Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by Olaf De Wit on wo 21/09/2016 at 17:14:07,08. Microsoft Windows 8.1 6.3.9600 x64 Running in: Safe Mode MINIMAL No Internet Access Detected Launched: C:\Users\Olaf De Wit\Downloads\zoek (3).exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-11-23-205402.log 161137 bytes C:\zoek-results2016-08-30-105812.log 86269 bytes C:\zoek-results2016-09-07-092041.log 28969 bytes ==== Installed Programs ====================== . . . 7-Zip 15.14 (x64) Adobe Acrobat Reader DC - Nederlands Adobe Flash Player 23 NPAPI Adobe Flash Player 23 PPAPI Adobe Refresh Manager Adobe Shockwave Player 12.2 Ansel Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update Application Verifier x64 External Package Awesome Duplicate Photo Finder v. 1.1 Bonjour BrowserBackup CCleaner CyberLink LabelPrint 2.5 CyberLink Media Suite 10 CyberLink PowerDirector 10 CyberLink PowerDVD 12 D3DX10 Defraggler Dell Backup and Recovery Dell Customer Connect Dell Digital Delivery Dell Product Registration Dell SupportAssist Dell System Detect Dell System E-Support Tool (3.7.0) Dell Update Dell WLAN and Bluetooth Client Installation DriverMax 8 FastStone Image Viewer 5.7 FastStone Photo Resizer 3.5 FBackup 6 FBackup 6.1 File Shredder 2.5 FileASSASSIN Fotogalerie Galerie de photos Google Chrome Google Update Helper HD Tune 2.55 Hekasoft Backup & Restore 0.53 HostsMan 4.6.103 Intel(R) Chipset Device Software Intel(R) Manageability Engine Firmware Recovery Agent Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Intel© Driver Update Utility Intel© Trusted Connect Service Client Java 8 Update 101 Java Auto Updater Kaspersky Password Manager Kaspersky Total Security Last.fm Scrobbler 2.1.37 Linkman Pro Malwarebytes Anti-Malware version 2.2.1.1043 Microsoft .NET Framework 4.5.1 Multi-Targeting Pack Microsoft .NET Framework 4.5.1 SDK Microsoft Application Error Reporting Microsoft ASP.NET MVC 4 Runtime Microsoft Office 2013 voor Thuisgebruik en Zelfstandigen - nl-nl Microsoft OneDrive Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2012 Microsoft SQL Server 2012 RsFx Driver Microsoft SQL Server 2012 Setup (English) Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23918 Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23918 Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23918 Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23918 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Movie Maker MozBackup 1.5.1 Mozilla Firefox 48.0.2 (x86 en-US) Mozilla Firefox 48.0.2 (x86 nl) Mozilla Maintenance Service Mp3tag v2.73 MSI Development Tools MSVCRT MSVCRT110 MSVCRT110_amd64 MultiMon 2.50 NirSoft BlueScreenView NirSoft WebBrowserPassView NVIDIA-configuratiescherm 372.70 NVIDIA 3D Vision controllerstuurprogramma 369.04 NVIDIA 3D Vision stuurprogramma 372.70 NVIDIA GeForce Experience 2.11.4.0 NVIDIA GeForce Experience Service NVIDIA Grafisch stuurprogramma 372.70 NVIDIA HD Audio-stuurprogramma 1.3.34.15 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Network Service NVIDIA PhysX Systeem Software 9.16.0318 NVIDIA ShadowPlay 2.11.4.0 NVIDIA Stereoscopic 3D Driver NVIDIA Update 2.11.4.0 NVIDIA Update Core NVIDIA Virtual Audio 1.2.40 Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Opera Stable 39.0.2256.71 Photo Common Photo Gallery Qualcomm Atheros Bluetooth Suite (64) QuickTime 7 Realtek Card Reader Realtek Ethernet Controller All-In-One Windows Driver Realtek High Definition Audio Driver Realtek USB Audio Registrar Registry Manager 7.75 Restore Point Creator version 4.7 Revo Uninstaller 1.95 Revo Uninstaller 2.0.0 SDK Debuggers SHIELD Streaming SHIELD Wireless Controller Driver Skype Click to Call SkypeT 7.27 Software voor Intel© Chipset-apparaten Sophos Virus Removal Tool SoulseekQt SQL Server 2012 Common Files SQL Server 2012 Database Engine Services SQL Server 2012 Database Engine Shared Sql Server Customer Experience Improvement Program SUPERAntiSpyware swMSM Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TagScanner 6.0.5 Unlocker 1.9.2 VASCO Card Reader Plug-In (64-Bit) VASCO Smart Card Reader Plug-In (User) VLC media player Vulkan Run Time Libraries 1.0.11.1 WhoCrashed 5.51 Windows App Certification Kit Native Components Windows App Certification Kit x64 Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Software Development Kit Windows Software Development Kit DirectX x64 Remote Windows Software Development Kit DirectX x86 Remote Windows Software Development Kit EULA Windows Software Development Kit for Windows 8.1 Windows Software Development Kit for Windows Store Apps Windows Software Development Kit for Windows Store Apps DirectX x64 Remote Windows Software Development Kit for Windows Store Apps DirectX x86 Remote Windows Software Development Kit Redistributables WPT Redistributables WPTx64 ==== Running Processes ====================== C:\Users\Olaf De Wit\Downloads\zoek (3).exe C:\WINDOWS\SysWOW64\cmd.exe c:\windows\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Folders Found ====================== 1601-01-01 00:00:00 1601-01-01 00:00:00 -------- d-----w- C:\Windows\System32\config\systemprofile\AppData\Roaming\Bitdefender 1601-01-01 00:00:00 1601-01-01 00:00:00 -------- d-----w- C:\Windows\System32\config\systemprofile\AppData\Roaming\Bitdefender\Bitdefender SafeBox ==== Files Found ====================== --- C:\Users\Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bitdefender.pissedconsumer.com_0.localstorage --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 3072 Created time: 2016-08-27 12:04:23 Modified time: 2016-08-30 17:32:26 MD5: 68F13FBE93CB0093DE842F01EAA3872A SHA1: 217B54BD32578A6CEBA1AD7DD6B491467F2F9157 --- C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\m5piylsg.Standaardgebruiker\sessions\Bitdefender Forum -_ Web Protection-2015-11-13.session --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 210259 Created time: 2015-11-23 21:48:56 Modified time: 2015-11-13 10:58:54 MD5: 369BE643D92FDADF9AF654E2A90020C3 SHA1: 9FFD5DBFF3D165AAB83A8EE8568C35703C1F564B --- C:\Users\Olaf De Wit\Documents\bitdefender-restanten.jpg --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 214412 Created time: 2016-09-20 11:41:22 Modified time: 2016-09-20 11:41:22 MD5: 16F7885E2D8F393F5FB3D5F68ACEE822 SHA1: DE566097AFA0DF6DBB900637D378813101523C8B --- C:\Users\Olaf De Wit\Documents\Browser Backups\Google Chrome\Default\Local Storage\http_bitdefender.pissedconsumer.com_0.localstorage --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 3072 Created time: 2016-09-19 11:26:57 Modified time: 2016-08-30 17:32:26 MD5: 68F13FBE93CB0093DE842F01EAA3872A SHA1: 217B54BD32578A6CEBA1AD7DD6B491467F2F9157 --- C:\Users\Olaf De Wit\Downloads\BitDefender_Uninstall_Tool.exe --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 3105184 Created time: 2015-11-17 12:07:56 Modified time: 2015-11-17 12:07:59 MD5: 2E40C8E5F83FA8A0739F687DFABDD157 SHA1: A643DBEABE1A58908574E9D3DF1D90109F823863 --- C:\Users\Olaf De Wit\Downloads\The_New_Bitdefender_UninstallTool.exe --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 2842784 Created time: 2015-12-29 17:57:00 Modified time: 2015-12-29 17:57:29 MD5: F0A597AA54FB700A1D2B1CC6491D8611 SHA1: 816155EC5660A8F452E7F01E701BB14D1A03DAFB ==== System Specs ====================== Operating System: Microsoft Windows 8.1 6.3.9600 64 bits Manufacturer: Dell Inc. - Model: XPS 8700 Install Date: 7/11/2015 14:42:39 Last Boot: 21/09/2016 17:08:01 Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz Number of Processors: 8 Work Station Bootmode: Fail-safe boot Total RAM: 12239 MB (free 11086 MB - 90) Computername: OLAFDEWIT Domain: WORKGROUP User: Olaf De Wit (Non-Administrator account) Local Disk: C:\ - NTFS - 919 GB (free 512 GB) CD \ DVD Drive: D:\ Removable Disk: E:\ - - GB (free GB) Removable Disk: F:\ - - GB (free GB) Removable Disk: G:\ - - GB (free GB) Removable Disk: H:\ - - GB (free GB) Local Disk: J:\ - NTFS - 930 GB (free 461 GB) Local Disk: K:\ - FAT32 - 0 GB (free 0 GB) Bootdevice: \Device\HarddiskVolume3 Windows update: Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Kaspersky Total Security On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Kaspersky Total Security disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Kaspersky Total Security disabled Default Browser: Firefox 48.0.2 Internet Explorer Version: 11.0.9600.18450 Mozilla Firefox version: 48.0.2 (x86 en-US) Mozilla Firefox version: 48.0.2 (x86 nl) Opera Browser version: 39.0.2256.71 Google Chrome version: 53.0.2785.116 Adobe Reader version: 15.17.20050.192152 Sun Java version: 1.8.0_101 (32-bit) Sun Java version: 1.8.0_101 (64-bit) Flash Player version: 23.0.0.162 Shockwave Player version: 12.2.4r194 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-09-20 18:25:24 22E9853298C96B1AB89D8F71C4E82302 189112 ----a-w- C:\WINDOWS\PAExec.exe 2016-09-20 18:18:49 74F28574BB8F61FFC7DD419FE6B6E0D5 1951 ----a-w- C:\WINDOWS\NvContainerRecovery.bat 2016-09-12 21:22:11 B037D847BBD3743B2244B3405FFF9924 4339456 ----a-w- C:\WINDOWS\RtCRU64.exe 2016-09-10 21:49:17 C632995688F6CCDCD32AB96C3127B8E9 769347913 ----a-w- C:\WINDOWS\MEMORY.DMP ====== C:\Users\OLAFDE~1\AppData\Local\Temp ==== 2016-09-20 18:40:11 3782EC480254957FF118B39DD3C38AAC 41070592 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Temp\Skype.msi 2016-09-13 15:48:24 AF29A6023FB3B33A6963B6EAA8078A8F 1127133 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Temp\Temp1_[Guru3D.com]-DDU.zip\DDU v17.0.2.0.exe ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-09-21 10:04:03 8D9F6E1A80642968EB3704C6E7B7E268 187392 ----a-w- C:\WINDOWS\SysWOW64\mprdim.dll 2016-09-21 10:04:02 73B4FF7FC30E2D722AC5435CC8EDF55E 157016 ----a-w- C:\WINDOWS\SysWOW64\dssenh.dll 2016-09-21 10:04:01 E6B458615508D30B4B3EA01D4B9891FB 319488 ----a-w- C:\WINDOWS\SysWOW64\mprddm.dll 2016-09-21 10:04:01 E49E9DB05732B27B2E42B524D7950321 145920 ----a-w- C:\WINDOWS\SysWOW64\rasman.dll 2016-09-21 10:04:01 D8F8046DA2CA5F52F5FD1CB6230E21CC 628736 ----a-w- C:\WINDOWS\SysWOW64\rasapi32.dll 2016-09-21 10:04:01 D618055B8F13FFC2061DEA55A4E25053 285184 ----a-w- C:\WINDOWS\SysWOW64\iprtrmgr.dll 2016-09-21 10:04:01 C05E8A87B36AE09F12428EB6470B1C18 185856 ----a-w- C:\WINDOWS\SysWOW64\rasppp.dll 2016-09-21 10:04:01 7B72F7997113D413C92F66AD03D78BBE 1212248 ----a-w- C:\WINDOWS\SysWOW64\ole32.dll 2016-09-21 10:04:01 1ED58A2A65A540827E93706ADC5F402B 498688 ----a-w- C:\WINDOWS\SysWOW64\dnsapi.dll 2016-09-21 10:04:00 3901F08EFB0E5BC63F81645FC69B73A7 2539008 ----a-w- C:\WINDOWS\SysWOW64\esent.dll 2016-09-20 18:37:44 F826512A5B7216A2F203729C727E6A6C 1377800 ----a-w- C:\WINDOWS\SysWOW64\nvspcap.dll 2016-09-20 18:37:44 504BF05F20A3EB73E9849AC5D241D7E5 1316184 ----a-w- C:\WINDOWS\SysWOW64\nvspbridge.dll 2016-09-20 18:37:10 B85B774FCCB38D75D5F4B09710AF739A 133056 ----a-w- C:\WINDOWS\SysWOW64\nvStreaming.exe 2016-09-20 18:37:04 B1F9C56E5F3C20FEF261E2510221F6E4 40224 ----a-w- C:\WINDOWS\SysWOW64\vulkaninfo.exe 2016-09-20 18:37:04 23EEB7034F3F7AA8554D9093B7EB319A 129824 ----a-w- C:\WINDOWS\SysWOW64\vulkan-1.dll 2016-09-20 18:36:35 40FC58D04AC56E3C8EF118D123E768F3 203320 ----a-w- C:\WINDOWS\SysWOW64\OpenCL.dll 2016-09-20 18:35:49 E297093DC24DDED0BF39555B54B26579 28207672 ----a-w- C:\WINDOWS\SysWOW64\nvoglv32.dll 2016-09-20 18:35:49 CD0548FB5DA597D93EF476DCB7F7F764 9086856 ----a-w- C:\WINDOWS\SysWOW64\nvopencl.dll 2016-09-20 18:35:49 BDF63D31265DB00095F2722548B172FB 17263792 ----a-w- C:\WINDOWS\SysWOW64\nvwgf2um.dll 2016-09-20 18:35:49 A50B237CB68BFD2833BE83CA72FF6529 408784 ----a-w- C:\WINDOWS\SysWOW64\nvumdshim.dll 2016-09-20 18:35:49 941152738E82A274E661ECD573D0A3FA 8875408 ----a-w- C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2016-09-20 18:35:49 84BF493DD0CB55C6450348789E74A5CC 159352 ----a-w- C:\WINDOWS\SysWOW64\nvinit.dll 2016-09-20 18:35:49 673C6D52161086E5DCA3D8D57A852DFD 131536 ----a-w- C:\WINDOWS\SysWOW64\nvoglshim32.dll 2016-09-20 18:35:49 1821C9DEF572E28A5275502630B850B1 102968 ----a-w- C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2016-09-20 18:35:48 E961EA2E9ED321FD78ECBD6AD4FAAD33 390200 ----a-w- C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2016-09-20 18:35:48 C7A8A9B286E017CE17D7E40DD10E6620 3160512 ----a-w- C:\WINDOWS\SysWOW64\nvcuvid.dll 2016-09-20 18:35:48 B3EBD60C83A7A89310964A5C55DD2FF8 14352816 ----a-w- C:\WINDOWS\SysWOW64\nvd3dum.dll 2016-09-20 18:35:48 AB51CFCB9F940E1BF6C23A600591B9A0 3456888 ----a-w- C:\WINDOWS\SysWOW64\nvapi.dll 2016-09-20 18:35:48 825D8E6C0F88C088F1269523263B85A1 436088 ----a-w- C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2016-09-20 18:35:48 46CA34918B5936F5BF77B5AF17BD9892 669 ----a-w- C:\WINDOWS\SysWOW64\nv-vk32.json 2016-09-20 18:35:48 4674F65FDEF23188D9500516C87465B7 8680696 ----a-w- C:\WINDOWS\SysWOW64\nvcuda.dll 2016-09-20 18:35:48 3FFB8790FFABA6917542306E4BCACCF1 956352 ----a-w- C:\WINDOWS\SysWOW64\NvFBC.dll 2016-09-20 18:35:48 320DAEB041A719FA6C8BF43064307A83 892864 ----a-w- C:\WINDOWS\SysWOW64\NvIFR.dll 2016-09-20 18:35:48 1C9C7743331A021D646B85C895860A87 575984 ----a-w- C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2016-09-20 18:35:48 18BCA88541CA3ED4427292DC161C14F4 35182648 ----a-w- C:\WINDOWS\SysWOW64\nvcompiler.dll 2016-09-14 15:11:26 BF592547880342F2FC6CE8CC8CDE63F4 360448 ----a-w- C:\WINDOWS\SysWOW64\schannel.dll 2016-09-14 15:11:25 97BF59249A6ECFF3BEF60603A39C0C2C 611576 ----a-w- C:\WINDOWS\SysWOW64\oleaut32.dll 2016-09-14 15:10:58 EEAE09888C09989080040A960AD4A2CC 5273600 ----a-w- C:\WINDOWS\SysWOW64\glcndFilter.dll 2016-09-14 15:10:58 09806A2826C2B745DFB6107F5CFAD155 5268480 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-09-14 15:10:55 FCDB0FD3A1ECDAFA4C953ED0F0AF5071 20312064 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-09-14 15:10:52 C38EBAE98B5D2B4A5F9370FB4EE6FB4B 13808128 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-09-14 15:10:52 6904CC18680F8746C8F7873701A5D1C0 4607488 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2016-09-14 15:10:50 FCC0FC40C00AF4B5DC25BFA6404896E4 1049600 ----a-w- C:\WINDOWS\SysWOW64\actxprxy.dll 2016-09-14 15:10:50 42B01C859A89EEA6237DBD9A290DF857 2445824 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-09-14 15:10:48 AB37C67BF2E2D24758FFD209BD907A97 498688 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2016-09-14 15:10:48 A8F96A50D37297F7C050DDEE79ABA0B2 1316352 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-09-14 15:10:48 821269ED4870F190461CFCA529BACF13 2286592 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2016-09-14 15:10:47 CB989AF28CEB4E71D127FA1E0686E676 663552 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2016-09-14 15:10:47 ACDC51F7F17702BCDD34EF0F36060DE7 880128 ----a-w- C:\WINDOWS\SysWOW64\inetcomm.dll 2016-09-14 15:10:47 903AB195DEF789E1E8B2641766E2C980 692736 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2016-09-14 15:10:47 2D8A732E8380EF7BBB8E405B68A7732B 710144 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-09-14 15:10:36 73451815A11DCF1259AAE72AD9E0F1BD 104960 ----a-w- C:\WINDOWS\SysWOW64\sspicli.dll 2016-09-14 15:10:36 61BA31CEE45F98AC6B024A913D65FA9D 324096 ----a-w- C:\WINDOWS\SysWOW64\certcli.dll 2016-09-14 15:10:36 2CE3233B09EC1AF8B71A035559B25511 332632 ----a-w- C:\WINDOWS\SysWOW64\msv1_0.dll 2016-09-14 15:08:16 6416D52BE6D1030DF1B5B8B6090C6E09 1376768 ----a-w- C:\WINDOWS\SysWOW64\user32.dll 2016-09-12 21:22:11 A5E0F0D92FBDA57D571E5D6603B7A8FA 9898752 ----a-w- C:\WINDOWS\SysWOW64\RsCRIcon.dll 2016-09-08 18:34:45 F78D2BF2C551BE9DF6A2F3210A2964C1 97856 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-09-21 10:04:03 DF78648AC3C8DC9D70E6714AF785382F 233472 ----a-w- C:\WINDOWS\Sysnative\mprdim.dll 2016-09-21 10:04:02 F7E47D15A6C00AF4D1A5B5E0F1388E39 197352 ----a-w- C:\WINDOWS\Sysnative\dssenh.dll 2016-09-21 10:04:02 653D829AA641C0DA8071F49E773852FD 132096 ----a-w- C:\WINDOWS\Sysnative\rdpudd.dll 2016-09-21 10:04:01 F95AC7F370273A92478758CF389B6EF6 713216 ----a-w- C:\WINDOWS\Sysnative\nshwfp.dll 2016-09-21 10:04:01 DBDCE2378F65F0A07D4644AC103037E7 87040 ----a-w- C:\WINDOWS\Sysnative\wpdbusenum.dll 2016-09-21 10:04:01 D1F7620A919F7AB7D0184C7EE618BD21 1661064 ----a-w- C:\WINDOWS\Sysnative\ole32.dll 2016-09-21 10:04:01 AFD61C47BD8354FB3E9AF060D0E69ED0 254464 ----a-w- C:\WINDOWS\Sysnative\rascustom.dll 2016-09-21 10:04:01 9DFB604E2A2B842599CF803B84774B46 657920 ----a-w- C:\WINDOWS\Sysnative\dnsapi.dll 2016-09-21 10:04:01 920C189568561AF1FCEDC91DF730E1CA 704512 ----a-w- C:\WINDOWS\Sysnative\rasapi32.dll 2016-09-21 10:04:01 7930EAD9B95144F3AB565B97C470AB5D 173568 ----a-w- C:\WINDOWS\Sysnative\rasman.dll 2016-09-21 10:04:01 61C9B6B89EB613F86DE3A2A552CF0425 272896 ----a-w- C:\WINDOWS\Sysnative\rasppp.dll 2016-09-21 10:04:01 56F1A1BE1B9B3053EE85FB5A1E1346C6 377344 ----a-w- C:\WINDOWS\Sysnative\mprddm.dll 2016-09-21 10:04:01 5697FD05EC6915A1E7193D658D8D6E05 1080320 ----a-w- C:\WINDOWS\Sysnative\IKEEXT.DLL 2016-09-21 10:04:01 561CBB163EB3C8221D9B1D7D1E5CA477 252416 ----a-w- C:\WINDOWS\Sysnative\dnsrslvr.dll 2016-09-21 10:04:01 4C6236C131E68FC23713523C8CDB5469 429568 ----a-w- C:\WINDOWS\Sysnative\vpnike.dll 2016-09-21 10:04:01 3094E937AE11D2A1B2E7830B55259B8A 323072 ----a-w- C:\WINDOWS\Sysnative\iprtrmgr.dll 2016-09-21 10:04:01 15C0034561FE5B03FA376F1A6232478B 542720 ----a-w- C:\WINDOWS\Sysnative\rasmans.dll 2016-09-21 10:04:00 D835250EE4140AB3306C8296E3F9CC6C 2897920 ----a-w- C:\WINDOWS\Sysnative\esent.dll 2016-09-21 10:04:00 1A5F011B7C2417C651E43653E9C8C0F4 3547136 ----a-w- C:\WINDOWS\Sysnative\rdpcorets.dll 2016-09-21 10:04:00 02ACE47F91FF96665743389D050A0956 360448 ----a-w- C:\WINDOWS\Sysnative\rdpclip.exe 2016-09-20 18:37:44 96247478F063B4CDDAEFB55EE998B0AC 1767944 ----a-w- C:\WINDOWS\Sysnative\nvspcap64.dll 2016-09-20 18:37:44 42256DDFDF673E3FB6C236CB1FF49FE0 112216 ----a-w- C:\WINDOWS\Sysnative\NvRtmpStreamer64.dll 2016-09-20 18:37:44 028F12743900756714817E5E05607C10 1756424 ----a-w- C:\WINDOWS\Sysnative\nvspbridge64.dll 2016-09-20 18:37:04 D70BEDB9436DBCA77D3E470C1BAB373E 130848 ----a-w- C:\WINDOWS\Sysnative\vulkan-1.dll 2016-09-20 18:37:04 0597F21B1DCADAB5F28806671670CDE4 45344 ----a-w- C:\WINDOWS\Sysnative\vulkaninfo.exe 2016-09-20 18:36:42 EC925F836F89F01A443031FC0269F3B2 1764408 ----a-w- C:\WINDOWS\Sysnative\nvsvcr.dll 2016-09-20 18:36:42 EA9A47128ABEDD2093C1973AC4233FE0 7320235 ----a-w- C:\WINDOWS\Sysnative\nvcoproc.bin 2016-09-20 18:36:42 D19732E6F99FEBAC1750129E7F94D9D9 6385720 ----a-w- C:\WINDOWS\Sysnative\nvcpl.dll 2016-09-20 18:36:42 8BA4C4A4E3F72A43B5E3CBC59FA33422 1362368 ----a-w- C:\WINDOWS\Sysnative\nvvsvc.exe 2016-09-20 18:36:42 712A765BBA165829BD0BB0B625EF2654 548408 ----a-w- C:\WINDOWS\Sysnative\nv3dappshext.dll 2016-09-20 18:36:42 33473EC8E09AB68F39F6EEBE74C5DB04 71224 ----a-w- C:\WINDOWS\Sysnative\nvshext.dll 2016-09-20 18:36:42 1A785AC6D1ABCC1F976437E63B229EF3 2475064 ----a-w- C:\WINDOWS\Sysnative\nvsvc64.dll 2016-09-20 18:36:42 1541877D74FF256A9630EEB2346D6F32 81856 ----a-w- C:\WINDOWS\Sysnative\nv3dappshextr.dll 2016-09-20 18:36:42 054BF6F802399090832FB71CCB483775 393784 ----a-w- C:\WINDOWS\Sysnative\nvmctray.dll 2016-09-20 18:36:35 C22A40A994C6551BA2D848103690463B 213952 ----a-w- C:\WINDOWS\Sysnative\OpenCL.dll 2016-09-20 18:35:49 FFAE3BE4CF75449944AF146D5126EF5D 181488 ----a-w- C:\WINDOWS\Sysnative\nvinitx.dll 2016-09-20 18:35:49 D7102F4A0A0AE3139B7BBA8486124B5D 19848080 ----a-w- C:\WINDOWS\Sysnative\nvwgf2umx.dll 2016-09-20 18:35:49 C6F1B36AB700CE484DD733557A3F142D 54728 ----a-w- C:\WINDOWS\Sysnative\nvhdap64.dll 2016-09-20 18:35:49 9AEC58AA55DE38AD1A6939973AE3C737 113208 ----a-w- C:\WINDOWS\Sysnative\nvaudcap64v.dll 2016-09-20 18:35:49 8E26BEB310C78C80868331E628BCAD82 10737632 ----a-w- C:\WINDOWS\Sysnative\nvopencl.dll 2016-09-20 18:35:49 7500829BDF74D65119E697B1FEC57301 34801088 ----a-w- C:\WINDOWS\Sysnative\nvoglv64.dll 2016-09-20 18:35:49 6A367A3FC7F19759A620B9C956F9E540 39731 ----a-w- C:\WINDOWS\Sysnative\nvinfo.pb 2016-09-20 18:35:49 60EFD55FA2BB9C7D5A58CB6A9C4DBB06 493608 ----a-w- C:\WINDOWS\Sysnative\nvumdshimx.dll 2016-09-20 18:35:49 588AAA046DDD83A651162E077DDEC52B 10865704 ----a-w- C:\WINDOWS\Sysnative\nvptxJitCompiler.dll 2016-09-20 18:35:49 54C761E263C60645FA4E3F94C2FAFEB8 153368 ----a-w- C:\WINDOWS\Sysnative\nvoglshim64.dll 2016-09-20 18:35:49 04CBADD8584ED12124F774E11D81BB80 1588688 ----a-w- C:\WINDOWS\Sysnative\nvhdagenco6420103.dll 2016-09-20 18:35:48 EF8125513FC47A22506B1B9F6FBC64D2 10278080 ----a-w- C:\WINDOWS\Sysnative\nvcuda.dll 2016-09-20 18:35:48 CEC99DEE5BA555A15F64F301CC880EC4 437696 ----a-w- C:\WINDOWS\Sysnative\NvIFROpenGL.dll 2016-09-20 18:35:48 C6A24E56D31E07E2F2909D13B6607659 1019960 ----a-w- C:\WINDOWS\Sysnative\NvFBC64.dll 2016-09-20 18:35:48 C699CDDBF43418A817B0ADE4CCE719B8 17463088 ----a-w- C:\WINDOWS\Sysnative\nvd3dumx.dll 2016-09-20 18:35:48 C18856772FEA5CBBE53C69409CF91683 686896 ----a-w- C:\WINDOWS\Sysnative\nvfatbinaryLoader.dll 2016-09-20 18:35:48 BC3FD730B56BFF0C30B99DF0A47B0A5E 3917512 ----a-w- C:\WINDOWS\Sysnative\nvapi64.dll 2016-09-20 18:35:48 BAACDAEEA52A6D64FB47155A83B9CEDD 3594808 ----a-w- C:\WINDOWS\Sysnative\nvcuvid.dll 2016-09-20 18:35:48 A57845431F3113A6706488C8F6AB9BC7 1586744 ----a-w- C:\WINDOWS\Sysnative\nvdispgenco6437270.dll 2016-09-20 18:35:48 A523C801B6B0DC16E9361B937A596DFF 669 ----a-w- C:\WINDOWS\Sysnative\nv-vk64.json 2016-09-20 18:35:48 949927F3A94FD50A97BBB59B23EB64C1 941504 ----a-w- C:\WINDOWS\Sysnative\NvIFR64.dll 2016-09-20 18:35:48 7AF595DAE9000249262939705074BF92 40070200 ----a-w- C:\WINDOWS\Sysnative\nvcompiler.dll 2016-09-20 18:35:48 500064EB63CBE1D6116C34E28B4A02B0 520912 ----a-w- C:\WINDOWS\Sysnative\nvEncodeAPI64.dll 2016-09-20 18:35:48 4AB93FF27599248F82C3E5BC1A14BEB5 1920960 ----a-w- C:\WINDOWS\Sysnative\nvdispco6437270.dll 2016-09-20 14:47:04 6757AACAA4436F21AB03BD62A1755736 381504 ----a-w- C:\WINDOWS\Sysnative\FNTCACHE.DAT 2016-09-18 15:27:32 48BA9C6110A5EBA910E7FB2E7D23CFC1 110176 ----a-w- C:\WINDOWS\Sysnative\klfphc.dll 2016-09-14 15:11:26 12A4EEE911929AF2C0297E415AB90B01 435200 ----a-w- C:\WINDOWS\Sysnative\schannel.dll 2016-09-14 15:11:25 01EB7C4D8749DCA4693CFA43BD6C30A8 803176 ----a-w- C:\WINDOWS\Sysnative\oleaut32.dll 2016-09-14 15:11:00 D8E1BEF3EF4F933E024CD611117A1921 7076864 ----a-w- C:\WINDOWS\Sysnative\glcndFilter.dll 2016-09-14 15:11:00 9E200461615AE4E365496E8C9E1F48C0 7795712 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll 2016-09-14 15:10:56 33063F69D8E97D6A5C81AE5D9083239D 25770496 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-09-14 15:10:54 7936C38FA219F9677B6ADC1BD449312A 6047232 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2016-09-14 15:10:53 EDFE9C542057783240B99AF1D22AB9E7 15411712 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-09-14 15:10:52 A433DAC3B202BD13668B10E198BF3CDC 2881536 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2016-09-14 15:10:50 F28B26DE031D6C7AC3F393417191A22F 2921472 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-09-14 15:10:48 A83046F312DD0A0093919A55566F12BF 1032704 ----a-w- C:\WINDOWS\Sysnative\inetcomm.dll 2016-09-14 15:10:48 A28190FACB9A57460646DC34D1872602 1550848 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-09-14 15:10:48 7E7E95BD081708B6F25C8D53905C2555 576000 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2016-09-14 15:10:48 6B814ECF3A4916D86142685A40B4F1CA 2894336 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2016-09-14 15:10:48 63FE1FCCA4DE89650B5F1B053F90C14D 817664 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2016-09-14 15:10:48 62FA32D750EE2EE4A5428EBB1D19579F 806400 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2016-09-14 15:10:47 2519AE972350743048572AE2B4468A6A 800768 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2016-09-14 15:10:36 FC443D2597006FC73F44B4491FC25FF1 179248 ----a-w- C:\WINDOWS\Sysnative\sspicli.dll 2016-09-14 15:10:36 F577BC03ADA6A29DDB3F0A8651A8F661 443224 ----a-w- C:\WINDOWS\Sysnative\msv1_0.dll 2016-09-14 15:10:36 37E3C77FA8608709318EBD2B3BA97E8E 1445376 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2016-09-14 15:10:36 1E9DB6550A2A6B3ACB1F17B0EA077461 445440 ----a-w- C:\WINDOWS\Sysnative\certcli.dll 2016-09-14 15:08:33 F25907AFCD1149352EF5B988E44C3B27 1358952 ----a-w- C:\WINDOWS\Sysnative\winresume.exe 2016-09-14 15:08:33 E3A24927840E8B13EF099CA46CE399FA 7445848 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-09-14 15:08:33 D0FE3C3F4F834C919066400E23AB4345 1663184 ----a-w- C:\WINDOWS\Sysnative\winload.efi 2016-09-14 15:08:33 99BA858B8CF4FAC6B2655502411D81A2 1490120 ----a-w- C:\WINDOWS\Sysnative\winresume.efi 2016-09-14 15:08:33 250A6C581F8293B7F7BB55B09B3CB298 1737080 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2016-09-14 15:08:33 0191F21E7215A2B609AA53D54532E0AA 1523208 ----a-w- C:\WINDOWS\Sysnative\winload.exe 2016-09-14 15:08:32 8EBA3AAB9696A948F3D9EA29CE714D65 59392 ----a-w- C:\WINDOWS\Sysnative\csrsrv.dll 2016-09-14 15:08:31 935E2FD7B6F3CFFB8772CDD409E3F0DC 1156608 ----a-w- C:\WINDOWS\Sysnative\wwanmm.dll 2016-09-14 15:08:31 6BA8A2A04C8BE600158B2937D4200E16 627200 ----a-w- C:\WINDOWS\Sysnative\pnidui.dll 2016-09-14 15:08:31 0CD4AC29075FD65B3A37CBB440128FE9 455680 ----a-w- C:\WINDOWS\Sysnative\wwanconn.dll 2016-09-14 15:08:16 F3F386959F2CD1C64346E7F1C0E670CA 4171264 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2016-09-14 15:08:16 50708D66BB008FF4A3573403B342EBAC 1541248 ----a-w- C:\WINDOWS\Sysnative\user32.dll 2016-09-12 21:22:11 051EB02D5888EBFEC2F8457E62440808 91904 ----a-w- C:\WINDOWS\Sysnative\RtCRX64.dll 2016-09-10 20:55:37 BDD266D5C3B0DA4818AF284EE04D5B66 1804696 ----a-w- C:\WINDOWS\Sysnative\WdfCoInstaller01011.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2016-09-21 10:04:02 D5ECE7E7F349EB3C4B152AFF3577280D 95744 ----a-w- C:\WINDOWS\Sysnative\drivers\agilevpn.sys 2016-09-21 10:04:02 24DABC0A77FAFDC0E379AB3B30F61BB6 101208 ----a-w- C:\WINDOWS\Sysnative\drivers\mountmgr.sys 2016-09-20 18:35:49 6F6F94E2D41B5B89375D6214D155577F 14093368 ----a-w- C:\WINDOWS\Sysnative\drivers\nvlddmkm.sys 2016-09-20 18:35:49 67B51A97733B10D716B366C2ED126763 223304 ----a-w- C:\WINDOWS\Sysnative\drivers\nvhda64v.sys 2016-09-20 18:35:49 38175904276F86EA4704EC13B77FB4B0 56376 ----a-w- C:\WINDOWS\Sysnative\drivers\nvvad64v.sys 2016-09-18 20:55:01 CB8F76349966D5BB4C85A39207412116 17288 ----a-w- C:\WINDOWS\Sysnative\drivers\Dbgv.sys 2016-09-18 15:26:45 BBF9B967A410120E67FB6E7F53E7A7CA 1012056 ----a-w- C:\WINDOWS\Sysnative\drivers\klif.sys 2016-09-18 15:26:45 63FD545876EF4248BE3C8788D8270758 191312 ----a-w- C:\WINDOWS\Sysnative\drivers\klflt.sys 2016-09-18 11:24:02 799F70FF787F4F68E7EA02FEABAC9FAB 307352 ----a-w- C:\WINDOWS\Sysnative\drivers\tmcomm.sys 2016-09-15 16:13:58 E689FD1E1C4462271835237A4510D8E2 24600 ----a-w- C:\WINDOWS\Sysnative\drivers\pimou.sys 2016-09-15 16:13:19 14360198D46557A3D93DBE14B161F3EC 26088 ----a-w- C:\WINDOWS\Sysnative\drivers\pikbd.sys 2016-09-14 15:11:26 FABC49666708EA562549E78E6FBF3191 243712 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2016-09-14 15:11:26 F5849909D4B29B4E3D4445F943E5C7E3 675328 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2016-09-14 15:11:26 36B082C7A764A34FB1DC72D975870B61 416768 ----a-w- C:\WINDOWS\Sysnative\drivers\srv.sys 2016-09-14 15:10:36 3AF30CEB99E581E2FADA0B5FC4B551D8 401408 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2016-09-14 15:10:36 304DA394D958BC3B62AF6DF514005B01 100184 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecdd.sys 2016-09-14 15:10:36 15D7AF1A26CCEBA32DF21A8E2098F463 284672 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys 2016-09-14 15:10:36 0790EEB1EC199F8BE8259E47B373ED23 201728 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys 2016-09-12 21:22:12 192C52067F6395EF25B61330FB1538C0 425216 ----a-w- C:\WINDOWS\Sysnative\drivers\RtsUer.sys 2016-09-10 20:55:40 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf 2016-09-10 20:55:37 C48C8E8B6C30D666CC07C01AB3694A0E 51320 ----a-w- C:\WINDOWS\Sysnative\drivers\Smb_driver_Intel.sys 2016-09-08 18:19:10 07F83829E7429E60298440CD1E601A6A 21984 ----a-w- C:\WINDOWS\Sysnative\drivers\semav6msr64.sys 2016-09-05 20:40:20 9E80F8EFE58413EA62679A55E0C757CD 885504 ----a-w- C:\WINDOWS\Sysnative\drivers\Rt630x64.sys 2016-09-05 20:32:08 9F26180A46FBC32CC3E50F6800EA3240 53776 ----a-w- C:\WINDOWS\Sysnative\drivers\btcusb.sys 2016-08-23 10:39:09 E38C06074161DE1C344A10FA57BC3A4E 48304 ----a-w- C:\WINDOWS\Sysnative\drivers\RegHiveRecovery.sys ====== C:\WINDOWS\Tasks ====== 2016-09-20 18:18:53 F175BADEFB696612AF5A24657EBD6B08 3796 ----a-w- C:\WINDOWS\Sysnative\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-20 18:18:48 D6B6180F008DFD4A1FD65BD4D622C9B9 3608 ----a-w- C:\WINDOWS\Sysnative\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-20 18:18:48 BFBAB43C88F188F6228F47DFD875186B 3846 ----a-w- C:\WINDOWS\Sysnative\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-20 18:18:48 096B731FFF8030438B7CDB7A9A6583FD 3784 ----a-w- C:\WINDOWS\Sysnative\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-20 18:18:47 411D1F0F3111B9CDF9566189B400BEA8 3846 ----a-w- C:\WINDOWS\Sysnative\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-20 18:18:46 38D8070AE0725D779F6A4C87F095C92E 3548 ----a-w- C:\WINDOWS\Sysnative\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-16 14:15:29 E379C142E01ABD27358EA298F28F20A4 940 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-09-16 14:15:29 9783DFAAFC574DBDF24BE0747CB5EEB8 3828 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player Updater 2016-09-11 20:53:01 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Restore Point Creator 2016-09-09 08:36:38 BD79A45D6519C54A516E52E46FCC2554 3400 ----a-w- C:\WINDOWS\Sysnative\Tasks\DriverMaxAgent 2016-09-09 08:36:38 6F68E3975F1F350EE55701FB0CDC05D3 3412 ----a-w- C:\WINDOWS\Sysnative\Tasks\DriverMax Notification 2016-09-08 18:19:12 AE8986CEC0E14BCEA89F801007CD4B62 3038 ----a-w- C:\WINDOWS\Sysnative\Tasks\USER_ESRV_SVC_WILLAMETTE 2016-09-08 18:19:02 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Intel 2016-09-05 20:25:34 903E6DEAD3A002A8F04E329C9A0CD770 3480 ----a-w- C:\WINDOWS\Sysnative\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c 2016-08-29 15:53:19 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Softland ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-09-20 18:34:43 -------- d-----w- C:\Program Files\NVIDIA Corporation 2016-09-10 20:55:39 -------- d-----w- C:\Program Files\Synaptics 2016-09-02 14:41:52 -------- d-----w- C:\Program Files\Defraggler 2016-08-25 11:48:48 -------- d-----w- C:\Program Files\Microsoft SQL Server ======= C:\PROGRA~2 ===== 2016-09-20 18:40:53 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2016-09-20 18:40:53 -------- d-----r- C:\PROGRA~2\Skype 2016-09-20 18:36:56 -------- d-----w- C:\PROGRA~2\VulkanRT 2016-09-20 18:36:25 -------- d-----w- C:\PROGRA~2\NVIDIA Corporation 2016-09-18 15:27:05 -------- d-----w- C:\PROGRA~2\Kaspersky Lab 2016-09-18 11:19:31 -------- d-----w- C:\PROGRA~2\Sophos 2016-09-16 13:51:46 -------- d-----w- C:\PROGRA~2\Dell Customer Connect 2016-09-14 12:54:07 -------- d-----w- C:\PROGRA~2\HD Tune 2016-09-11 20:52:58 -------- d-----w- C:\PROGRA~2\Restore Point Creator 2016-09-08 18:35:05 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2016-09-08 18:34:36 -------- d-----w- C:\PROGRA~2\Java 2016-09-08 18:19:09 -------- d-----w- C:\PROGRA~2\Intel Driver Update Utility 2016-09-05 20:25:33 -------- d-----w- C:\PROGRA~2\Innovative Solutions 2016-08-29 15:53:07 -------- d-----w- C:\PROGRA~2\Softland 2016-08-29 15:31:42 -------- d-----w- C:\PROGRA~2\BrowserBackup 2016-08-23 10:46:31 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 10.0 2016-08-23 10:44:24 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server ======= C: ===== 2016-08-25 14:08:54 E1A5CEB6C5066175A141584B3FC53B99 107 ---ha-w- C:\DBAR_Ver.txt ====== C:\Users\Olaf De Wit\AppData\Roaming ====== 2016-09-21 14:45:08 -------- d-----r- C:\Users\Olaf De Wit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2016-09-21 13:50:11 -------- d-----w- C:\Users\Olaf De Wit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2016-09-20 18:40:56 -------- d-----w- C:\Users\Olaf De Wit\AppData\Roaming\Skype 2016-09-20 18:38:54 -------- d-----w- C:\Users\Olaf De Wit\AppData\Local\NVIDIA Corporation 2016-09-20 18:37:46 -------- d-----w- C:\Users\Olaf De Wit\AppData\Local\NVIDIA 2016-09-18 16:36:37 -------- d-----w- C:\Users\Olaf De Wit\AppData\Local\Kaspersky Lab 2016-09-18 11:42:44 F1472C6B8AC486BC1C2526532BA595E6 662741 ----a-w- C:\Users\Olaf De Wit\AppData\Local\census.cache 2016-09-18 11:42:10 64AD31AAABFF1556F2300297259EDAF6 207061 ----a-w- C:\Users\Olaf De Wit\AppData\Local\ars.cache 2016-09-18 11:38:09 045EE7EFEFBEEC9B6F82CA2A5E08CD6D 10 ----a-w- C:\Users\Olaf De Wit\AppData\Local\sponge.last.runtime.cache 2016-09-18 11:23:57 4E51A5A81972C170E0BB6DA92231B8F7 36 ----a-w- C:\Users\Olaf De Wit\AppData\Local\housecall.guid.cache 2016-09-17 12:16:52 -------- d-----w- C:\Users\Olaf De Wit\AppData\Roaming\QuickScan 2016-09-11 20:54:33 -------- d-----w- C:\Users\Olaf De Wit\AppData\Local\Restore_Point_Creator 2016-09-08 18:34:57 -------- d-----w- C:\Users\Olaf De Wit\AppData\Roaming\Sun 2016-09-08 18:34:57 -------- d-----w- C:\Users\Olaf De Wit\AppData\Locallow\Sun 2016-09-08 18:19:27 -------- d-----w- C:\Users\Olaf De Wit\AppData\Local\Intel 2016-09-07 09:13:49 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp 2016-09-07 09:13:49 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp 2016-09-07 09:13:49 -------- d-----w- C:\Users\Olaf De Wit\AppData\Local\Temp 2016-09-07 09:13:49 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2016-09-07 09:13:49 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2016-09-05 20:25:36 -------- d-----w- C:\Users\Olaf De Wit\AppData\Roaming\Innovative Solutions 2016-09-05 20:25:33 -------- d-----w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions 2016-08-29 15:53:16 -------- d-----w- C:\Users\Olaf De Wit\AppData\Roaming\Softland 2016-08-29 15:31:42 -------- d-----w- C:\Users\Olaf De Wit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserBackup 2016-08-23 17:11:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\TightVNC 2016-08-23 10:47:24 -------- d-s---w- C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft 2016-08-23 10:47:24 -------- d-----w- C:\Users\MSSQL$ADK\AppData\Local\Microsoft 2016-08-23 10:47:24 -------- d-----r- C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-08-23 10:47:24 -------- d-----r- C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-08-23 10:47:24 -------- d-----r- C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-08-23 10:26:06 -------- d-----w- C:\Users\Olaf De Wit\AppData\Local\Windows Performance Analyzer ====== C:\Users\Olaf De Wit ====== 2016-09-21 14:44:16 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2016-09-20 18:40:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-09-20 18:40:43 -------- d-----w- C:\ProgramData\Skype 2016-09-20 18:39:50 103BFB4CB5EAB8AC2B1E0B5198524BFD 1461376 ----a-w- C:\Users\Olaf De Wit\Downloads\SkypeSetup.exe 2016-09-20 18:37:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-09-20 18:36:53 -------- d-----w- C:\ProgramData\NVIDIA 2016-09-20 18:36:30 -------- d-----w- C:\ProgramData\NVIDIA Corporation 2016-09-20 18:17:16 B5E85BB49B7FB7D532F6EEAB9BBC5660 363556792 ----a-w- C:\Users\Olaf De Wit\Downloads\372.70-desktop-win8-win7-64bit-international-whql.exe 2016-09-20 18:16:01 298A6106EC659D11FCF17B3E0DADDCF1 68857168 ----a-w- C:\Users\Olaf De Wit\Downloads\GeForce_Experience_v3.0.6.48.exe 2016-09-18 16:36:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager 2016-09-18 15:27:05 -------- d-----w- C:\ProgramData\Kaspersky Lab 2016-09-18 15:00:00 6C19F94BBCC9CF6E99290A9744790321 268127 ----a-w- C:\ProgramData\1474210627.bdinstall.bin 2016-09-18 11:55:59 862F789993BFF254082DF09E970FBA57 11385448 ----a-w- C:\Users\Olaf De Wit\Downloads\Trend Micro Ransomware Screen Unlocker.exe 2016-09-18 11:31:19 -------- d-----w- C:\ProgramData\Trend Micro 2016-09-18 11:23:49 450D81FFD96190AEAA05DBA0F8F11E18 2526736 ----a-w- C:\Users\Olaf De Wit\Downloads\HousecallLauncher64.exe 2016-09-18 11:20:10 -------- d-----w- C:\ProgramData\Sophos 2016-09-18 11:19:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos 2016-09-18 11:17:05 7DA2390F0B48820125EAF82A90251D6E 152715360 ----a-w- C:\Users\Olaf De Wit\Downloads\Sophos Virus Removal Tool.exe 2016-09-16 17:19:05 3CAE4B96D5D90CA6034959EA403DBA1A 100145 ----a-w- C:\Users\Olaf De Wit\wsusclient.jpg 2016-09-15 17:12:09 -------- d-----w- C:\Users\Olaf De Wit\Intel 2016-09-15 16:19:26 81064F9D184A00F9049E92AE21E40F10 5201280 ----a-w- C:\Users\Olaf De Wit\Downloads\spsetup129.exe 2016-09-15 16:15:41 C33551284C9132ABCA6CE7F7BFE3189A 604960 ----a-w- C:\Users\Olaf De Wit\Downloads\ReimageRepair.exe 2016-09-15 15:14:42 42230A06E40DBDB5DB4B9C6E5B4E9419 15306952 ----a-w- C:\Users\Olaf De Wit\British MILF Nadyne Show Boobs, Free British Boobs Porn Video nl.flv 2016-09-15 09:47:47 AA24FEB75B9FBD32DF5CFFDC20107C28 80302 ----a-w- C:\Users\Olaf De Wit\HDTune-15-09-2016.jpg 2016-09-14 14:57:52 1FC60CA6F024859F892CBC7F520ADA61 127793 ----a-w- C:\Users\Olaf De Wit\HDTune-14-0-2016.jpg 2016-09-14 12:54:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune 2016-09-14 12:53:36 088812A121E0A9CEB40CE9C808C8A90C 642632 ----a-w- C:\Users\Olaf De Wit\Downloads\hdtune_255.exe 2016-09-12 18:24:08 0F96C8E35FCBB19B7BFD4F6DA1F529C0 401640 ----a-w- C:\Users\Olaf De Wit\Downloads\driver-updater-setup.exe 2016-09-12 14:33:59 -------- d-----w- C:\ProgramData\dbg 2016-09-11 20:52:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restore Point Creator 2016-09-11 20:52:36 ED730722B24B1EC49AD1EF5959EE8C82 870103 ----a-w- C:\Users\Olaf De Wit\Downloads\Install Restore Point Creator.exe 2016-09-11 20:27:42 EB1F89D8067863DCE5607727A1D15BFD 1219152 ----a-w- C:\Users\Olaf De Wit\Downloads\adksetup.exe 2016-09-11 19:05:51 187CA9B5A82A3120E1B609BC0E4049BB 76743 ----a-w- C:\Users\Olaf De Wit\herstelpunten.jpg 2016-09-09 19:05:05 AF911BE206423BF440EA9D4DF075A632 2721168 ----a-w- C:\Users\Olaf De Wit\Downloads\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe 2016-09-08 18:34:57 -------- d-----w- C:\Users\Olaf De Wit\.oracle_jre_usage 2016-09-08 18:34:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-09-08 18:34:37 -------- d-----w- C:\ProgramData\Oracle 2016-09-08 18:34:01 15937AD184835453BD70CDE5250779E9 739904 ----a-w- C:\Users\Olaf De Wit\Downloads\jxpiinstall.exe 2016-09-08 18:27:46 756A4FC93EE186D9D24FBDB68185350F 4952336 ----a-w- C:\Users\Olaf De Wit\Downloads\autodetectutility.exe 2016-09-08 18:19:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility 2016-09-08 18:18:59 -------- d-----w- C:\ProgramData\Package Cache 2016-09-08 18:18:08 CA5D76686A52DC6E67D0762D7738347A 7491840 ----a-w- C:\Users\Olaf De Wit\Downloads\Intel Driver Update Utility Installer.exe 2016-09-08 12:31:03 750DD01303091F69F8EB27C72F04F178 170493768 ----a-w- C:\Users\Olaf De Wit\Downloads\iTunes6464Setup (1).exe 2016-09-08 10:17:39 C0911E31A3B31A6E0E4FFC0697215AB5 3826240 ----a-w- C:\Users\Olaf De Wit\Downloads\adwcleaner_6.010.exe 2016-09-07 09:14:42 -------- d-----w- C:\ProgramData\ReviverSoft 2016-09-05 20:25:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax 2016-09-02 14:42:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler 2016-08-29 15:53:07 -------- d-----w- C:\ProgramData\Softland 2016-08-29 15:53:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FBackup 6 2016-08-29 15:53:01 -------- d-----w- C:\ProgramData\regid.2006-01.com.fbackup 2016-08-24 13:11:13 -------- d-----w- C:\ProgramData\BootRacer 2016-08-23 17:11:12 4DA8F567276DCC7EC82D34C01690AC81 193 ----a-w- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 2016-08-23 11:00:39 -------- d-----w- C:\ProgramData\WindowsPerformanceRecorder 2016-08-23 10:47:25 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\MSSQL$ADK\ntuser.ini 2016-08-23 10:47:24 -------- d-----w- C:\Users\MSSQL$ADK\AppData 2016-08-23 10:45:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 ====== C: exe-files == 2016-09-21 13:53:08 8DD7FDE100BB0ACBA108C39056B8B192 1241088 ----a-w- C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe 2016-09-21 13:51:25 B5C721C25688EAE177170AF951832DBE 23925040 ----a-w- C:\Users\Olaf De Wit\Documents\Dell Downloads\2020e79f-532c-4254-b0a4-2f1302016903\XPS-8700_Serial-ATA_Driver_89G40_WN_12.8.0.1016_A00.EXE 2016-09-21 13:50:11 9289A67A1B8782D7010E3AEF81980E52 313800 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Apps\2.0\D9PD6XJQ.QJ0\OJ4XB9L0.66B\dell..tion_6d0a76327dca4869_0007.0009_d84bde3ab35e468d\DellSystemDetect.exe 2016-09-21 13:50:11 8E803599A45759AFE961115D859EB0D5 47048 ------w- C:\Users\Olaf De Wit\AppData\Local\Apps\2.0\D9PD6XJQ.QJ0\OJ4XB9L0.66B\dell..tion_6d0a76327dca4869_0007.0009_d84bde3ab35e468d\Uninstaller.exe 2016-09-21 10:04:00 02ACE47F91FF96665743389D050A0956 360448 ----a-w- C:\Windows\System32\rdpclip.exe 2016-09-20 18:42:50 FF2089F22CEEAABA0BC2777F98684588 422456 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe 2016-09-20 18:42:50 CE3AB0D164777DC18FD3A2C84B741FB2 19038264 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamUserAgent.exe 2016-09-20 18:42:50 8FD723A2116683720F2C21E81EBE1AD1 204856 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\WLMerger.exe 2016-09-20 18:42:49 F25CB71E49FA8B9AF53D3F45741310BF 2905656 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamNetworkService.exe 2016-09-20 18:42:49 F18577D7B7F15612DAF3B35A2C885E0D 6438968 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps.exe 2016-09-20 18:42:49 F11AC8A16AC89BDD516812F842A74D08 528440 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\DXSETUP.exe 2016-09-20 18:42:49 E854DD4E504715F2E115AF48395BD7A3 2018360 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamService.exe 2016-09-20 18:42:49 E6A64322EB213AEACBB61584AA6FB032 3634232 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamNetworkService.exe 2016-09-20 18:42:49 E29F5A012198963B20C760554EB56778 4591672 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe 2016-09-20 18:42:49 C6E1E9A45C8BCFD073148B6A6B038C69 1165368 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService64.exe 2016-09-20 18:42:49 BE586B5D1D73E1F07ED5AADDEFBCAA47 2398776 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\NvBackend.exe 2016-09-20 18:42:49 A8213BF32D2E75ADD362E118AD164749 2522680 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamService.exe 2016-09-20 18:42:49 A6102293847A7A2DF01E7BF7AC1C1F12 1881144 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Network.Service\NVNetworkService.exe 2016-09-20 18:42:49 9E47310B1BD2C7982AEFB3035329BB3B 604216 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\7z.exe 2016-09-20 18:42:49 9E45708E7DDC6D8EEFBC2645C70E7214 4761656 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\GFExperience.exe 2016-09-20 18:42:49 98001C624D8F5A6A65014864C79EA18D 931896 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService32.exe 2016-09-20 18:42:49 8D26D74C5E55418040090C069BC94807 321312 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvsphelper64.exe 2016-09-20 18:42:49 860E9EC26BEE78169D19EBE54423F65A 290304 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvsphelper.exe 2016-09-20 18:42:49 6AA800365EA5A95F4459CCED9346F605 21332536 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamUserAgent.exe 2016-09-20 18:42:49 4FCC6EFBFC9F15C5A3AA83D94F9CCD1F 646200 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe 2016-09-20 18:42:49 411864D98F1883F0E872D611CFF07222 1881144 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVNetworkService.exe 2016-09-20 18:42:49 3C9F1AFED2F9D7323D2F37D6639800F9 86904 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedServiceHost.exe 2016-09-20 18:42:49 3822DDD286EAAE09E4FE198BB23622F4 5577784 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe 2016-09-20 18:42:49 2B659B1E8168E1CC2226419FF6B521E7 1067064 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\LaunchGFExperience.exe 2016-09-20 18:42:49 10E81595C8DE67CB7FA6E60145B3F1B1 7542840 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps64.exe 2016-09-20 18:42:49 0F87B91D2394FB3909506D810098F960 126328 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedVisualizer.exe 2016-09-20 18:42:42 3E4264CA31777A5FA93EE11CDC789CA4 45214728 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\7a9c2b59-11eb-4f8b-9319-c479a45b9c56\GeForce_Experience_Update_v2.11.4.1.exe 2016-09-20 18:39:50 103BFB4CB5EAB8AC2B1E0B5198524BFD 1461376 ----a-w- C:\Users\Olaf De Wit\Downloads\SkypeSetup.exe 2016-09-20 18:39:09 59C16C874A53C042AC75DDFB33723C19 716976 ----a-w- C:\Users\Olaf De Wit\AppData\Local\NVIDIA\NvBackend\Packages\000093fd\CoProc update.21162758.exe 2016-09-20 18:38:55 0D9DE1E1C063CDF436FB43D3BFEE6B4F 8889072 ----a-w- C:\Users\Olaf De Wit\AppData\Local\NVIDIA\NvBackend\Packages\00009418\DAO.21171887.exe 2016-09-20 18:37:44 D40EA006084154076E429E42A4F74DBE 7541184 ----a-w- C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe 2016-09-20 18:37:44 9C3783B4952A43588DD1AA67014E1E6F 321128 ----a-w- C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe 2016-09-20 18:37:44 3C9F1AFED2F9D7323D2F37D6639800F9 86904 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe 2016-09-20 18:37:44 0F87B91D2394FB3909506D810098F960 126328 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedVisualizer.exe 2016-09-20 18:37:42 6A0668AFD62D704701DD56DDA8717D42 4760000 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe 2016-09-20 18:37:42 1A8F1FA1EE409A43F194E6CF910D16E1 1065408 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe 2016-09-20 18:37:41 F78BC07DCED5EDDD6D477E923620F8EA 1163712 ----a-w- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 2016-09-20 18:37:41 4CB98D9944C55E84559CE41E70380801 602560 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\7z.exe 2016-09-20 18:37:38 D5212713CE090D5915DC7112A0522A9C 21330880 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe 2016-09-20 18:37:38 9209D57C1AA24841EF8D5DE6A5B2AAEB 3632576 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe 2016-09-20 18:37:38 67A26FAE7BFFACC8A0A421950DA672DE 5576128 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe 2016-09-20 18:37:38 4FCC6EFBFC9F15C5A3AA83D94F9CCD1F 646200 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe 2016-09-20 18:37:38 0EDF9504CA5174075BA5902AFC1F57C8 2521024 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe 2016-09-20 18:37:37 FB6BE3D9E27084B9852E66965CBABD9E 1044416 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\HighresBlender64.exe 2016-09-20 18:37:37 FB082DE5786EA1925DC72FDD560169E1 1152960 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\TagTool32.exe 2016-09-20 18:37:37 E1F686C98E8FE6529DE006E319D22D2B 821816 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\SphericalEquirect64.exe 2016-09-20 18:37:37 D7E1394B6229393AEBAFF00B6CDC58DE 92216 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraConfiguration.exe 2016-09-20 18:37:37 AD98F00002CA7E121455D0C9004A61F3 775616 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\SphericalEquirect32.exe 2016-09-20 18:37:37 A6E21E9059314727ED45C0F7D00C2696 796096 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\NvImageConvert32.exe 2016-09-20 18:37:37 95D3BAC378CC82610EC12F6E25A3F558 203200 ----a-w- C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe 2016-09-20 18:37:37 94A8196066774252DF015EEDF02CCA44 2397120 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 2016-09-20 18:37:37 7F3010D7923BAF636231E7D02ED52769 882744 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\HighresBlender32.exe 2016-09-20 18:37:37 50CCAEB57E2B8CCB01E2395B4F6E5F5C 911928 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\NvImageConvert64.exe 2016-09-20 18:37:37 07E37C7BF73F58ABC00473DE171878F7 112576 ----a-w- C:\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraEnable.exe 2016-09-20 18:37:10 F7F7869C7F83FB38B27AC9974F80EF97 2476992 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe 2016-09-20 18:37:10 B85B774FCCB38D75D5F4B09710AF739A 133056 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2016-09-20 18:37:10 9ADBFF044BCC3546B5274EB59A67C93E 424384 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe 2016-09-20 18:37:10 8FE9C228C648C33B22FDE17870168BCC 345024 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe 2016-09-20 18:37:10 7B9DCDFEF0924B6EDE319A7632660672 903104 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe 2016-09-20 18:37:10 2BF7C0BF2116534E965BCB14AD9332C1 444352 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe 2016-09-20 18:37:10 22C7E51181DECED87A77D642B6F3DB72 626112 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe 2016-09-20 18:37:10 18E12BCC63EED3609AB1B528769B1E69 7875008 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe 2016-09-20 18:37:10 0CB74AF585A993BB03B30BD95B145F18 1764800 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe 2016-09-20 18:37:07 020F45E362D3B57CCC5735582BB1A6EC 1879488 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 2016-09-20 18:37:04 B1F9C56E5F3C20FEF261E2510221F6E4 40224 ----a-w- C:\Windows\SysWOW64\vulkaninfo.exe 2016-09-20 18:37:04 0597F21B1DCADAB5F28806671670CDE4 45344 ----a-w- C:\Windows\System32\vulkaninfo.exe 2016-09-20 18:36:53 C291D4BFF3F8C74B3C2E9129670992F2 420800 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\SETUP.EXE 2016-09-20 18:36:42 FE072817789D84E4020CBA0B1B931CFE 1286200 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 2016-09-20 18:36:42 B19CD177476CB9376269138C58F5FCB9 218048 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp64.exe 2016-09-20 18:36:42 8BA4C4A4E3F72A43B5E3CBC59FA33422 1362368 ----a-w- C:\Windows\System32\nvvsvc.exe 2016-09-20 18:36:42 60A82201712B40AEDD6733FD5D86F1ED 2454464 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 2016-09-20 18:36:42 5CF6ADAA3A46768F76E41A148CE69EBF 3032120 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\NvGpuUtilization.exe 2016-09-20 18:36:42 1A45E62A3795FC6DE3518F95BBA37B90 12750392 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe 2016-09-20 18:36:42 09E19A34FA2DFA22C22744F058C89E5C 220216 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp.exe 2016-09-20 18:35:49 FE8FDC5E34F016BFBE07C8BCBE710C30 17192392 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{93C4ABD8-0F0E-4135-9B06-6A95196C40C9}\3DVision.exe 2016-09-20 18:35:49 A4893FB9A70049AE61C7A87E334E47E1 13605464 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{F9EA2A4B-CC5D-44BC-B724-32EBF9832007}\VulkanRT-Installer.exe 2016-09-20 18:35:48 EFB1842F3E9961BC65FEDE175E529397 449592 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\nvidia-smi.exe 2016-09-20 18:35:48 E844656F81B150460A85EED5A5724B0E 848320 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\MCU.exe 2016-09-20 18:35:48 DA192DB27F74CD697B8010DF9E2DCDA2 412728 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\nvdebugdump.exe 2016-09-20 18:35:48 6B8251A1262287036DCB6054BE72FF26 456640 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{F9EA2A4B-CC5D-44BC-B724-32EBF9832007}\dbInstaller.exe 2016-09-20 18:35:48 6B8251A1262287036DCB6054BE72FF26 456640 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe 2016-09-20 18:35:48 630FC583D96A3E974464625D3640406B 96969600 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{F9EA2A4B-CC5D-44BC-B724-32EBF9832007}\NvCplSetupInt.exe 2016-09-20 18:34:44 C291D4BFF3F8C74B3C2E9129670992F2 420800 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{EAC2C0F5-8418-401C-906B-B8AD65E9DCFF}\setup.exe 2016-09-20 18:34:43 2B683E39B76CA6722FDACF35550BA592 1879488 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{BB9ACDBA-98A9-4A20-AC1C-2F9D9B85FDAD}\NVNetworkService.exe 2016-09-20 18:34:22 FB082DE5786EA1925DC72FDD560169E1 1152960 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NvCamera\TagTool32.exe 2016-09-20 18:34:22 E1F686C98E8FE6529DE006E319D22D2B 821816 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NvCamera\SphericalEquirect64.exe 2016-09-20 18:34:22 D5212713CE090D5915DC7112A0522A9C 21330880 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\NvStreamUserAgent.exe 2016-09-20 18:34:22 C7187AC06DAFD0628587F86742945601 7188536 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\MSVCRT\vcredist_x64_13.exe 2016-09-20 18:34:22 C291D4BFF3F8C74B3C2E9129670992F2 420800 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\setup.exe 2016-09-20 18:34:22 BD0171E2D02A85244F558D718480D0F3 545728 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\Display.NView\nvTaskBar.exe 2016-09-20 18:34:22 AD98F00002CA7E121455D0C9004A61F3 775616 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NvCamera\SphericalEquirect32.exe 2016-09-20 18:34:22 A4893FB9A70049AE61C7A87E334E47E1 13605464 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\Display.Driver\VulkanRT-Installer.exe 2016-09-20 18:34:22 99E3D99D8ED70AC88F59E31757ED3D62 6498200 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\MSVCRT\vcredist_x86_13.exe 2016-09-20 18:34:22 95D3BAC378CC82610EC12F6E25A3F558 203200 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\Update.Core\WLMerger.exe 2016-09-20 18:34:22 431F3440EF8DA442011F67E5680DD69C 2016704 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GFExperience.NvStreamSrv\x86\server\NvStreamService.exe 2016-09-20 18:34:22 2FB61B96FCC3489E964559D1D8083313 19036608 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GFExperience.NvStreamSrv\x86\server\NvStreamUserAgent.exe 2016-09-20 18:34:22 0F58D44029F628D5E296BD3C7CC772E3 2098232 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\Display.NView\nwiz.exe 2016-09-20 18:34:22 0EDF9504CA5174075BA5902AFC1F57C8 2521024 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\NvStreamService.exe 2016-09-20 18:34:21 D40EA006084154076E429E42A4F74DBE 7541184 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\ShadowPlay\nvspcaps64.exe 2016-09-20 18:34:21 B4EDC844C472BE00FB042D4538EAD648 1178680 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\Display.NView\nViewMain.exe 2016-09-20 18:34:21 A6E21E9059314727ED45C0F7D00C2696 796096 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NvCamera\NvImageConvert32.exe 2016-09-20 18:34:21 9C3783B4952A43588DD1AA67014E1E6F 321128 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\ShadowPlay\nvsphelper64.exe 2016-09-20 18:34:21 9209D57C1AA24841EF8D5DE6A5B2AAEB 3632576 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\NvStreamNetworkService.exe 2016-09-20 18:34:21 7AD917A48877CD947CFBD8756C169842 6437312 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\ShadowPlay\nvspcaps.exe 2016-09-20 18:34:21 6C9110C573AC58F98BB381077FFCCA90 290304 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\ShadowPlay\nvsphelper.exe 2016-09-20 18:34:21 67A26FAE7BFFACC8A0A421950DA672DE 5576128 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe 2016-09-20 18:34:21 50CCAEB57E2B8CCB01E2395B4F6E5F5C 911928 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NvCamera\NvImageConvert64.exe 2016-09-20 18:34:21 4FCC6EFBFC9F15C5A3AA83D94F9CCD1F 646200 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe 2016-09-20 18:34:21 3C9F1AFED2F9D7323D2F37D6639800F9 86904 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\LEDVisualizer\NvLedServiceHost.exe 2016-09-20 18:34:21 2FEB370CA6886CDB4EDB537599A27929 4590016 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe 2016-09-20 18:34:21 2B683E39B76CA6722FDACF35550BA592 1879488 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NVI2\NVNetworkService.exe 2016-09-20 18:34:21 2671139F42E0CBE7333A60FEBA6F4AE5 1278400 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\Display.NView\nViewMain64.exe 2016-09-20 18:34:21 2156CD5CADD3CC6C90705CC54FB3073D 2904000 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GFExperience.NvStreamSrv\x86\server\NvStreamNetworkService.exe 2016-09-20 18:34:21 0F87B91D2394FB3909506D810098F960 126328 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\LEDVisualizer\NvLedVisualizer.exe 2016-09-20 18:34:21 020F45E362D3B57CCC5735582BB1A6EC 1879488 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\Network.Service\NVNetworkService.exe 2016-09-20 18:34:20 FE8FDC5E34F016BFBE07C8BCBE710C30 17192392 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NV3DVision\3DVision.exe 2016-09-20 18:34:20 FB6BE3D9E27084B9852E66965CBABD9E 1044416 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NvCamera\HighresBlender64.exe 2016-09-20 18:34:20 F78BC07DCED5EDDD6D477E923620F8EA 1163712 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GfExperienceService\GfExperienceService64.exe 2016-09-20 18:34:20 D7E1394B6229393AEBAFF00B6CDC58DE 92216 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NvCamera\NvCameraConfiguration.exe 2016-09-20 18:34:20 94A8196066774252DF015EEDF02CCA44 2397120 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\Update.Core\NvBackend.exe 2016-09-20 18:34:20 7F3010D7923BAF636231E7D02ED52769 882744 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NvCamera\HighresBlender32.exe 2016-09-20 18:34:20 6B8251A1262287036DCB6054BE72FF26 456640 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\Display.Driver\dbInstaller.exe 2016-09-20 18:34:20 6A0668AFD62D704701DD56DDA8717D42 4760000 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GFExperience\GFExperience.exe 2016-09-20 18:34:20 6419895A173261450A3F922F1AB91CE2 930240 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GfExperienceService\GfExperienceService32.exe 2016-09-20 18:34:20 630FC583D96A3E974464625D3640406B 96969600 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\Display.Driver\NvCplSetupInt.exe 2016-09-20 18:34:20 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\MS.NET\dotNetFx40_Full_setup.exe 2016-09-20 18:34:20 4CB98D9944C55E84559CE41E70380801 602560 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GFExperience\7z.exe 2016-09-20 18:34:20 2A7FA3922FF4E356C60038B7308CE3F6 879160 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\Display.NView\nvAppBar.exe 2016-09-20 18:34:20 2824C7F2D7906955643ECAC073A5FE60 526784 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\ShadowPlay\DXSETUP.exe 2016-09-20 18:34:20 1A8F1FA1EE409A43F194E6CF910D16E1 1065408 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GFExperience\LaunchGFExperience.exe 2016-09-20 18:34:20 07E37C7BF73F58ABC00473DE171878F7 112576 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NvCamera\NvCameraEnable.exe 2016-09-20 18:25:24 22E9853298C96B1AB89D8F71C4E82302 189112 ----a-w- C:\Windows\PAExec.exe 2016-09-20 18:25:23 22E9853298C96B1AB89D8F71C4E82302 189112 ----a-w- C:\Users\Olaf De Wit\Downloads\[Guru3D.com]-DDU\x64\paexec.exe 2016-09-20 18:25:04 DE87A851C7AFEBB8DDA147F4674BEA8E 1433088 ----a-w- C:\Users\Olaf De Wit\Downloads\[Guru3D.com]-DDU\Display Driver Uninstaller.exe 2016-09-20 18:17:16 B5E85BB49B7FB7D532F6EEAB9BBC5660 363556792 ----a-w- C:\Users\Olaf De Wit\Downloads\372.70-desktop-win8-win7-64bit-international-whql.exe 2016-09-20 18:16:01 298A6106EC659D11FCF17B3E0DADDCF1 68857168 ----a-w- C:\Users\Olaf De Wit\Downloads\GeForce_Experience_v3.0.6.48.exe 2016-09-20 18:07:20 851B51BCCD63C7ECE1E81362C75CB940 526672 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\iecontentservice.exe 2016-09-20 18:07:20 6154E0E1F33405275448949B015AFD9F 21955264 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe 2016-09-20 18:07:20 525878A33096DBFCED453DFD88B425E4 1163552 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\olicenseheartbeat.exe 2016-09-20 18:07:16 EC9079003CF12F7DB55083B05D682C08 5862696 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\cmigrate.exe 2016-09-20 18:07:16 DCB42C9F5672DF97B90EE06EDDE9A2D0 8023336 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\cmigrate.exe 2016-09-20 18:07:16 C30DD389F9CC958D6A9C8E6CA3C382FD 1772232 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\onenote.exe 2016-09-20 18:07:16 C20B9A5B7EBDAD26026723FB4B6E250D 94048 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe 2016-09-20 18:07:16 9CC62B2B6D396BA2ABE36D2879EF1A78 999104 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\firstrun.exe 2016-09-20 18:07:16 8792F74FCCB36BBC710F1137603A8448 48840 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\appsharinghookcontroller64.exe 2016-09-20 18:07:16 45D746B717F24D84BE09CE97778D8047 483656 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dwtrig20.exe 2016-09-20 18:07:16 1FDBDF5D4022308829985995E79C0D68 559848 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\msosqm.exe 2016-09-20 18:07:16 1BCB0C8B5BEE83EDA44C562C9C86F7E7 883928 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe 2016-09-20 18:07:16 077ED025F0CF41CF4B118783D575C7F0 851736 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dw20.exe 2016-09-20 18:07:15 82CCD5CD4E2732E90D3DE748D635F6B6 1932472 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\winword.exe 2016-09-20 18:07:15 281701DB30FF9E66F7C6A1A1A5659778 537856 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\vpreview.exe 2016-09-20 18:07:15 115047379F44DEDC8764CF1AC2469587 490272 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\selfcert.exe 2016-09-20 18:07:14 186035B515FF88851CAAF6711FF3441B 19140296 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\outlook.exe 2016-09-20 18:07:13 3C019492D8E21C926FCBE00A196D9949 578912 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\orgchart.exe 2016-09-20 18:07:13 1F24ACDFAAFB7B776FE615E48F838844 25739968 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excel.exe 2016-09-20 18:07:11 870E3088D6DACD2406D426B8E734FA52 709312 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msqry32.exe 2016-09-20 18:07:11 19170813CAEFF42E398F74A86356D564 4531456 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\graph.exe 2016-09-20 18:07:11 0DAF84093E12B0D1C9E704CA20BCC1AD 508160 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msouc.exe 2016-09-20 18:07:10 F5E2556A617C16904922297A69CE896E 651032 ----a-w- C:\Program Files\Microsoft Office 15\root\Integration\integrator.exe 2016-09-20 18:07:10 9640B84CEAADC5F7AA8809A236F1D2E0 238320 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\clview.exe 2016-09-20 18:07:03 F1AC2CE2956E089F5F221AEB2DC5B083 124072 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVDllSurrogate32.exe 2016-09-20 18:07:03 9E195733E6C32B6B1DEE7F7CFB508AB1 320896 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVLP.exe 2016-09-20 18:07:03 875A61965DA4264C5C22CF54BAE7B2EA 145064 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVDllSurrogate64.exe 2016-09-20 18:07:00 4461DA1C01AF7EFC117AAE2CC0FB2B75 205480 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\AppVShNotify.exe 2016-09-20 18:07:00 1A06DBE8A82A327BB2F18D1611DE68F3 249000 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\mavinject32.exe 2016-09-19 17:09:34 A1A7F6A855B554193A666B20409DF049 346552 ----a-w- C:\Users\Olaf De Wit\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-09-19 17:09:30 01C3C1759B8AED741924322A4001CEC9 403896 ----a-w- C:\Users\Olaf De Wit\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-09-18 16:36:17 5CD8503C08C835F33DB0BB3067D4DA3D 5422192 ----a-w- C:\ProgramData\Kaspersky Lab\AVP17.0.0\Temp\kpm8.0.3.287.exe 2016-09-18 15:27:51 F0811D21772B3695BCE8E65D1BAB6974 516416 ----a-w- C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe 2016-09-18 11:55:59 862F789993BFF254082DF09E970FBA57 11385448 ----a-w- C:\Users\Olaf De Wit\Downloads\Trend Micro Ransomware Screen Unlocker.exe 2016-09-18 11:31:24 2D2A83A73EED8ECC64D3231F5B95FF6A 14282485 ----a-w- C:\Windows\Trend Micro\DiamondRing\Package\drscanner_silent.exe 2016-09-18 11:23:49 450D81FFD96190AEAA05DBA0F8F11E18 2526736 ----a-w- C:\Users\Olaf De Wit\Downloads\HousecallLauncher64.exe 2016-09-18 11:17:05 7DA2390F0B48820125EAF82A90251D6E 152715360 ----a-w- C:\Users\Olaf De Wit\Downloads\Sophos Virus Removal Tool.exe 2016-09-16 14:06:57 0A14DBCCF37CE6FFD437E610CC48137F 16333400 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\53.0.2785.116\53.0.2785.116_52.0.2743.116_chrome_updater.exe 2016-09-16 10:56:26 2A21E75EF80242E0646E7567993E977D 562792 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\0742V0RG87W6SA29568O103WBCS1A6754P3W5712212R922OLM\MEDIA\hdaudio_func_01&ven_10ec&dev_0899&subsys_102805b7\vncutil64.exe 2016-09-16 10:56:23 07622F6D69B93403FC9CBB40450DD842 1719000 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\0742V0RG87W6SA29568O103WBCS1A6754P3W5712212R922OLM\MEDIA\hdaudio_func_01&ven_10ec&dev_0899&subsys_102805b7\RtlUpd64.exe 2016-09-16 10:56:21 DDF3EFB4AD226C61D0ADA6E779E3D968 246488 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\0742V0RG87W6SA29568O103WBCS1A6754P3W5712212R922OLM\MEDIA\hdaudio_func_01&ven_10ec&dev_0899&subsys_102805b7\RtkAudioService64.exe 2016-09-16 10:56:21 123DBABA5E96B89281A90EC23D4E6AC0 7202520 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\0742V0RG87W6SA29568O103WBCS1A6754P3W5712212R922OLM\MEDIA\hdaudio_func_01&ven_10ec&dev_0899&subsys_102805b7\RtkNGUI64.exe 2016-09-16 10:56:17 E179387A2C1DD890548049C26F52DBF2 13642968 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\0742V0RG87W6SA29568O103WBCS1A6754P3W5712212R922OLM\MEDIA\hdaudio_func_01&ven_10ec&dev_0899&subsys_102805b7\RAVCpl64.exe 2016-09-16 10:56:17 59F8DA04498B80D58FD8638370C5C84F 1321688 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\0742V0RG87W6SA29568O103WBCS1A6754P3W5712212R922OLM\MEDIA\hdaudio_func_01&ven_10ec&dev_0899&subsys_102805b7\RAVBg64.exe 2016-09-16 10:56:13 3B60886321EFC938C67849AB9D5FA19E 3553024 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\0742V0RG87W6SA29568O103WBCS1A6754P3W5712212R922OLM\MEDIA\hdaudio_func_01&ven_10ec&dev_0899&subsys_102805b7\MaxxAudioMeters64.exe 2016-09-16 10:56:12 0C57BAD785EEAD029ABF6CBCF43E9A39 51776 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\0742V0RG87W6SA29568O103WBCS1A6754P3W5712212R922OLM\MEDIA\hdaudio_func_01&ven_10ec&dev_0899&subsys_102805b7\FMAPP.exe 2016-09-16 10:56:09 44BB65B1D3827043978FC8E11CA7C0B4 210024 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\0742V0RG87W6SA29568O103WBCS1A6754P3W5712212R922OLM\MEDIA\hdaudio_func_01&ven_10ec&dev_0899&subsys_102805b7\DTSAudioService64.exe 2016-09-16 10:56:08 D1E343BC00136CE03C4D403194D06A80 98208 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\0742V0RG87W6SA29568O103WBCS1A6754P3W5712212R922OLM\MEDIA\hdaudio_func_01&ven_10ec&dev_0899&subsys_102805b7\AERTSr64.exe 2016-09-15 16:19:26 81064F9D184A00F9049E92AE21E40F10 5201280 ----a-w- C:\Users\Olaf De Wit\Downloads\spsetup129.exe 2016-09-15 16:15:41 C33551284C9132ABCA6CE7F7BFE3189A 604960 ----a-w- C:\Users\Olaf De Wit\Downloads\ReimageRepair.exe === C: other files == 2016-09-21 13:50:11 D46C67C8602753DECCB8E904E5854F51 144 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Apps\2.0\D9PD6XJQ.QJ0\OJ4XB9L0.66B\dell..tion_6d0a76327dca4869_0007.0009_d84bde3ab35e468d\uninstaller.bat 2016-09-21 10:04:02 D5ECE7E7F349EB3C4B152AFF3577280D 95744 ----a-w- C:\Windows\System32\drivers\agilevpn.sys 2016-09-21 10:04:02 24DABC0A77FAFDC0E379AB3B30F61BB6 101208 ----a-w- C:\Windows\System32\drivers\mountmgr.sys 2016-09-20 18:42:55 F37FE6B15A987AEEC08EEF531F2FAED7 56384 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad64v.sys 2016-09-20 18:42:55 9D9CAD70EA640AB8D3EB77BFAE6CABE2 28344 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter64.sys 2016-09-20 18:42:55 99D42078C9596A20A7B3419159265A25 28216 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys 2016-09-20 18:42:55 7ABD081BB7A1A8CF7E3B1E64183AB812 24760 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter32.sys 2016-09-20 18:42:55 49E56B865E32CF1C4B0C54A82219A12E 23096 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService32.sys 2016-09-20 18:42:55 174AAAEB00A5982DF968824ED92D5621 50744 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad32v.sys 2016-09-20 18:42:55 095ED277E03E834CF2D396009126AC1B 27704 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys 2016-09-20 18:42:55 060CF0A179E4C706D20CCF5CA897AB18 24120 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService64.sys 2016-09-20 18:37:38 F82BCEB9F57B2959F6AAE2A3DDA892A8 26560 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 2016-09-20 18:37:04 EBE2F07EFEF337D076ADE828E5F8F0A8 21440 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService32.sys 2016-09-20 18:37:04 747872CFC93AC57B94146017BE10348E 24120 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService64.sys 2016-09-20 18:35:50 B8A220FE3CCDD6C029187AC813E4E674 35272 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{B09D386D-BDED-4B33-8FEC-D38E753E26B4}\NVSWCFilter64.sys 2016-09-20 18:35:50 35E9C83FA9BCC46F69729862BBA1F5F3 31680 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{B09D386D-BDED-4B33-8FEC-D38E753E26B4}\NVSWCFilter32.sys 2016-09-20 18:35:49 F9F912215C57ECAEBEF2A00DDB25A225 469568 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{9AD246D5-C0D7-424E-B2E4-35CC1323D4AB}\nvstusb64.sys 2016-09-20 18:35:49 F06735B773B9F53D130A82A7F7F9588E 154320 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{EFE0A026-4ACF-479A-9519-B73F4C88ED84}\nvhda32.sys 2016-09-20 18:35:49 6F6F94E2D41B5B89375D6214D155577F 14093368 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2016-09-20 18:35:49 67B51A97733B10D716B366C2ED126763 223304 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys 2016-09-20 18:35:49 67B51A97733B10D716B366C2ED126763 223304 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{EFE0A026-4ACF-479A-9519-B73F4C88ED84}\nvhda64v.sys 2016-09-20 18:35:49 4D2B411E0D3C8203537ACA4EC908BA87 190536 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{EFE0A026-4ACF-479A-9519-B73F4C88ED84}\nvhda64.sys 2016-09-20 18:35:49 3977F46F681B2DA8E6E53573E5B173EB 50744 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{AFF9B5DF-E898-4435-9652-3D931621B370}\nvvad32v.sys 2016-09-20 18:35:49 38175904276F86EA4704EC13B77FB4B0 56376 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys 2016-09-20 18:35:49 38175904276F86EA4704EC13B77FB4B0 56376 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{AFF9B5DF-E898-4435-9652-3D931621B370}\nvvad64v.sys 2016-09-20 18:35:49 2DCD6B1CB0898522DEB9EEF30E266EAF 187856 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{EFE0A026-4ACF-479A-9519-B73F4C88ED84}\nvhda32v.sys 2016-09-20 18:35:49 1456EE1FD6C32F1116A2DD21E3A91316 453056 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{9AD246D5-C0D7-424E-B2E4-35CC1323D4AB}\nvstusb32.sys 2016-09-20 18:34:44 EBE2F07EFEF337D076ADE828E5F8F0A8 21440 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{EAC2C0F5-8418-401C-906B-B8AD65E9DCFF}\NVI2SystemService32.sys 2016-09-20 18:34:44 747872CFC93AC57B94146017BE10348E 24120 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{EAC2C0F5-8418-401C-906B-B8AD65E9DCFF}\NVI2SystemService64.sys 2016-09-20 18:34:37 F9F912215C57ECAEBEF2A00DDB25A225 469568 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NV3DVisionUSB.Driver\nvstusb64.sys 2016-09-20 18:34:37 F82BCEB9F57B2959F6AAE2A3DDA892A8 26560 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys 2016-09-20 18:34:37 F06735B773B9F53D130A82A7F7F9588E 154320 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\HDAudio\nvhda32.sys 2016-09-20 18:34:37 EBE2F07EFEF337D076ADE828E5F8F0A8 21440 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NVI2\NVI2SystemService32.sys 2016-09-20 18:34:37 B8A220FE3CCDD6C029187AC813E4E674 35272 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\ShieldWirelessController\NVSWCFilter64.sys 2016-09-20 18:34:37 A11E3EBF785AB219563B2AC25800A41F 26048 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys 2016-09-20 18:34:37 747872CFC93AC57B94146017BE10348E 24120 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NVI2\NVI2SystemService64.sys 2016-09-20 18:34:37 67B51A97733B10D716B366C2ED126763 223304 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\HDAudio\nvhda64v.sys 2016-09-20 18:34:37 4D2B411E0D3C8203537ACA4EC908BA87 190536 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\HDAudio\nvhda64.sys 2016-09-20 18:34:37 3977F46F681B2DA8E6E53573E5B173EB 50744 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NvVAD\nvvad32v.sys 2016-09-20 18:34:37 38175904276F86EA4704EC13B77FB4B0 56376 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NvVAD\nvvad64v.sys 2016-09-20 18:34:37 35E9C83FA9BCC46F69729862BBA1F5F3 31680 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\ShieldWirelessController\NVSWCFilter32.sys 2016-09-20 18:34:37 2DCD6B1CB0898522DEB9EEF30E266EAF 187856 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\HDAudio\nvhda32v.sys 2016-09-20 18:34:37 145F6140971F18D7E3251AA5B50BA01C 47672 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\Miracast.VirtualAudio\nvvadarm.sys 2016-09-20 18:34:37 1456EE1FD6C32F1116A2DD21E3A91316 453056 ----a-w- C:\NVIDIA\DisplayDriver\372.70\Win8_Win7_64\International\NV3DVisionUSB.Driver\nvstusb32.sys 2016-09-20 18:18:49 74F28574BB8F61FFC7DD419FE6B6E0D5 1951 ----a-w- C:\Windows\NvContainerRecovery.bat 2016-09-20 18:11:05 1BC099B9FDBA279C31E3935F49C5F014 1038877 ----a-w- C:\Users\Olaf De Wit\Downloads\[Guru3D.com]-DDU.zip 2016-09-19 11:38:50 8923003ACCA092A8EE8939B52C7531B0 2034437 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\features\{2c54f14d-24ef-4ac7-b46b-c4a35a42e118}\loop@mozilla.org.xpi 2016-09-19 11:38:50 57E44B5FBC1A39AEAFF4371DDF725E6D 6321 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\features\{2c54f14d-24ef-4ac7-b46b-c4a35a42e118}\e10srollout@mozilla.org.xpi 2016-09-19 11:38:50 42910AD54D5C1E030808FE0871BF87B1 781661 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\features\{2c54f14d-24ef-4ac7-b46b-c4a35a42e118}\firefox@getpocket.com.xpi 2016-09-19 11:38:38 F11708ED4C25574DDF07D27E642F029C 29109 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\the-addon-bar@GeekInTraining-GiT.xpi 2016-09-19 11:38:38 EF53ADD6CABBA8695350BA64EDCA0878 150384 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi 2016-09-19 11:38:38 EA5A9648B80D4279224CC35BAE27362E 559490 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi 2016-09-19 11:38:38 EA2D8C5FB4F8276A0AD3BEF9465EC986 1713257 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\uMatrix@raymondhill.net.xpi 2016-09-19 11:38:38 E96B093E000D3F493DB87D6E2A154FA9 105377 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi 2016-09-19 11:38:38 E60590E188D0D2F69CBEC5C6382F15FD 564604 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi 2016-09-19 11:38:38 CB969457C2EA9EC3112AC2672C00D205 106831 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\jid1-D7momAzRw417Ag@jetpack.xpi 2016-09-19 11:38:38 B6F0DE7FEB9A69F0E337AB58BDF0C5AA 1036367 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi 2016-09-19 11:38:38 90CFEDCB8D0C39889BBDE68648E3B4C2 1583951 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\uBlock0@raymondhill.net.xpi 2016-09-19 11:38:38 900637D9B2755A33CADB962508DC4FCA 261727 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\OPIE@guid.customsoftwareconsult.com.xpi 2016-09-19 11:38:38 8FBFCE05035D4796C00CE7A0A464B00F 518692 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi 2016-09-19 11:38:38 579DCEEF58E15836D4E0E6FFA1EEDDCC 717884 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi 2016-09-19 11:38:38 12637F01584BEFE2468A39D6FA335869 292441 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi 2016-09-19 11:38:38 113A5FF78A5F3C6A0BDF00B57253731A 80138 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi 2016-09-19 11:38:38 0EFE9FB89020B8AD2E98959E42647C36 98284 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi 2016-09-19 11:38:37 ECE420D77FCA02980ED30C677F073B2B 120217 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\elemhidehelper@adblockplus.org.xpi 2016-09-19 11:38:37 ABA0EDBE2BE29095B89A5988669C3D91 43255 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\flashstopper@byo.co.il.xpi 2016-09-19 11:38:37 86E58B1A7906F477714A007035D258AF 9968 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\bookmarkdup@localghost.net.xpi 2016-09-19 11:38:37 756DD2347B9C8A7D7816335DE0BAF6D0 358694 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\cookiekeeper@cookiekeeper.mozdev.org.xpi 2016-09-19 11:38:37 4EA4A54C6407537F985E3115097482FB 834170 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\firefoxbookmarkchecker@everhelper.me.xpi 2016-09-19 11:38:37 47C300DC486FEE9E42267DB42AFF0562 19394 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\bookmarkdeduplicator@foxhatdev.xpi 2016-09-19 11:38:37 2CC7CB51551F1F03AE356E07593E970E 23373 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\febeprof.schijtprofiel\extensions\firefox-hotfix@mozilla.org.xpi 2016-09-18 21:11:02 EC15A5F982CB427B440E8262C774FF54 2339688 ----a-w- C:\Users\Olaf De Wit\Downloads\scr.zip 2016-09-18 20:55:01 CB8F76349966D5BB4C85A39207412116 17288 ----a-w- C:\Windows\System32\drivers\Dbgv.sys 2016-09-18 17:59:32 D92D413DBCF7569239B4DD8AAB03129D 334377857 ----a-w- C:\Users\Olaf De Wit\Downloads\7836_PG445_Win10_Win8.1_Win8_Win7_WHQL.zip 2016-09-18 17:55:20 C0A1C6C709199EA18188AFBEF6DBD6C0 146958 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Restore\cc3845553346aec03703c9040ce34ccf.zip 2016-09-18 15:26:45 BBF9B967A410120E67FB6E7F53E7A7CA 1012056 ----a-w- C:\Windows\System32\drivers\klif.sys 2016-09-18 15:26:45 63FD545876EF4248BE3C8788D8270758 191312 ----a-w- C:\Windows\System32\drivers\klflt.sys 2016-09-18 11:54:54 91E4B9EE16BE51A93F4A8A4EA10DE767 11581467 ----a-w- C:\Users\Olaf De Wit\Downloads\RansomwareFileDecryptor 1.0.1639 MUI.zip 2016-09-18 11:24:02 799F70FF787F4F68E7EA02FEABAC9FAB 307352 ----a-w- C:\Windows\System32\drivers\tmcomm.sys 2016-09-18 10:17:38 A404BADECEF9D18ABF2D8071A6C018F4 86603991 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\d3ca9b534b57c9d35653dced55b3657d.zip 2016-09-17 15:41:36 7F19C9063AD38DAAD24E8B6A39940077 1698983 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\dee9802f94f1b1b8efdcfd8129ace893.zip 2016-09-17 12:30:58 028E7A7C1AF3FAEF568C8B7F569B2B72 1701001 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\881b0c7ab3dde16e8955285f010c765f.zip 2016-09-17 11:37:20 3DFF541DDF504909FF8BFDE454359A47 3031 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\dd68898eab09cdcbd7729d1aba4e7f1d.zip 2016-09-16 21:02:10 DDA91B388847AD0BB8B97E3FE3172E71 238256073 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\a84cc0d4c374813d9342cef74ec8d042.zip 2016-09-16 15:13:22 EA2238289F39B9105FBE6097DBC4282C 535761 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\eb2d4776800beadf4026c9b862c8bd46.zip 2016-09-16 14:27:56 D3B8F6F8EBEB0DED88991C785F61657D 1336103 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\cbf98f7e9b8628c616ce495c17e098cd.zip 2016-09-16 10:56:22 2DA6AD59D22189F85F2BC4A91D7E234B 3588184 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\0742V0RG87W6SA29568O103WBCS1A6754P3W5712212R922OLM\MEDIA\hdaudio_func_01&ven_10ec&dev_0899&subsys_102805b7\RTKVHD64.sys 2016-09-15 17:08:24 F7F48709D9890122137D05FA589730BC 19125 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\4573813b2ab018e447c38c398eb2ad16.zip 2016-09-15 16:13:58 E689FD1E1C4462271835237A4510D8E2 24600 ----a-w- C:\Windows\System32\drivers\pimou.sys 2016-09-15 16:13:37 0AA9946E4EF07ADBFAD346394720C4C6 1699002 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Downloded Drivers\0aa9946e4ef07adbfad346394720c4c6.zip 2016-09-15 16:13:19 14360198D46557A3D93DBE14B161F3EC 26088 ----a-w- C:\Windows\System32\drivers\pikbd.sys 2016-09-15 16:12:37 4A4C44D63CEC1A666A29C35B7F8257E8 1701037 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Downloded Drivers\4a4c44d63cec1a666a29c35b7f8257e8.zip 2016-09-15 15:29:48 244B9C081EFACAC67B7D53033D626C44 238035614 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\3e2b43b25af8434e7e0927e0004df223.zip 2016-09-14 15:46:08 74C352199FBE58F6739F3BB213F8B6CC 10386 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\244ae7040925682d73d70cd12980400c.zip 2016-09-14 15:32:46 82E2B33CF8711DB45D3DF1424B3B3AF2 10457 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Innovative Solutions\DriverMax\Agent\Uploads\f3943017efd6c0d8a1899a295f3ab66f.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3353583409-2322390238-1352878597-1002\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "kpm.exe"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe -autoStart" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "DellSystemDetect"="C:\Users\Olaf De Wit\AppData\Local\Apps\2.0\D9PD6XJQ.QJ0\OJ4XB9L0.66B\dell..tion_6d0a76327dca4869_0007.0009_d84bde3ab35e468d\DellSystemDetect.exe 4zZn5oeQk9WMM5ZBt7fsYA==" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Linkman"="C:\Program Files (x86)\Linkman\Linkman.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "WinPatrol"="C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe" "FBackup 6 Tray Agent"="C:\Program Files (x86)\Softland\FBackup 6\bTray.exe" "DriverMax_RESTART"="C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe -RESTART" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "kpm.exe"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe -autoStart" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "DellSystemDetect"="C:\Users\Olaf De Wit\AppData\Local\Apps\2.0\D9PD6XJQ.QJ0\OJ4XB9L0.66B\dell..tion_6d0a76327dca4869_0007.0009_d84bde3ab35e468d\DellSystemDetect.exe 4zZn5oeQk9WMM5ZBt7fsYA==" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Linkman"="C:\Program Files (x86)\Linkman\Linkman.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "WinPatrol"="C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe" "FBackup 6 Tray Agent"="C:\Program Files (x86)\Softland\FBackup 6\bTray.exe" "DriverMax_RESTART"="C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe -RESTART" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX5REC" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe [18/09/2016 19:57] C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [18/09/2016 19:57] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15/11/2015 14:02] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15/11/2015 14:02] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\AdobeAAMUpdater-1.0-OlafDeWit-Olaf De Wit" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\WINDOWS\SysNative\tasks\Application Starter - f1375f225883e83d52e8db9690775c3c" [C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\DriverMax Notification" [C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe] "C:\WINDOWS\SysNative\tasks\DriverMaxAgent" [C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\WINDOWS\SysNative\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe] "C:\WINDOWS\SysNative\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\WINDOWS\SysNative\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\WINDOWS\SysNative\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe] "C:\WINDOWS\SysNative\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe] "C:\WINDOWS\SysNative\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe] "C:\WINDOWS\SysNative\tasks\Opera scheduled Autoupdate 1446999707" [C:\Program Files (x86)\Opera\launcher.exe] "C:\WINDOWS\SysNative\tasks\PCDDataUploadTask" ["uaclauncher.exe"] "C:\WINDOWS\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\Dell\SupportAssist\sessionchecker.exe"] "C:\WINDOWS\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\Dell\SupportAssist\uaclauncher.exe"] "C:\WINDOWS\SysNative\tasks\SupportAssistNascentDSETInstall" ["C:\Program Files (x86)\Dell\SupportAssist\downloads\DSET_3.7.0.0.exe"] "C:\WINDOWS\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"] "C:\WINDOWS\SysNative\tasks\USER_ESRV_SVC_WILLAMETTE" ["C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{0FCE55B7-9C1A-4780-ADD5-9A8844D98AB5}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\Dell\Dell System Registration" [C:\Program Files (x86)\System Registration\prodreg.exe] "C:\WINDOWS\SysNative\tasks\Intel\Intel Telemetry 2" [C:\Program Files\Intel\Telemetry 2.0\lrio.exe] "C:\WINDOWS\SysNative\tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Custom Restore Point) (For User Olaf De Wit)" [C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe] "C:\WINDOWS\SysNative\tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Restore Point) (For User Olaf De Wit)" [C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe] "C:\WINDOWS\SysNative\tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (For User Olaf De Wit)" [C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iwfxxajf.default user_pref("browser.search.defaultenginename", "Bing"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi" [28/06/2016 00:19] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi" [28/06/2016 00:19] ==== Firefox Extensions ====================== ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.schijtprofiel - FEBE - C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.schijtprofiel\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} - LeechBlock - C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.schijtprofiel\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387} - Flashblock - %ProfilePath%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} - FEBE - %ProfilePath%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} - LeechBlock - %ProfilePath%\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387} - Bookmark Deduplicator - %ProfilePath%\extensions\bookmarkdeduplicator@foxhatdev.xpi - Bookmark Duplicate Cleaner - %ProfilePath%\extensions\bookmarkdup@localghost.net.xpi - CookieKeeper - %ProfilePath%\extensions\cookiekeeper@cookiekeeper.mozdev.org.xpi - Element Hiding Helper for Adblock Plus - %ProfilePath%\extensions\elemhidehelper@adblockplus.org.xpi - Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi - Bookmarks Checker - check for bad links - %ProfilePath%\extensions\firefoxbookmarkchecker@everhelper.me.xpi - FlashStopper - %ProfilePath%\extensions\flashstopper@byo.co.il.xpi - Self-Destructing Cookies - %ProfilePath%\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi - Wikiwand: Wikipedia Modernized - %ProfilePath%\extensions\jid1-D7momAzRw417Ag@jetpack.xpi - Flash Control - %ProfilePath%\extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi - OPIE - %ProfilePath%\extensions\OPIE@guid.customsoftwareconsult.com.xpi - The Addon Bar restored - %ProfilePath%\extensions\the-addon-bar@GeekInTraining-GiT.xpi - Undetermined - %ProfilePath%\extensions\uBlock0@raymondhill.net.xpi - Undetermined - %ProfilePath%\extensions\uMatrix@raymondhill.net.xpi - Trnh Qun L Phin - %ProfilePath%\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi - Speed Dial - %ProfilePath%\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi - NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi - BetterPrivacy em:version1.74 em:type2 em:creatorGreg Yardley version 0.2 www.yardley.ca em:descriptionquot - %ProfilePath%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi - YouTube Flash Video Player - %ProfilePath%\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi - UnMHT - %ProfilePath%\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iwfxxajf.default - FEBE - %ProfilePath%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\m5piylsg.Standaardgebruiker - Flash Video Downloader - YouTube HD Download [4K] - %ProfilePath%\extensions\artur.dubovoy@gmail.com - FEBE - %ProfilePath%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} - CookieKeeper - %ProfilePath%\extensions\cookiekeeper@cookiekeeper.mozdev.org.xpi - Element Hiding Helper for Adblock Plus - %ProfilePath%\extensions\elemhidehelper@adblockplus.org.xpi - FlashStopper - %ProfilePath%\extensions\flashstopper@byo.co.il.xpi - Self-Destructing Cookies - %ProfilePath%\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi - Undetermined - %ProfilePath%\extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi - Flash Control - %ProfilePath%\extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi - OPIE - %ProfilePath%\extensions\OPIE@guid.customsoftwareconsult.com.xpi - The Addon Bar restored - %ProfilePath%\extensions\the-addon-bar@GeekInTraining-GiT.xpi - Undetermined - %ProfilePath%\extensions\uBlock0@raymondhill.net.xpi - Trnh Qun L Phin - %ProfilePath%\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi - Speed Dial - %ProfilePath%\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi - NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi - YouTube Flash Video Player - %ProfilePath%\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi - UnMHT - %ProfilePath%\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\sckioql6.stupid shit - FEBE - C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\sckioql6.stupid shit\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} - Flashblock - C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\sckioql6.stupid shit\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} - Flashblock - %ProfilePath%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} - FEBE - %ProfilePath%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} - Bookmark Duplicate Cleaner - %ProfilePath%\extensions\bookmarkdup@localghost.net.xpi - CookieKeeper - %ProfilePath%\extensions\cookiekeeper@cookiekeeper.mozdev.org.xpi - Element Hiding Helper for Adblock Plus - %ProfilePath%\extensions\elemhidehelper@adblockplus.org.xpi - Wikiwand: Wikipedia Modernized - %ProfilePath%\extensions\jid1-D7momAzRw417Ag@jetpack.xpi - Flash Control - %ProfilePath%\extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\SeaMonkey\Profiles\0eizuwpg.default - DOM - %ProfilePath%\extensions\inspector@mozilla.org.xpi - ChatZilla - %ProfilePath%\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.schijtprofiel 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 8CE35D76726DFC8C3848BB26B3C79A54 - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll - Shockwave for Director / Shockwave for Director 7FB1DC8C464CAFC230E7AD6392AE859B - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll - Shockwave Flash CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin Profilepath: C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\iwfxxajf.default 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 8CE35D76726DFC8C3848BB26B3C79A54 - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll - Shockwave for Director / Shockwave for Director CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin Profilepath: C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\m5piylsg.Standaardgebruiker 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 8CE35D76726DFC8C3848BB26B3C79A54 - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll - Shockwave for Director / Shockwave for Director CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin Profilepath: C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\sckioql6.stupid shit 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 8CE35D76726DFC8C3848BB26B3C79A54 - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll - Shockwave for Director / Shockwave for Director CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fhoibnponjcgjgcnfacekaijdbbplhib - https://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions gebpdbfmpedcnopofelmhndhincfkhki - https://chrome.google.com/webstore/detail/gebpdbfmpedcnopofelmhndhincfkhki[] Google Slides - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Video Downloader - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc Google Docs - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Flash Master - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\cacfnookefkldifaigjdedpophfjkjeh selector is not a valid CSS selector - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb uBlockâ‚€ - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm Google Search - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Session Buddy - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko Wikiwand - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\emffkefkbkpkgpdeeooapgaicgmcbolj Google Sheets - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Kaspersky Protection - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib EditThisCookie - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg Kaspersky Password Manager - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebpdbfmpedcnopofelmhndhincfkhki Google Docs Offline - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chromarks - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdheengilgkagjehknnnofigbmlnnfj noflashcontent - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhjanpmhcanjknkcfjiikkjdecjkmngn Flashcontrol - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe 7.0.1.4 - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij GetThemAll Video Downloader - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm Chrome Web Store Payments - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm f*ck overlays - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppedokobpbdajgiejhnjfbdjlgobcpkp 7.0.0.113 - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg noflashcontent - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\cfkmglogfkpfekddlalobmhdbkjneejb TabHamster - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\flaibmngbecjljogddbgojfenfcneanb Video Downloader Pro - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibehiiilehaakkhkigckfjfknboalpbe uBlockâ‚€ - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida History Eraser - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm Video Downloader - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple selector is not a valid CSS selector - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp Edit This Cookie - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\ppmhhincfabcahokokgpdcckmjghpian ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES007&pc=UE06" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{DC6B075B-449F-48E1-82D3-2FDE2319178E}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}" {DC6B075B-449F-48E1-82D3-2FDE2319178E} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: (no name) - AutorunsDisabled - (no file) O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {2E38825B-8815-42CF-9126-C58BC28D4591} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll O2 - BHO: Kaspersky Password Manager - {F710F7E5-A520-471D-989C-F653AC328FB2} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\ie_engine.dll O3 - Toolbar: Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [kpm.exe] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe" -autoStart O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\Olaf De Wit\AppData\Local\Apps\2.0\D9PD6XJQ.QJ0\OJ4XB9L0.66B\dell..tion_6d0a76327dca4869_0007.0009_d84bde3ab35e468d\DellSystemDetect.exe 4zZn5oeQk9WMM5ZBt7fsYA== O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" O8 - Extra context menu item: >Search in Linkman - file://C:\Users\Olaf De Wit\Documents\Linkman\iescript_search.htm O8 - Extra context menu item: Add to Linkman - file://C:\Users\Olaf De Wit\Documents\Linkman\iescript_add.htm O8 - Extra context menu item: Add to Linkman (all tabs) - file://C:\Users\Olaf De Wit\Documents\Linkman\iescript_addall.htm O8 - Extra context menu item: Add to Linkman and Edit - file://C:\Users\Olaf De Wit\Documents\Linkman\iescript_edit.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Show Linkman - file://C:\Users\Olaf De Wit\Documents\Linkman\iescript_show.htm O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: Kaspersky Password Manager - {40AE684B-A1EA-4FF4-8E05-5BCADC4D4DB2} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\ie_toolbar_button.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.dell.com O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - https://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1472122438859 O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Kaspersky Anti-Virus-service 17.0.0 (AVP17.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe O23 - Service: Dell Update Service (DellUpdate) - Dell Inc. - C:\Program Files (x86)\Dell Update\DellUpService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: klvssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: PAExec - Power Admin LLC - C:\WINDOWS\PAExec.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: SNMP Trap (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe O23 - Service: Dell SupportAssist Service (SupportAssistService) - Apache Software Foundation - C:\Program Files (x86)\Dell\SupportAssist\bin\prunsrvamd64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1363 folders=450 951160383 bytes) ==== EOF on wo 21/09/2016 at 17:49:24,92 ======================