B8D3FD98A46A8ABFE0A0 333824 ----a-w- C:\WINDOWS\Sysnative\drivers\portcls.sys ====== C:\WINDOWS\Tasks ====== 2016-04-17 19:30:57 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\DelayedItemsByChemtableSoftware 2016-04-13 13:32:20 40D11494BF299D674B057AEFB7BFC46F 3330 ----a-w- C:\WINDOWS\Sysnative\Tasks\SamsungMagician ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-04-17 17:39:47 -------- d-----w- C:\Program Files\Java 2016-04-16 19:36:25 -------- d-----w- C:\Program Files\trend micro 2016-03-31 07:44:26 -------- d---a-w- C:\Program Files\Common Files\DESIGNER ======= C:\PROGRA~2 ===== 2016-04-17 17:39:15 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2016-04-17 17:38:29 -------- d-----w- C:\PROGRA~2\Java 2016-03-20 14:08:57 -------- d---a-w- C:\PROGRA~2\TeamViewer ======= C: ===== ====== C:\Users\GK5\AppData\Roaming ====== 2016-04-13 13:28:44 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Box Sync Update 2016-03-20 14:11:46 -------- d-----w- C:\Users\GK5\AppData\Local\TeamViewer ====== C:\Users\GK5 ====== 2016-04-14 17:08:04 -------- d-----r- C:\Users\GK5\Box Sync 2016-04-13 13:32:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician 2016-03-30 11:40:51 -------- d-----w- C:\ProgramData\Acronis 2016-03-22 14:51:36 -------- d-----w- C:\ProgramData\AMMYY ====== C: exe-files == 2016-04-17 17:40:01 FD0E50473E178CEA9B2C35759877AB8F 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\tnameserv.exe 2016-04-17 17:40:01 EDBB3E2D9E5EB2D2F6EB2978F5A5702F 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\pack200.exe 2016-04-17 17:40:01 E3F8DBD142C452CFB227D263003357EF 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\rmiregistry.exe 2016-04-17 17:40:01 AB0C0110DB996548FA129BCFE3229DBB 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\rmid.exe 2016-04-17 17:40:01 A218DEA24A7D552C252D0FAF41BCA3B7 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\orbd.exe 2016-04-17 17:40:01 78C0192856E0BDE9D26D850C04190734 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\kinit.exe 2016-04-17 17:40:01 6944510CAC9B3BC242C48F8ADE8C2633 197184 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\unpack200.exe 2016-04-17 17:40:01 48C878EB1214A0C31BF0B4EBE1230D7B 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\ktab.exe 2016-04-17 17:40:01 243F04B62E8845F877DB9BC6CD6986FA 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\policytool.exe 2016-04-17 17:40:01 22E77B46250D024EC065600C51E11F8A 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\keytool.exe 2016-04-17 17:40:01 1DEFC4DEFC9DBF270F3233AB079C840E 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\klist.exe 2016-04-17 17:40:01 0FF8DFCEB89888427EF97555C1CF6F1C 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\servertool.exe 2016-04-17 17:40:01 0A1DEC23CB7B39D1A2944D41A74DF8FA 67136 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\ssvagent.exe 2016-04-17 17:40:00 F917A357E1D5CEDD7BFAF3FD468F0CFD 101440 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\jp2launcher.exe 2016-04-17 17:40:00 B63E7A0ABBBCED10BB9BA5493D83A435 34368 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\jabswitch.exe 2016-04-17 17:40:00 884EB051BA56B6EDCD7E464902F2FC6B 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\jjs.exe 2016-04-17 17:40:00 88398DD856CAB4436486FA446489626B 77888 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\javacpl.exe 2016-04-17 17:40:00 7376052E6A79A81878F2656B3B086AB1 206912 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\javaw.exe 2016-04-17 17:40:00 6A90345F572E6B166D4772533288146D 315456 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\javaws.exe 2016-04-17 17:40:00 543FE4728706AD279C3CDB958C0C627C 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\java-rmi.exe 2016-04-17 17:40:00 4DE69284A13C68A957BB8A6298C38690 206912 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\java.exe 2016-04-17 17:38:41 F85C40988E94C2F463508FBEE94025BF 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\kinit.exe 2016-04-17 17:38:41 F4E94CBB9DEF622171D8943F2160B214 51776 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssvagent.exe 2016-04-17 17:38:41 E2AF676759086BAE2F16D6B5033E7F46 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\policytool.exe 2016-04-17 17:38:41 D763E321831C859D9195ADF15A951E95 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\java-rmi.exe 2016-04-17 17:38:41 D709404CB67D09946628987244B98A60 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\servertool.exe 2016-04-17 17:38:41 D62B10425DC16A177CB64D6B0356F915 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\jjs.exe 2016-04-17 17:38:41 C558C87F624CF96F812028165190EEDE 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\pack200.exe 2016-04-17 17:38:41 C31F1BDBB1902458FA15515BD0D8340B 191040 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\java.exe 2016-04-17 17:38:41 C1F46A7656D1DED6326D8E28B1CF1862 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\rmiregistry.exe 2016-04-17 17:38:41 AC4F3A4F853070419C9E8479B3868103 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\tnameserv.exe 2016-04-17 17:38:41 AAADCD8DA5BCE8986D6FEC09FAB7B70D 68672 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\javacpl.exe 2016-04-17 17:38:41 A756D5633F6596B0E4711E60D3F61BCA 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\orbd.exe 2016-04-17 17:38:41 A5AECC1529B64CB123B1880D3AD0F1AE 268352 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\javaws.exe 2016-04-17 17:38:41 A48BDE309534612FBA41D58E754A38BE 159296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\unpack200.exe 2016-04-17 17:38:41 8DF0EA1993F98096557A4AFA6235DE4E 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\rmid.exe 2016-04-17 17:38:41 724998551979EB4E0DF53CA3994AF035 77888 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2launcher.exe 2016-04-17 17:38:41 6101EC702C56D5F688AA578AC457A440 30784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\jabswitch.exe 2016-04-17 17:38:41 5192C3656176D1D21D21372E1061D1A4 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\ktab.exe 2016-04-17 17:38:41 4CC7AA4DCC143BB06999A62B8763EA6C 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\keytool.exe 2016-04-17 17:38:41 2AD9EFBB015490AA315707BAC2BFD816 191552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\javaw.exe 2016-04-17 17:38:41 26E779D9D96192E312E5DC042E993DED 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\klist.exe 2016-04-16 19:36:25 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\GK5.exe 2016-04-14 14:59:00 F71E0250F483B6BDBE886D0C7BAD7A3C 78608 ----a-w- C:\ProgramData\Avg\Setup\av\avguirux.exe 2016-04-14 14:59:00 107C9276E9553D5E54F01B32AE53EB0A 6069152 ----a-w- C:\ProgramData\Avg\Setup\av\avgmfapx.exe 2016-04-14 14:55:04 FF19A53E0AD1A970C8DAF17EBD147454 2289424 ----a-w- C:\Program Files (x86)\AVG\Setup\avgsetupwrkx.exe 2016-04-14 14:55:02 0C15B2AEBD3A5C3B7362873AFA8DB0AA 686352 ----a-w- C:\Program Files (x86)\AVG\Setup\avgntdumpx.exe 2016-04-14 14:55:01 8142BD628D72354ED23CB360767160E7 3205904 ----a-w- C:\Program Files (x86)\AVG\Setup\avgsetupx.exe 2016-04-13 13:34:28 3DA6EC739AF037490D19E8EF132D5E78 17615632 ----a-w- C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe 2016-04-13 13:32:03 072758EC752289D47942BA2AAA17A4E1 20480 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\UTF16StrReplace.exe 2016-04-13 13:32:01 AD17D91AEB0DB2ED50D3DA3F4710B66B 699888 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\Samsung DOS Application\DSRD\DSRDGUI0.exe 2016-04-13 13:32:01 017C256BDB402CF64782F4E154E5C7A8 683504 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\Samsung DOS Application\SecureErase\SEGUI0.EXE 2016-04-13 13:31:59 AE8ED86C45C1947E7DB964DA39AE4845 4838816 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe 2016-04-13 13:31:58 FB05274E2C6217D4E505E1B642ADB4D9 1412512 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\unins000.exe 2016-04-13 13:31:58 A4FBAEF19AED39EB3AECB5DE083A81FC 57344 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\zip.exe 2016-04-13 13:31:58 6392CA351A211E497BB69A14A7B412FA 58880 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\Unzip.exe 2016-04-13 13:31:58 361D969422699B059278C5372A3A914C 1950208 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\WaitHelpWindow.exe 2016-04-13 11:18:00 55BEEABD97E0D556E08A463A58FC17FF 2547800 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\49.0.2623.112\49.0.2623.112_49.0.2623.110_chrome_updater.exe 2016-04-13 10:40:23 FD639F1372389D7C5990663D6A100CFE 541304 ----a-w- C:\Windows\SysWOW64\fontdrvhost.exe 2016-04-13 10:40:21 60C04811AC0BB0BFC5E00D293B8F4464 630632 ----a-w- C:\Windows\System32\fontdrvhost.exe 2016-04-13 10:40:19 A2B2198B126C8BB489585994A453B064 7474016 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-04-13 10:40:09 34FEF4E83D0C5A86E10BE8E2AE1A9593 7344496 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 2016-04-13 10:40:06 A5B4D0B41EAA275EB1A06F78E5ABD14A 9371992 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 2016-04-13 10:39:59 92291BFE95AD37CF486BD3E4B31F746B 1141504 ----a-w- C:\Windows\System32\winload.exe 2016-04-13 10:39:59 92291BFE95AD37CF486BD3E4B31F746B 1141504 ----a-w- C:\Windows\System32\Boot\winload.exe 2016-04-13 10:39:58 C1C169EFA8E5E30A0A521C0409CAC153 874968 ----a-w- C:\Windows\System32\winresume.exe 2016-04-13 10:39:58 C1C169EFA8E5E30A0A521C0409CAC153 874968 ----a-w- C:\Windows\System32\Boot\winresume.exe 2016-04-13 10:39:58 B9FC60861ACCAD828AF94CE0FDBCF206 578048 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe 2016-04-13 10:39:58 834D1648124F0F2729462BF79DB0C2CD 369912 ----a-w- C:\Windows\System32\audiodg.exe 2016-04-13 10:39:57 D7523E13533827B34ED7781036C5C528 797024 ----a-w- C:\Windows\Boot\PCAT\memtest.exe 2016-04-13 10:39:57 88E6A274B44C66EDBD26F2BA9E0ACE8F 253088 ----a-w- C:\Windows\SysWOW64\LockAppHost.exe 2016-04-13 10:39:57 1E1631970DDFD63EDD4483D33E18EC89 300104 ----a-w- C:\Windows\System32\LockAppHost.exe 2016-04-13 10:39:54 CFF6A3799F83060D3FF538564E4264CA 374008 ----a-w- C:\Windows\System32\SystemSettingsAdminFlows.exe 2016-04-13 10:39:54 C8B840675B83DC8A257B075BFE5F9357 261376 ----a-w- C:\Windows\System32\LsaIso.exe 2016-04-13 10:39:53 E34A89A196F45473D61CCDAB193293D1 119808 ----a-w- C:\Windows\System32\BitLockerDeviceEncryption.exe 2016-04-13 10:39:53 DC9F4F8710C24F1CA8BBE401928F35E4 2095968 ----a-w- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe 2016-04-13 10:39:53 AEBD5FCFBFF0294A2D87048D4F5417CB 74424 ----a-w- C:\Windows\System32\easinvoker.exe 2016-04-13 10:39:53 0BF7DC1EE93410D13683C3DCF627878C 219136 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe 2016-04-13 10:39:51 EAF904785CA7849C66F6DC2EF0A0E0E7 22528 ----a-w- C:\Windows\SysWOW64\TokenBrokerCookies.exe 2016-04-13 10:39:51 8FFFDB163436D790369E39700B8A7DC1 27648 ----a-w- C:\Windows\System32\LicenseManagerShellext.exe 2016-04-13 10:39:51 63939B50C5C103FA71A419BCEA5B1CF0 26112 ----a-w- C:\Windows\System32\TokenBrokerCookies.exe 2016-04-13 10:39:50 E81A803BE3E7D49DE669FB8C30B18BA4 414720 ----a-w- C:\Windows\System32\bcastdvr.exe 2016-04-13 10:39:50 C3BB5D3E3DD24AC0BFA9223F2877F136 76800 ----a-w- C:\Windows\System32\NetCfgNotifyObjectHost.exe 2016-04-13 10:39:50 BC5D8155DBA7DC0E4F92430701C19901 161280 ----a-w- C:\Windows\SysWOW64\InstallAgent.exe 2016-04-13 10:39:50 2F808173122FCDBAD1138FAE1A9FC2E4 104448 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe 2016-04-13 10:39:50 087FF4F0D29833949962F8EE60DA345E 199168 ----a-w- C:\Windows\System32\InstallAgent.exe === C: other files == 2016-04-17 19:28:02 DB8BF88CE6F4809C206C02FCF3B74BE2 219801 ----a-w- C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default\extensions\{c4d362ec-1cff-4ca0-9031-99a8fad7995a}.xpi 2016-04-17 19:28:02 CC1EDC2FC4F4717654ABB51CBBEA061A 636306 ----a-w- C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi 2016-04-17 19:28:02 BF872C3AD77D36A1E7F57EEA4180DA30 167272 ----a-w- C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default\extensions\socialfixer@mattkruse.com.xpi 2016-04-17 19:28:02 9421B20FBD3FD434DB36C743811441D8 26616 ----a-w- C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default\extensions\belgiumeid@eid.belgium.be.xpi 2016-04-17 19:28:02 7D4E3742C4743C24CDFDCE265F0A1E7E 564687 ----a-w- C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}.xpi 2016-04-17 19:28:02 70EFA6BF2A0DC5E1A61A7F8EE3608A1A 232501 ----a-w- C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi 2016-04-17 19:28:02 70305819BBE7908A69B7532A7E8FC6D4 85480 ----a-w- C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default\extensions\YoutubeDownloader@PeterOlayev.com.xpi 2016-04-17 19:28:02 6E2421D2C518142057A16C6266FA352A 7713 ----a-w- C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default\extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi 2016-04-17 19:28:02 6DF6292DDAFBE9B944813151D0B48545 1013992 ----a-w- C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi 2016-04-17 19:28:02 01AA6E402886E4F7EC51DB3A1B297B8E 32212 ----a-w- C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default\extensions\Clipper@OneNote.com.xpi 2016-04-17 18:08:20 C04379738E3FF06EA16A458584926CF6 4869 ----a-w- C:\Users\GK5\AppData\Local\Temp\xpi\tmp.zip 2016-04-17 17:40:01 03564D4A8DB44575C00F82B1E8571A56 14130 ----a-w- C:\Program Files\Java\jre1.8.0_77\lib\deploy\ffjcext.zip 2016-04-17 17:38:41 4EDC09D3151E434741F50E8F7210D162 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\lib\deploy\ffjcext.zip 2016-04-13 13:32:01 EDED742C79FCC5523EE2151095213B8F 33 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\FreeDos\AUTOEXEC.BAT 2016-04-13 13:32:01 A51B6DC162E461784D3A44C040E706C1 83827 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\FreeDos\command.com 2016-04-13 13:32:01 512D8D00492310B425CD329585C1BEC6 45202 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\FreeDos\KERNEL.SYS 2016-04-13 13:32:01 2081DF5E63A220BDBE00457EB5D7B9B7 35 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\FreeDos\SERASE.BAT 2016-04-13 13:31:59 40899ED347A8316354AC54E4C68306E7 22432 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\magdrvia64.sys 2016-04-13 13:31:59 3635A5DFBF8237B9C465FFD8F5CF0228 14240 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\magdrvamd64.sys 2016-04-13 13:31:59 292742C43D09F6393DE0D94667F344F1 13728 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\magdrv.sys 2016-04-13 13:31:58 3C23D128BBCF161FCEADFE3473B8D6E7 2973 ----a-w- C:\Program Files (x86)\Samsung\Samsung Magician\RAPIDCollectLogs.bat 2016-04-13 10:40:21 19BD8A88AAC580592668B070AC0727D9 2152280 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2016-04-13 10:40:18 5417FA7098B9A1F5A6EECB198A7B4BFC 3592704 ----a-w- C:\Windows\System32\win32kfull.sys 2016-04-13 10:40:02 3B866F8CB10719A5AF9E410B1B149714 605440 ----a-w- C:\Windows\System32\drivers\cng.sys 2016-04-13 10:40:01 2F844EBBB6BAA883BDDC472C44B738AE 1388544 ----a-w- C:\Windows\System32\win32kbase.sys 2016-04-13 10:39:57 63C3F74DC398A1C1A77E39DFB9C312CA 1089888 ----a-w- C:\Windows\System32\drivers\http.sys 2016-04-13 10:39:56 083A727D784009F9CCFB120C7841B7AF 2403680 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2016-04-13 10:39:55 28B8E1C6CBCF9FFE2FABFF3160C26ADF 258912 ----a-w- C:\Windows\System32\drivers\ufx01000.sys 2016-04-13 10:39:54 E582DA849A58524E645545FB68B6625D 1152864 ----a-w- C:\Windows\System32\drivers\ndis.sys 2016-04-13 10:39:54 DA0807D87A62D076C29C4E30F1E84F46 26112 ----a-w- C:\Windows\System32\drivers\xinputhid.sys 2016-04-13 10:39:54 9E9D58F5E1702955B2F4D62996F80E8E 378208 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS 2016-04-13 10:39:54 935823F79CBEDB91637B63D37E3A5A36 148480 ----a-w- C:\Windows\System32\drivers\dfsc.sys 2016-04-13 10:39:53 B24408471C1BCB17FC44F5B47EA8DEA3 277856 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2016-04-13 10:39:53 AA4CD20708B7E0412A5316D7E2875103 530432 ----a-w- C:\Windows\System32\drivers\nwifi.sys 2016-04-13 10:39:53 8359F776CA899E761852F2293B724EAE 185184 ----a-w- C:\Windows\System32\drivers\dumpsd.sys 2016-04-13 10:39:53 2BC2E99623119521EEF7910A11D0FDE0 694784 ----a-w- C:\Windows\System32\drivers\WdiWiFi.sys 2016-04-13 10:39:51 249A563C48DFD9E42A37587653E003BB 83968 ----a-w- C:\Windows\System32\drivers\serial.sys 2016-04-13 10:39:51 0731E8F4D8D3B8D3FD98A46A8ABFE0A0 333824 ----a-w- C:\Windows\System32\drivers\portcls.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-2666530191-2620505276-436360047-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "D0EA85DF234C43A0DE870248EEEB5FFB06D6649B._service_run"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --type=service" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "KeyboardLeds.exe"="C:\StandAlone Apps\Keyboard LEDs V2.5.0.51 Portable\KeyboardLeds.exe" "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-21-2666530191-2620505276-436360047-1000\SOFTWARE\VOS\lightshot-1.4.0.10\Registry\%CurrentUser%\Software\Microsoft\Windows\CurrentVersion\Run] "LightShot"="C:\Users\GK5\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe" "NUSB3MON"="C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "AVG_UI"="C:\Program Files (x86)\AVG\Av\avuirunnerx.exe C:\Program Files (x86)\AVG\Av\avgui.exe" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe /lps=fmw" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "D0EA85DF234C43A0DE870248EEEB5FFB06D6649B._service_run"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --type=service" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "KeyboardLeds.exe"="C:\StandAlone Apps\Keyboard LEDs V2.5.0.51 Portable\KeyboardLeds.exe" "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "BoxSync"="C:\Program Files\Box\Box Sync\BoxSync.exe -m" "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13-04-2016 13:19] C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31-08-2015 17:55] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\OInstall" ["%WINDIR%\OInstall.exe"] "C:\WINDOWS\SysNative\tasks\SamsungMagician" ["C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe"] "C:\WINDOWS\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{5F8F827C-B169-4135-BABC-9847C410E761}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Abelssoft\StartBackgroundguardWithWindows" [E:\Werkmap FileTransfer\FVG_Te testen\CheckDrive\CheckDrive.exe] "C:\WINDOWS\SysNative\tasks\DelayedItemsByChemtableSoftware\CCleaner Monitoring" ["C:\Program Files\CCleaner\CCleaner64.exe"] "C:\WINDOWS\SysNative\tasks\Kernel\Drivers.Sys task" [G:\Documenten\Service.Sys.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [19-02-2016 17:24] ==== Firefox Extensions ====================== ProfilePath: C:\Users\GK5\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\0renmqtb.default - CSS Stylesheet Editor - %ProfilePath%\extensions\csseditor@bluegriffon.com.xpi - EyeDropper - %ProfilePath%\extensions\eyedropper@bluegriffon.com.xpi - FontSquirrel Manager - %ProfilePath%\extensions\fs@bluegriffon.com.xpi - Fullscreen - %ProfilePath%\extensions\fullscreen@bluegriffon.com.xpi - Google Font Directory Manager - %ProfilePath%\extensions\gfd@bluegriffon.com.xpi - Czech CZ Language Pack - %ProfilePath%\extensions\langpack-cs@bluegriffon.org.xpi - Deutsch DE Language Pack - %ProfilePath%\extensions\langpack-de@bluegriffon.org.xpi - English US Language Pack - %ProfilePath%\extensions\langpack-en-US@bluegriffon.org.xpi - Espaol Espaa Language Pack - %ProfilePath%\extensions\langpack-es-ES@bluegriffon.org.xpi - Suomenkielinen FI Language Pack - %ProfilePath%\extensions\langpack-fi@bluegriffon.org.xpi - Franais Language Pack - %ProfilePath%\extensions\langpack-fr@bluegriffon.org.xpi - Hebrew IL Language Pack - %ProfilePath%\extensions\langpack-he@bluegriffon.org.xpi - Magyar HU Language Pack - %ProfilePath%\extensions\langpack-hu@bluegriffon.org.xpi - Italiano IT Language Pack - %ProfilePath%\extensions\langpack-it@bluegriffon.org.xpi - Japanese Language Pack - %ProfilePath%\extensions\langpack-ja@bluegriffon.org.xpi - Korean KR Language Pack - %ProfilePath%\extensions\langpack-ko@bluegriffon.org.xpi - Nederlands NL Language Pack - %ProfilePath%\extensions\langpack-nl@bluegriffon.org.xpi - Polski Language Pack - %ProfilePath%\extensions\langpack-pl@bluegriffon.org.xpi - Slovenski jezik Language Pack - %ProfilePath%\extensions\langpack-sl@bluegriffon.org.xpi - sr Language Pack - %ProfilePath%\extensions\langpack-sr@bluegriffon.org.xpi - Svenska SE Language Pack - %ProfilePath%\extensions\langpack-sv-SE@bluegriffon.org.xpi - Chinese Simplified zh-CN Language Pack - %ProfilePath%\extensions\langpack-zh-CN@bluegriffon.org.xpi - Traditional Chinese zh-TW Language Pack - %ProfilePath%\extensions\langpack-zh-TW@bluegriffon.org.xpi - MathML - %ProfilePath%\extensions\mathml@bluegriffon.com.xpi - Snippets - %ProfilePath%\extensions\snippets@bluegriffon.com.xpi - SVG-edit - %ProfilePath%\extensions\svg-edit@googlegroups.com.xpi - Table Layouts - %ProfilePath%\extensions\tablelayout@bluegriffon.com.xpi - One-click Templates - %ProfilePath%\extensions\templatesManager@bluegriffon.com.xpi - Thumbnailer - %ProfilePath%\extensions\thumbnailer@bluegriffon.com.xpi - Tip of the Day - %ProfilePath%\extensions\tipoftheday@bluegriffon.com.xpi ProfilePath: C:\Users\GK5\AppData\Roaming\KompoZer\Profiles\mk27mpyp.default - Undetermined - %ProfilePath%\extensions\installed-extensions.txt - KompoZer classic - %ProfilePath%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ProfilePath: C:\Users\GK5\AppData\Roaming\kompozer.net\KompoZer\Profiles\4hhozq3t.default - Undetermined - %ProfilePath%\extensions\installed-extensions.txt - KompoZer classic - %ProfilePath%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ProfilePath: C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default - Pocket - %ProfilePath%\extensions\isreaditlater@ideashower.com - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi - OneNote Clipper - %ProfilePath%\extensions\Clipper@OneNote.com.xpi - Social Fixer - %ProfilePath%\extensions\socialfixer@mattkruse.com.xpi - 1-Click YouTube Video Downloader - %ProfilePath%\extensions\YoutubeDownloader@PeterOlayev.com.xpi - Toolbar Buttons - %ProfilePath%\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}.xpi - X-notifier - %ProfilePath%\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi - Boomerang for Gmail - %ProfilePath%\extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi - Configuration Mania - %ProfilePath%\extensions\{c4d362ec-1cff-4ca0-9031-99a8fad7995a}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\GK5\AppData\Roaming\Nvu\Profiles\mvumoytv.default - Undetermined - %ProfilePath%\extensions\installed-extensions.txt - Nvu default - %ProfilePath%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\GK5\AppData\Roaming\Mozilla\Firefox\Profiles\FVG.default 6CDD755CCCD9FC12A51FB65160900143 - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL - Microsoft Office 2016 CE252B04FB9F4F773A7DB5338BFEEA5B - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL - CANON iMAGE GATEWAY Album Plugin Utility 31DA97B4682187C6639BBE2215814FDA - C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 57C7E359ED8D049132EED23EFA444C63 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll - Shockwave Flash D2B5242013356AF422A42B9FAA4056C2 - C:\Users\GK5\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin FD63DE29FE0A7E738BD81CA0EDDD8020 - C:\Users\GK5\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions mpieaakhacmfleokhjcjnpcnmnmpfkid - C:\Program Files (x86)\fbphotozoom\fbphotozoom16.crx[] Google Slides - GK5\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - GK5\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - GK5\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - GK5\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Cast - GK5\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd Google Search - GK5\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Logitech Smooth Scrolling - GK5\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk Google Sheets - GK5\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - GK5\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chromebook Recovery Utility - GK5\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai Google Drive App Launcher - GK5\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Chrome Web Store Payments - GK5\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - GK5\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.telenet.be" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{AEF3FB51-376B-4EDA-996C-6902F160A180}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 HKCU\SearchScopes\{AEF3FB51-376B-4EDA-996C-6902F160A180} - http://www.google.co.uk/search?hl=en&q={searchTerms}&meta= ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Policies\Chromium deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [D0EA85DF234C43A0DE870248EEEB5FFB06D6649B._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [KeyboardLeds.exe] "C:\StandAlone Apps\Keyboard LEDs V2.5.0.51 Portable\KeyboardLeds.exe" O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Startup: ArsClip.lnk = C:\StandAlone Apps\ArsClip V5.0.6\ArsClip.exe O4 - Startup: SnagIt.lnk = C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{15234a34-77ca-4eda-ba37-6bca8f26d11e}: NameServer = 195.130.131.4,195.130.130.132,192.168.0.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{15234a34-77ca-4eda-ba37-6bca8f26d11e}: NameServer = 195.130.131.4,195.130.130.132,192.168.0.1 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe O23 - Service: Box Sync Update Service (BoxSyncUpdateService) - Box, Inc. - C:\Program Files\Box\Box Sync\SyncUpdaterService.exe O23 - Service: Chemtable Startup Checking - Unknown owner - C:\StandAlone Apps\Autorun Organizer V1.30 Portable\StartupCheckingService.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: DYMO PnP Service (DymoPnpService) - Sanford, L.P. - C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Label Services (LabelServices) - Euro Plus d.o.o. - C:\Program Files (x86)\Common Files\EuroPlus Shared\LblServices.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NetOp Helper ver. 9.50 (2009348) (NetOp Host for NT Service) - Netop Business Solutions A/S - C:\Program Files (x86)\Netop\Netop Remote Control\Host\NHOSTSVC.EXE O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNAT.EXE O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\GK5\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\GK5\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\GK5\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\GK5\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\GK5\AppData\Local\Mozilla\Firefox\Profiles\FVG.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\GK5\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1114 folders=104 36634752 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\GK5\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied C:\RECYCLER successfully emptied ==== EOF on ma 18-04-2016 at 9:41:24,48 ======================