Zoek.exe v5.0.0.0 Updated 14-April-2014 Tool run by Rizzotto on vr 18/04/2014 at 19:09:37,71. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Rizzotto\Desktop\zoek (1).exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 18/04/2014 19:12:32 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Comodo deleted successfully C:\PROGRA~2\Gereatsavver deleted successfully C:\PROGRA~2\predm deleted successfully C:\PROGRA~2\SimilarSites deleted successfully C:\PROGRA~2\SNT deleted successfully C:\PROGRA~2\WbSvCouponApp deleted successfully C:\PROGRA~3\Gereatsavver deleted successfully C:\PROGRA~3\SNT deleted successfully C:\PROGRA~3\WbSvCouponApp deleted successfully C:\PROGRA~3\YoutubeAdblocker deleted successfully C:\Users\Rizzotto\AppData\Roaming\SimilarSites deleted successfully C:\Users\Rizzotto\AppData\Local\GHISLER deleted successfully C:\Users\Rizzotto\AppData\Local\Lollipop deleted successfully C:\Users\Rizzotto\AppData\Local\MusicPlayer deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1430638768-1313984737-3149426251-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E1499FE7-129D-4B6E-B681-DDF21E14172C} deleted successfully HKEY_USERS\S-1-5-21-1430638768-1313984737-3149426251-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E1499FE7-129D-4B6E-B681-DDF21E14172C} deleted successfully HKEY_USERS\S-1-5-21-1430638768-1313984737-3149426251-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-1430638768-1313984737-3149426251-1002\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully HKEY_USERS\S-1-5-21-1430638768-1313984737-3149426251-1002\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-1430638768-1313984737-3149426251-1002\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E1499FE7-129D-4B6E-B681-DDF21E14172C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E1499FE7-129D-4B6E-B681-DDF21E14172C} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1430638768-1313984737-3149426251-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Running Processes ====================== C:\Program Files (x86)\Desk 365\deskSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\BrowseBurst\updateBrowseBurst.exe C:\Program Files (x86)\BrowseBurst\bin\utilBrowseBurst.exe C:\Program Files (x86)\WBDesktop.Updater.1.0.0.16.exe C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe C:\Program Files (x86)\Desk 365\desk365.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe C:\Users\Rizzotto\Desktop\zoek (1).exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Users\Rizzotto\Desktop\zoek (1).exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Desksvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Desksvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update BrowseBurst deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update BrowseBurst deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util BrowseBurst deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util BrowseBurst deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebCake Desktop Updater deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\vip4n2zm.default ---- Lines easylife removed from prefs.js ---- user_pref("extensions.gb4DcopEC.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.ind ---- FireFox user.js and prefs.js backups ---- user_20141804_1930_.backup prefs_20141804_1930_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6ec5b552-6d23-4e05-a153-32aa26f7d9e8}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E1499FE7-129D-4B6E-B681-DDF21E14172C}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Desk 365"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "fst_be_11"=- "mobilegeni daemon"=- "YTDownloader"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Mobogenie not found C:\ProgramData\WbSvCouponApp not found C:\Program Files (x86)\WbSvCouponApp not found C:\Users\Rizzotto\AppData\Roaming\SimilarSites not found C:\ProgramData\Gereatsavver not found C:\Program Files (x86)\Gereatsavver not found C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\vip4n2zm.default\extensions\aho@yuye-.net deleted C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\vip4n2zm.default\extensions\oyyhzn@rbzsuiafqt.net deleted C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\vip4n2zm.default\extensions\sitefinder@sitefinder.com deleted C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\vip4n2zm.default\extensions\uiyv@dall.co.uk deleted C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\vip4n2zm.default\extensions\ye-wlh@zwagxvaqo.com deleted C:\ProgramData\SuperbApp deleted C:\Program Files (x86)\i-Funbox DevTeam deleted C:\Users\Rizzotto\AppData\Roaming\iFunbox_UserCache deleted C:\Users\Rizzotto\AppData\Roaming\OpenCandy deleted C:\Users\Rizzotto\AppData\Roaming\newnext.me deleted C:\ProgramData\2dc2942144466977 deleted C:\ProgramData\InstallMate deleted C:\Program Files (x86)\SaveSenseLive deleted C:\ProgramData\SaveSenseLive deleted C:\Users\Rizzotto\AppData\Roaming\SaveSense deleted C:\Users\Rizzotto\AppData\LocalLow\{3CA8BE17-F8A1-C242-7483-AC82C45F6CCE} deleted C:\Users\Rizzotto\AppData\Local\Packages\windows_ie_ac_001\AC\{3CA8BE17-F8A1-C242-7483-AC82C45F6CCE} deleted C:\Users\Rizzotto\AppData\Local\genienext deleted C:\PROGRA~2\TornTV.com deleted C:\Users\Rizzotto\daemonprocess.txt deleted C:\Users\Rizzotto\.android deleted C:\PROGRA~2\YoutubeAdblocker deleted C:\PROGRA~2\COMMON~1\337 deleted C:\PROGRA~2\Bench deleted C:\Users\Rizzotto\AppData\Roaming\EZDownloader deleted C:\Users\Rizzotto\AppData\Roaming\Desk 365 deleted C:\Users\Rizzotto\AppData\Roaming\eIntaller deleted C:\Users\Rizzotto\AppData\Roaming\ParetoLogic deleted C:\Users\Rizzotto\AppData\Roaming\DriverCure deleted C:\Users\Rizzotto\AppData\Roaming\systweak deleted C:\PROGRA~3\APN deleted C:\PROGRA~3\Registry Helper deleted C:\PROGRA~3\eSafe deleted C:\PROGRA~3\boost_interprocess deleted C:\PROGRA~3\SetApp deleted C:\PROGRA~3\ParetoLogic deleted C:\PROGRA~3\Tarma Installer deleted C:\PROGRA~3\Package Cache deleted C:\Users\Rizzotto\AppData\Local\SaveSenseLive deleted C:\Users\Rizzotto\AppData\Local\Mobogenie deleted C:\Users\Rizzotto\AppData\Local\cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365 deleted C:\Users\Rizzotto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted C:\Users\Rizzotto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop deleted C:\WINDOWS\SysNative\roboot64.exe deleted C:\Users\Rizzotto\AppData\LocalLow\IAC deleted C:\Users\Rizzotto\AppData\LocalLow\uTorrentBar_NL deleted C:\Users\Rizzotto\AppData\LocalLow\FromDocToPDF_65EI deleted C:\Users\Rizzotto\AppData\LocalLow\Conduit deleted C:\Users\Rizzotto\AppData\Roaming\Microsoft\Windows\SendTo\Desk 365.lnk deleted C:\windows\SysNative\tasks\AmiUpdXp deleted C:\windows\SysNative\tasks\SaveSense deleted C:\WINDOWS\tasks\SaveSense.job deleted C:\windows\SysNative\tasks\Desk 365 RunAsStdUser deleted C:\windows\SysNative\tasks\SMupdate1 deleted C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted C:\WINDOWS\tasks\bench-Updater removing.job deleted C:\user.js deleted C:\END deleted C:\WINDOWS\Syswow64\RegistryHelperLM.ocx deleted C:\WINDOWS\Syswow64\SearchProtect deleted C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\vip4n2zm.default\searchplugins\conduit-search.xml deleted C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\vip4n2zm.default\searchplugins\Web Search.xml deleted C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\vip4n2zm.default\searchplugins\WebSearch.xml deleted C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\vip4n2zm.default\Invalidprefs.js deleted C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\vip4n2zm.default\jetpack deleted C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\vip4n2zm.default\extensions\firefoxdav@icloud.com deleted "C:\Program Files (x86)\WBDesktop.Updater.1.0.0.16.exe" deleted "C:\WINDOWS\tasks\AmiUpdXp.job" deleted "C:\Program Files (x86)\Desk 365\desk365.exe" deleted "C:\Program Files (x86)\Desk 365\ebase.dll" deleted "C:\Program Files (x86)\Desk 365\edeskcmn.dll" deleted "C:\Program Files (x86)\Desk 365\edis64.dll" deleted "C:\Program Files (x86)\Desk 365\ElexDbg.dll" deleted "C:\Program Files (x86)\Desk 365\enotify.dll" deleted "C:\Program Files (x86)\Desk 365\libpng.dll" deleted "C:\Program Files (x86)\Desk 365\libpopdlg.dll" deleted "C:\Program Files (x86)\Desk 365\mbdet.dll" deleted "C:\Program Files (x86)\Desk 365\ouilibnl.dll" deleted "C:\Program Files (x86)\BrowseBurst\updateBrowseBurst.exe" deleted "C:\Program Files (x86)\BrowseBurst\updateBrowseBurst.exe" deleted "C:\Program Files (x86)\Desk 365\desk365.exe" deleted "C:\Program Files (x86)\Desk 365\ebase.dll" deleted "C:\Program Files (x86)\Desk 365\edeskcmn.dll" deleted "C:\Program Files (x86)\Desk 365\edis64.dll" deleted "C:\Program Files (x86)\Desk 365\ElexDbg.dll" deleted "C:\Program Files (x86)\Desk 365\enotify.dll" deleted "C:\Program Files (x86)\Desk 365\libpng.dll" deleted "C:\Program Files (x86)\Desk 365\libpopdlg.dll" deleted "C:\Program Files (x86)\Desk 365\mbdet.dll" deleted "C:\Program Files (x86)\Desk 365\ouilibnl.dll" deleted "C:\PROGRA~2\BrowseBurst\updateBrowseBurst.exe" deleted "C:\PROGRA~2\Desk 365\desk365.exe" deleted "C:\PROGRA~2\Desk 365\ebase.dll" deleted "C:\PROGRA~2\Desk 365\edeskcmn.dll" deleted "C:\PROGRA~2\Desk 365\edis64.dll" deleted "C:\PROGRA~2\Desk 365\ElexDbg.dll" deleted "C:\PROGRA~2\Desk 365\enotify.dll" deleted "C:\PROGRA~2\Desk 365\libpng.dll" deleted "C:\PROGRA~2\Desk 365\libpopdlg.dll" deleted "C:\PROGRA~2\Desk 365\mbdet.dll" deleted "C:\PROGRA~2\Desk 365\ouilibnl.dll" deleted "C:\PROGRA~2\BrowseBurst\updateBrowseBurst.exe" deleted "C:\Program Files (x86)\BrowseBurst\bin\utilBrowseBurst.exe" deleted "C:\Program Files (x86)\BrowseBurst\bin\utilBrowseBurst.exe" deleted "C:\PROGRA~2\BrowseBurst\bin\utilBrowseBurst.exe" deleted "C:\PROGRA~2\BrowseBurst\bin\utilBrowseBurst.exe" deleted "C:\Program Files (x86)\Desk 365" not deleted "C:\Program Files (x86)\BrowseBurst" not deleted "C:\Program Files (x86)\BrowseBurst" not deleted "C:\Program Files (x86)\Desk 365" not deleted "C:\PROGRA~2\BrowseBurst" not deleted "C:\PROGRA~2\Desk 365" not deleted "C:\PROGRA~2\BrowseBurst" not deleted "C:\Program Files (x86)\BrowseBurst\bin" not deleted "C:\Program Files (x86)\BrowseBurst\bin" not deleted "C:\PROGRA~2\BrowseBurst\bin" not deleted "C:\PROGRA~2\BrowseBurst\bin" not deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 7907 MB CPU Info: AMD E2-1800 APU with Radeon(tm) HD Graphics CPU Speed: 1722,5 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: AMD Radeon HD 7340 Graphics | AMD Radeon HD 7340 Graphics Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1440 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Qualcomm Atheros AR5BWB222 Wireless-netwerkadapter | Realtek PCIe GBE Family-controller CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GH82N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 455,9GB | D: 457,0GB Hard Disks - Free: C: 379,3GB | D: 421,3GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | ACRSYS - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer Aspire XC100 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Firefox 28.0 Internet Explorer Version: 11.0.9600.17031 Mozilla Firefox version: 28.0 (x86 nl) Adobe Reader version: 11.0.06.70 Flash Player version: 12.0.0.77 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-04-11 16:04:10 81394C91B7B5A7C799E249AE82491F13 2373784 ----a-w- C:\WINDOWS\explorer.exe 2014-04-11 15:03:58 B0C72A8C72E1DD8FFD9587D318F1C089 2259 ----a-w- C:\WINDOWS\epplauncher.mif ====== C:\Users\Rizzotto\AppData\Local\Temp ==== 2014-04-17 23:23:48 A6E476C2EF08D871B9FB767BC9EB779C 205920 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\tu17p84.exe 2014-04-17 23:13:20 CC8FB54CB36E66AD6D58DD58B982A693 245248 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\afgytdrp_289622_setup.exe 2014-04-17 22:46:27 CC8FB54CB36E66AD6D58DD58B982A693 245248 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\afgytdrp_218198_setup.exe 2014-04-17 22:02:40 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\ryohr2yu.12a\RealPlayer.exe 2014-04-17 22:02:14 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\f4cobynd.nno\RealPlayer.exe 2014-04-17 22:01:41 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\cxsck105.juz\RealPlayer.exe 2014-04-17 22:01:24 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\er5kr034.fw1\RealPlayer.exe 2014-04-17 22:00:57 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\um2ky4m1.fsg\RealPlayer.exe 2014-04-17 21:59:34 CC8FB54CB36E66AD6D58DD58B982A693 245248 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\afgytdrp_994089_setup.exe 2014-04-17 19:22:14 D027F9D076380F82C7DF3E4C71CB736E 5413264 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\Install_14392\shopperpro.exe 2014-04-17 19:22:14 C507CC447D7C4C9E141A1341F51A8921 6830909 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\Install_14392\sense.exe 2014-04-17 19:22:14 A3858BCA9BDA81798EFBF9AA81CBE392 6404192 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\Install_14392\ytd.exe 2014-04-17 19:22:14 180A5FEE867A06472F6701814A1ED9FC 6966776 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\Install_14392\iwebar.exe 2014-04-17 19:22:14 04857FEDB858C9218C73C22EB5C76C87 6938952 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\Install_14392\cr.exe 2014-04-16 19:38:40 E5575149A477DC94AF527FC7D751A407 6379728 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\nsy4C83\SpSetup.exe 2014-04-15 22:37:00 DFCF8B59721B561814158C88C69E2A88 6231784 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\1396331452_the_wedownload_manager.exe 2014-04-15 22:36:51 E6F7C751239664F469FE23E892C7EF36 233000 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\1396421883_BrowseBurstSetup.exe 2014-04-15 22:36:51 D1082CCA6C2A363525DFDC5599A2CF81 1154336 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\pm.exe 2014-04-08 13:06:40 096E0D55823FDEB3916584071E9B7ACA 156063 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\nsy155C.exe 2014-04-08 13:06:40 096E0D55823FDEB3916584071E9B7ACA 156063 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\nsrB978.exe 2014-04-08 13:06:40 096E0D55823FDEB3916584071E9B7ACA 156063 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\nsf1093.exe 2014-04-08 13:06:40 096E0D55823FDEB3916584071E9B7ACA 156063 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\nsdB2CF.exe 2014-04-08 13:06:40 096E0D55823FDEB3916584071E9B7ACA 156063 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\nsd177A.exe ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2014-04-17 21:59:46 07A5E39591215BC00B472988DEEFBB75 78336 ----a-w- C:\WINDOWS\SysWOW64\rp.dll 2014-04-11 16:04:27 595653478434F2A8451EDA55CD954CED 1036288 ----a-w- C:\WINDOWS\SysWOW64\kernel32.dll 2014-04-11 16:04:27 55237559D07288EEEA3133451FE4F386 836096 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2014-04-11 16:04:25 8B2163538E15B67AE91B20C70901029B 12732416 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-04-11 16:04:24 E7CCE55B7B97FC832F50104F1B889DE8 18679216 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2014-04-11 16:04:16 2169BB3BA0596881EE717A93EC60037D 35328 ----a-w- C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2014-04-11 16:04:15 59B7E02F7800461CCDF115989AA108EE 11791360 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2014-04-11 16:04:15 27626FCB303C319FB9CCE15195A85CBC 5833728 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-04-11 16:04:13 EFE8FE99CEB3031130D6640FBDFAB580 5770752 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll 2014-04-11 16:04:11 5AEFC877161F7A481DD7CC137F97E761 2270208 ----a-w- C:\WINDOWS\SysWOW64\msftedit.dll 2014-04-11 16:04:10 119E091B5386379BC5AA598BE9440C75 2088160 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2014-04-11 16:04:09 B4AAA9FD65FE6C83DCA2A230993CD893 2317824 ----a-w- C:\WINDOWS\SysWOW64\authui.dll 2014-04-11 16:04:08 EE7A35A24E496B41C8C9D10F31256A7C 828928 ----a-w- C:\WINDOWS\SysWOW64\twinui.appcore.dll 2014-04-11 16:04:08 83058B0F0CEC63A5A7438818B71C0935 1679128 ----a-w- C:\WINDOWS\SysWOW64\msxml6.dll 2014-04-11 16:04:08 67D2296474FB0F3B858E1758FFA3AC79 1779800 ----a-w- C:\WINDOWS\SysWOW64\d3d11.dll 2014-04-11 16:04:08 21DDC5D6CFAC0A5FEE3B364A9B58A7CB 1764864 ----a-w- C:\WINDOWS\SysWOW64\dwmcore.dll 2014-04-11 16:04:07 E815C307EAF205E705A81A166FE87DB8 801792 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-04-11 16:04:07 2BDB085AA7ECA65D1793D150CEC960AF 1095488 ----a-w- C:\WINDOWS\SysWOW64\ole32.dll 2014-04-11 16:04:06 F14FFBD3C4862D385A001D5901717F91 888320 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll 2014-04-11 16:04:06 978F30B2763003341A405BD5EC107354 839168 ----a-w- C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-04-11 16:04:06 9264B57E8C0BCCA14F92EBA56B9B5106 800256 ----a-w- C:\WINDOWS\SysWOW64\ReAgent.dll 2014-04-11 16:04:06 775C3D06C408F4F093254B39637A6F1E 755712 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2014-04-11 16:04:05 FF0EE1B87E5DD7A82F7BB124D5CA8BB6 494592 ----a-w- C:\WINDOWS\SysWOW64\dnsapi.dll 2014-04-11 16:04:05 9BE4E10619FF30FAF796A55C418598DF 388408 ----a-w- C:\WINDOWS\SysWOW64\mfsvr.dll 2014-04-11 16:04:05 67F3D0E0D8F009FF665A0E452C6F13E8 629760 ----a-w- C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-04-11 16:04:04 7C0E08F3F04ED8874E19DD23753DE2C6 356864 ----a-w- C:\WINDOWS\SysWOW64\wlidprov.dll 2014-04-11 16:04:03 F9EA1AF4C99275C56B47F2C1F436B5E9 1066496 ----a-w- C:\WINDOWS\SysWOW64\gdi32.dll 2014-04-11 16:04:03 268295FE5235105DE0D6FA92A5082C00 305768 ----a-w- C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2014-04-11 16:04:03 25BBBE926A40DFC775292EE0F30E53A1 1200296 ----a-w- C:\WINDOWS\SysWOW64\propsys.dll 2014-04-11 16:04:03 15FBE33156A5F17280C549DBA993442C 406912 ----a-w- C:\WINDOWS\SysWOW64\dxgi.dll 2014-04-11 16:04:02 FF841AB46649E68B8BEBE8E249AF9C04 326024 ----a-w- C:\WINDOWS\SysWOW64\AudioSes.dll 2014-04-11 16:04:02 D30975FD233E399744E2FB083F5E5545 222720 ----a-w- C:\WINDOWS\SysWOW64\dcomp.dll 2014-04-11 16:04:02 C06B6C8E002EDB492D93F2494E32F9CA 605184 ----a-w- C:\WINDOWS\SysWOW64\rasapi32.dll 2014-04-11 16:04:02 A6880BA9A4F02D3C742DF956EA9CC44D 1351168 ----a-w- C:\WINDOWS\SysWOW64\GdiPlus.dll 2014-04-11 16:04:01 B4309F7821BDE5A31E1E4FB24ED97C5C 197632 ----a-w- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2014-04-11 16:04:01 ADC071E4F65BAC3AEF4807B23438472A 280576 ----a-w- C:\WINDOWS\SysWOW64\SessEnv.dll 2014-04-11 16:04:01 4F3AD1A7C0ED3CF5C4EBE49F61074E41 226304 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2014-04-11 16:04:00 EB40EFEBE9EB4ACA3DD950A1AFA0F51B 171008 ----a-w- C:\WINDOWS\SysWOW64\SensorsApi.dll 2014-04-11 16:04:00 B3F1B6A3CC07E967B60584E7454B0890 390488 ----a-w- C:\WINDOWS\SysWOW64\netcfgx.dll 2014-04-11 16:04:00 155A7DA4DE39E78CD9D336E99644D794 300544 ----a-w- C:\WINDOWS\SysWOW64\wlanmsm.dll 2014-04-11 16:03:58 FE85E0B190DD141E4826FEC9F015FA18 139776 ----a-w- C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2014-04-11 16:03:58 FB32EF390BCAC55E11E0C5D12F4C9A45 1816576 ----a-w- C:\WINDOWS\SysWOW64\Display.dll 2014-04-11 16:03:58 F8DA43B0D93865B5DC8ADA71EDD29E2D 406512 ----a-w- C:\WINDOWS\SysWOW64\AudioEng.dll 2014-04-11 16:03:58 5B8D7F29CA815E6DB156DF9853F0472D 2030080 ----a-w- C:\WINDOWS\SysWOW64\WsmSvc.dll 2014-04-11 16:03:57 BD9306F715EA9B959EDB892614F6D581 94016 ----a-w- C:\WINDOWS\SysWOW64\userenv.dll 2014-04-11 16:03:57 AF2A68F7890A680DAE0637EC49456A7B 85504 ----a-w- C:\WINDOWS\SysWOW64\davclnt.dll 2014-04-11 16:03:57 411201FFB3882554D5B833E6EC2EC649 254976 ----a-w- C:\WINDOWS\SysWOW64\pdh.dll 2014-04-11 16:03:57 22A64005AEA00E1BD5B1B19FB3566D11 230400 ----a-w- C:\WINDOWS\SysWOW64\wlanapi.dll 2014-04-11 16:03:57 1AFACFDB26C1B81586801AFF8BB0ABF1 222720 ----a-w- C:\WINDOWS\SysWOW64\spp.dll 2014-04-11 16:03:57 0303523E283AB4D03590C9AE56A8386A 355832 ----a-w- C:\WINDOWS\SysWOW64\mfreadwrite.dll 2014-04-11 16:03:56 E30E1007658BF21C1A71E6D47C712303 731648 ----a-w- C:\WINDOWS\SysWOW64\adtschema.dll 2014-04-11 16:03:56 AFFB4EB53FC1D04495C8A5EC80B1EBCD 264192 ----a-w- C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2014-04-11 16:03:56 91F6883B61C0E5BEAE9B734D8E46829B 386560 ----a-w- C:\WINDOWS\SysWOW64\wlangpui.dll 2014-04-11 16:03:56 84DC71D18436EBA372949B8727EF1606 855552 ----a-w- C:\WINDOWS\SysWOW64\rdvidcrl.dll 2014-04-11 16:03:56 75DE8AED4FE16D07E7E22208BA88F0C5 887296 ----a-w- C:\WINDOWS\SysWOW64\aclui.dll 2014-04-11 16:03:56 37725B5D560398E5BF4DAF85E4F89249 70656 ----a-w- C:\WINDOWS\SysWOW64\w32tm.exe 2014-04-11 16:03:56 1FE14EDDEED70613E3A032182C7796FB 27136 ----a-w- C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2014-04-11 16:03:56 1CB5B87BF19380FB7208787C99C23965 98816 ----a-w- C:\WINDOWS\SysWOW64\drvinst.exe 2014-04-11 16:03:55 B918D220FCD67E5A4AF05018515E4C14 172544 ----a-w- C:\WINDOWS\SysWOW64\ReInfo.dll 2014-04-11 16:03:55 A82DF6AB70BF4558B58D0B2827B61C3C 33792 ----a-w- C:\WINDOWS\SysWOW64\sxproxy.dll 2014-04-11 16:03:55 6FA6FA25BF69C0870BC24DBCE0CA304D 313344 ----a-w- C:\WINDOWS\SysWOW64\clusapi.dll 2014-04-11 16:03:55 6F389E3C60FD27DA4322F78D2233E1FC 567296 ----a-w- C:\WINDOWS\SysWOW64\nshwfp.dll 2014-04-11 16:03:55 59BB015A6FEB79D7911005D3E5F8C770 402432 ----a-w- C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2014-04-11 16:03:55 503281E8561B81FC080887ECAF5F5E31 151040 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2014-04-11 16:03:55 3D83889B6343386C918AB45F5C4C9355 262656 ----a-w- C:\WINDOWS\SysWOW64\LocationApi.dll 2014-04-11 16:03:54 FBA4497DEBB5C07F5FA230618857A329 58368 ----a-w- C:\WINDOWS\SysWOW64\l2gpstore.dll 2014-04-11 16:03:54 97C5BA39BFD2C5BE09EA1FA3988BAAE2 11264 ----a-w- C:\WINDOWS\SysWOW64\wlanhlp.dll 2014-04-11 16:03:54 333E32F9FAC8384AC9EFE0DA4C7C5AAF 53248 ----a-w- C:\WINDOWS\SysWOW64\tsgqec.dll 2014-04-11 16:01:11 BAFF898DD7A27C7CF7CAF937A3947A08 1143808 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2014-04-11 16:01:09 D2040F8C93802277D4E82C560C0EE791 1967104 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-04-11 16:01:09 22CE61D271DFA62208FC07FFF7E4922E 11745792 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2014-04-11 16:01:08 064CCD547F0934A85A9195A92D771F59 4254720 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2014-04-11 16:00:58 0979EF30634ACCEB83CF7311DF094A0C 2178048 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2014-04-11 16:00:52 04BAB8F7E5D38C8F33F56E8D0458BF02 630272 ----a-w- C:\WINDOWS\SysWOW64\OobeFldr.dll 2014-04-11 16:00:46 EBEB3B82545D0375BA536739EC5B08A0 592896 ----a-w- C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-04-11 16:00:46 6BF8B0D30525E9E7864B2111E054ED9A 8946688 ----a-w- C:\WINDOWS\SysWOW64\glcndFilter.dll 2014-04-11 16:00:40 BE9CA7D9E5D20A4DF30C7BDCB473C5B2 8874496 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2014-04-11 16:00:39 2C1F4FE0BF184ECA71F558E3E4EE3758 2144984 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll 2014-04-11 16:00:35 02FAD38DF3ABBAAC3291E23C40F225F9 488448 ----a-w- C:\WINDOWS\SysWOW64\qedit.dll 2014-04-11 16:00:32 D47C2645C635D42AE5C1F5B2644EA093 1374384 ----a-w- C:\WINDOWS\SysWOW64\combase.dll 2014-04-11 16:00:31 1EB4589BD34FB1C05AE164F1237BC04A 11776000 ----a-w- C:\WINDOWS\SysWOW64\wmp.dll 2014-04-11 16:00:29 1081D9141FF899006C8BCDDCF9D1B323 704512 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-04-11 16:00:25 CA3037553B0D975A51991F94B5A1BD78 2643456 ----a-w- C:\WINDOWS\SysWOW64\tquery.dll 2014-04-11 16:00:23 F89C2BDB6E385ED6CA2AC0085BB6643A 1789440 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2014-04-11 16:00:23 457AE9AFCFB725C33CCAB36958B82479 1716736 ----a-w- C:\WINDOWS\SysWOW64\mssrch.dll 2014-04-11 16:00:19 A5BFF3597F39015F18AC756F2B475D58 1341440 ----a-w- C:\WINDOWS\SysWOW64\dui70.dll 2014-04-11 16:00:19 82775A3CA017A582B1A4A0BD6DB21EA7 524288 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2014-04-11 16:00:18 1F841EC579E4A3B1E3C0CE626C8F9F23 1474104 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2014-04-11 16:00:15 E70C0F62E2941D648094137825F5E718 1206000 ----a-w- C:\WINDOWS\SysWOW64\winmde.dll 2014-04-11 16:00:15 80B74E569032E98B12D88AD0C7803CE2 1029120 ----a-w- C:\WINDOWS\SysWOW64\mispace.dll 2014-04-11 16:00:15 7DCF616EF2D3197832396EC9D13C44D9 792576 ----a-w- C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2014-04-11 16:00:14 DF08FD7C895BCF593C885F813F7D649F 1496576 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2014-04-11 16:00:13 D3633D8320294144FB2BDCFE8DE1AC41 138752 ----a-w- C:\WINDOWS\SysWOW64\DWWIN.EXE 2014-04-11 16:00:13 8DBA497E4C9D1B4BBFCC70A887B9A984 1077944 ----a-w- C:\WINDOWS\SysWOW64\webservices.dll 2014-04-11 16:00:13 26B2170BEC5EA59B297D07BBB894FBAB 410568 ----a-w- C:\WINDOWS\SysWOW64\WerFault.exe 2014-04-11 16:00:13 25A95594FFFA99652BBF1D9695A7D85B 369288 ----a-w- C:\WINDOWS\SysWOW64\Faultrep.dll 2014-04-11 16:00:12 015633FC83ED7475DFCCBCAE2AD859DE 2410496 ----a-w- C:\WINDOWS\SysWOW64\WMVDECOD.DLL 2014-04-11 16:00:11 5C497D7B1C9860B298DD429C0144B175 978944 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2014-04-11 16:00:10 F5C43BFE7EF27521ED25B912C9366CD9 1017936 ----a-w- C:\WINDOWS\SysWOW64\msctf.dll 2014-04-11 16:00:08 DB0FE6E51909BEB42004242EB08FEF47 517120 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2014-04-11 16:00:08 92CB3D967CE7C330EA14EB2E74D9CCAA 1011280 ----a-w- C:\WINDOWS\SysWOW64\mfnetsrc.dll 2014-04-11 16:00:07 D2BB10FED65199D4E0F1BED5BDBCD8BC 422968 ----a-w- C:\WINDOWS\SysWOW64\wer.dll 2014-04-11 16:00:07 8DF7F2A9B72B7CA4294BB9E59FEAEFCD 514560 ----a-w- C:\WINDOWS\SysWOW64\WWAHost.exe 2014-04-11 16:00:06 CCDD8577F7D66E678603675C8F974B5E 600576 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2014-04-11 16:00:06 85A76669AC9B0A3A80FEC8A7EA3285E9 650736 ----a-w- C:\WINDOWS\SysWOW64\mfnetcore.dll 2014-04-11 16:00:05 C500954647E81A00700D3767C2B3CC4B 1767440 ----a-w- C:\WINDOWS\SysWOW64\setupapi.dll 2014-04-11 16:00:05 C3243F65447388A35107A996AC8B30C2 2428928 ----a-w- C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2014-04-11 16:00:05 7BEF8493A7CF509B47D88F5DCDDB68A8 2220032 ----a-w- C:\WINDOWS\SysWOW64\Wpc.dll 2014-04-11 16:00:05 7B50AD3FE6FA23D5D0E69455740986C6 418304 ----a-w- C:\WINDOWS\SysWOW64\StructuredQuery.dll 2014-04-11 16:00:05 38ABAF8F3CED2EF51C693F03E2398E78 1392640 ----a-w- C:\WINDOWS\SysWOW64\WMPDMC.exe 2014-04-11 16:00:05 0593F976DE28E1EE533DD4810C1A57C5 556032 ----a-w- C:\WINDOWS\SysWOW64\twinapi.dll 2014-04-11 16:00:04 F6CF2E7888C55F0C2F2F9B51E604ABFC 518552 ----a-w- C:\WINDOWS\SysWOW64\mf.dll 2014-04-11 16:00:01 4B76E621AFB97D0441F36978611A961C 617472 ----a-w- C:\WINDOWS\SysWOW64\apphelp.dll 2014-04-11 16:00:00 37C863F568421EE07CEAD1F181138F79 1369736 ----a-w- C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2014-04-11 15:59:59 C7099D6A46B880EE194F7A4473D71E10 1361408 ----a-w- C:\WINDOWS\SysWOW64\user32.dll 2014-04-11 15:59:59 81B57798E73112445D7F0F92315B729E 477744 ----a-w- C:\WINDOWS\SysWOW64\SHCore.dll 2014-04-11 15:59:59 5F1330B8997248D68D484CF759E0C019 156672 ----a-w- C:\WINDOWS\SysWOW64\scrrun.dll 2014-04-11 15:59:58 4F4AE5041395BF472EED0AC2EFE734E7 459264 ----a-w- C:\WINDOWS\SysWOW64\SettingSync.dll 2014-04-11 15:59:57 EE31594481B710BBDA613D5AD3A2E517 1258496 ----a-w- C:\WINDOWS\SysWOW64\RacEngn.dll 2014-04-11 15:59:57 8E87D6B6BCD669729E2AE5B7EEE45C4E 698880 ----a-w- C:\WINDOWS\SysWOW64\WSShared.dll 2014-04-11 15:59:57 831A3FB06E63850AEE5856BBF4394814 1063976 ----a-w- C:\WINDOWS\SysWOW64\Taskmgr.exe 2014-04-11 15:59:57 3912F1946EFAC8F2CB9B6CA87A48996C 551424 ----a-w- C:\WINDOWS\SysWOW64\wimgapi.dll 2014-04-11 15:59:56 B58D8A205369DCAD4161649855773CC9 1162752 ----a-w- C:\WINDOWS\SysWOW64\usercpl.dll 2014-04-11 15:59:56 9F534F974C13C3A94BBC515621AC0D35 528896 ----a-w- C:\WINDOWS\SysWOW64\comdlg32.dll 2014-04-11 15:59:56 1B41E17F1F28B2762C2683F07F1CAAC7 707048 ----a-w- C:\WINDOWS\SysWOW64\mfplat.dll 2014-04-11 15:59:54 54F447D7E89D13F00DBE767BEE049BE9 419928 ----a-w- C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2014-04-11 15:59:53 F96DE54F7C84265FF0493C91D9AA8DBE 367616 ----a-w- C:\WINDOWS\SysWOW64\mssph.dll 2014-04-11 15:59:53 3DA80D0C5E850A6C8D1DE566AAB736DA 230808 ----a-w- C:\WINDOWS\SysWOW64\wintrust.dll 2014-04-11 15:59:53 3A9A05B5DA85CE849980A1FFF8396BD6 1403392 ----a-w- C:\WINDOWS\SysWOW64\storagewmi.dll 2014-04-11 15:59:52 7EC611582CF2124499A28946AEEBC3B4 296448 ----a-w- C:\WINDOWS\SysWOW64\MMDevAPI.dll 2014-04-11 15:59:51 DA4AEA90705604A44AF5E06418A3AA79 344576 ----a-w- C:\WINDOWS\SysWOW64\schannel.dll 2014-04-11 15:59:51 B93A75EEFB2818F790FA0D2BA536A339 658432 ----a-w- C:\WINDOWS\SysWOW64\SearchIndexer.exe 2014-04-11 15:59:48 EB6A3B8B72F2A3DAF38D3CF8ED983434 832512 ----a-w- C:\WINDOWS\SysWOW64\ActionCenter.dll 2014-04-11 15:59:48 E11F500601345505CC8A201773B4AF7F 709120 ----a-w- C:\WINDOWS\SysWOW64\msctfuimanager.dll 2014-04-11 15:59:48 A591C352103960E8B043AE260A648892 662528 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll 2014-04-11 15:59:48 9DB8537C03BE40548968C445FC595753 552632 ----a-w- C:\WINDOWS\SysWOW64\oleaut32.dll 2014-04-11 15:59:48 03C2F6FF02D37A00965CFF3FFFF0ED7C 752640 ----a-w- C:\WINDOWS\SysWOW64\tdh.dll 2014-04-11 15:59:47 CC4A07377E8D987CF3077B18FC6D133B 148992 ----a-w- C:\WINDOWS\SysWOW64\slc.dll 2014-04-11 15:59:47 C6AD0070469803D274E1F828D637A107 336232 ----a-w- C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2014-04-11 15:59:47 9205C5E14D8B06F6E8D06ADBE50BBB8F 455168 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2014-04-11 15:59:47 57D5376D3B642E8BB83EA01A4DB59CAB 169472 ----a-w- C:\WINDOWS\SysWOW64\WSClient.dll 2014-04-11 15:59:47 110D9D6D6FF4785DEB5B614CEBAD3C9F 317584 ----a-w- C:\WINDOWS\SysWOW64\msvproc.dll 2014-04-11 15:59:46 F7EDF905549E40BC5AD7262699555C94 117760 ----a-w- C:\WINDOWS\SysWOW64\thumbcache.dll 2014-04-11 15:59:46 73B5AFA32DBE1B599A8697187F0EC2EA 675328 ----a-w- C:\WINDOWS\SysWOW64\mssvp.dll 2014-04-11 15:59:46 421D685787762BBAE821159279B3000C 490136 ----a-w- C:\WINDOWS\SysWOW64\advapi32.dll 2014-04-11 15:59:46 2716EEC7A0B6016F11B0A0F8B423DBBE 876544 ----a-w- C:\WINDOWS\SysWOW64\uxtheme.dll 2014-04-11 15:59:45 FDDB338071096A0FB4532C9E5639A702 288768 ----a-w- C:\WINDOWS\SysWOW64\stobject.dll 2014-04-11 15:59:44 EFD9B12C1CD8FDFD50C48153AF0A49F3 644608 ----a-w- C:\WINDOWS\SysWOW64\ntshrui.dll 2014-04-11 15:59:44 4629606D2510FE587690BEB01BFDC67C 1035264 ----a-w- C:\WINDOWS\SysWOW64\actxprxy.dll 2014-04-11 15:59:41 C5010B79B13DA3E17D74825880C36695 258560 ----a-w- C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2014-04-11 15:59:41 ABCCF220548BA6EE8A27DA85951D0569 89848 ----a-w- C:\WINDOWS\SysWOW64\ncryptsslp.dll 2014-04-11 15:59:41 9FA3559B2E8805F6290934EC3EAD5CDE 459776 ----a-w- C:\WINDOWS\SysWOW64\DismApi.dll 2014-04-11 15:59:41 93EB9E9FF37FDAB796FE895C7D43C3BD 2811392 ----a-w- C:\WINDOWS\SysWOW64\themeui.dll 2014-04-11 15:59:41 44A47EA42543E98E5EE5CFB910EE25F3 285144 ----a-w- C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2014-04-11 15:59:40 F32D6220ED4DCA5028A5D063C5940CC3 518144 ----a-w- C:\WINDOWS\SysWOW64\MrmIndexer.dll 2014-04-11 15:59:40 B6A37C8C64DC87031293357F06DA1A7F 211968 ----a-w- C:\WINDOWS\SysWOW64\Dism.exe 2014-04-11 15:59:39 FA3A111B94D371FF40FB924B4341E12C 473600 ----a-w- C:\WINDOWS\SysWOW64\AppxPackaging.dll 2014-04-11 15:59:39 8EEEEA65BAFEA09CC54074099349BB83 191488 ----a-w- C:\WINDOWS\SysWOW64\InputSwitch.dll 2014-04-11 15:59:39 4A5F18DD1DEC0C593EC124411A395B63 217600 ----a-w- C:\WINDOWS\SysWOW64\mssphtb.dll 2014-04-11 15:59:38 A52F459CFD08A1B0EC4D964C9D1D11B1 448000 ----a-w- C:\WINDOWS\SysWOW64\VAN.dll 2014-04-11 15:59:38 7C4829EC5B8ECF4B3C43CAFA1C175939 95232 ----a-w- C:\WINDOWS\SysWOW64\sppc.dll 2014-04-11 15:59:37 CCCBB9FAC2B1248F1A0930E66267BCCF 2165760 ----a-w- C:\WINDOWS\SysWOW64\SyncCenter.dll 2014-04-11 15:59:37 AE48B499B25C20B460B704A91DF003A5 121856 ----a-w- C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-04-11 15:59:37 71CDF9791C2EB5935F10DD48FA1C5045 98072 ----a-w- C:\WINDOWS\SysWOW64\dwmapi.dll 2014-04-11 15:59:37 21E673CAC8EF429D13763BE1ED3B093A 779264 ----a-w- C:\WINDOWS\SysWOW64\osk.exe 2014-04-11 15:59:36 C9DDB8B1096B12DB54B26F949647496B 943104 ----a-w- C:\WINDOWS\SysWOW64\WlanMM.dll 2014-04-11 15:59:36 3463868E894DE0D4BCD516EAA255DD3C 180240 ----a-w- C:\WINDOWS\SysWOW64\SndVol.exe 2014-04-11 15:59:36 069D06FE70439AD09B72F3CE880369F6 506120 ----a-w- C:\WINDOWS\SysWOW64\WinTypes.dll 2014-04-11 15:59:35 7A6B4C081B14750EE46CDB971589F961 176128 ----a-w- C:\WINDOWS\SysWOW64\authz.dll 2014-04-11 15:59:34 C7DA053E0003F4416507D11EE9F2286C 242688 ----a-w- C:\WINDOWS\SysWOW64\mdmregistration.dll 2014-04-11 15:59:34 BACD9D28E19839CDFBA3151CE52F3AA2 292864 ----a-w- C:\WINDOWS\SysWOW64\ninput.dll 2014-04-11 15:59:34 A1114F6DC4F8C13B68B59177BB454FD5 3085824 ----a-w- C:\WINDOWS\SysWOW64\rdpcore.dll 2014-04-11 15:59:34 3DD31DFE0146104B90BEDCCD4DCB7635 155136 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2014-04-11 15:59:34 3BAD9F36E1EF31762BC54C7940BD9235 12288 ----a-w- C:\WINDOWS\SysWOW64\clrhost.dll 2014-04-11 15:59:32 D8242B0126F39B0E92975A16ADC2E578 232896 ----a-w- C:\WINDOWS\SysWOW64\sqmapi.dll 2014-04-11 15:59:30 4D052EB17981CF9360BA28A4F990D795 41320 ----a-w- C:\WINDOWS\SysWOW64\CloudNotifications.exe 2014-04-11 15:59:30 48E55FE508257F28C6DB4BA4A39B7CDC 140456 ----a-w- C:\WINDOWS\SysWOW64\wscapi.dll 2014-04-11 15:59:30 40429BD440764EE2EC36A4D0FF3FA907 112640 ----a-w- C:\WINDOWS\SysWOW64\fsutil.exe 2014-04-11 15:59:30 00414DEAF5438CE522DD1FA362F87603 244224 ----a-w- C:\WINDOWS\SysWOW64\dxtrans.dll 2014-04-11 15:59:29 C2BD0BF038EA196DABE53E6A091501A9 2537472 ----a-w- C:\WINDOWS\SysWOW64\gameux.dll 2014-04-11 15:59:29 B4069D2379487C118C5DF646120428CE 214016 ----a-w- C:\WINDOWS\SysWOW64\SndVolSSO.dll 2014-04-11 15:59:29 62969A88DE12FD62D59A6C7821A929BC 137728 ----a-w- C:\WINDOWS\SysWOW64\imm32.dll 2014-04-11 15:59:29 4941D400842A522C92332098CA8E9175 409600 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2014-04-11 15:59:28 E128F9D10AEAE1EFB1D2CC12A276A6A1 137344 ----a-w- C:\WINDOWS\SysWOW64\wermgr.exe 2014-04-11 15:59:28 4C20F550B6A99F2F8F8C5DB3E8776F37 470016 ----a-w- C:\WINDOWS\SysWOW64\timedate.cpl 2014-04-11 15:59:27 FF3EB7AEA154FF3034073E7F13F98A01 835584 ----a-w- C:\WINDOWS\SysWOW64\rasgcw.dll 2014-04-11 15:59:27 FE12B5270B9C2578099F01C9342920E0 89848 ----a-w- C:\WINDOWS\SysWOW64\RestoreOptIn.exe 2014-04-11 15:59:27 E6B8806DEC8FA31D9E1620E61EE02ACD 402944 ----a-w- C:\WINDOWS\SysWOW64\zipfldr.dll 2014-04-11 15:59:27 E6151D13221D4FAEBF07EF9EFC862DDC 507392 ----a-w- C:\WINDOWS\SysWOW64\WSDApi.dll 2014-04-11 15:59:27 AA195EEF529D57407B4E75D0ADF2CEF1 251504 ----a-w- C:\WINDOWS\SysWOW64\powrprof.dll 2014-04-11 15:59:27 774BEEDA19E96F51149A515D103A6720 391680 ----a-w- C:\WINDOWS\SysWOW64\WLanConn.dll 2014-04-11 15:59:27 470879333CC4C30E2A3F6482800A82FE 137216 ----a-w- C:\WINDOWS\SysWOW64\PlayToManager.dll 2014-04-11 15:59:27 3B75D014C8EBD60C0618A7A1424DF2BB 367616 ----a-w- C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-04-11 15:59:26 8A5FF82A1E58543DFE1959FA4108CBE2 308224 ----a-w- C:\WINDOWS\SysWOW64\srchadmin.dll 2014-04-11 15:59:26 7B7AD0D37EAA405FC9F87BFD32ADCBB7 79496 ----a-w- C:\WINDOWS\SysWOW64\bcd.dll 2014-04-11 15:59:26 754896CD60E3B8251D1C520926E28179 29912 ----a-w- C:\WINDOWS\SysWOW64\UserAccountBroker.exe 2014-04-11 15:59:26 404FE63DD356D15F4F0E3FDEF57F6115 109568 ----a-w- C:\WINDOWS\SysWOW64\wscinterop.dll 2014-04-11 15:59:26 059A7EB8ABB9DAD1DB46F81EAFACC4DE 307200 ----a-w- C:\WINDOWS\SysWOW64\newdev.dll 2014-04-11 15:59:25 7FE2C12C064FBC38283B5F31DEC7F186 213504 ----a-w- C:\WINDOWS\SysWOW64\cleanmgr.exe 2014-04-11 15:59:25 72DA2E837D548F7CE9B8FB6E77E43D10 225280 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-04-11 15:59:24 9639F43167327B049FAC3A03701389AF 61440 ----a-w- C:\WINDOWS\SysWOW64\srclient.dll 2014-04-11 15:59:23 F1100B1CA05FEB775FCEBF25241B7762 260608 ----a-w- C:\WINDOWS\SysWOW64\BioCredProv.dll 2014-04-11 15:59:23 A7A776EC7C8ECB79D7980856F38CCD42 33056 ----a-w- C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2014-04-11 15:59:23 A15755E94062C768A1AC3F1720610A98 98304 ----a-w- C:\WINDOWS\SysWOW64\netid.dll 2014-04-11 15:59:23 1647317F3D6E812658D6BC10BCC3FE09 356352 ----a-w- C:\WINDOWS\SysWOW64\taskeng.exe 2014-04-11 15:59:22 B81304A7B26C618C0B458C4E53E6A3B0 151040 ----a-w- C:\WINDOWS\SysWOW64\dmvdsitf.dll 2014-04-11 15:59:22 4262CC96E6D490E6973295FE5DA043A5 167936 ----a-w- C:\WINDOWS\SysWOW64\netiohlp.dll 2014-04-11 15:59:22 0351FD3F47AA0DE9B7A0CA276DD5FBBD 164352 ----a-w- C:\WINDOWS\SysWOW64\SearchFilterHost.exe 2014-04-11 15:59:21 DFE35603AE0E28FA216B26EF4B6E4E63 144384 ----a-w- C:\WINDOWS\SysWOW64\rpchttp.dll 2014-04-11 15:59:21 9281FA6B56D3B7A64CB140CE310686DE 109056 ----a-w- C:\WINDOWS\SysWOW64\bcrypt.dll 2014-04-11 15:59:21 76646923CD7635715615B120A0F9B60C 207872 ----a-w- C:\WINDOWS\SysWOW64\dmdskmgr.dll 2014-04-11 15:59:20 CA547BADA550D494626B31C72CC21DB6 251904 ----a-w- C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2014-04-11 15:59:20 9FAF625C560728E860517DF9DBB9D960 62976 ----a-w- C:\WINDOWS\SysWOW64\samlib.dll 2014-04-11 15:59:20 80425342540998BAB3EE066E1E4E49C8 116736 ----a-w- C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll 2014-04-11 15:59:20 6097263AB790AC06536C34F1CAD5F934 154624 ----a-w- C:\WINDOWS\SysWOW64\netplwiz.dll 2014-04-11 15:59:20 4491E85C62A83CB3BE7B82DA974F73C4 147968 ----a-w- C:\WINDOWS\SysWOW64\deviceaccess.dll 2014-04-11 15:59:20 16B05ECB7FE1DE4DE13F3E2AE4880F5A 45568 ----a-w- C:\WINDOWS\SysWOW64\acppage.dll 2014-04-11 15:59:19 872F0C4D6114670DDA1DABDA0892C5C1 165376 ----a-w- C:\WINDOWS\SysWOW64\scrobj.dll 2014-04-11 15:59:19 7B617B465FC0BE2162A33239141FCFCD 185856 ----a-w- C:\WINDOWS\SysWOW64\wlidcredprov.dll 2014-04-11 15:59:19 4FC945E08AF63491AFCC902C99046735 321536 ----a-w- C:\WINDOWS\SysWOW64\provsvc.dll 2014-04-11 15:59:19 40C42FE241AA67B34AD93521A754AC18 1057792 ----a-w- C:\WINDOWS\SysWOW64\printui.dll 2014-04-11 15:59:18 C2453FCF1BA8B9198B8543EEF4922FD5 32256 ----a-w- C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-11 15:59:18 74063A3A00A577AD98EB549778BB7FF7 195584 ----a-w- C:\WINDOWS\SysWOW64\PkgMgr.exe 2014-04-11 15:59:18 6D78C1FB8024B0F22CC2E5C14DEC2A23 780288 ----a-w- C:\WINDOWS\SysWOW64\autofmt.exe 2014-04-11 15:59:18 420E32FF08359CCF8336863057447DA1 800256 ----a-w- C:\WINDOWS\SysWOW64\autoconv.exe 2014-04-11 15:59:18 30FC899ABD3BC969D2895A86861A913D 14848 ----a-w- C:\WINDOWS\SysWOW64\slpts.dll 2014-04-11 15:59:18 28F2600864E7A46FBCC20201A28802BC 27136 ----a-w- C:\WINDOWS\SysWOW64\winbrand.dll 2014-04-11 15:59:18 28154466F239C8437A09EF16F36B9492 484864 ----a-w- C:\WINDOWS\SysWOW64\untfs.dll 2014-04-11 15:59:18 1D31E78ED5C40B5C6CC8D3DE713177A5 792576 ----a-w- C:\WINDOWS\SysWOW64\autochk.exe 2014-04-11 15:59:17 C38EC46C62411B9C69F0E99D3271BE47 80896 ----a-w- C:\WINDOWS\SysWOW64\wudriver.dll 2014-04-11 15:59:17 7D100025C3B18E98FB2A7EF41B6F90CC 123904 ----a-w- C:\WINDOWS\SysWOW64\wuwebv.dll 2014-04-11 15:59:17 78A65E694B2512EC9FFB3D5FF28967CB 439808 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2014-04-11 15:59:17 750E4BE8B6987BA644F3FF96935070B8 59392 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll 2014-04-11 15:59:17 391EACC3F9D9633252CDB30CC93DB049 99840 ----a-w- C:\WINDOWS\SysWOW64\AuthBroker.dll 2014-04-11 15:59:17 1F2EDE388EC6CCB146B35C229C209AC9 59392 ----a-w- C:\WINDOWS\SysWOW64\StorageContextHandler.dll 2014-04-11 15:59:16 DC6C267FA152D4E5C068C747D00D1C56 47104 ----a-w- C:\WINDOWS\SysWOW64\mssprxy.dll 2014-04-11 15:59:16 5AEEFA1C03E58A4EAF92248489C4A281 352768 ----a-w- C:\WINDOWS\SysWOW64\spwizeng.dll 2014-04-11 15:59:16 3AAA7338C3752D8B45A3BAC2520C8FC5 68096 ----a-w- C:\WINDOWS\SysWOW64\spbcd.dll 2014-04-11 15:59:16 119E0F7A71775A5CFB208B036ECE35E1 2255 ----a-w- C:\WINDOWS\SysWOW64\WimBootCompress.ini 2014-04-11 15:59:14 D050F4DCF90AEEFC9D603D692585ABB5 592896 ----a-w- C:\WINDOWS\SysWOW64\sud.dll 2014-04-11 15:59:14 66F44ACC5DC705BFF72A9093C39282E0 544768 ----a-w- C:\WINDOWS\SysWOW64\wlidcli.dll 2014-04-11 15:59:13 C9634BC6BDED782253F7BFD79A905591 1136128 ----a-w- C:\WINDOWS\SysWOW64\wscui.cpl 2014-04-11 15:59:13 931BE81031C762956D82D1D2F95AF3C5 370176 ----a-w- C:\WINDOWS\SysWOW64\winspool.drv 2014-04-11 15:59:13 78503FFC0092E152626A05EFDADD8817 130560 ----a-w- C:\WINDOWS\SysWOW64\SettingMonitor.dll 2014-04-11 15:59:13 13F0C01F01006DFC805077AB677F2343 31232 ----a-w- C:\WINDOWS\SysWOW64\wuapp.exe 2014-04-11 15:59:13 0C8FF52AE8A8E1DBB2A3FB9F6D66DC3D 24576 ----a-w- C:\WINDOWS\SysWOW64\wups.dll 2014-04-11 15:59:13 0A8FD01951AFD20F89CE1847B4CA789C 47104 ----a-w- C:\WINDOWS\SysWOW64\offreg.dll 2014-04-11 15:59:12 E332EF2E6551CCC2B7A1118A962A0D1C 30720 ----a-w- C:\WINDOWS\SysWOW64\deviceassociation.dll 2014-04-11 15:59:12 D3B9803EB2D8A9FB219F01F6790749AE 559104 ----a-w- C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll 2014-04-11 15:59:12 C7CAA2A56A66BCB587F30B73A418E0DB 159232 ----a-w- C:\WINDOWS\SysWOW64\werui.dll 2014-04-11 15:59:12 B22EE6357ACAD5BA5DD13319EAC7F342 82432 ----a-w- C:\WINDOWS\SysWOW64\IdCtrls.dll 2014-04-11 15:59:12 8A082D36DF5A4BBF40D96533B46BE15B 109056 ----a-w- C:\WINDOWS\SysWOW64\SSShim.dll 2014-04-11 15:59:12 8912CFFECB3018BD1657398AE4DBBDC4 270336 ----a-w- C:\WINDOWS\SysWOW64\winsku.dll 2014-04-11 15:59:12 717FF2BBD15A1047CEA8B9327C2650EA 203776 ----a-w- C:\WINDOWS\SysWOW64\PlayToDevice.dll 2014-04-11 15:59:12 417A1BFFAD79639B5E44B380B64A4E34 109568 ----a-w- C:\WINDOWS\SysWOW64\CloudStorageWizard.exe 2014-04-11 15:59:12 1A2892C4742B9EDAB7074A229C1F0D46 67584 ----a-w- C:\WINDOWS\SysWOW64\powercfg.exe 2014-04-11 15:59:11 E79C408D32840F5F01AD804288CD6093 97280 ----a-w- C:\WINDOWS\SysWOW64\migisol.dll 2014-04-11 15:59:11 ADF3C04436056E400BCF24AFA9B235C6 23040 ----a-w- C:\WINDOWS\SysWOW64\ReAgentc.exe 2014-04-11 15:59:11 5CE230DBA05F35DE72602EB7D863CF2C 140288 ----a-w- C:\WINDOWS\SysWOW64\easwrt.dll 2014-04-11 15:59:11 5979D087E744F7771B9295931C925F85 561664 ----a-w- C:\WINDOWS\SysWOW64\dfrgui.exe 2014-04-11 15:59:10 9B7F10C41D7D5E09D2F88B59A7556748 118272 ----a-w- C:\WINDOWS\SysWOW64\cscript.exe 2014-04-11 15:59:10 29DA788E9C2FBD0ED0AD56CE7D11896C 136192 ----a-w- C:\WINDOWS\SysWOW64\diskpart.exe 2014-04-11 15:59:09 D9B5429129BC8751796552386F2BF97B 304640 ----a-w- C:\WINDOWS\SysWOW64\wusa.exe 2014-04-11 15:59:09 9553E1B8ACD3C0F7ED73E1C0BD39FEB4 69632 ----a-w- C:\WINDOWS\SysWOW64\mshtmled.dll 2014-04-11 15:59:09 58A79835B276C869C0B2B45EEDA95BFC 51712 ----a-w- C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll 2014-04-11 15:59:09 3AD30A2F12CF91C66EA01AB882CE60AE 17920 ----a-w- C:\WINDOWS\SysWOW64\sxshared.dll 2014-04-11 15:59:09 3446C9E2DDF3F1A3597FA1A84249D45D 208384 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2014-04-11 15:59:09 2B945A334F50170137F541D0BE4158C8 10240 ----a-w- C:\WINDOWS\SysWOW64\msshooks.dll 2014-04-11 15:59:08 F9D8E8E9C931DED73B71EB9A4E898274 5632 ---ha-w- C:\WINDOWS\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll 2014-04-11 15:59:08 4F5623797E2230C18FB78531919B4C59 61952 ----a-w- C:\WINDOWS\SysWOW64\iesetup.dll 2014-04-11 15:59:07 F49CC89637D7B4E09448F3AAA0D7CAFD 50176 ----a-w- C:\WINDOWS\SysWOW64\UXInit.dll 2014-04-11 15:59:07 B08E2CCB561100858F354ED207F4D615 106496 ----a-w- C:\WINDOWS\SysWOW64\setupugc.exe 2014-04-11 15:59:07 358ABF671CB11C8B3ED533C60A62805F 256000 ----a-w- C:\WINDOWS\SysWOW64\wincorlib.dll 2014-04-11 15:59:06 67863ACDD7D2EA4B4A4B5B812927CEC2 27648 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll 2014-04-11 15:59:06 215C0AE11C772F890458E0E912BC356A 13312 ----a-w- C:\WINDOWS\SysWOW64\finger.exe 2014-04-11 15:59:05 F1DB86EA935C13CDFF27AB957297136A 7762 ----a-w- C:\WINDOWS\SysWOW64\connectedsearch-suggestions.searchconnector-ms 2014-04-11 15:59:05 DE461B86C05946D10E519F512D09E389 100197 ----a-w- C:\WINDOWS\SysWOW64\RacRules.xml 2014-04-11 15:59:05 B0B1AEAC427EC6943D851150EC135589 2544128 ----a-w- C:\WINDOWS\SysWOW64\themecpl.dll 2014-04-11 15:59:05 A30586158BE8810E7A6672462B2E7384 163328 ----a-w- C:\WINDOWS\SysWOW64\ocsetapi.dll 2014-04-11 15:59:05 850DC38AE4A068DC47F9D0E1D1D1B33C 202240 ----a-w- C:\WINDOWS\SysWOW64\GlobCollationHost.dll 2014-04-11 15:59:05 1FDF29F970E2E843B4DC5D0626D0EDD5 7130 ----a-w- C:\WINDOWS\SysWOW64\connectedsearch-zeroinput.searchconnector-ms 2014-04-11 15:59:04 F62BEC071CF36069161FD270BE6A6E7D 3584 ---ha-w- C:\WINDOWS\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll 2014-04-11 15:59:04 E535EA7F37E3AEA716057267ABD7D6A8 146944 ----a-w- C:\WINDOWS\SysWOW64\korwbrkr.dll 2014-04-11 15:59:04 65E9B707B157DB2D2844AD4D4ADF4EE9 193024 ----a-w- C:\WINDOWS\SysWOW64\bthprops.cpl 2014-04-11 15:59:03 F3539A38A1BFB9CED91B2DD9C4F2A565 3584 ---ha-w- C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll 2014-04-11 15:59:03 C31E30DEB0BAF08CFF9225181CBEB155 34304 ----a-w- C:\WINDOWS\SysWOW64\dataclen.dll 2014-04-11 15:59:03 869AE389F9F1EF3F715936FA30244ACA 127488 ----a-w- C:\WINDOWS\SysWOW64\occache.dll 2014-04-11 15:59:03 5E69CA54D2FE1088C78687EB8E58CB51 3584 ---ha-w- C:\WINDOWS\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll 2014-04-11 15:59:03 2DCD7ABA661E6E85CA6F426EEDE5C718 8192 ---ha-w- C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll 2014-04-11 15:59:02 E7B53AF004BEE5112F787A6E5B04D737 11109 ----a-w- C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms 2014-04-11 15:59:02 9CED2ACC26435D787616526692FBBE20 28160 ----a-w- C:\WINDOWS\SysWOW64\f3ahvoas.dll 2014-04-11 15:41:24 891B123240F511971FDCDCE7AB5EDAF7 17387008 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2014-04-11 15:40:38 B9BFD6CE08BA3F9AB7BA3D19622824D6 164864 ----a-w- C:\WINDOWS\SysWOW64\msrating.dll 2014-04-11 15:31:35 BAC704E260557DD80157594C3F5F3F5C 43008 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll 2014-04-11 15:30:56 7A2D384A9B072FE4E86341A01880AD08 51200 ----a-w- C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-04-11 15:30:55 D4589A3246497F13CF3A901D9B117974 112128 ----a-w- C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-04-11 15:30:55 BF816BA40B8B0BD2661D03DBDC2A6531 32768 ----a-w- C:\WINDOWS\SysWOW64\iernonce.dll 2014-04-10 02:14:06 BF576E866F0C70F0A6C7CA5BF28EC89A 2724864 ----a-w- C:\WINDOWS\SysWOW64\mshtml.tlb ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-04-17 19:20:25 779FB2F26E4339A4DD3EEF57E4E593FA 3408896 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2014-04-17 19:20:24 ED6A11F4562F89F559243AC87B01DBF4 54776 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2014-04-17 19:20:24 C89F2486735F7360D6D7B7B14E4B07C9 1705984 ----a-w- C:\WINDOWS\Sysnative\wucltux.dll 2014-04-17 19:20:24 04FFE8E9A0B4621A56773065AA41D575 190976 ----a-w- C:\WINDOWS\Sysnative\storewuauth.dll 2014-04-17 19:20:23 48C4FAB482665748D3598D96AD3461D9 381952 ----a-w- C:\WINDOWS\Sysnative\WUSettingsProvider.dll 2014-04-11 16:04:28 E5DA9DD3E5972CE969EA445492954280 16875520 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2014-04-11 16:04:27 F3523E611AB0B0977B048263A12DCF2A 1291200 ----a-w- C:\WINDOWS\Sysnative\kernel32.dll 2014-04-11 16:04:26 B0630FEE31D7A9B73E49A2F31CF61C1C 1112536 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2014-04-11 16:04:26 411550CE9952B9B30C5A82CDDAD623C0 21232792 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2014-04-11 16:04:23 8596E6030C8DE66439DDF21C7F7B5006 40960 ----a-w- C:\WINDOWS\Sysnative\Windows.Shell.Search.UriHandler.dll 2014-04-11 16:04:22 80F4C728FC12B324156486806AB3357E 8653824 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Search.dll 2014-04-11 16:04:22 6374C4EE20389CBB6AEF2BE468856177 7425368 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2014-04-11 16:04:21 EE95B732BB098C5E874D53AD1E00EF51 13286400 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2014-04-11 16:04:16 2B12310DF8299D5ED5978FFBE3DA80B1 6641152 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll 2014-04-11 16:04:12 C5746CE22A4338896338A48687CB9345 4268544 ----a-w- C:\WINDOWS\Sysnative\SyncEngine.dll 2014-04-11 16:04:12 398990EFC34218C3B6C4E6384502083B 2900992 ----a-w- C:\WINDOWS\Sysnative\msftedit.dll 2014-04-11 16:04:11 1B2CAD40A6FD2E9DC336F3A338293B29 2331000 ----a-w- C:\WINDOWS\Sysnative\msxml6.dll 2014-04-11 16:04:10 F7529BD3FFAC9C33D15F6DE3B7353B03 1306624 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2014-04-11 16:04:10 6EF180C3695A4C1745F4A32E1D9EE8A9 2641920 ----a-w- C:\WINDOWS\Sysnative\authui.dll 2014-04-11 16:04:10 5886CF4473849179FC8D2831CD629340 2133504 ----a-w- C:\WINDOWS\Sysnative\dwmcore.dll 2014-04-11 16:04:09 CFE7F0267B0C3077042FF291949B5546 1063424 ----a-w- C:\WINDOWS\Sysnative\IKEEXT.DLL 2014-04-11 16:04:09 8E5C2B32EE4166A3084B133183A00F2A 2141912 ----a-w- C:\WINDOWS\Sysnative\d3d11.dll 2014-04-11 16:04:09 62E1AE59F9F40BB70C4D7EDCC0CE34F1 1054208 ----a-w- C:\WINDOWS\Sysnative\twinui.appcore.dll 2014-04-11 16:04:09 540B29C770E4864C8FB5B6278526776E 1411584 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2014-04-11 16:04:09 332E5E35DE9E8175A9550501E57E0612 1542768 ----a-w- C:\WINDOWS\Sysnative\ole32.dll 2014-04-11 16:04:08 5A917027826D759CC3238C7D3CEC3438 1527296 ----a-w- C:\WINDOWS\Sysnative\wlansvc.dll 2014-04-11 16:04:08 4F6908A61CBC7FD263BB424671431623 1129472 ----a-w- C:\WINDOWS\Sysnative\SearchFolder.dll 2014-04-11 16:04:07 C58594E368B935CD001FC3F503D23A6B 1023488 ----a-w- C:\WINDOWS\Sysnative\localspl.dll 2014-04-11 16:04:07 B7E51F949ED8C3A75C1D3121AF9A4B6C 655360 ----a-w- C:\WINDOWS\Sysnative\dnsapi.dll 2014-04-11 16:04:07 8279E6B065626951DA5F3BD0B4E28001 1230336 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll 2014-04-11 16:04:07 7CDB6060224CFAD4D5AC49FFC5414F41 939520 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2014-04-11 16:04:07 1B7F53CBD0429CC3EE15A545F5E2BF62 918528 ----a-w- C:\WINDOWS\Sysnative\MrmCoreR.dll 2014-04-11 16:04:07 05ED31A8FD97247D5B786F62988F2535 958464 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2014-04-11 16:04:06 E797B1571003E524526F384CE5EE3555 1466864 ----a-w- C:\WINDOWS\Sysnative\propsys.dll 2014-04-11 16:04:06 6DD2D6B8CA1250A7C12D0042396D1892 492256 ----a-w- C:\WINDOWS\Sysnative\mfsvr.dll 2014-04-11 16:04:06 42F4D353A2AC24F7112FB4D6BD2D4F7C 1339240 ----a-w- C:\WINDOWS\Sysnative\gdi32.dll 2014-04-11 16:04:06 2C727D11CDF4F8B2477FC2B1B305ECB9 512000 ----a-w- C:\WINDOWS\Sysnative\wlidprov.dll 2014-04-11 16:04:06 06E5962471CFC5890F6B7AB2BF527250 950784 ----a-w- C:\WINDOWS\Sysnative\ReAgent.dll 2014-04-11 16:04:05 C253B8484DCABB3EBE6D60E67CADB373 356848 ----a-w- C:\WINDOWS\Sysnative\dcomp.dll 2014-04-11 16:04:05 9A71BD2E4B8EB550D0022AFDF8616014 834048 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2014-04-11 16:04:05 88225B3D5685777AFAA1297FD612DF9A 518552 ----a-w- C:\WINDOWS\Sysnative\dxgi.dll 2014-04-11 16:04:05 6031CF57D972421469B15770AF8FF942 467504 ----a-w- C:\WINDOWS\Sysnative\AudioSes.dll 2014-04-11 16:04:04 FAF28A6151A26D94555E0EE518762479 364640 ----a-w- C:\WINDOWS\Sysnative\AUDIOKSE.dll 2014-04-11 16:04:04 7C75BF2879AEAD311DAE25CB5F1A2C83 669696 ----a-w- C:\WINDOWS\Sysnative\rasapi32.dll 2014-04-11 16:04:03 FE7656474448BE6A6C68E5C9BEB7CA94 254464 ----a-w- C:\WINDOWS\Sysnative\dnsrslvr.dll 2014-04-11 16:04:03 D790CBCB9C38320B4438D697AA33FF55 720896 ----a-w- C:\WINDOWS\Sysnative\fveapi.dll 2014-04-11 16:04:03 5BCABCE516486337E39DDD005BCBB1CA 1656832 ----a-w- C:\WINDOWS\Sysnative\GdiPlus.dll 2014-04-11 16:04:02 D5C3776CBD8BC307DCCA3FD4CE667A37 324096 ----a-w- C:\WINDOWS\Sysnative\SessEnv.dll 2014-04-11 16:04:02 BBE15881FE11BE37112F8320C41DAFB9 827392 ----a-w- C:\WINDOWS\Sysnative\BFE.DLL 2014-04-11 16:04:02 B2A890D96C05E33FDD2BF3F3D4D0DF92 220160 ----a-w- C:\WINDOWS\Sysnative\profsvc.dll 2014-04-11 16:04:02 A1C6BA515120C44E8D5A1EA3E927C7C2 291840 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Sensors.dll 2014-04-11 16:04:02 5AEFB4F09549545FA3BBD58A6FFF4962 924160 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2014-04-11 16:04:01 F14178562B63C54D3183839F77FB9542 370176 ----a-w- C:\WINDOWS\Sysnative\wlanmsm.dll 2014-04-11 16:04:01 DD5DF99540AB97806DF63B1494C809A8 488280 ----a-w- C:\WINDOWS\Sysnative\netcfgx.dll 2014-04-11 16:04:01 C54F6C4594F54BC8F189A6FD4BFB7B2E 621568 ----a-w- C:\WINDOWS\Sysnative\MDMAgent.exe 2014-04-11 16:04:01 B8EB489B9CB8E4E29D3B5FA33F59F7EB 721408 ----a-w- C:\WINDOWS\Sysnative\SkyDriveTelemetry.dll 2014-04-11 16:04:01 A2BF5D466853422C143571064C7DD94F 252928 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentClient.dll 2014-04-11 16:04:01 65A3992EC59D8D33D7622E3AF4C50DBF 247296 ----a-w- C:\WINDOWS\Sysnative\SensorsApi.dll 2014-04-11 16:04:01 5BD3A2351BEFCAC8757626271F8EFA89 339456 ----a-w- C:\WINDOWS\Sysnative\bdesvc.dll 2014-04-11 16:04:01 50126883FF1D1F690FE477B0B6593DAA 872448 ----a-w- C:\WINDOWS\Sysnative\SkyDrive.exe 2014-04-11 16:04:00 F83D49F4B10E813A1F9AC8B92F16592D 201216 ----a-w- C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll 2014-04-11 16:04:00 E64AD4877B41F1DB4CC3C99BA8372857 463264 ----a-w- C:\WINDOWS\Sysnative\AudioEng.dll 2014-04-11 16:04:00 C8D6344BDE2691A196E61C0D3372EAB7 2479616 ----a-w- C:\WINDOWS\Sysnative\WsmSvc.dll 2014-04-11 16:03:59 BC6849C62DB407573C6AD8CB1A4D2628 115200 ----a-w- C:\WINDOWS\Sysnative\umpnpmgr.dll 2014-04-11 16:03:59 97A8DD53D83D5DAC15EDAB1320D305B4 244888 ----a-w- C:\WINDOWS\Sysnative\audiodg.exe 2014-04-11 16:03:59 8183820F2D9648A619AA3200EFC62D0B 299008 ----a-w- C:\WINDOWS\Sysnative\pdh.dll 2014-04-11 16:03:59 50874EAD26534D475096765A48B90518 334848 ----a-w- C:\WINDOWS\Sysnative\MDEServer.exe 2014-04-11 16:03:59 4DD9C026AAB3C12A5BF7FF9A0C038422 186368 ----a-w- C:\WINDOWS\Sysnative\dafWfdProvider.dll 2014-04-11 16:03:59 16E9AD0F7A34C4F071E40CDD76E7C86D 113648 ----a-w- C:\WINDOWS\Sysnative\userenv.dll 2014-04-11 16:03:58 A9B68F20F1E6E62B189C7C4815EB42B9 296960 ----a-w- C:\WINDOWS\Sysnative\wlanapi.dll 2014-04-11 16:03:58 7A61F17976F7C5077D9862E4EC25BB3E 360512 ----a-w- C:\WINDOWS\Sysnative\mfreadwrite.dll 2014-04-11 16:03:58 48F25CC79C6CCFD4B776C8FDA9ED7271 160768 ----a-w- C:\WINDOWS\Sysnative\AppxAllUserStore.dll 2014-04-11 16:03:58 3ED1FD93AA4C381A374C3835CF7A5C92 201216 ----a-w- C:\WINDOWS\Sysnative\ReInfo.dll 2014-04-11 16:03:58 2DE56913AE88DF760F279264023908BC 1843712 ----a-w- C:\WINDOWS\Sysnative\Display.dll 2014-04-11 16:03:58 19F84D6153C06FE71203517BDAC9EA9F 102912 ----a-w- C:\WINDOWS\Sysnative\davclnt.dll 2014-04-11 16:03:58 18297BC1CE8A0C0BF9A703A3C45DACC1 462336 ----a-w- C:\WINDOWS\Sysnative\wlangpui.dll 2014-04-11 16:03:58 14BEA911F78B44E47CBD18210E541A43 212992 ----a-w- C:\WINDOWS\Sysnative\cdd.dll 2014-04-11 16:03:57 B29B13914A2692EA6A6E9E1D6FFB9760 298496 ----a-w- C:\WINDOWS\Sysnative\WSDMon.dll 2014-04-11 16:03:57 A40262C252A65BAD0186D9DDBB3083DA 1015808 ----a-w- C:\WINDOWS\Sysnative\aclui.dll 2014-04-11 16:03:57 94CD5DE7D2989AA64594F1925339C97E 542208 ----a-w- C:\WINDOWS\Sysnative\Windows.Graphics.Printing.dll 2014-04-11 16:03:57 5ABA673EF6433BE68AAE77AE5C5FAFAA 412672 ----a-w- C:\WINDOWS\Sysnative\FWPUCLNT.DLL 2014-04-11 16:03:57 279DC249C295E8B7CD5FFB966007E1D9 110592 ----a-w- C:\WINDOWS\Sysnative\drvinst.exe 2014-04-11 16:03:57 06304D50B5228BF1EB6E829A72A629DB 271872 ----a-w- C:\WINDOWS\Sysnative\spp.dll 2014-04-11 16:03:56 FF94F2D1E80D09FEE3B90A263759163A 210944 ----a-w- C:\WINDOWS\Sysnative\fveapibase.dll 2014-04-11 16:03:56 DF621C527179BB0A60CDA371AEFD098E 57856 ----a-w- C:\WINDOWS\Sysnative\drvcfg.exe 2014-04-11 16:03:56 9F83D40B242C7CD2868DBF7550F3FF4C 86016 ----a-w- C:\WINDOWS\Sysnative\RMapi.dll 2014-04-11 16:03:56 9F0759C6D691E7030BF33105EDA2C690 30208 ----a-w- C:\WINDOWS\Sysnative\CredentialMigrationHandler.dll 2014-04-11 16:03:56 81AF2BB862A3C6DDB9F2E3A7956B0417 425984 ----a-w- C:\WINDOWS\Sysnative\clusapi.dll 2014-04-11 16:03:56 5F58A221937B5D58E33F4B21AEF92210 192000 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Scanners.dll 2014-04-11 16:03:56 3B57B197D907425CB92B979132945B7C 731648 ----a-w- C:\WINDOWS\Sysnative\adtschema.dll 2014-04-11 16:03:56 0633C74EFAAEF72FCC33B86CB86B2ED5 79360 ----a-w- C:\WINDOWS\Sysnative\w32tm.exe 2014-04-11 16:03:55 EEA0EB275D329DAA7EAA397417477C8F 794112 ----a-w- C:\WINDOWS\Sysnative\fvewiz.dll 2014-04-11 16:03:55 CC6F6A993FE36A55AF8207B9393407D6 325632 ----a-w- C:\WINDOWS\Sysnative\LocationApi.dll 2014-04-11 16:03:55 C1D7A9932D7F468534F1913FB1F65572 40448 ----a-w- C:\WINDOWS\Sysnative\SetNetworkLocation.dll 2014-04-11 16:03:55 9A1ECF6480039B6E2062B739BBD0C4F7 64512 ----a-w- C:\WINDOWS\Sysnative\tsgqec.dll 2014-04-11 16:03:55 7563B7860E857D463C407085EC1BE731 100352 ----a-w- C:\WINDOWS\Sysnative\BitLockerDeviceEncryption.exe 2014-04-11 16:03:55 71133C77DD8089DA3F74813F90361F81 83968 ----a-w- C:\WINDOWS\Sysnative\sxproxy.dll 2014-04-11 16:03:55 6DEA7E51085C4CEC311DBD5A1AF8C759 717312 ----a-w- C:\WINDOWS\Sysnative\nshwfp.dll 2014-04-11 16:03:55 1DCD97010190EF9377E77AB0A846C720 115200 ----a-w- C:\WINDOWS\Sysnative\DevPropMgr.dll 2014-04-11 16:03:55 0D092AAF47629E6FD77597FCA58625EE 1057280 ----a-w- C:\WINDOWS\Sysnative\rdvidcrl.dll 2014-04-11 16:03:54 FD786AFD9B85D65E5FD6B86944BB1D9A 443904 ----a-w- C:\WINDOWS\Sysnative\wlansec.dll 2014-04-11 16:03:54 938DC1C1D13682C01886F365E6682CA7 11264 ----a-w- C:\WINDOWS\Sysnative\wlanhlp.dll 2014-04-11 16:03:54 8DAE6957A4F0EC461575F68239E0A13E 69120 ----a-w- C:\WINDOWS\Sysnative\l2gpstore.dll 2014-04-11 16:03:54 7043428E344AF62EC540BDF49317D321 99328 ----a-w- C:\WINDOWS\Sysnative\BdeHdCfgLib.dll 2014-04-11 16:03:54 12B0701B1CEC1A7BB0E4C71D97661E23 387210 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml 2014-04-11 16:03:54 04D6FAB6BE09C83DF591D58E1FBADA59 274944 ----a-w- C:\WINDOWS\Sysnative\WsmWmiPl.dll 2014-04-11 16:01:09 7A001F5336992791865549450D606D41 1400832 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2014-04-11 16:01:08 E6CCE5FA61801AA47891654747ADB924 2043904 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2014-04-11 16:01:07 415CC6E051BC88468CE051AF0D1DEFEF 13551104 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2014-04-11 16:01:06 F2EF432780FDE5E661CD0DDA6D119708 5784064 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2014-04-11 16:01:06 76BA56848B718C980FDEAE248EB32F1B 4192768 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2014-04-11 16:01:05 FFFCC3C3ED6886A95D3C0E1B49C652BA 139600 ----a-w- C:\WINDOWS\Sysnative\systemsf.ebd 2014-04-11 16:01:05 1FBE0C637032A64AB316F18EFED67E89 51200 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll 2014-04-11 16:00:58 0FDB2D284B0DEA2FAFFB7577A72D343F 2767360 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2014-04-11 16:00:54 541D8B14318C9252A457FA462147E10C 752640 ----a-w- C:\WINDOWS\Sysnative\jscript9diag.dll 2014-04-11 16:00:53 977BDBE33ADE22EE88EE9E7C54511300 11742720 ----a-w- C:\WINDOWS\Sysnative\glcndFilter.dll 2014-04-11 16:00:52 B0E0F3BB71615DC726AA5A610019A197 630784 ----a-w- C:\WINDOWS\Sysnative\OobeFldr.dll 2014-04-11 16:00:52 95B6670E6933E1DEE19686C55BE709A0 3394384 ----a-w- C:\WINDOWS\Sysnative\WSService.dll 2014-04-11 16:00:42 65C36A29A131A3A5D64B29FAC4EF6DD6 2262016 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2014-04-11 16:00:39 6AFE9D20019BA4C76188A458573F4461 1927600 ----a-w- C:\WINDOWS\Sysnative\combase.dll 2014-04-11 16:00:35 FE7F81BADAAC7A7A17BA751E1CE471C9 13933568 ----a-w- C:\WINDOWS\Sysnative\wmp.dll 2014-04-11 16:00:35 3197633AD21EF3B4EA2EBB8AF2F5B338 586240 ----a-w- C:\WINDOWS\Sysnative\qedit.dll 2014-04-11 16:00:33 1060AE975A2E63E5E5D2F0ABDC5D557D 1435304 ----a-w- C:\WINDOWS\Sysnative\sppobjs.dll 2014-04-11 16:00:32 EFF09C9865290B159F79980113358299 3494912 ----a-w- C:\WINDOWS\Sysnative\tquery.dll 2014-04-11 16:00:31 39E31CF8F0E0FECADEC8C1D98A0C9E92 12027904 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll 2014-04-11 16:00:29 4D403440E2D3186482B1488462DEFFE0 846336 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2014-04-11 16:00:29 3DA26652B12E9AB43FD04976AC6DFD33 1192448 ----a-w- C:\WINDOWS\Sysnative\sysmain.dll 2014-04-11 16:00:29 051EA7D6EEBAC6C5219991C19D72EB32 2142976 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll 2014-04-11 16:00:27 19AF77545FD61995E1062277320A92AF 2368512 ----a-w- C:\WINDOWS\Sysnative\mssrch.dll 2014-04-11 16:00:26 5F56C0DE776C7AE43AF749845BFAA1EF 1576960 ----a-w- C:\WINDOWS\Sysnative\wlidsvc.dll 2014-04-11 16:00:24 D424A5CD2E3997AF511C9865AC1EF22D 2943488 ----a-w- C:\WINDOWS\Sysnative\Wpc.dll 2014-04-11 16:00:24 837F8649A2FE7880899711FAA25A2AE3 1728000 ----a-w- C:\WINDOWS\Sysnative\dui70.dll 2014-04-11 16:00:22 06BA7518958966587474CCDDE4F8A42A 2574240 ----a-w- C:\WINDOWS\Sysnative\WMVDECOD.DLL 2014-04-11 16:00:21 F0D53BA526018350E227F6E3E80C3966 1445616 ----a-w- C:\WINDOWS\Sysnative\webservices.dll 2014-04-11 16:00:21 EEB074B2C0282AAE03ED54361DE23946 2843136 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2014-04-11 16:00:20 D2DE4DE05E234F9FDA9B8BC967D0843C 2100736 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsAdminFlowUI.dll 2014-04-11 16:00:20 865E3C79BB0DB64D4AB2F6BA8FF5BD2C 1132032 ----a-w- C:\WINDOWS\Sysnative\Windows.Globalization.dll 2014-04-11 16:00:19 7D7C2B72B81BABF192F1033460A3C434 1290688 ----a-w- C:\WINDOWS\Sysnative\msctf.dll 2014-04-11 16:00:19 59FBA218C767ED30967CE285F5D76D16 1399176 ----a-w- C:\WINDOWS\Sysnative\winmde.dll 2014-04-11 16:00:19 55A9A5D9F8EC7512B8F1153657BEDF92 628736 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2014-04-11 16:00:19 2E13669E685B4FDA1FF09E41D6572FD3 2588168 ----a-w- C:\WINDOWS\Sysnative\WpcMon.exe 2014-04-11 16:00:18 F7E4F8EA0560B5231132348F880DA229 1287168 ----a-w- C:\WINDOWS\Sysnative\mispace.dll 2014-04-11 16:00:18 99984EBB7C7C3239EF2A866033827BEC 1217024 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Streaming.dll 2014-04-11 16:00:18 7EAEE7DEDDA6C3123B3700A1A48CFA3A 628224 ----a-w- C:\WINDOWS\Sysnative\msTextPrediction.dll 2014-04-11 16:00:18 11C2A9D3D34632FC17EF8B3411AA972B 1640960 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Immersive.dll 2014-04-11 16:00:17 F79C112FCC0FEF9EBE07F903CEA05F9F 647168 ----a-w- C:\WINDOWS\Sysnative\SettingSyncHost.exe 2014-04-11 16:00:16 E3C92D60F6AD7763961D1E7628002844 718336 ----a-w- C:\WINDOWS\Sysnative\swprv.dll 2014-04-11 16:00:16 939B63CB5C350802ACE33E5C7AC037FD 1727760 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2014-04-11 16:00:15 EABE2125857B68D7B80EE5A2E1FB13EA 800552 ----a-w- C:\WINDOWS\Sysnative\mfnetcore.dll 2014-04-11 16:00:15 722B1ED8A1C3115E0B215215FB56738D 777728 ----a-w- C:\WINDOWS\Sysnative\SettingSyncCore.dll 2014-04-11 16:00:15 4E730667CA97D127D9E4AD05150A18C5 1215832 ----a-w- C:\WINDOWS\Sysnative\mfnetsrc.dll 2014-04-11 16:00:14 C6ED6A63B57560EB5C99F88F93E7EDBF 461176 ----a-w- C:\WINDOWS\Sysnative\WerFault.exe 2014-04-11 16:00:14 B8AE39C49A72070BAD8E2D970BFC3C70 2648064 ----a-w- C:\WINDOWS\Sysnative\WpcWebSync.dll 2014-04-11 16:00:14 A340B32445BB448D6C4D96194488F82E 160256 ----a-w- C:\WINDOWS\Sysnative\DWWIN.EXE 2014-04-11 16:00:14 858851D0B36F34B9DAF83DD7BD8636A1 997888 ----a-w- C:\WINDOWS\Sysnative\reseteng.dll 2014-04-11 16:00:14 4A87A56606776CC9E1520D8A2741E9AE 1000424 ----a-w- C:\WINDOWS\Sysnative\WinTypes.dll 2014-04-11 16:00:14 19440A7EA6C2FF961C5B8188E532F82F 407536 ----a-w- C:\WINDOWS\Sysnative\Faultrep.dll 2014-04-11 16:00:13 59245D8023A7C5D192C2ED7A1BD80F36 825344 ----a-w- C:\WINDOWS\Sysnative\samsrv.dll 2014-04-11 16:00:12 E741CC1224A29A2C271798EF3645D81B 1356360 ----a-w- C:\WINDOWS\Sysnative\winresume.exe 2014-04-11 16:00:12 D4A699D489758A270A5099DE1B4EE2FB 1487520 ----a-w- C:\WINDOWS\Sysnative\winresume.efi 2014-04-11 16:00:12 B61462AED373BD130EA031767F83E0D2 1659056 ----a-w- C:\WINDOWS\Sysnative\winload.efi 2014-04-11 16:00:12 91406FB600CA9A57E5ADE0FCE07C59F0 1519592 ----a-w- C:\WINDOWS\Sysnative\winload.exe 2014-04-11 16:00:12 10B3D632CA42A042F9E38CC30830A800 2825216 ----a-w- C:\WINDOWS\Sysnative\ExplorerFrame.dll 2014-04-11 16:00:11 E7F88B66FD5C0DA438371C998273FD0D 1929608 ----a-w- C:\WINDOWS\Sysnative\setupapi.dll 2014-04-11 16:00:11 CAFB5D7373DDAE675A9A091A21642041 390656 ----a-w- C:\WINDOWS\Sysnative\DfpCommon.dll 2014-04-11 16:00:11 AB7892A876ED44FC9C1D80FD9F3046E0 584704 ----a-w- C:\WINDOWS\Sysnative\StructuredQuery.dll 2014-04-11 16:00:11 657D52EEB153FDE9C8AC94997E223228 27648 ----a-w- C:\WINDOWS\Sysnative\WofTasks.dll 2014-04-11 16:00:11 23F2B10A7EDF5E6A87CAE43129F83495 791552 ----a-w- C:\WINDOWS\Sysnative\uDWM.dll 2014-04-11 16:00:11 22C3168D2AAA6C0546FE215CD079DBBB 526304 ----a-w- C:\WINDOWS\Sysnative\wer.dll 2014-04-11 16:00:10 9A1190B2934CFAB102D1B62F74971A0B 721408 ----a-w- C:\WINDOWS\Sysnative\twinapi.dll 2014-04-11 16:00:10 81979817943D830BF24571B7C1B28A1A 753664 ----a-w- C:\WINDOWS\Sysnative\rpcss.dll 2014-04-11 16:00:09 44BFD45AD17507C7129F90656729E569 1621504 ----a-w- C:\WINDOWS\Sysnative\RacEngn.dll 2014-04-11 16:00:08 D33C175C081B6770C32C6F4A561E99E4 635904 ----a-w- C:\WINDOWS\Sysnative\WWAHost.exe 2014-04-11 16:00:08 134459015C02EE08AF888F488EF91EC3 609456 ----a-w- C:\WINDOWS\Sysnative\mf.dll 2014-04-11 16:00:07 CE10041A39A0E6F598BFA50A5AB64CF3 569856 ----a-w- C:\WINDOWS\Sysnative\wpncore.dll 2014-04-11 16:00:07 CBE142AAF990CDA24CDEFF8FF3EBB201 645104 ----a-w- C:\WINDOWS\Sysnative\SHCore.dll 2014-04-11 16:00:07 B83C0950E4F89CE586C2D38BD50218C6 1653352 ----a-w- C:\WINDOWS\Sysnative\WindowsCodecs.dll 2014-04-11 16:00:06 805AE6AF93317209084AB881A50B2D17 2760704 ----a-w- C:\WINDOWS\Sysnative\wpccpl.dll 2014-04-11 16:00:04 CEB069C882A0DFEDBE5C1590D44B1052 1519520 ----a-w- C:\WINDOWS\Sysnative\user32.dll 2014-04-11 16:00:04 561A97E82FA0645CB786C19B8D442C31 1163264 ----a-w- C:\WINDOWS\Sysnative\uxtheme.dll 2014-04-11 16:00:03 E2A34E0E6DC58712BC527338C7E0A8E4 576512 ----a-w- C:\WINDOWS\Sysnative\SettingSync.dll 2014-04-11 16:00:03 DBC61FE275917E75AE077A04E701C474 845824 ----a-w- C:\WINDOWS\Sysnative\SearchIndexer.exe 2014-04-11 16:00:02 A07CFC4B593D15B6BF06813C3B5B33BF 366080 ----a-w- C:\WINDOWS\Sysnative\wcmsvc.dll 2014-04-11 16:00:02 4DFCE03EEB1BA325B8077A626B2F25F0 424280 ----a-w- C:\WINDOWS\Sysnative\hal.dll 2014-04-11 16:00:01 C70734AD4525B99B8C1F065898DE6EEF 881616 ----a-w- C:\WINDOWS\Sysnative\mfplat.dll 2014-04-11 16:00:01 BA24011607AD814778CA343291D418D6 2395136 ----a-w- C:\WINDOWS\Sysnative\storagewmi.dll 2014-04-11 16:00:01 6D79CDD66FE672937F251ED67C7FF11E 1757184 ----a-w- C:\WINDOWS\Sysnative\WMPDMC.exe 2014-04-11 16:00:00 BCE2EB8D8437FA7100F51BD8D9120F3E 18432 ----a-w- C:\WINDOWS\Sysnative\WofUtil.dll 2014-04-11 16:00:00 68966CD60BED0180B01387B7362779C7 666624 ----a-w- C:\WINDOWS\Sysnative\wimgapi.dll 2014-04-11 15:59:59 EC3BCAACA76E8987F1F0F2DE3D64ED98 197120 ----a-w- C:\WINDOWS\Sysnative\scrrun.dll 2014-04-11 15:59:59 1169646AAD0239C23CCF9C46BA00B2D6 391008 ----a-w- C:\WINDOWS\Sysnative\MMDevAPI.dll 2014-04-11 15:59:58 DAF37070DDBD4ECCBDE7C2213AB60025 555736 ----a-w- C:\WINDOWS\Sysnative\twinapi.appcore.dll 2014-04-11 15:59:58 CFDEF7C849D5AFDB689473073B0EE82D 606208 ----a-w- C:\WINDOWS\Sysnative\comdlg32.dll 2014-04-11 15:59:58 CEAE26D9492F7D481916FF44C120D339 1206000 ----a-w- C:\WINDOWS\Sysnative\Taskmgr.exe 2014-04-11 15:59:58 CB12C47647D8BDAFAA94C0856B14128B 530944 ----a-w- C:\WINDOWS\Sysnative\AppReadiness.dll 2014-04-11 15:59:58 8F8356461CE4BF9CFBC8C31A9B118237 427520 ----a-w- C:\WINDOWS\Sysnative\schannel.dll 2014-04-11 15:59:58 1524579B894C9B99F42A695B86881254 545792 ----a-w- C:\WINDOWS\Sysnative\apphelp.dll 2014-04-11 15:59:57 DE871131FCFA31032A4F977D4152A446 307304 ----a-w- C:\WINDOWS\Sysnative\wintrust.dll 2014-04-11 15:59:57 B5E03CD317F089DFF67483641C9B0339 1374384 ----a-w- C:\WINDOWS\Sysnative\wmpmde.dll 2014-04-11 15:59:56 F734881DD480B0AC9462A31ADB2DB002 1227776 ----a-w- C:\WINDOWS\Sysnative\usercpl.dll 2014-04-11 15:59:56 DCF2510E0745720E543E84F5E921FCC0 262335 ----a-w- C:\WINDOWS\Sysnative\dfpinc.dat 2014-04-11 15:59:56 D8F7C3E57F2C09C6589AECD1820E0CA9 31232 ----a-w- C:\WINDOWS\Sysnative\dfp.exe 2014-04-11 15:59:56 390793BD9F3DEF111DB2B21559B6293A 584192 ----a-w- C:\WINDOWS\Sysnative\recimg.exe 2014-04-11 15:59:56 1062C1D05E95306D878FFFE0A23B84C0 1107456 ----a-w- C:\WINDOWS\Sysnative\perftrack.dll 2014-04-11 15:59:55 F2559A492AF8D653D1F47ADABA4C3E97 269824 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll 2014-04-11 15:59:55 B087305F29D8CE043DD31AD69AFDF1A9 752640 ----a-w- C:\WINDOWS\Sysnative\mssvp.dll 2014-04-11 15:59:55 8EBB271E4588D835784A3FF7E80076A8 710656 ----a-w- C:\WINDOWS\Sysnative\lsm.dll 2014-04-11 15:59:55 8541EE27ADD14F84844DB43E9C7BBE3E 467456 ----a-w- C:\WINDOWS\Sysnative\energy.dll 2014-04-11 15:59:55 561F1AB95F4F01C691BDABA5FD5C67FC 669896 ----a-w- C:\WINDOWS\Sysnative\advapi32.dll 2014-04-11 15:59:55 021C7541C55625D083753DA241169A97 1428480 ----a-w- C:\WINDOWS\Sysnative\RecoveryDrive.exe 2014-04-11 15:59:54 74FA630CDF88E5482210E653D2719DD7 854528 ----a-w- C:\WINDOWS\Sysnative\WSShared.dll 2014-04-11 15:59:54 65FBC4306DA606058136DF5D552A4872 968704 ----a-w- C:\WINDOWS\Sysnative\tdh.dll 2014-04-11 15:59:53 FCF20B83EDFA8765A83D3BA4CCD49775 586240 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2014-04-11 15:59:53 A4A3542D65C180AFDC41B8A824C6CD40 653312 ----a-w- C:\WINDOWS\Sysnative\DismApi.dll 2014-04-11 15:59:53 65C65F3BD784158C456E721DDC9F0EA2 1584128 ----a-w- C:\WINDOWS\Sysnative\workfolderssvc.dll 2014-04-11 15:59:52 CCCDE17347904396A0102A9EE3669555 1224192 ----a-w- C:\WINDOWS\Sysnative\werconcpl.dll 2014-04-11 15:59:52 CC9503365C5AC3D6A8E152194CE62669 372360 ----a-w- C:\WINDOWS\Sysnative\msvproc.dll 2014-04-11 15:59:52 CBFC4C292C125A86DA4D2BC831CD4634 388408 ----a-w- C:\WINDOWS\Sysnative\bcryptprimitives.dll 2014-04-11 15:59:52 858E46BB06924EB01C3DF8AEF2DC1CDF 441344 ----a-w- C:\WINDOWS\Sysnative\mssph.dll 2014-04-11 15:59:52 48EBD5B3241D2324A92BA8EB993B2076 745328 ----a-w- C:\WINDOWS\Sysnative\oleaut32.dll 2014-04-11 15:59:52 090E4DE444439DF828CB726D60EA9CFD 878592 ----a-w- C:\WINDOWS\Sysnative\ActionCenter.dll 2014-04-11 15:59:51 8F464EE568C36C174DC403EFC8F85A21 321536 ----a-w- C:\WINDOWS\Sysnative\stobject.dll 2014-04-11 15:59:51 152152B5EE3512ED85C526967C350355 159744 ----a-w- C:\WINDOWS\Sysnative\thumbcache.dll 2014-04-11 15:59:50 FFF2BF211D8E2EE4C72EA94C37CAD9D2 755200 ----a-w- C:\WINDOWS\Sysnative\msctfuimanager.dll 2014-04-11 15:59:50 DDE972537280676F685DEC67CE28932D 320000 ----a-w- C:\WINDOWS\Sysnative\SearchProtocolHost.exe 2014-04-11 15:59:50 BFF9B210460BF8FD9122936D1D5D5DD5 824832 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll 2014-04-11 15:59:50 604064FB0094B0B7433C5EB8BF91512A 1791752 ----a-w- C:\WINDOWS\Sysnative\WMALFXGFXDSP.dll 2014-04-11 15:59:50 46D718075C456CF241BEBFEC9D5F13BD 531128 ----a-w- C:\WINDOWS\Sysnative\ci.dll 2014-04-11 15:59:50 1F72F41F1401ADFA68F4B5D211CDCE7C 548352 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2014-04-11 15:59:49 A6306E2A24C11555D5A4E572291C551D 716288 ----a-w- C:\WINDOWS\Sysnative\ntshrui.dll 2014-04-11 15:59:49 39C288E39B7B02614F997FB2077575ED 244848 ----a-w- C:\WINDOWS\Sysnative\sppwinob.dll 2014-04-11 15:59:48 E804E9734A493A01316F209BA99F1F48 136192 ----a-w- C:\WINDOWS\Sysnative\psmsrv.dll 2014-04-11 15:59:48 C22EDA808C009EA235356B983D1A031E 1185280 ----a-w- C:\WINDOWS\Sysnative\printui.dll 2014-04-11 15:59:48 5762739795A3CA941E4C07E601073BAA 761792 ----a-w- C:\WINDOWS\Sysnative\iuilp.dll 2014-04-11 15:59:48 375AEB31780A494920ABCBEA2E631A23 747008 ----a-w- C:\WINDOWS\Sysnative\wlidcli.dll 2014-04-11 15:59:48 30EC406493F585A43BC3F6E813E266A7 196096 ----a-w- C:\WINDOWS\Sysnative\WSClient.dll 2014-04-11 15:59:47 E084D7E544D71D23E83F23CD6B0E5E46 245248 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.Vpn.dll 2014-04-11 15:59:47 B1C2856F8199A9386C22E8325BC34D87 156672 ----a-w- C:\WINDOWS\Sysnative\slc.dll 2014-04-11 15:59:47 91F8F05881459330D83259A070D3642E 275456 ----a-w- C:\WINDOWS\Sysnative\Dism.exe 2014-04-11 15:59:47 725E3C8A4B420BD26FD002485FA463A9 690688 ----a-w- C:\WINDOWS\Sysnative\MrmIndexer.dll 2014-04-11 15:59:47 5D84CD163C267D056D4709B42FAE3D88 359936 ----a-w- C:\WINDOWS\Sysnative\vmrdvcore.dll 2014-04-11 15:59:47 0F17D49BE041B7EFF1D33BF1414E7AC6 208896 ----a-w- C:\WINDOWS\Sysnative\aelupsvc.dll 2014-04-11 15:59:46 C88774D3BC1A61C57C5B02AE407FD1E0 546304 ----a-w- C:\WINDOWS\Sysnative\AppxPackaging.dll 2014-04-11 15:59:46 8FE82BF3C091D0B1387A0081DAF4D234 912384 ----a-w- C:\WINDOWS\Sysnative\nettrace.dll 2014-04-11 15:59:46 7FF1EBF5A376F5B17421E6868F353627 609792 ----a-w- C:\WINDOWS\Sysnative\pnidui.dll 2014-04-11 15:59:45 92F1E8ED4CF283A6710CD530DE7E813B 324896 ----a-w- C:\WINDOWS\Sysnative\MFCaptureEngine.dll 2014-04-11 15:59:45 8C569B429D897647A26A83D9901D3225 152064 ----a-w- C:\WINDOWS\Sysnative\dwmredir.dll 2014-04-11 15:59:45 58C11DCCC6241CC13861A559E31A69F0 1311744 ----a-w- C:\WINDOWS\Sysnative\gpsvc.dll 2014-04-11 15:59:44 F6701835ECF0E4C9E69D804E78D8CE7B 1008640 ----a-w- C:\WINDOWS\Sysnative\WlanMM.dll 2014-04-11 15:59:44 F26EF8EB298CD2BE8A2F6B9BACA3EEF3 505344 ----a-w- C:\WINDOWS\Sysnative\VAN.dll 2014-04-11 15:59:44 ED3387CE1F9F848A3F3BAA3FCE86E315 388096 ----a-w- C:\WINDOWS\Sysnative\ninput.dll 2014-04-11 15:59:44 D795DDEE95839688808E5A74DC0D540D 834048 ----a-w- C:\WINDOWS\Sysnative\osk.exe 2014-04-11 15:59:44 8CF4AE81A247E1F6103FD1635C8816AF 232448 ----a-w- C:\WINDOWS\Sysnative\InputSwitch.dll 2014-04-11 15:59:43 DE6533132FC2BD8A2ED5D370D41CBED3 2288640 ----a-w- C:\WINDOWS\Sysnative\SyncCenter.dll 2014-04-11 15:59:43 7E5DC7317E51FA61E1A7C4A93162D3AE 249856 ----a-w- C:\WINDOWS\Sysnative\rascustom.dll 2014-04-11 15:59:43 78089FCDE082FD4FA471C30A7C2DC736 449024 ----a-w- C:\WINDOWS\Sysnative\defragsvc.dll 2014-04-11 15:59:43 3CA1EE5BE6C9D92DD672FC5A09E17AE2 356864 ----a-w- C:\WINDOWS\Sysnative\conhost.exe 2014-04-11 15:59:43 1A74CE3B49A227D0189712D9886D7772 275456 ----a-w- C:\WINDOWS\Sysnative\authz.dll 2014-04-11 15:59:43 183360914EFC9D25E2A13D335D5E9EB8 469504 ----a-w- C:\WINDOWS\Sysnative\taskeng.exe 2014-04-11 15:59:42 8B0199094F3309D098B5A58EF1304C0C 123448 ----a-w- C:\WINDOWS\Sysnative\dwmapi.dll 2014-04-11 15:59:42 82BCCF5FBE47AC9E8CBA2020994DFB3F 107008 ----a-w- C:\WINDOWS\Sysnative\wersvc.dll 2014-04-11 15:59:42 7A726EAF0D7592217936200997C43965 615936 ----a-w- C:\WINDOWS\Sysnative\rdbui.dll 2014-04-11 15:59:42 629152E8745B63E63978FD1848ABC7AE 286720 ----a-w- C:\WINDOWS\Sysnative\wlidcredprov.dll 2014-04-11 15:59:42 59D079196F554E01CA59F52EFA117CB4 2862592 ----a-w- C:\WINDOWS\Sysnative\themeui.dll 2014-04-11 15:59:42 59999ECDA967B076FD2836D955D55F9A 258784 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsAdminFlows.exe 2014-04-11 15:59:42 4BA57ED44973409C15406EE0CAD58778 289752 ----a-w- C:\WINDOWS\Sysnative\sqmapi.dll 2014-04-11 15:59:42 2203F8DA390024C0EEF00DB8472C534D 105864 ----a-w- C:\WINDOWS\Sysnative\ncryptsslp.dll 2014-04-11 15:59:42 12A7999B64CB4F89B422B759369E1FCE 290816 ----a-w- C:\WINDOWS\Sysnative\mdmregistration.dll 2014-04-11 15:59:41 9FB865E91832AC1CFF43A00351821C39 210736 ----a-w- C:\WINDOWS\Sysnative\SndVol.exe 2014-04-11 15:59:41 61692DB39AD3DF2F29392D68EAA7BB93 1543680 ----a-w- C:\WINDOWS\Sysnative\wbengine.exe 2014-04-11 15:59:41 01AE2AC5A32158EC6D568B5C5C1EB7B9 3596800 ----a-w- C:\WINDOWS\Sysnative\rdpcore.dll 2014-04-11 15:59:40 812F9BECC3D67371B4B6A41E09E1AEFE 559104 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.Connectivity.dll 2014-04-11 15:59:40 50C869BBB4D1441C0E9760FB3830B241 140800 ----a-w- C:\WINDOWS\Sysnative\SkyDriveShell.dll 2014-04-11 15:59:40 3502E308FEF4C45D16BB795AA598BBAC 453120 ----a-w- C:\WINDOWS\Sysnative\dxtmsft.dll 2014-04-11 15:59:39 F56ACDD6374CAFC64E8339D387CB70E4 152848 ----a-w- C:\WINDOWS\Sysnative\bcrypt.dll 2014-04-11 15:59:39 C1D7228D5743995256A17D8225FDC704 123904 ----a-w- C:\WINDOWS\Sysnative\sppc.dll 2014-04-11 15:59:38 DA7855E0898381621FC4114684DA0FFE 483840 ----a-w- C:\WINDOWS\Sysnative\WLanConn.dll 2014-04-11 15:59:38 CCF57046826C605CC8782D85225A77AF 164352 ----a-w- C:\WINDOWS\Sysnative\wscinterop.dll 2014-04-11 15:59:38 B43A08ADE0AB5546F9129B0D10C1C6D9 1144320 ----a-w- C:\WINDOWS\Sysnative\wwanmm.dll 2014-04-11 15:59:38 8188CB2B8EB82BF56D10E40994860B6B 14848 ----a-w- C:\WINDOWS\Sysnative\clrhost.dll 2014-04-11 15:59:38 62EA9ABDC92E731DD031035639B80938 233472 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.HumanInterfaceDevice.dll 2014-04-11 15:59:38 311AAEFABEDB1FA343DDD8322C290378 591872 ----a-w- C:\WINDOWS\Sysnative\aepdu.dll 2014-04-11 15:59:38 2ED38EE952E6E02678237FE22C6EE581 512000 ----a-w- C:\WINDOWS\Sysnative\wimserv.exe 2014-04-11 15:59:38 1470D84723018488F2A51138FB94BA9A 196608 ----a-w- C:\WINDOWS\Sysnative\PkgMgr.exe 2014-04-11 15:59:37 FE9C4A3BDD3F5EA5B93D88CCA73DBE8B 245248 ----a-w- C:\WINDOWS\Sysnative\microsoft-windows-system-events.dll 2014-04-11 15:59:37 FCD3596AC11042A543CF54294A54B579 2706432 ----a-w- C:\WINDOWS\Sysnative\gameux.dll 2014-04-11 15:59:37 921F7B5C082491E54E98FB108F15C824 32088 ----a-w- C:\WINDOWS\Sysnative\ploptin.dll 2014-04-11 15:59:37 79F0B9A95376C8F0CD8CFD67FFBA94D5 797696 ----a-w- C:\WINDOWS\Sysnative\PurchaseWindowsLicense.dll 2014-04-11 15:59:36 F9D54CA2C64D660292E87EE66BD49CD5 693248 ----a-w- C:\WINDOWS\Sysnative\fhcfg.dll 2014-04-11 15:59:36 615BC7FA7AA1F97C4FD14F38B6C8FF56 722432 ----a-w- C:\WINDOWS\Sysnative\WindowsAnytimeUpgradeui.exe 2014-04-11 15:59:36 3711306C8D1A859351D735D93090C1C0 83120 ----a-w- C:\WINDOWS\Sysnative\taskhost.exe 2014-04-11 15:59:36 2E3340A90140E1F0965DAD96C5B28A41 109568 ----a-w- C:\WINDOWS\Sysnative\dwm.exe 2014-04-11 15:59:36 00DD4D2ACC2E72155A8AAA82018BEC0D 193024 ----a-w- C:\WINDOWS\Sysnative\winsrv.dll 2014-04-11 15:59:35 9371F0B982A5ECCABE5DB9266C6D447A 170952 ----a-w- C:\WINDOWS\Sysnative\wscapi.dll 2014-04-11 15:59:35 88060469AFD9DE814CAAF497922D3910 139464 ----a-w- C:\WINDOWS\Sysnative\wermgr.exe 2014-04-11 15:59:35 81B25C0252AB25C6ABDCE596A8112802 935424 ----a-w- C:\WINDOWS\Sysnative\rasgcw.dll 2014-04-11 15:59:35 77BA0D87906CC2D86588D89A75372EC7 104448 ----a-w- C:\WINDOWS\Sysnative\WiFiDisplay.dll 2014-04-11 15:59:35 515583507D3828E827FF6352C9ACCEFA 134144 ----a-w- C:\WINDOWS\Sysnative\wscsvc.dll 2014-04-11 15:59:35 3849F7FD5BDE8EFE8EBB673CA8DD36F0 273408 ----a-w- C:\WINDOWS\Sysnative\dmdskmgr.dll 2014-04-11 15:59:34 D3EC1112BE0E06ED94308A7B97C929EF 350720 ----a-w- C:\WINDOWS\Sysnative\srchadmin.dll 2014-04-11 15:59:33 D8564418BAC13776E43DB5F6B4FA775E 142576 ----a-w- C:\WINDOWS\Sysnative\smss.exe 2014-04-11 15:59:33 766B12FB02BD1E5D0BBA9488E091EE6D 316416 ----a-w- C:\WINDOWS\Sysnative\BioCredProv.dll 2014-04-11 15:59:33 73CCAD0503D2AE86E9AAC08E99B7761B 432640 ----a-w- C:\WINDOWS\Sysnative\wwanconn.dll 2014-04-11 15:59:33 1C3A8E71F3648A2A82F97B0316F9B167 376320 ----a-w- C:\WINDOWS\Sysnative\wsqmcons.exe 2014-04-11 15:59:32 FCEBE292E567C313E81CA112DD55B56A 236544 ----a-w- C:\WINDOWS\Sysnative\vdsbas.dll 2014-04-11 15:59:32 C4D32A2A0032C65587993E637F2B78F6 108032 ----a-w- C:\WINDOWS\Sysnative\AltTab.dll 2014-04-11 15:59:32 B7B3D612C5D6749814FA0CDE8C8E4202 510976 ----a-w- C:\WINDOWS\Sysnative\timedate.cpl 2014-04-11 15:59:32 AB6ADF3E3B774A1CF3FA83DB1A4D45DF 226304 ----a-w- C:\WINDOWS\Sysnative\SndVolSSO.dll 2014-04-11 15:59:32 9CF60747CA286C65255BC7E1546C87EB 188464 ----a-w- C:\WINDOWS\Sysnative\systemreset.exe 2014-04-11 15:59:32 7E3B7FB5C09804CEEEBA232940A484B4 322048 ----a-w- C:\WINDOWS\Sysnative\fhcpl.dll 2014-04-11 15:59:32 73F7354D8E4EA674FB93D9AD67EDBB02 463872 ----a-w- C:\WINDOWS\Sysnative\RASMM.dll 2014-04-11 15:59:32 4983684E2DDB7B617AA8EA94E037360F 209160 ----a-w- C:\WINDOWS\Sysnative\imm32.dll 2014-04-11 15:59:32 31652454F3A5150F401E1DE4D857698B 208896 ----a-w- C:\WINDOWS\Sysnative\PlayToManager.dll 2014-04-11 15:59:31 FF48213516573E515185F3E03ED9DAFC 194560 ----a-w- C:\WINDOWS\Sysnative\SearchFilterHost.exe 2014-04-11 15:59:31 EE587980B94E521D812D755C21BC7E87 135168 ----a-w- C:\WINDOWS\Sysnative\fsutil.exe 2014-04-11 15:59:31 DD6BF469816E35DB19489D6722B98A7B 296960 ----a-w- C:\WINDOWS\Sysnative\dxtrans.dll 2014-04-11 15:59:31 B892C2FE3190255AA3E1082ACF92C0CF 397824 ----a-w- C:\WINDOWS\Sysnative\sharemediacpl.dll 2014-04-11 15:59:31 93664065662467289E77F0982FA61D37 615936 ----a-w- C:\WINDOWS\Sysnative\WSDApi.dll 2014-04-11 15:59:31 8F387C2C99EE09C6E2AC316205F86A17 399872 ----a-w- C:\WINDOWS\Sysnative\das.dll 2014-04-11 15:59:31 6C7D8104433471A5252624DF470C109A 43408 ----a-w- C:\WINDOWS\Sysnative\CloudNotifications.exe 2014-04-11 15:59:31 498146AA5B4E08AE00B13C1BC2636B6F 135168 ----a-w- C:\WINDOWS\Sysnative\netid.dll 2014-04-11 15:59:31 1D8303D3ED5F8C403984A8820E5E599A 80048 ----a-w- C:\WINDOWS\Sysnative\taskhostex.exe 2014-04-11 15:59:30 8897583230ADFF2A002F00B45D82310A 660480 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Bluetooth.dll 2014-04-11 15:59:30 605E304B8A09FA8A71685F9B674A134F 897024 ----a-w- C:\WINDOWS\Sysnative\sdclt.exe 2014-04-11 15:59:30 5B6EAF5BBB526E2B042016A1F061AC4D 132608 ----a-w- C:\WINDOWS\Sysnative\mssprxy.dll 2014-04-11 15:59:30 03044D5F8F2537FEDA81A29B1A8DD8CC 619520 ----a-w- C:\WINDOWS\Sysnative\UserLanguagesCpl.dll 2014-04-11 15:59:29 F77C9F8A5F926CC77B41C45DB5ACAA26 95744 ----a-w- C:\WINDOWS\Sysnative\aepic.dll 2014-04-11 15:59:29 F0D97FD22EBEE3994F9F4D83ADFC1273 307712 ----a-w- C:\WINDOWS\Sysnative\wusa.exe 2014-04-11 15:59:29 E3203EC9AAE6A5675A7C051A49002AD1 331264 ----a-w- C:\WINDOWS\Sysnative\newdev.dll 2014-04-11 15:59:29 833D2DE53608A1C5B9DD71C867718448 275312 ----a-w- C:\WINDOWS\Sysnative\powrprof.dll 2014-04-11 15:59:29 6BBAE8197E8CC8D0504703D05500B2C1 432640 ----a-w- C:\WINDOWS\Sysnative\zipfldr.dll 2014-04-11 15:59:29 6B3F9F4A507F645DE6F504E998EDA2EA 173056 ----a-w- C:\WINDOWS\Sysnative\dmvdsitf.dll 2014-04-11 15:59:28 E3EF58D4123B5AA29C8E19825AF84A5E 1283584 ----a-w- C:\WINDOWS\Sysnative\vds.exe 2014-04-11 15:59:28 D04D884242F02CC02E9264A4DBF532DB 413184 ----a-w- C:\WINDOWS\Sysnative\wow64win.dll 2014-04-11 15:59:28 CDF5DDB3F917546C3955C4F6AE0D0446 32544 ----a-w- C:\WINDOWS\Sysnative\UserAccountBroker.exe 2014-04-11 15:59:28 9920143F48EC5B2A823E19B8FAABA8C4 101216 ----a-w- C:\WINDOWS\Sysnative\RestoreOptIn.exe 2014-04-11 15:59:28 92A481F0E8971A4FDF571A1E4406B3C7 488960 ----a-w- C:\WINDOWS\Sysnative\winspool.drv 2014-04-11 15:59:28 8D6F535461F6CFF75A8ADDF83024C904 109568 ----a-w- C:\WINDOWS\Sysnative\appinfo.dll 2014-04-11 15:59:28 8AA7BFEE4586865C86C145DF3EEBFA5E 444416 ----a-w- C:\WINDOWS\Sysnative\spwizeng.dll 2014-04-11 15:59:28 2C4A4FD0E89C56673E31B1802097A288 123904 ----a-w- C:\WINDOWS\Sysnative\LockScreenContent.dll 2014-04-11 15:59:28 23D1FCFDDD105C4D3146FA025C8CA2F6 336384 ----a-w- C:\WINDOWS\Sysnative\MbaeApiPublic.dll 2014-04-11 15:59:28 1EA5BDB37498D5E317920822648A2B49 128512 ----a-w- C:\WINDOWS\Sysnative\microsoft-windows-kernel-power-events.dll 2014-04-11 15:59:27 5CF3AEA2734E55D9A7E0F9486F050422 155648 ----a-w- C:\WINDOWS\Sysnative\MicrosoftAccountTokenProvider.dll 2014-04-11 15:59:27 4A42BFC345A0CED7B6E0F596283BA118 52736 ----a-w- C:\WINDOWS\Sysnative\AppxSysprep.dll 2014-04-11 15:59:27 3F309BCE152FDA40C758B09771310C2D 141824 ----a-w- C:\WINDOWS\Sysnative\dot3mm.dll 2014-04-11 15:59:27 14CF2EAFCFA0BDC736BFDA130BD95EB2 94560 ----a-w- C:\WINDOWS\Sysnative\bcd.dll 2014-04-11 15:59:26 F85CF4F2AF6CB0CEF87DEF945470C870 3312128 ----a-w- C:\WINDOWS\Sysnative\bootux.dll 2014-04-11 15:59:26 E2DB5CE06004F63E7CF70359CEEA4025 250880 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2014-04-11 15:59:26 9DD92A162E24854B3151750954BF678D 70656 ----a-w- C:\WINDOWS\Sysnative\srclient.dll 2014-04-11 15:59:26 6B0FDFE751F24F1EFCA68E574227180E 112640 ----a-w- C:\WINDOWS\Sysnative\DAMM.dll 2014-04-11 15:59:26 254D664FE36D7F68C870BAF372E360ED 131168 ----a-w- C:\WINDOWS\Sysnative\easinvoker.exe 2014-04-11 15:59:25 B8C9BC3542EDA9DB99B95543555877BC 110592 ----a-w- C:\WINDOWS\Sysnative\samlib.dll 2014-04-11 15:59:24 DC679AA88F833B86B226F0BA05F229C3 216576 ----a-w- C:\WINDOWS\Sysnative\cleanmgr.exe 2014-04-11 15:59:24 5C7B86EE33505E36026AFAAB62DA6364 534528 ----a-w- C:\WINDOWS\Sysnative\rasmans.dll 2014-04-11 15:59:24 3046F6548AFAEEC4671A987685919D33 162176 ----a-w- C:\WINDOWS\Sysnative\AuthHost.exe 2014-04-11 15:59:24 1E7A0C5514BCE7306FAF1EC2F282C1CA 191488 ----a-w- C:\WINDOWS\Sysnative\rpchttp.dll 2014-04-11 15:59:24 1A4DA1D6287B99033D144B436C23B656 405504 ----a-w- C:\WINDOWS\Sysnative\provsvc.dll 2014-04-11 15:59:23 F299BD172B73C6D0E50E6CB6ADC9020C 184320 ----a-w- C:\WINDOWS\Sysnative\deviceaccess.dll 2014-04-11 15:59:23 8C726499602B715ACABFBD96FDFF8362 177664 ----a-w- C:\WINDOWS\Sysnative\easwrt.dll 2014-04-11 15:59:23 87C750D1E9CC44D0EC47C6B799F41CEB 36200 ----a-w- C:\WINDOWS\Sysnative\WerFaultSecure.exe 2014-04-11 15:59:23 6FD7B481607E6D8361D10FBAC11FB6DA 203264 ----a-w- C:\WINDOWS\Sysnative\netiohlp.dll 2014-04-11 15:59:23 3EF272C510EF337772BF994875FDD4E3 182272 ----a-w- C:\WINDOWS\Sysnative\korwbrkr.dll 2014-04-11 15:59:22 80429413A20D67E08207AD73DFE8EEF4 467456 ----a-w- C:\WINDOWS\Sysnative\srcore.dll 2014-04-11 15:59:21 FCF83E61ECD7D9CE7CCD7F28F9D8342D 38400 ----a-w- C:\WINDOWS\Sysnative\JavaScriptCollectionAgent.dll 2014-04-11 15:59:21 D7CE0CB807892C06EB03FC5B28E04D53 167424 ----a-w- C:\WINDOWS\Sysnative\netplwiz.dll 2014-04-11 15:59:21 89421C10560D60B563D62E3D647601EF 128512 ----a-w- C:\WINDOWS\Sysnative\CloudStorageWizard.exe 2014-04-11 15:59:21 883B5FE0605EF11BCF90B0117AEBBA07 102912 ----a-w- C:\WINDOWS\Sysnative\wcmcsp.dll 2014-04-11 15:59:21 7FFA7836A7268ED8470A02F08B4A84E3 214016 ----a-w- C:\WINDOWS\Sysnative\scrobj.dll 2014-04-11 15:59:21 4957B27219515B93A508B91068B87BF5 1436160 ----a-w- C:\WINDOWS\Sysnative\VSSVC.exe 2014-04-11 15:59:21 434CB271E2A815CCBD437C7AD1BB53C8 53248 ----a-w- C:\WINDOWS\Sysnative\acppage.dll 2014-04-11 15:59:21 23065815C35146F455985878E0FEA1A8 124416 ----a-w- C:\WINDOWS\Sysnative\AuthBroker.dll 2014-04-11 15:59:20 A540959E7BF78079C1F1D197BF7E22AE 15872 ----a-w- C:\WINDOWS\Sysnative\slpts.dll 2014-04-11 15:59:20 9AB9CD13EA34BDD31EE03DCADD3FCEBA 902144 ----a-w- C:\WINDOWS\Sysnative\autoconv.exe 2014-04-11 15:59:20 7FB2433AD4F18556CAB45092AF621FA2 198656 ----a-w- C:\WINDOWS\Sysnative\wpnprv.dll 2014-04-11 15:59:20 61E9834E1CA04DB74F0053BD8AE67BFC 36352 ----a-w- C:\WINDOWS\Sysnative\winbrand.dll 2014-04-11 15:59:20 49A5228F730EEA60A01BB34D1A427239 283136 ----a-w- C:\WINDOWS\Sysnative\wbadmin.exe 2014-04-11 15:59:20 3DBC108B5D6D2E1CAA774139955D7CFF 137728 ----a-w- C:\WINDOWS\Sysnative\wuwebv.dll 2014-04-11 15:59:20 22C4A7BCD36100D1655A1CD72327A40D 349696 ----a-w- C:\WINDOWS\Sysnative\bcdedit.exe 2014-04-11 15:59:20 12E734CC38BF7B48E0D68139C0484D8D 38680 ----a-w- C:\WINDOWS\Sysnative\LockScreenContentServer.exe 2014-04-11 15:59:20 081EFB3179E58A757115D129E9DB4631 1152512 ----a-w- C:\WINDOWS\Sysnative\wscui.cpl 2014-04-11 15:59:19 A15E84CB08C697477EAAD8C9344E5DB5 143872 ----a-w- C:\WINDOWS\Sysnative\BootMenuUX.dll 2014-04-11 15:59:19 9CEC771F2C6882E54C8B4049167B65AB 165376 ----a-w- C:\WINDOWS\Sysnative\bcdboot.exe 2014-04-11 15:59:19 80A6E162B5C556E414DE5A02DF11CFD2 148992 ----a-w- C:\WINDOWS\Sysnative\sppnp.dll 2014-04-11 15:59:19 7A47BC7C0743A5A05CC29E87743FBCDA 545280 ----a-w- C:\WINDOWS\Sysnative\untfs.dll 2014-04-11 15:59:19 76C3A3F212D8ABE96B0B4BDA2A67F66F 74752 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.Sockets.PushEnabledApplication.dll 2014-04-11 15:59:19 64DBE5C403B603164AD8FDDFD7CFF8B6 27480 ----a-w- C:\WINDOWS\Sysnative\SysResetErr.exe 2014-04-11 15:59:19 62ACCCAD775B64D2BFC3EB3F574CACFA 28416 ----a-w- C:\WINDOWS\Sysnative\mfpmp.exe 2014-04-11 15:59:19 424C9777CB8507A6358BC142B7917143 874496 ----a-w- C:\WINDOWS\Sysnative\autofmt.exe 2014-04-11 15:59:19 3BC1D1D56637A32CD91C8AE08E2484AA 453632 ----a-w- C:\WINDOWS\Sysnative\wbiosrvc.dll 2014-04-11 15:59:19 387A1E98BE548E4F199343CBA01E9D6D 890880 ----a-w- C:\WINDOWS\Sysnative\autochk.exe 2014-04-11 15:59:19 1DEFAA7CE8C496D63EDE8AB7FD8DCB6E 610304 ----a-w- C:\WINDOWS\Sysnative\sud.dll 2014-04-11 15:59:19 09E9F7679FD338DC6DDDF96F4C613E74 69632 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Renewal.dll 2014-04-11 15:59:18 E337D5898804BC8EAC8CC7FD31CAAD46 68096 ----a-w- C:\WINDOWS\Sysnative\setbcdlocale.dll 2014-04-11 15:59:18 BF4C09EB631C466FDF5E011CAE8B565E 93696 ----a-w- C:\WINDOWS\Sysnative\wudriver.dll 2014-04-11 15:59:18 A8A7758F4E4043D48A75BD61F0FD5E70 127488 ----a-w- C:\WINDOWS\Sysnative\migisol.dll 2014-04-11 15:59:18 6C9659E72326A34E9CED71E166F1616B 51200 ----a-w- C:\WINDOWS\Sysnative\DAConn.dll 2014-04-11 15:59:18 646B7DD5DA46CAB6F48A35BA2786B41A 71680 ----a-w- C:\WINDOWS\Sysnative\fhevents.dll 2014-04-11 15:59:18 42DAF0C2C4461D4611ED271A8694E20A 82944 ----a-w- C:\WINDOWS\Sysnative\spbcd.dll 2014-04-11 15:59:17 F217D2868BF46B4DFE1A7A410CB236BB 148992 ----a-w- C:\WINDOWS\Sysnative\cscript.exe 2014-04-11 15:59:17 E2936E745B84FB5B631E1CB0BCA9B71B 92160 ----a-w- C:\WINDOWS\Sysnative\WindowsAnytimeUpgradeResults.exe 2014-04-11 15:59:17 DEEAC72E46070C4F8D3905174A23E3BF 130048 ----a-w- C:\WINDOWS\Sysnative\vdsutil.dll 2014-04-11 15:59:17 C33D905BF1738C54560F09ED8AC47023 95744 ----a-w- C:\WINDOWS\Sysnative\IdCtrls.dll 2014-04-11 15:59:17 7D4688ECFA4F61023A23B50F17AB5689 94720 ----a-w- C:\WINDOWS\Sysnative\spcompat.dll 2014-04-11 15:59:17 7AA2C803C0D6A07085843D5F6C9E99F2 92672 ----a-w- C:\WINDOWS\Sysnative\dafBth.dll 2014-04-11 15:59:17 48385DE15FCE72342DAC5A6AC518AB7E 68096 ----a-w- C:\WINDOWS\Sysnative\UXInit.dll 2014-04-11 15:59:16 EC3CD12410AF8B5DC881BF323423C3F6 188416 ----a-w- C:\WINDOWS\Sysnative\WindowsAnytimeUpgrade.exe 2014-04-11 15:59:16 4DAFE3D3D45F9D487BD6C57B7C76FC88 18432 ----a-w- C:\WINDOWS\Sysnative\energytask.dll 2014-04-11 15:59:16 119E0F7A71775A5CFB208B036ECE35E1 2255 ----a-w- C:\WINDOWS\Sysnative\WimBootCompress.ini 2014-04-11 15:59:16 0205D31F27DFB30E7192FFAF6EE4C8A7 146944 ----a-w- C:\WINDOWS\Sysnative\diskpart.exe 2014-04-11 15:59:15 B867E81F7A7FD95AC894584B9EB10480 173056 ----a-w- C:\WINDOWS\Sysnative\werui.dll 2014-04-11 15:59:15 2146E40FDBA2FE1E466BE59D3FE2601C 79872 ----a-w- C:\WINDOWS\Sysnative\powercfg.exe 2014-04-11 15:59:15 07BBF5F2DF029275C4A2CB16B381133D 385024 ----a-w- C:\WINDOWS\Sysnative\devinv.dll 2014-04-11 15:59:14 CBC4C3820ACED29A1A772EC6CCF6CD17 116736 ----a-w- C:\WINDOWS\Sysnative\pnpclean.dll 2014-04-11 15:59:14 C5784EFEEADA38050706FF368B6DD21F 38400 ----a-w- C:\WINDOWS\Sysnative\deviceassociation.dll 2014-04-11 15:59:14 999C18D37BD4FDEE9A074583F7818FFB 271872 ----a-w- C:\WINDOWS\Sysnative\rstrui.exe 2014-04-11 15:59:14 5B374F8F32C61364AF287165B5B60589 156672 ----a-w- C:\WINDOWS\Sysnative\RelPost.exe 2014-04-11 15:59:14 0512FCA695595018A289C032A409EA64 155136 ----a-w- C:\WINDOWS\Sysnative\SettingMonitor.dll 2014-04-11 15:59:13 F29E3F32935AE2146B21CBFDD916CFF5 35840 ----a-w- C:\WINDOWS\Sysnative\wuapp.exe 2014-04-11 15:59:13 B3FDE405C043BE9AA9193D1430FE7418 25088 ----a-w- C:\WINDOWS\Sysnative\ReAgentc.exe 2014-04-11 15:59:13 93B934AE4F812AECBA5254DBB07B29DA 248832 ----a-w- C:\WINDOWS\Sysnative\srrstr.dll 2014-04-11 15:59:13 8CFA00C8103F9132990CEF8B655EA666 269312 ----a-w- C:\WINDOWS\Sysnative\PlayToDevice.dll 2014-04-11 15:59:13 76B7BB05C1BCC11C69162FB7C2CE8901 92160 ----a-w- C:\WINDOWS\Sysnative\dasHost.exe 2014-04-11 15:59:13 28EE7EA21F969D7AA096DFD751E5F2CD 60416 ----a-w- C:\WINDOWS\Sysnative\offreg.dll 2014-04-11 15:59:12 CD05BEF06D01444E3AE4145FA18D5538 468480 ----a-w- C:\WINDOWS\Sysnative\SystemSettings.Handlers.dll 2014-04-11 15:59:12 B117A586AF354814BA3BF653A8DBBEBB 13824 ----a-w- C:\WINDOWS\Sysnative\msshooks.dll 2014-04-11 15:59:12 A221A2982E9FF3360FA6F0292C080519 56320 ----a-w- C:\WINDOWS\Sysnative\mf3216.dll 2014-04-11 15:59:12 962D2CB61A17AE290D2ABDDEA39D2BD7 575488 ----a-w- C:\WINDOWS\Sysnative\dfrgui.exe 2014-04-11 15:59:12 6523161D8468E0C685EC04DD32BAC18B 224256 ----a-w- C:\WINDOWS\Sysnative\ActionQueue.dll 2014-04-11 15:59:12 5DB4DFF11E4B8EE396237FD717498643 299008 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll 2014-04-11 15:59:12 29CAE508CE19CFE9EBCBCDDA43DD1F94 54272 ----a-w- C:\WINDOWS\Sysnative\wups.dll 2014-04-11 15:59:11 959534ACF085C137D2D094384EF89C45 81408 ----a-w- C:\WINDOWS\Sysnative\wercplsupport.dll 2014-04-11 15:59:11 7D2E7D61830872279617C8030FE71FC1 316416 ----a-w- C:\WINDOWS\Sysnative\winsku.dll 2014-04-11 15:59:11 77D31321788337630FFA15D40FBB2FAA 589312 ----a-w- C:\WINDOWS\Sysnative\vdsdyn.dll 2014-04-11 15:59:11 562A3AB5CC3CA265D0C213B2B2D3B2E4 145408 ----a-w- C:\WINDOWS\Sysnative\wshom.ocx 2014-04-11 15:59:11 32890534D93EAAB2DD048E30A99F2F70 57344 ----a-w- C:\WINDOWS\Sysnative\SrTasks.exe 2014-04-11 15:59:11 09CBB2EE26F9273FB3163DC939FB1C65 41472 ----a-w- C:\WINDOWS\Sysnative\f3ahvoas.dll 2014-04-11 15:59:10 F7041B2A7CA6CF4AE84DBFDA5A528865 183808 ----a-w- C:\WINDOWS\Sysnative\Defrag.exe 2014-04-11 15:59:10 DBB297B0850F160AA635F37D1210F216 504832 ----a-w- C:\WINDOWS\Sysnative\DevicePairing.dll 2014-04-11 15:59:10 CEA27892349131C8705F88D24B65A8E6 27136 ----a-w- C:\WINDOWS\Sysnative\LockScreenContentHost.dll 2014-04-11 15:59:10 BA47711E618A43B6464F354483E91E40 2566656 ----a-w- C:\WINDOWS\Sysnative\themecpl.dll 2014-04-11 15:59:10 817005B17E25BD6E2369635D5A33DA51 55296 ----a-w- C:\WINDOWS\Sysnative\AepRoam.dll 2014-04-11 15:59:09 AE279702A8549E0EB2008501AEE4A9F2 112640 ----a-w- C:\WINDOWS\Sysnative\scavengeui.dll 2014-04-11 15:59:09 58B1CE1AF4B629F92639D0E502508AAC 59392 ----a-w- C:\WINDOWS\Sysnative\ConfigureExpandedStorage.dll 2014-04-11 15:59:08 98A755F17458A425CCE6389346BA6540 355328 ----a-w- C:\WINDOWS\Sysnative\wincorlib.dll 2014-04-11 15:59:07 2C96BD8FF43C76E306AEAB8F5AA5271C 76288 ----a-w- C:\WINDOWS\Sysnative\BulkOperationHost.exe 2014-04-11 15:59:06 C6D2D89195A236DA1FB6717628EB4DC8 84992 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll 2014-04-11 15:59:06 AACECE80A24B309935DF4023F25C129E 30208 ----a-w- C:\WINDOWS\Sysnative\SettingSyncPolicy.dll 2014-04-11 15:59:06 663FFD3EACC593EA1AC809114BE5CBDC 761856 ----a-w- C:\WINDOWS\Sysnative\WorkfoldersControl.dll 2014-04-11 15:59:06 2BE71A590E07E855B1ACEA857ECA1FB8 173568 ----a-w- C:\WINDOWS\Sysnative\syncui.dll 2014-04-11 15:59:06 1F90F231C1E2B6D19B3A7C10BBF2B42F 220160 ----a-w- C:\WINDOWS\Sysnative\wmpdxm.dll 2014-04-11 15:59:05 F1DB86EA935C13CDFF27AB957297136A 7762 ----a-w- C:\WINDOWS\Sysnative\connectedsearch-suggestions.searchconnector-ms 2014-04-11 15:59:05 E267BC3EEF80CC447680593038D10B0B 156160 ----a-w- C:\WINDOWS\Sysnative\aitagent.exe 2014-04-11 15:59:05 DE461B86C05946D10E519F512D09E389 100197 ----a-w- C:\WINDOWS\Sysnative\RacRules.xml 2014-04-11 15:59:05 BEDB85FBE0B6577A2A46866DE398D9A3 323584 ----a-w- C:\WINDOWS\Sysnative\GlobCollationHost.dll 2014-04-11 15:59:05 735AB5AF130DD05B7CAD21EB8898B10A 71680 ----a-w- C:\WINDOWS\Sysnative\StorageContextHandler.dll 2014-04-11 15:59:05 570C0052EAF82BA7C4D95EA04201F7D2 162816 ----a-w- C:\WINDOWS\Sysnative\ocsetapi.dll 2014-04-11 15:59:05 499CFCE4CCA7CC4D3FA07251C86A8641 5632 ---ha-w- C:\WINDOWS\Sysnative\ext-ms-win-session-winsta-l1-1-0.dll 2014-04-11 15:59:05 1FDF29F970E2E843B4DC5D0626D0EDD5 7130 ----a-w- C:\WINDOWS\Sysnative\connectedsearch-zeroinput.searchconnector-ms 2014-04-11 15:59:04 9F6F3B62C502F35153E3837E219DC841 113152 ----a-w- C:\WINDOWS\Sysnative\shsetup.dll 2014-04-11 15:59:04 9D6F2CDA0D23E1494C55E7ABB0FB35BC 39936 ----a-w- C:\WINDOWS\Sysnative\dataclen.dll 2014-04-11 15:59:04 19A6B3C62F673903C75B46279C20E10B 3584 ---ha-w- C:\WINDOWS\Sysnative\ext-ms-win-kernel32-package-l1-1-1.dll 2014-04-11 15:59:03 FA89BD2A29A00016E248D14EBAA421C3 6144 ----a-w- C:\WINDOWS\Sysnative\msdxm.ocx 2014-04-11 15:59:03 FA89BD2A29A00016E248D14EBAA421C3 6144 ----a-w- C:\WINDOWS\Sysnative\dxmasf.dll 2014-04-11 15:59:03 EA3E41DCEA0F503073CBCE9C3A166DD1 147968 ----a-w- C:\WINDOWS\Sysnative\occache.dll 2014-04-11 15:59:03 831554BF01444B50E489315ABADC12D2 527360 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2014-04-11 15:59:03 7E757E3635CD441B2A8D8CB4B507CB40 8704 ----a-w- C:\WINDOWS\Sysnative\lpksetupproxyserv.dll 2014-04-11 15:59:03 7CEA4BDCFD24CEFFD2689162876F12E8 7168 ----a-w- C:\WINDOWS\Sysnative\shimeng.dll 2014-04-11 15:59:03 797DE44BF9DF0231E9D39E3FA7B5898E 3584 ---ha-w- C:\WINDOWS\Sysnative\ext-ms-win-ntuser-private-l1-1-0.dll 2014-04-11 15:59:03 61695710BD16FCCFFD22B425692EF83A 20992 ----a-w- C:\WINDOWS\Sysnative\fhsvcctl.dll 2014-04-11 15:59:03 5C615EB69963F31CB9034702169ABCCB 15360 ----a-w- C:\WINDOWS\Sysnative\finger.exe 2014-04-11 15:59:03 3917A6F3DAAB7D70B5C01E55C6880DD2 54784 ----a-w- C:\WINDOWS\Sysnative\fveskybackup.dll 2014-04-11 15:59:03 22E1B49330D76F27FD0A13AD16A16A56 8192 ---ha-w- C:\WINDOWS\Sysnative\ext-ms-win-ntuser-private-l1-1-1.dll 2014-04-11 15:59:03 144E6549AAA4966F36160588907A45FB 115712 ----a-w- C:\WINDOWS\Sysnative\winbici.dll 2014-04-11 15:59:02 E7B53AF004BEE5112F787A6E5B04D737 11109 ----a-w- C:\WINDOWS\Sysnative\connectedsearch-results.searchconnector-ms 2014-04-11 15:59:02 385AF1C48CE3E86B37B9E66749FFEC1B 50053 ----a-w- C:\WINDOWS\Sysnative\srms.dat 2014-04-11 15:41:22 2689A9E9EF189534DC2FF5F870E26067 23549952 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2014-04-11 15:41:20 C06067A3BDC3AC8300F9D67BB3DC8CB3 2678784 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers.dll 2014-04-11 15:40:36 B2F436D19A6513345E9F556CE962B84D 195584 ----a-w- C:\WINDOWS\Sysnative\msrating.dll 2014-04-11 15:31:11 3A2F218FE379B984E3C2EEDC6BB04ADF 233912 ----a-w- C:\WINDOWS\Sysnative\mfps.dll 2014-04-11 15:30:56 F48C144251B36850B67AB8E6D9E20E92 111616 ----a-w- C:\WINDOWS\Sysnative\ieetwcollector.exe 2014-04-11 15:30:56 E1593B9C098F079DCED37016DC9DF685 48640 ----a-w- C:\WINDOWS\Sysnative\ieetwproxystub.dll 2014-04-11 15:30:56 C2CB1454F0D6BFDF584395A41C223BDF 4096 ----a-w- C:\WINDOWS\Sysnative\ieetwcollectorres.dll 2014-04-11 15:30:56 4F51BFB5DF7249D1CFC37010895E609C 139264 ----a-w- C:\WINDOWS\Sysnative\ieUnatt.exe 2014-04-11 15:30:55 7871E35AC5640F4296B5C497CCAAA2AF 66048 ----a-w- C:\WINDOWS\Sysnative\iesetup.dll 2014-04-11 15:30:55 6BD4079F6EC3B875674C9E988AA24CDF 33792 ----a-w- C:\WINDOWS\Sysnative\iernonce.dll 2014-04-10 02:13:58 C56EF94A5E1C20BF4B8AA6698642886F 2724864 ----a-w- C:\WINDOWS\Sysnative\mshtml.tlb ====== C:\WINDOWS\Sysnative\drivers ===== 2014-04-11 16:04:26 1C80517BE6836A812F6A9B99B8321351 2013016 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2014-04-11 16:04:26 179A41249055D5F039F1B6703F3B6D2B 376152 ----a-w- C:\WINDOWS\Sysnative\drivers\clfs.sys 2014-04-11 16:04:12 FEEFE783D87C9063CDAC6DBDCF95F533 2519384 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2014-04-11 16:04:10 C7D252742946DD395670649742FBD73D 1557848 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2014-04-11 16:04:06 E62EAEF0BAC9DD61BF22D4A7F2F18571 679424 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2014-04-11 16:04:04 C997E6A37BA8915224B3FB5024A34F69 402944 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2014-04-11 16:04:04 4030CB06B8D963A45CED9E60C9F2A11E 379224 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2014-04-11 16:04:03 7FC5667DF73D4B04AA457CC3A4180E09 157016 ----a-w- C:\WINDOWS\Sysnative\drivers\wof.sys 2014-04-11 16:04:02 4627C1FBF2802425A408A2D2AF28CF85 565536 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2014-04-11 16:04:01 AC408FA243471C25CDE435C3B83536A9 337752 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys 2014-04-11 16:04:01 466BDC0006103F2547D308DD3CD64398 245760 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2014-04-11 16:04:00 647C7652FA19F98CADF2BFDA2164BFEC 443392 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2014-04-11 16:03:59 CFC52C49BEFE4D70D87FFA900EAB9777 467800 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2014-04-11 16:03:58 F88CC88F4A6D8476F1664E805CA18CC2 180056 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2014-04-11 16:03:57 C48CDFD48A43E4AEC8170E1E50A3FACD 428888 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS 2014-04-11 16:03:57 BFBE1C5F57FE7A885673A1962D5532B7 136024 ----a-w- C:\WINDOWS\Sysnative\drivers\wfplwfs.sys 2014-04-11 16:03:57 A03F362C5557E238CBFA914689C77248 134144 ----a-w- C:\WINDOWS\Sysnative\drivers\dfsc.sys 2014-04-11 16:03:57 8DB8EAB9D0C6A5DF0BDCADEA239220B4 33280 -c--a-w- C:\WINDOWS\Sysnative\drivers\hidusb.sys 2014-04-11 16:03:56 ABB7341766902F5AAB45E15F34D19E15 111616 -c--a-w- C:\WINDOWS\Sysnative\drivers\hidclass.sys 2014-04-11 16:03:56 41CF802064F72E55F50CA0A221FD36D4 49152 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpipreg.sys 2014-04-11 16:03:55 1D55DADC22D21883A2F80297F5A5AE48 140288 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxdav.sys 2014-04-11 16:03:54 FD9C9E9E3F0ED51502C7E8C066BE26B9 79360 ----a-w- C:\WINDOWS\Sysnative\drivers\IPMIDrv.sys 2014-04-11 16:03:54 3E28B99198B514DFEB152EACF913025E 283648 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys 2014-04-11 16:00:56 3595FBDF25F8BA6256072D103937D7D6 311640 -c--a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys 2014-04-11 16:00:15 F21B77B4D74092A543807D3CEB711A88 1118552 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2014-04-11 16:00:13 9539F7917B4B6D92C90F0FAA6B86C605 539992 -c--a-w- C:\WINDOWS\Sysnative\drivers\acpi.sys 2014-04-11 16:00:06 B2BD017231836DA9F63F41E3A075D73E 590168 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys 2014-04-11 15:59:58 A26AEC49F318FEE141DDDB2C5F99B3E6 249688 ----a-w- C:\WINDOWS\Sysnative\drivers\rdyboost.sys 2014-04-11 15:59:56 233A4C961703D6B3EBA4EC1A3E85AACE 298496 ----a-w- C:\WINDOWS\Sysnative\drivers\ks.sys 2014-04-11 15:59:54 275AFE3FA35E8D78BE97695DF49817C6 280920 -c--a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2014-04-11 15:59:52 87765EF43C33BE342F4ACB0E3FBF89A6 384856 -c--a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys 2014-04-11 15:59:52 8685379B82AC81187813225905531D1E 272896 -c--a-w- C:\WINDOWS\Sysnative\drivers\portcls.sys 2014-04-11 15:59:51 EA23453240137F6773174E0D93F61A69 148824 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS 2014-04-11 15:59:50 46D1DF775FFF14585218BBE16E5B2C9A 360792 ----a-w- C:\WINDOWS\Sysnative\drivers\fltMgr.sys 2014-04-11 15:59:43 8F39AFEB255487932DFF14D9E0E0FC24 372568 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys 2014-04-11 15:59:42 52E483A3701A5A61A75A06993720347D 551256 -c--a-w- C:\WINDOWS\Sysnative\drivers\vhdmp.sys 2014-04-11 15:59:37 FDEC5799BA499D18AFA3A540538866E7 236888 -c--a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2014-04-11 15:59:36 48430B0313FC1CFE3D2400553F1A93CD 325464 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2014-04-11 15:59:35 DDEE191AB32DFC22C6465002ECDF5EE4 124416 ----a-w- C:\WINDOWS\Sysnative\drivers\luafv.sys 2014-04-11 15:59:35 0ECEE590F2E2EF969FB74A6FC583A1E6 663040 ----a-w- C:\WINDOWS\Sysnative\drivers\PEAuth.sys 2014-04-11 15:59:34 02836172141D3AFA35B07679E253E503 151384 -c--a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2014-04-11 15:59:31 EF3AE7773394DF49CE74AF78A1C8D23D 146776 ----a-w- C:\WINDOWS\Sysnative\drivers\msgpioclx.sys 2014-04-11 15:59:30 E515A287C8FAE901EB8FB42F168E14F2 924504 ----a-w- C:\WINDOWS\Sysnative\drivers\refs.sys 2014-04-11 15:59:30 BCFD8B149B3ADF92D0DB1E909CAF0265 79192 ----a-w- C:\WINDOWS\Sysnative\drivers\fileinfo.sys 2014-04-11 15:59:29 38A82F4EE8C416A6744B6D30381ED768 33280 -c--a-w- C:\WINDOWS\Sysnative\drivers\BasicRender.sys 2014-04-11 15:59:29 0B1E929D11A8E358106955603FAC65E8 79192 -c--a-w- C:\WINDOWS\Sysnative\drivers\sdstor.sys 2014-04-11 15:59:26 61A1C2641321A6B89A2B41C5D481EF48 71888 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpfve.sys 2014-04-11 15:59:25 C1F564F324685C088ECAB1933576CF91 54816 ----a-w- C:\WINDOWS\Sysnative\drivers\wpcfltr.sys 2014-04-11 15:59:24 B034A41891A36457B994307DFA772293 189784 -c--a-w- C:\WINDOWS\Sysnative\drivers\UCX01000.SYS 2014-04-11 15:59:22 9DDCA7F18983C5410DEFF79F819DF93C 994136 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2014-04-11 15:59:17 9CC0003FB8ED3763B977B43F1012FF63 54272 ----a-w- C:\WINDOWS\Sysnative\drivers\watchdog.sys 2014-03-25 04:24:05 1BB7DE43D7ACF939AE77EAD4CB6B9374 61112 ----a-w- C:\WINDOWS\Sysnative\drivers\wStLibG64.sys ====== C:\WINDOWS\Tasks ====== 2014-04-17 23:23:00 D70268A890117CBB951309A4DB5484C7 3126 ----a-w- C:\WINDOWS\Sysnative\Tasks\{362988DF-C7F7-428D-96C9-FFAEC7678F9C} 2014-04-17 19:22:47 139CD5DE7000A4214420EE06962B41B5 4092 ----a-w- C:\WINDOWS\Sysnative\Tasks\Installer_cr 2014-04-03 11:46:58 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\GenericSettingsHandler 2014-03-27 07:07:35 D3A225ADC8F59BFB9D101F9C7F50EF0F 4058 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA1cf498b3aded8d4 ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-04-18 10:10:24 -------- d-----w- C:\Program Files\trend micro 2014-04-16 13:59:30 -------- d-----w- C:\Program Files\Microsoft Silverlight ======= C:\PROGRA~2 ===== 2014-04-16 13:59:30 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2014-04-15 22:37:29 -------- d-----w- C:\PROGRA~2\BrowseBurst ======= C: ===== ====== C:\Users\Rizzotto\AppData\Roaming ====== 2014-04-17 19:22:45 -------- d-----w- C:\Users\Rizzotto\AppData\Local\Installer 2014-04-17 19:22:12 -------- d-----w- C:\Users\Rizzotto\AppData\Local\CrashRpt 2014-04-17 19:21:48 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Fighters 2014-04-17 19:21:17 -------- d-----w- C:\Users\Rizzotto\AppData\Roaming\Fighters 2014-04-16 19:39:50 -------- d-----w- C:\Users\Rizzotto\AppData\Locallow\{8A19745A-5203-044B-D1D6-0B6F46BABA9A} 2014-04-11 19:30:19 -------- d-sh--w- C:\Users\Rizzotto\AppData\Locallow\EmieUserList 2014-04-11 19:29:41 -------- d-sh--w- C:\Users\Rizzotto\AppData\Local\EmieUserList 2014-04-11 19:29:41 -------- d-sh--w- C:\Users\Rizzotto\AppData\Local\EmieSiteList 2014-04-11 19:25:35 -------- d-sh--w- C:\Users\Rizzotto\AppData\Locallow\EmieSiteList 2014-04-02 20:34:02 -------- d-----w- C:\Users\Rizzotto\AppData\Roaming\TuneUp Software ====== C:\Users\Rizzotto ====== 2014-04-18 10:09:58 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Rizzotto\Downloads\RSITx64.exe 2014-04-17 19:21:13 -------- d-----w- C:\ProgramData\Fighters 2014-04-16 14:01:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-04-15 22:37:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam 2014-04-02 20:33:24 -------- d-----w- C:\ProgramData\AVG2014 ====== C: exe-files == 2014-04-18 10:10:24 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Rizzotto.exe 2014-04-18 10:09:58 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Rizzotto\Downloads\RSITx64.exe 2014-04-17 23:23:48 A6E476C2EF08D871B9FB767BC9EB779C 205920 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\tu17p84.exe 2014-04-17 23:13:20 CC8FB54CB36E66AD6D58DD58B982A693 245248 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\afgytdrp_289622_setup.exe 2014-04-17 22:46:27 CC8FB54CB36E66AD6D58DD58B982A693 245248 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\afgytdrp_218198_setup.exe 2014-04-17 22:02:40 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\ryohr2yu.12a\RealPlayer.exe 2014-04-17 22:02:14 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\f4cobynd.nno\RealPlayer.exe 2014-04-17 22:01:41 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\cxsck105.juz\RealPlayer.exe 2014-04-17 22:01:24 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\er5kr034.fw1\RealPlayer.exe 2014-04-17 22:00:57 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\um2ky4m1.fsg\RealPlayer.exe 2014-04-17 21:59:34 CC8FB54CB36E66AD6D58DD58B982A693 245248 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\afgytdrp_994089_setup.exe 2014-04-17 19:24:31 C23AE52C2AD53E5D0E728FB31C3C7DF8 19430926 ----a-w- C:\Users\Rizzotto\AppData\Local\Microsoft\Windows\INetCache\IE\NSV9B3LB\evasi0n7[1].exe 2014-04-17 19:24:13 3D2810BD999225AC121040BA80D24494 98024 ----a-w- C:\Users\Rizzotto\AppData\Local\Microsoft\Windows\INetCache\IE\VBIS3J3E\aff_setup[1].exe 2014-04-17 19:22:45 C507CC447D7C4C9E141A1341F51A8921 6830909 ----a-w- C:\Users\Rizzotto\AppData\Local\Installer\Install_28396\sense.exe 2014-04-17 19:22:45 B7561A7736A8745F5C022412581A49D5 1024896 ----a-w- C:\Users\Rizzotto\AppData\Local\Installer\Install_28396\ytdi_adk_setup_20140317.exe 2014-04-17 19:22:45 B7561A7736A8745F5C022412581A49D5 1024896 ----a-w- C:\Users\Rizzotto\AppData\Local\Installer\Install_27939\ytdi_adk_setup_20140317.exe 2014-04-17 19:22:45 04857FEDB858C9218C73C22EB5C76C87 6938952 ----a-w- C:\Users\Rizzotto\AppData\Local\Installer\Install_27939\cr.exe 2014-04-17 19:22:14 D027F9D076380F82C7DF3E4C71CB736E 5413264 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\Install_14392\shopperpro.exe 2014-04-17 19:22:14 C507CC447D7C4C9E141A1341F51A8921 6830909 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\Install_14392\sense.exe 2014-04-17 19:22:14 A3858BCA9BDA81798EFBF9AA81CBE392 6404192 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\Install_14392\ytd.exe 2014-04-17 19:22:14 180A5FEE867A06472F6701814A1ED9FC 6966776 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\Install_14392\iwebar.exe 2014-04-17 19:22:14 04857FEDB858C9218C73C22EB5C76C87 6938952 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\Install_14392\cr.exe 2014-04-17 19:22:11 B7561A7736A8745F5C022412581A49D5 1024896 ----a-w- C:\Users\Rizzotto\AppData\Local\Microsoft\Windows\INetCache\IE\T9EEPXAD\ytdi_adk_setup_20140317[1].exe 2014-04-17 19:21:00 D7C083E7758FFD2DF5A336C084D24159 2758320 ----a-w- C:\Users\Rizzotto\AppData\Local\Microsoft\Windows\INetCache\IE\YFD6V7WC\FULL-DISKfighterSetup_partner516_1.3.61Web[1].exe 2014-04-17 19:20:24 ED6A11F4562F89F559243AC87B01DBF4 54776 ----a-w- C:\Windows\System32\wuauclt.exe 2014-04-16 19:40:20 71F784969D24240764D5E5D752D55A41 1722581 ----a-w- C:\Users\Rizzotto\AppData\Local\Microsoft\Windows\INetCache\IE\T9EEPXAD\ezdownloader[1].exe 2014-04-16 19:40:16 1D283DD3AE2312EEE624E8B8C46F6ADB 729600 ----a-w- C:\Users\Rizzotto\AppData\Local\Microsoft\Windows\INetCache\IE\NSV9B3LB\agup[1].exe 2014-04-16 19:39:52 23912DF27A61EA0463C5509BA6A97579 4983808 ----a-w- C:\Users\Rizzotto\AppData\Local\Microsoft\Windows\INetCache\IE\VBIS3J3E\tpq[1].exe 2014-04-16 19:38:41 E5575149A477DC94AF527FC7D751A407 6379728 ----a-w- C:\Users\Rizzotto\AppData\Local\Microsoft\Windows\INetCache\IE\VBIS3J3E\SPSetup[1].exe 2014-04-16 19:38:40 E5575149A477DC94AF527FC7D751A407 6379728 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\nsy4C83\SpSetup.exe 2014-04-16 19:38:29 5E144DD2B309BD00D2BE3D7CC4DC786F 124184 ----a-w- C:\Users\Rizzotto\AppData\Local\Microsoft\Windows\INetCache\IE\AI4YD7QD\spstub[1].exe 2014-04-16 19:38:25 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Users\Rizzotto\AppData\Local\Microsoft\Windows\INetCache\IE\T9EEPXAD\sp-downloader[1].exe 2014-04-16 19:37:58 6F863592B75D156A15FC05070A6668EB 661416 ----a-w- C:\Users\Rizzotto\AppData\Local\Microsoft\Windows\INetCache\IE\YFD6V7WC\embededstub[1].exe 2014-04-15 22:37:00 DFCF8B59721B561814158C88C69E2A88 6231784 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\1396331452_the_wedownload_manager.exe 2014-04-15 22:36:51 E6F7C751239664F469FE23E892C7EF36 233000 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\1396421883_BrowseBurstSetup.exe 2014-04-15 22:36:51 D1082CCA6C2A363525DFDC5599A2CF81 1154336 ----a-w- C:\Users\Rizzotto\AppData\Local\Temp\pm.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1430638768-1313984737-3149426251-1002\Software\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "Real Hide IP"="C:\Program Files (x86)\RealHideIP\RealHideIP.exe" "LiveSupport"="C:\Program Files (x86)\LiveSupport\LiveSupport.exe /noshow /log" "FDPRO-516"="C:\Program Files (x86)\Fighters\FighterLauncher.exe FDPRO" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "Registry Helper"="C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe /boot" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "Real Hide IP"="C:\Program Files (x86)\RealHideIP\RealHideIP.exe" "LiveSupport"="C:\Program Files (x86)\LiveSupport\LiveSupport.exe /noshow /log" "FDPRO-516"="C:\Program Files (x86)\Fighters\FighterLauncher.exe FDPRO" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/03/2014 20:23] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA1cf498b3aded8d4" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Installer_cr" [C:\Users\Rizzotto\AppData\Local\Installer\Install_27939\ytdi_adk_setup_20140317.exe] "C:\WINDOWS\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{D691C4CF-196A-42D1-A708-A0FEC2721B6A}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\vip4n2zm.default - leethax.net extension - %ProfilePath%\extensions\leethax@leethax.net.xpi - Real Hide IP - %ProfilePath%\extensions\support@real-hide-ip.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\vip4n2zm.default 95812430959AE88CDD0301AB3A71913B - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[] nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files (x86)\TornTV.com\torn2_10.crx[] SNT - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh Save Best - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj YYTBiOookMairk - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa WbSvCouponApp - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb websave - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo SNT - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh Save Best - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj YYTBiOookMairk - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa WbSvCouponApp - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb websave - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo SNT - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh Save Best - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj YYTBiOookMairk - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa WbSvCouponApp - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb websave - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo SNT - Administrator\AppData\Local\Torch\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh Save Best - Administrator\AppData\Local\Torch\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj YYTBiOookMairk - Administrator\AppData\Local\Torch\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop YoutubeAdblocker - Administrator\AppData\Local\Torch\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa WbSvCouponApp - Administrator\AppData\Local\Torch\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb websave - Administrator\AppData\Local\Torch\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo SNT - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh Save Best - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj YYTBiOookMairk - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop YoutubeAdblocker - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa WbSvCouponApp - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb websave - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo SNT - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh Save Best - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj YYTBiOookMairk - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop YoutubeAdblocker - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa WbSvCouponApp - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb websave - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo SNT - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh Save Best - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj YYTBiOookMairk - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop YoutubeAdblocker - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa WbSvCouponApp - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb websave - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo SNT - Gast\AppData\Local\Torch\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh Save Best - Gast\AppData\Local\Torch\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj YYTBiOookMairk - Gast\AppData\Local\Torch\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop YoutubeAdblocker - Gast\AppData\Local\Torch\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa WbSvCouponApp - Gast\AppData\Local\Torch\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb websave - Gast\AppData\Local\Torch\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo SNT - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh Save Best - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj YYTBiOookMairk - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop YoutubeAdblocker - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa WbSvCouponApp - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb websave - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo SNT - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh Save Best - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj YYTBiOookMairk - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa WbSvCouponApp - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb websave - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo SNT - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh Save Best - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj YYTBiOookMairk - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa WbSvCouponApp - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb websave - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo SNT - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh Save Best - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj YYTBiOookMairk - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop YoutubeAdblocker - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa WbSvCouponApp - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb websave - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo Ask Toolbar - Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko Comodo Web Inspector - Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn SNT - Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh Save Best - Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj YYTBiOookMairk - Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop Comodo Share Page Service - Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf YoutubeAdblocker - Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa WbSvCouponApp - Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb websave - Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo WbSvCouponApp - Rizzotto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb SNT - Rizzotto\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh Save Best - Rizzotto\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj YYTBiOookMairk - Rizzotto\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop YoutubeAdblocker - Rizzotto\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa WbSvCouponApp - Rizzotto\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb websave - Rizzotto\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo SNT - Rizzotto\AppData\Local\Torch\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh Save Best - Rizzotto\AppData\Local\Torch\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj YYTBiOookMairk - Rizzotto\AppData\Local\Torch\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop YoutubeAdblocker - Rizzotto\AppData\Local\Torch\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa WbSvCouponApp - Rizzotto\AppData\Local\Torch\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb websave - Rizzotto\AppData\Local\Torch\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo ==== Chrome Fix ====================== C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\Rizzotto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\Rizzotto\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\Rizzotto\AppData\Local\Torch\User Data\Default\Extensions\ngpkkmdmhcpfhpnlllmnkjgandlhkcpb deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa deleted successfully C:\Users\Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa deleted successfully C:\Users\Rizzotto\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa deleted successfully C:\Users\Rizzotto\AppData\Local\Torch\User Data\Default\Extensions\nbghcmogfklgjdionkjmhehbgpbjgeaa deleted successfully C:\Users\Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko deleted successfully C:\Users\Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage deleted successfully C:\Users\Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage-journal deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh deleted successfully C:\Users\Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh deleted successfully C:\Users\Rizzotto\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh deleted successfully C:\Users\Rizzotto\AppData\Local\Torch\User Data\Default\Extensions\bfpilccbnholckcehjpcgikfpbfefimh deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj deleted successfully C:\Users\Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj deleted successfully C:\Users\Rizzotto\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj deleted successfully C:\Users\Rizzotto\AppData\Local\Torch\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop deleted successfully C:\Users\Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop deleted successfully C:\Users\Rizzotto\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop deleted successfully C:\Users\Rizzotto\AppData\Local\Torch\User Data\Default\Extensions\hepfcieolcfaoffmfkjclelpmhdbbcop deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo deleted successfully C:\Users\Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo deleted successfully C:\Users\Rizzotto\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo deleted successfully C:\Users\Rizzotto\AppData\Local\Torch\User Data\Default\Extensions\njaoemmhbmicgalbfbmoplcbfohofifo deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=BE&userid=90c27581-6af4-fd9a-6f7a-95617b57335e&searchtype=ds&q={searchTerms}&installDate={installDate}" "Search Bar"="http://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=BE&userid=90c27581-6af4-fd9a-6f7a-95617b57335e&searchtype=ds&q={searchTerms}&installDate={installDate}" "Use Search Asst"="yes" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=BE&userid=90c27581-6af4-fd9a-6f7a-95617b57335e&searchtype=ds&q={searchTerms}&installDate={installDate}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=BE&userid=90c27581-6af4-fd9a-6f7a-95617b57335e&searchtype=ds&q={searchTerms}&installDate={installDate}" "SearchAssistant"="http://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=BE&userid=90c27581-6af4-fd9a-6f7a-95617b57335e&searchtype=ds&q={searchTerms}&installDate={installDate}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Use Search Asst"="no" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\23e7eecd-8ea5-4be3-a8d4-9c4c7b57897e deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\e191b5c3-36f8-4cd0-aef0-78bbaeb95d47 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365 deleted successfully ==== HijackThis Entries ====================== R3 - URLSearchHook: (no name) - {6ec5b552-6d23-4e05-a153-32aa26f7d9e8} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Registry Helper] "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [Real Hide IP] C:\Program Files (x86)\RealHideIP\RealHideIP.exe O4 - HKCU\..\Run: [LiveSupport] "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log O4 - HKCU\..\Run: [FDPRO-516] C:\Program Files (x86)\Fighters\FighterLauncher.exe FDPRO O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O20 - AppInit_DLLs: O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Rizzotto\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Rizzotto\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Rizzotto\AppData\Local\Mozilla\Firefox\Profiles\vip4n2zm.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Rizzotto\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4053 folders=762 360569408 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Rizzotto\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Rizzotto\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\Desk 365" not found "C:\Program Files (x86)\BrowseBurst" not found "C:\Program Files (x86)\BrowseBurst" not found "C:\Program Files (x86)\Desk 365" not found "C:\PROGRA~2\BrowseBurst" not found "C:\PROGRA~2\Desk 365" not found "C:\PROGRA~2\BrowseBurst" not found ==== EOF on vr 18/04/2014 at 20:03:36,99 ======================