Zoek.exe v5.0.0.0 Updated 09-September-2014 Tool run by Co on di 09-09-2014 at 19:02:33,03. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Co\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 9-9-2014 19:04:56 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\SmarterPower deleted successfully C:\PROGRA~3\eMule deleted successfully C:\PROGRA~3\PCSettings deleted successfully C:\PROGRA~3\Spotnet deleted successfully C:\Users\Co\AppData\Local\Adobe deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-272173987-287010755-2856044853-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-272173987-287010755-2856044853-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Running Processes ====================== C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.5.0.19\N360.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.5.0.19\N360.exe C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Users\Co\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Users\Co\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.9 deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ==== Deleting Files \ Folders ====================== C:\Program Files\Enigma Software Group deleted C:\Users\Co\AppData\Roaming\0S1P1R2Y1C1P1Q0D1F2W1G1I1F1T1Q deleted C:\PROGRA~3\AVG Secure Search deleted C:\Users\Co\AppData\Local\AVG Secure Search deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Co\AppData\LocalLow\AVG Secure Search deleted "C:\Windows\Installer\2ee7d.msi" deleted "C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCall.dll" deleted "C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla.dll" deleted "C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla2.dll" deleted "C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla21.dll" deleted "C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.dll" deleted "C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.exe" deleted "C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla32.dll" deleted "C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla33.dll" deleted "C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla34.dll" deleted "C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla37.dll" deleted "C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla37.exe" deleted "C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseData.ini" deleted "C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted "C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\18.1.9\avgdttbx.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\18.1.9\SiteSafety.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll" deleted "C:\PROGRA~3\boost_interprocess\20140909185556.488410\Nobu64AgentService2.9.0.19" deleted "C:\PROGRA~3\boost_interprocess\20140909185556.488410\Nobu64TrayIcon2.9.0.19" deleted "C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP" deleted "C:\PROGRA~2\AVG Secure Search" deleted "C:\PROGRA~2\AVG Secure Search" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted "C:\PROGRA~3\boost_interprocess" not deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\18.1.9" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\18.1.9" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.1.9" deleted "C:\PROGRA~3\boost_interprocess\20140909185556.488410" not deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 6031 MB CPU Info: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz CPU Speed: 3373,2 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Intel(R) 82579V Gigabit Network Connection CD / DVD Drives: 1x (F: | ) F: ATAPI DVD A DH16ACSH Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 452,2GB | D: 453,1GB | G: 1396,9GB Hard Disks - Free: C: 372,6GB | D: 452,9GB | G: 1304,0GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | ACRSYS - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: Packard Bell imedia S2870 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: Norton 360 Premier Edition On-access scanning disabled (Outdated) Anti-Spyware: Norton 360 Premier Edition disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Norton 360 Premier Edition disabled Internet Explorer Version: 11.0.9600.17239 Mozilla Firefox version: 32.0 (x86 nl) Google Chrome version: 37.0.2062.103 Flash Player version: 14.0.0.145 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-09-01 11:39:16 81394C91B7B5A7C799E249AE82491F13 2373784 ----a-w- C:\WINDOWS\explorer.exe 2014-09-01 10:54:30 F0E857AA9EFCC374C1931F7E9978C480 24768 ----a-w- C:\WINDOWS\diagwrn.xml 2014-09-01 10:54:30 F0E857AA9EFCC374C1931F7E9978C480 24768 ----a-w- C:\WINDOWS\diagerr.xml 2014-08-18 17:09:26 CC8086859E133B695C6F5F9263CD639C 797742105 ----a-w- C:\WINDOWS\MEMORY.DMP ====== C:\Users\Co\AppData\Local\Temp ==== 2014-09-09 16:58:29 D11FB7A5078631BE2E183DC56FCD5375 43008 ----a-w- C:\Users\Co\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfws__d.dll ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2014-09-07 18:04:40 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\WINDOWS\SysWOW64\subinacl.exe 2014-09-04 15:29:11 949E0E42DAAD0418513B44C31A697CA5 1797896 ----a-w- C:\WINDOWS\SysWOW64\d3d9.dll 2014-09-04 15:29:10 5BD2BD14753D3B0ADDE842CDF25A4C60 2144984 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll 2014-09-04 15:29:09 1E14463F10B324B02EB2DA7415345D15 1473080 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2014-09-04 15:29:08 E28501E3A241DDC5DC65382E55661B1D 285696 ----a-w- C:\WINDOWS\SysWOW64\dhcpcore.dll 2014-09-04 15:29:07 E65B5352AD0743F1F59BDA9466719EFE 265216 ----a-w- C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-09-04 15:29:06 EA15CC7B75A2DE287E3B0C266A35490C 235008 ----a-w- C:\WINDOWS\SysWOW64\framedynos.dll 2014-09-04 15:29:06 E4783EB6A6B2D04F3B541B378E843617 229888 ----a-w- C:\WINDOWS\SysWOW64\dhcpcore6.dll 2014-09-04 15:29:04 0CCDFED2DFCD4FBA73EE989249379458 52736 ----a-w- C:\WINDOWS\SysWOW64\ncobjapi.dll 2014-09-04 15:29:03 A750BB0258ECF6265A903905A0B14EB3 198656 ----a-w- C:\WINDOWS\SysWOW64\WebClnt.dll 2014-09-04 15:29:02 BEA7A26C2C22381B6DD88758352B9D9B 62976 ----a-w- C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2014-09-04 15:29:02 BA6E52B0D82682EDE4B49D9CCC7D529B 207360 ----a-w- C:\WINDOWS\SysWOW64\framedyn.dll 2014-09-04 15:29:02 855D508F0053CEDC3BBAF2CB245A674A 1035264 ----a-w- C:\WINDOWS\SysWOW64\actxprxy.dll 2014-09-04 15:29:02 4E07710A2C9EA43E7509BF7D0452430E 106496 ----a-w- C:\WINDOWS\SysWOW64\Robocopy.exe 2014-09-04 15:29:01 57E0A896C38C41C8B5B7F3127F8FD0D9 56320 ----a-w- C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2014-09-04 15:29:00 191B7F25BE13D9F9E56B2B4EA595AC62 11776 ----a-w- C:\WINDOWS\SysWOW64\d3d8thk.dll 2014-09-04 15:28:13 61F5222289E052C40274ECD182A8AA99 98816 ----a-w- C:\WINDOWS\SysWOW64\drvinst.exe 2014-09-01 11:42:04 1DEC681B79501A714F0D3FA2787183C3 305152 ----a-w- C:\WINDOWS\SysWOW64\wusa.exe 2014-09-01 11:42:00 128EC9879D462F89829E663417FE5DBD 710144 ----a-w- C:\WINDOWS\SysWOW64\rpcrt4.dll 2014-09-01 11:41:55 2C01D8EA2B0FA834597FCD96AAAE4F52 406400 ----a-w- C:\WINDOWS\SysWOW64\dxgi.dll 2014-09-01 11:40:52 F8D0951A75826AD557CFAC323A936AA6 281088 ----a-w- C:\WINDOWS\SysWOW64\msihnd.dll 2014-09-01 11:40:52 86DB4BA87BAF3D467D04821602E586A9 3304448 ----a-w- C:\WINDOWS\SysWOW64\msi.dll 2014-09-01 11:40:52 16CDD058883E38FB43D582FB080F721A 2318336 ----a-w- C:\WINDOWS\SysWOW64\authui.dll 2014-09-01 11:40:04 38045850ACB96313A1983A8803302906 35480 ----a-w- C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2014-09-01 11:39:16 FF0EE1B87E5DD7A82F7BB124D5CA8BB6 494592 ----a-w- C:\WINDOWS\SysWOW64\dnsapi.dll 2014-09-01 11:39:16 FE85E0B190DD141E4826FEC9F015FA18 139776 ----a-w- C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2014-09-01 11:39:16 FBA4497DEBB5C07F5FA230618857A329 58368 ----a-w- C:\WINDOWS\SysWOW64\l2gpstore.dll 2014-09-01 11:39:16 FB32EF390BCAC55E11E0C5D12F4C9A45 1816576 ----a-w- C:\WINDOWS\SysWOW64\Display.dll 2014-09-01 11:39:16 EB40EFEBE9EB4ACA3DD950A1AFA0F51B 171008 ----a-w- C:\WINDOWS\SysWOW64\SensorsApi.dll 2014-09-01 11:39:16 D30975FD233E399744E2FB083F5E5545 222720 ----a-w- C:\WINDOWS\SysWOW64\dcomp.dll 2014-09-01 11:39:16 C06B6C8E002EDB492D93F2494E32F9CA 605184 ----a-w- C:\WINDOWS\SysWOW64\rasapi32.dll 2014-09-01 11:39:16 BD9306F715EA9B959EDB892614F6D581 94016 ----a-w- C:\WINDOWS\SysWOW64\userenv.dll 2014-09-01 11:39:16 B918D220FCD67E5A4AF05018515E4C14 172544 ----a-w- C:\WINDOWS\SysWOW64\ReInfo.dll 2014-09-01 11:39:16 B4309F7821BDE5A31E1E4FB24ED97C5C 197632 ----a-w- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2014-09-01 11:39:16 B3F1B6A3CC07E967B60584E7454B0890 390488 ----a-w- C:\WINDOWS\SysWOW64\netcfgx.dll 2014-09-01 11:39:16 AFFB4EB53FC1D04495C8A5EC80B1EBCD 264192 ----a-w- C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2014-09-01 11:39:16 AF2A68F7890A680DAE0637EC49456A7B 85504 ----a-w- C:\WINDOWS\SysWOW64\davclnt.dll 2014-09-01 11:39:16 ADC071E4F65BAC3AEF4807B23438472A 280576 ----a-w- C:\WINDOWS\SysWOW64\SessEnv.dll 2014-09-01 11:39:16 A82DF6AB70BF4558B58D0B2827B61C3C 33792 ----a-w- C:\WINDOWS\SysWOW64\sxproxy.dll 2014-09-01 11:39:16 A6880BA9A4F02D3C742DF956EA9CC44D 1351168 ----a-w- C:\WINDOWS\SysWOW64\GdiPlus.dll 2014-09-01 11:39:16 9264B57E8C0BCCA14F92EBA56B9B5106 800256 ----a-w- C:\WINDOWS\SysWOW64\ReAgent.dll 2014-09-01 11:39:16 91F6883B61C0E5BEAE9B734D8E46829B 386560 ----a-w- C:\WINDOWS\SysWOW64\wlangpui.dll 2014-09-01 11:39:16 83058B0F0CEC63A5A7438818B71C0935 1679128 ----a-w- C:\WINDOWS\SysWOW64\msxml6.dll 2014-09-01 11:39:16 7C0E08F3F04ED8874E19DD23753DE2C6 356864 ----a-w- C:\WINDOWS\SysWOW64\wlidprov.dll 2014-09-01 11:39:16 775C3D06C408F4F093254B39637A6F1E 755712 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2014-09-01 11:39:16 75DE8AED4FE16D07E7E22208BA88F0C5 887296 ----a-w- C:\WINDOWS\SysWOW64\aclui.dll 2014-09-01 11:39:16 6F389E3C60FD27DA4322F78D2233E1FC 567296 ----a-w- C:\WINDOWS\SysWOW64\nshwfp.dll 2014-09-01 11:39:16 67D2296474FB0F3B858E1758FFA3AC79 1779800 ----a-w- C:\WINDOWS\SysWOW64\d3d11.dll 2014-09-01 11:39:16 5B8D7F29CA815E6DB156DF9853F0472D 2030080 ----a-w- C:\WINDOWS\SysWOW64\WsmSvc.dll 2014-09-01 11:39:16 5AEFC877161F7A481DD7CC137F97E761 2270208 ----a-w- C:\WINDOWS\SysWOW64\msftedit.dll 2014-09-01 11:39:16 59BB015A6FEB79D7911005D3E5F8C770 402432 ----a-w- C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2014-09-01 11:39:16 595653478434F2A8451EDA55CD954CED 1036288 ----a-w- C:\WINDOWS\SysWOW64\kernel32.dll 2014-09-01 11:39:16 55237559D07288EEEA3133451FE4F386 836096 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2014-09-01 11:39:16 503281E8561B81FC080887ECAF5F5E31 151040 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2014-09-01 11:39:16 4F3AD1A7C0ED3CF5C4EBE49F61074E41 226304 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2014-09-01 11:39:16 411201FFB3882554D5B833E6EC2EC649 254976 ----a-w- C:\WINDOWS\SysWOW64\pdh.dll 2014-09-01 11:39:16 3D83889B6343386C918AB45F5C4C9355 262656 ----a-w- C:\WINDOWS\SysWOW64\LocationApi.dll 2014-09-01 11:39:16 37725B5D560398E5BF4DAF85E4F89249 70656 ----a-w- C:\WINDOWS\SysWOW64\w32tm.exe 2014-09-01 11:39:16 2BDB085AA7ECA65D1793D150CEC960AF 1095488 ----a-w- C:\WINDOWS\SysWOW64\ole32.dll 2014-09-01 11:39:16 21DDC5D6CFAC0A5FEE3B364A9B58A7CB 1764864 ----a-w- C:\WINDOWS\SysWOW64\dwmcore.dll 2014-09-01 11:39:16 1FE14EDDEED70613E3A032182C7796FB 27136 ----a-w- C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2014-09-01 11:39:16 1AFACFDB26C1B81586801AFF8BB0ABF1 222720 ----a-w- C:\WINDOWS\SysWOW64\spp.dll 2014-09-01 11:39:16 119E091B5386379BC5AA598BE9440C75 2088160 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2014-09-01 11:39:16 0303523E283AB4D03590C9AE56A8386A 355832 ----a-w- C:\WINDOWS\SysWOW64\mfreadwrite.dll 2014-09-01 11:38:01 FBE8AE41ED2A9FE4C2DE069C522CA9C0 12711424 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-09-01 11:38:01 854E970293BA92F9BB69FFD1CE051D9C 189016 ----a-w- C:\WINDOWS\SysWOW64\rsaenh.dll 2014-09-01 11:38:01 684CF6A72A8DF7D66D262AC4A6E07845 270848 ----a-w- C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll 2014-09-01 11:37:43 9EE0C96C5D9840DF3517C9B7D19ED590 318976 ----a-w- C:\WINDOWS\SysWOW64\certcli.dll 2014-09-01 11:37:43 7DB59908D49605F2CD0CFB0CF9940E86 735232 ----a-w- C:\WINDOWS\SysWOW64\adtschema.dll 2014-09-01 11:37:30 BA4FA107EF9A728C58A81B2EFCD6FE2B 26784 ----a-w- C:\WINDOWS\SysWOW64\mrt100.dll 2014-09-01 11:37:30 6923D6FAB7CBA8D82BD792182B4F3DE4 80032 ----a-w- C:\WINDOWS\SysWOW64\mrt_map.dll 2014-09-01 11:37:02 FF4A917DD7C387BD2715A5F67307FED1 2184704 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2014-09-01 11:37:02 FEE3E022B00A5165ED645E38C1E6C776 60416 ----a-w- C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-01 11:37:02 E9B28B60C0272E2E1E462E6FB38E6B55 367104 ----a-w- C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-09-01 11:37:02 E70C00791A18866BB23B3A652E3390A0 2001920 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-09-01 11:37:02 B945BAA81B4805AD6BDDF4D026DCFB47 1792512 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2014-09-01 11:37:02 9D16B568E318F49535AD72539C9997C2 455168 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2014-09-01 11:37:02 90FF511B751A0327D07C4073760F1578 11772928 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2014-09-01 11:37:02 8453DDF167CE2986AA4AB04BC6824925 17524224 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2014-09-01 11:37:02 7C1BFC2ABE297BCA1A7BA77A8292C088 4204032 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2014-09-01 11:37:02 6D017C0E499443ACDE3D9B5DCD753F32 1169920 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2014-09-01 11:37:02 444EB30B1610A35FC99D62A91B2BCAA7 69632 ----a-w- C:\WINDOWS\SysWOW64\mshtmled.dll 2014-09-01 11:37:02 272420427EB96EA052C719AA796C09F2 61952 ----a-w- C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-09-01 11:37:02 24FA5F74D3B4BA62539DF87285BA934E 597504 ----a-w- C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-09-01 11:37:02 239575F9EA0D227516843EEE8B7342CA 239616 ----a-w- C:\WINDOWS\SysWOW64\dxtrans.dll 2014-09-01 11:37:02 1A05CFA45B6AEBFCCC835DCF68CBD1D0 526336 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2014-09-01 11:37:02 18A3154606E3F8945956948A4E708007 704512 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-09-01 11:37:02 030041C8800A1781134B6EC3E3EF3F9C 291840 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-09-01 11:36:29 CF7953FFEFED26AC657067CD2C259BCD 11792384 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2014-09-01 11:36:29 9E9182A652F5287DA05B3893A2E19FEC 80896 ----a-w- C:\WINDOWS\SysWOW64\wudriver.dll 2014-09-01 11:36:29 819E423A2914A67CD23D53997F7B4E8D 756224 ----a-w- C:\WINDOWS\SysWOW64\WSShared.dll 2014-09-01 11:36:29 77B0DF38B67C00EFB5B131D279FC12ED 666624 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll 2014-09-01 11:36:29 4B7FA0A3D7B9D316BC6B2A409701E47D 828928 ----a-w- C:\WINDOWS\SysWOW64\twinui.appcore.dll 2014-09-01 11:35:40 0A9EB3956BCB7E5CDE15AF987BD81543 488960 ----a-w- C:\WINDOWS\SysWOW64\qedit.dll 2014-09-01 11:35:37 55ADDA5B29D1151727470FA165460773 1312256 ----a-w- C:\WINDOWS\SysWOW64\msxml3.dll 2014-09-01 11:35:34 65FCEABE3128592F84B60140F814BDDB 1509888 ----a-w- C:\WINDOWS\SysWOW64\DWrite.dll 2014-09-01 11:31:46 8A9CB0FE11800DBBDBA8FE4F54828892 779264 ----a-w- C:\WINDOWS\SysWOW64\osk.exe 2014-09-01 11:31:25 DC72DC452793C9622E6F056B89F9302C 123904 ----a-w- C:\WINDOWS\SysWOW64\wuwebv.dll 2014-09-01 11:31:25 D8C63F333D4A8D8433849A9ADC092BE9 31232 ----a-w- C:\WINDOWS\SysWOW64\wuapp.exe 2014-09-01 11:31:25 8DA8026471B3470085B4AFB9C77BF45F 25088 ----a-w- C:\WINDOWS\SysWOW64\wups.dll 2014-09-01 11:31:25 0542A44401EA9451D82D3DF4BF3BD871 419928 ----a-w- C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2014-09-01 11:31:02 DBC4D46A7DDC14D1D1ED4B613F9E41A4 1064448 ----a-w- C:\WINDOWS\SysWOW64\gdi32.dll 2014-09-01 11:30:47 DB3ED0BA26D7C598481A23E7D06A370E 2344448 ----a-w- C:\WINDOWS\SysWOW64\Wpc.dll 2014-09-01 11:30:05 EC4FA776548BF1A05DAE3B5EFB0FFE6F 1209616 ----a-w- C:\WINDOWS\SysWOW64\winmde.dll 2014-09-01 11:30:05 E2AAB5EDC278D489C8EF87F277B5E3E6 888320 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll 2014-09-01 11:30:05 C97E772120135CD320CB217C92105B12 370176 ----a-w- C:\WINDOWS\SysWOW64\winspool.drv 2014-09-01 11:30:05 90C83CF02C884315E595FA07CA9C64EF 387896 ----a-w- C:\WINDOWS\SysWOW64\mfsvr.dll 2014-09-01 11:30:05 8C25FBB338147754DA42DF990FB3AE4A 285144 ----a-w- C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2014-09-01 11:30:05 88A821BC72CB1A935C92F453586233EF 518544 ----a-w- C:\WINDOWS\SysWOW64\mf.dll 2014-09-01 11:30:05 87AB9959EC23455326C8C55E59DE0A88 669856 ----a-w- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2014-09-01 11:30:05 76892045ECB1D830185618DBD3467562 337408 ----a-w- C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2014-09-01 11:30:05 68A23F58F6F16B81BCBFCAA07CDF0680 61440 ----a-w- C:\WINDOWS\SysWOW64\srclient.dll 2014-09-01 11:30:05 5FAEA469BCE03F8FABAFB63D7603DC3C 982016 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2014-09-01 11:30:05 561945C42E36012B4799C342E6A96498 800768 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-09-01 11:30:03 FF28231D41465C253E9F9EF164DD619C 230400 ----a-w- C:\WINDOWS\SysWOW64\wlanapi.dll 2014-09-01 11:30:03 E697F1E4E819EB12C40AE01F88626BAB 219136 ----a-w- C:\WINDOWS\SysWOW64\resutils.dll 2014-09-01 11:30:03 E678126493997B951C6A6E91BC15C91C 836608 ----a-w- C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-09-01 11:30:03 B6803C8A600E3F029A3D688D9E590CA3 300544 ----a-w- C:\WINDOWS\SysWOW64\wlanmsm.dll 2014-09-01 11:30:03 A9A027378882FFA14000612AE6FDA7AB 1200288 ----a-w- C:\WINDOWS\SysWOW64\propsys.dll 2014-09-01 11:30:03 A624CA7CDFA7941EECD6F96F1A47CCA3 178184 ----a-w- C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2014-09-01 11:30:03 A5358F64D4EB5ABE2829981CD9734901 18755672 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2014-09-01 11:30:03 6BAE2EB5EFCEAC999BB1A5BF267C711D 707048 ----a-w- C:\WINDOWS\SysWOW64\mfplat.dll 2014-09-01 11:30:03 67F3D0E0D8F009FF665A0E452C6F13E8 629760 ----a-w- C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-09-01 11:30:03 619C6E72B8433B3F67738F7E6C972A96 230808 ----a-w- C:\WINDOWS\SysWOW64\wintrust.dll 2014-09-01 11:30:03 5C74AC34C1CAA9C232836C580272B0DD 1029120 ----a-w- C:\WINDOWS\SysWOW64\mispace.dll 2014-09-01 11:30:03 4874EB05C1BE374B8A4AC15DF3DB07B0 111528 ----a-w- C:\WINDOWS\SysWOW64\gpapi.dll 2014-09-01 11:30:03 4550DC04464B86C5EB2CC77D9D27C06C 5833216 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-09-01 11:30:03 3CABBCB26C4E73F3440A8A064EB490FF 11264 ----a-w- C:\WINDOWS\SysWOW64\wlanhlp.dll 2014-09-01 11:30:03 2169BB3BA0596881EE717A93EC60037D 35328 ----a-w- C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2014-09-01 11:30:03 15905E6B799C1446A37915ED23CD17E5 144384 ----a-w- C:\WINDOWS\SysWOW64\rpchttp.dll 2014-09-01 11:30:03 0FDDBC46B0FE68B9516BED5CDC2A5296 5104640 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2014-09-01 11:30:03 06AB75759A0B2D79680F52ACDAE702A1 313344 ----a-w- C:\WINDOWS\SysWOW64\clusapi.dll 2014-09-01 11:30:02 D0E0E176F86C3B1048A67144DE0C5CD3 46592 ----a-w- C:\WINDOWS\SysWOW64\tlscsp.dll 2014-09-01 11:30:02 CF3EA59E07BF906B43058C98B6750D16 855552 ----a-w- C:\WINDOWS\SysWOW64\rdvidcrl.dll 2014-09-01 11:30:02 A54EB398BC2D792A0C603A97F7975FD8 357376 ----a-w- C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll 2014-09-01 11:30:02 A4F3682781DD8B36E97FD04BA50845A2 209920 ----a-w- C:\WINDOWS\SysWOW64\rdpencom.dll 2014-09-01 11:30:02 A3ECC0F6960AA699895CB48BC69BEA3B 326024 ----a-w- C:\WINDOWS\SysWOW64\AudioSes.dll 2014-09-01 11:30:02 956D8170AD470804405C0564E10ED6ED 406504 ----a-w- C:\WINDOWS\SysWOW64\AudioEng.dll 2014-09-01 11:30:02 3DA5CD1E3B9BDAF79731CB6CB1029CB3 53248 ----a-w- C:\WINDOWS\SysWOW64\tsgqec.dll 2014-09-01 11:30:02 1E48870B29C7D7328A7D484A61250AE5 5774848 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll 2014-09-01 11:30:02 13CE2AA6D3ACAF0B485DBFE8AF2F5C48 305768 ----a-w- C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2014-09-01 11:30:02 008368626F3EFAEDB0C2CD4565BA6797 98584 ----a-w- C:\WINDOWS\SysWOW64\dwmapi.dll 2014-09-01 11:26:44 2083BD93AE43F9494318B422FF8943D1 102608 ----a-w- C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-09-01 11:26:43 262AD0EF90F757FB715B3EDD6A8E469C 778936 ----a-w- C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2014-09-01 10:47:08 D823A6ED12810DC4FBA9184B5922E5AD 60416 ----a-w- C:\WINDOWS\SysWOW64\OpenCL.DLL ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-09-04 15:29:28 BCCFB97B1B68DD18F2BDACFE37409386 716800 ----a-w- C:\WINDOWS\Sysnative\SkyDriveTelemetry.dll 2014-09-04 15:29:28 11FD8DDAB6014EECCE88F1F581604C30 1120256 ----a-w- C:\WINDOWS\Sysnative\SkyDrive.exe 2014-09-04 15:29:28 04142EC4BDD7F502922914F65A5EE1D1 4756992 ----a-w- C:\WINDOWS\Sysnative\SyncEngine.dll 2014-09-04 15:29:12 C1E44A99F7CF8C3A08CD5ADDF451636C 2125344 ----a-w- C:\WINDOWS\Sysnative\d3d9.dll 2014-09-04 15:29:11 0CD0356C5BBCFDC1B7BCEEDE74AB348B 2140888 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll 2014-09-04 15:29:10 EA432A85ABF371E14FB364D5F4405897 403968 ----a-w- C:\WINDOWS\Sysnative\vpnike.dll 2014-09-04 15:29:10 B6E947CE54A5AAD55484E0D3BC2D5948 1025536 ----a-w- C:\WINDOWS\Sysnative\localspl.dll 2014-09-04 15:29:09 D71845D255EA3FDC96A2DED98EE4C7D9 2844160 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2014-09-04 15:29:09 CED9FA1ECCF3E6B7028940FE22C69B40 1726224 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2014-09-04 15:29:09 98D0985521BF8F7086EA9C860898A1EE 721408 ----a-w- C:\WINDOWS\Sysnative\fveapi.dll 2014-09-04 15:29:09 05DE04005CE0D84D0E6AD21CAEB369C6 353280 ----a-w- C:\WINDOWS\Sysnative\dhcpcore.dll 2014-09-04 15:29:08 6B374D279DC423FE69DB8DD1401E84FC 301056 ----a-w- C:\WINDOWS\Sysnative\framedynos.dll 2014-09-04 15:29:08 61FE99A86352AD6E27FA480CDC8B225A 285696 ----a-w- C:\WINDOWS\Sysnative\SkyDriveShell.dll 2014-09-04 15:29:07 10AC9494ECE22A2362E4E4D98C528D01 271872 ----a-w- C:\WINDOWS\Sysnative\dhcpcore6.dll 2014-09-04 15:29:06 E07C80468D0C599BFF01D9D4EC7AEDC3 339456 ----a-w- C:\WINDOWS\Sysnative\bdesvc.dll 2014-09-04 15:29:06 20FB137ADDE1255F15F265A7BD9579BE 827392 ----a-w- C:\WINDOWS\Sysnative\BFE.DLL 2014-09-04 15:29:05 FBB1841434072FFA76E4AD287448E34A 262656 ----a-w- C:\WINDOWS\Sysnative\framedyn.dll 2014-09-04 15:29:05 1824052F17B12B5D7B21445B869EE9F2 71168 ----a-w- C:\WINDOWS\Sysnative\ncobjapi.dll 2014-09-04 15:29:04 6CDCCD5323EEB8EBD66E02CB8C9C703F 118272 ----a-w- C:\WINDOWS\Sysnative\winbici.dll 2014-09-04 15:29:03 D261A12A43D33122CB90E70D3BC1CC68 226816 ----a-w- C:\WINDOWS\Sysnative\WebClnt.dll 2014-09-04 15:29:03 7E1EBDB3424337ABB553F249A7811D94 87552 ----a-w- C:\WINDOWS\Sysnative\dhcpcsvc.dll 2014-09-04 15:29:03 2616E8E9C8B66A67CFB6197E9517A2F2 123392 ----a-w- C:\WINDOWS\Sysnative\Robocopy.exe 2014-09-04 15:29:02 DEA76F90F9777E3427D70E380222B23B 1063424 ----a-w- C:\WINDOWS\Sysnative\IKEEXT.DLL 2014-09-04 15:29:02 D3883FBCA97D10C8A39632D6CDDC6E85 65024 ----a-w- C:\WINDOWS\Sysnative\dhcpcsvc6.dll 2014-09-04 15:29:02 CFD6DBED27511D7A5FBE33AFA7E6B669 76800 ----a-w- C:\WINDOWS\Sysnative\BulkOperationHost.exe 2014-09-04 15:29:01 71BAEAFD05B3040173F5BBEA2CFE9607 997888 ----a-w- C:\WINDOWS\Sysnative\reseteng.dll 2014-09-04 15:29:00 B7CC32E00C5C5152D221DF182827F58E 50745 ----a-w- C:\WINDOWS\Sysnative\srms.dat 2014-09-04 15:28:13 C27B20D9AA9BE41CCBFD512AABB0E6C3 697856 ----a-w- C:\WINDOWS\Sysnative\aepdu.dll 2014-09-04 15:28:13 BB7F878413AD3C2E7E89C96193D405DF 57856 ----a-w- C:\WINDOWS\Sysnative\drvcfg.exe 2014-09-04 15:28:13 8E472AA2E916417B55BC1E6727957453 110592 ----a-w- C:\WINDOWS\Sysnative\drvinst.exe 2014-09-04 15:28:13 591B2C8C5C6B944AF538F182B7AF00A6 385536 ----a-w- C:\WINDOWS\Sysnative\devinv.dll 2014-09-04 15:28:13 2D347489E43FAD4E51FDB51BEEBF13F4 527360 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2014-09-01 12:52:46 CB136B267569A62EF63D798BC90ABD5A 144 ----a-w- C:\WINDOWS\Sysnative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2014-09-01 11:57:55 3BC10FA856911EAE5FE7CD700FE137B5 451 ----a-w- C:\WINDOWS\Sysnative\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2014-09-01 11:42:04 326715361A7D1C65983BFE920990E4EF 308224 ----a-w- C:\WINDOWS\Sysnative\wusa.exe 2014-09-01 11:42:00 1BB9CC78C91536CBA7B04B61ED0F85C4 1273184 ----a-w- C:\WINDOWS\Sysnative\rpcrt4.dll 2014-09-01 11:41:55 59EAFAE3A34B4925990A2E679CA91C5B 517528 ----a-w- C:\WINDOWS\Sysnative\dxgi.dll 2014-09-01 11:41:55 454978FB3D24DE5C4199162D5F81FBEE 2133504 ----a-w- C:\WINDOWS\Sysnative\dwmcore.dll 2014-09-01 11:41:12 52E94AE3C9FF1E18A1EA125C4FFB0EEC 2834944 ----a-w- C:\WINDOWS\Sysnative\wpccpl.dll 2014-09-01 11:40:52 68F887EF33C09CDA957A51ECE871D642 2642944 ----a-w- C:\WINDOWS\Sysnative\authui.dll 2014-09-01 11:40:52 28E0C3AAA68579ABD9A27B92DFD5F119 2790912 ----a-w- C:\WINDOWS\Sysnative\msi.dll 2014-09-01 11:40:52 10D8859CF01C1284603582ABD9B0482C 114520 ----a-w- C:\WINDOWS\Sysnative\consent.exe 2014-09-01 11:40:52 08914C8989AB93F5EC3A452D014E2C8D 356352 ----a-w- C:\WINDOWS\Sysnative\msihnd.dll 2014-09-01 11:40:46 F381B380B7B2704EA4C0F8D8C49C1C50 623616 ----a-w- C:\WINDOWS\Sysnative\MDMAgent.exe 2014-09-01 11:40:04 6DBE73C09215E281F4283641144110A5 35480 ----a-w- C:\WINDOWS\Sysnative\TsWpfWrp.exe 2014-09-01 11:39:16 FE7656474448BE6A6C68E5C9BEB7CA94 254464 ----a-w- C:\WINDOWS\Sysnative\dnsrslvr.dll 2014-09-01 11:39:16 F7529BD3FFAC9C33D15F6DE3B7353B03 1306624 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2014-09-01 11:39:16 F3523E611AB0B0977B048263A12DCF2A 1291200 ----a-w- C:\WINDOWS\Sysnative\kernel32.dll 2014-09-01 11:39:16 DD5DF99540AB97806DF63B1494C809A8 488280 ----a-w- C:\WINDOWS\Sysnative\netcfgx.dll 2014-09-01 11:39:16 D5C3776CBD8BC307DCCA3FD4CE667A37 324096 ----a-w- C:\WINDOWS\Sysnative\SessEnv.dll 2014-09-01 11:39:16 CC6F6A993FE36A55AF8207B9393407D6 325632 ----a-w- C:\WINDOWS\Sysnative\LocationApi.dll 2014-09-01 11:39:16 C8D6344BDE2691A196E61C0D3372EAB7 2479616 ----a-w- C:\WINDOWS\Sysnative\WsmSvc.dll 2014-09-01 11:39:16 C76D1DA491995D7108A817714A702133 244224 ----a-w- C:\WINDOWS\Sysnative\WSDScDrv.dll 2014-09-01 11:39:16 C253B8484DCABB3EBE6D60E67CADB373 356848 ----a-w- C:\WINDOWS\Sysnative\dcomp.dll 2014-09-01 11:39:16 C1D7A9932D7F468534F1913FB1F65572 40448 ----a-w- C:\WINDOWS\Sysnative\SetNetworkLocation.dll 2014-09-01 11:39:16 BC6849C62DB407573C6AD8CB1A4D2628 115200 ----a-w- C:\WINDOWS\Sysnative\umpnpmgr.dll 2014-09-01 11:39:16 B7E51F949ED8C3A75C1D3121AF9A4B6C 655360 ----a-w- C:\WINDOWS\Sysnative\dnsapi.dll 2014-09-01 11:39:16 B2A890D96C05E33FDD2BF3F3D4D0DF92 220160 ----a-w- C:\WINDOWS\Sysnative\profsvc.dll 2014-09-01 11:39:16 B29B13914A2692EA6A6E9E1D6FFB9760 298496 ----a-w- C:\WINDOWS\Sysnative\WSDMon.dll 2014-09-01 11:39:16 B0630FEE31D7A9B73E49A2F31CF61C1C 1112536 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2014-09-01 11:39:16 A40262C252A65BAD0186D9DDBB3083DA 1015808 ----a-w- C:\WINDOWS\Sysnative\aclui.dll 2014-09-01 11:39:16 A2BF5D466853422C143571064C7DD94F 252928 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentClient.dll 2014-09-01 11:39:16 A1C6BA515120C44E8D5A1EA3E927C7C2 291840 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Sensors.dll 2014-09-01 11:39:16 9F83D40B242C7CD2868DBF7550F3FF4C 86016 ----a-w- C:\WINDOWS\Sysnative\RMapi.dll 2014-09-01 11:39:16 9F0759C6D691E7030BF33105EDA2C690 30208 ----a-w- C:\WINDOWS\Sysnative\CredentialMigrationHandler.dll 2014-09-01 11:39:16 94CD5DE7D2989AA64594F1925339C97E 542208 ----a-w- C:\WINDOWS\Sysnative\Windows.Graphics.Printing.dll 2014-09-01 11:39:16 8E5C2B32EE4166A3084B133183A00F2A 2141912 ----a-w- C:\WINDOWS\Sysnative\d3d11.dll 2014-09-01 11:39:16 8DAE6957A4F0EC461575F68239E0A13E 69120 ----a-w- C:\WINDOWS\Sysnative\l2gpstore.dll 2014-09-01 11:39:16 8183820F2D9648A619AA3200EFC62D0B 299008 ----a-w- C:\WINDOWS\Sysnative\pdh.dll 2014-09-01 11:39:16 7CDB6060224CFAD4D5AC49FFC5414F41 939520 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2014-09-01 11:39:16 7C75BF2879AEAD311DAE25CB5F1A2C83 669696 ----a-w- C:\WINDOWS\Sysnative\rasapi32.dll 2014-09-01 11:39:16 7A61F17976F7C5077D9862E4EC25BB3E 360512 ----a-w- C:\WINDOWS\Sysnative\mfreadwrite.dll 2014-09-01 11:39:16 71133C77DD8089DA3F74813F90361F81 83968 ----a-w- C:\WINDOWS\Sysnative\sxproxy.dll 2014-09-01 11:39:16 6DEA7E51085C4CEC311DBD5A1AF8C759 717312 ----a-w- C:\WINDOWS\Sysnative\nshwfp.dll 2014-09-01 11:39:16 65A3992EC59D8D33D7622E3AF4C50DBF 247296 ----a-w- C:\WINDOWS\Sysnative\SensorsApi.dll 2014-09-01 11:39:16 5F58A221937B5D58E33F4B21AEF92210 192000 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Scanners.dll 2014-09-01 11:39:16 5BCABCE516486337E39DDD005BCBB1CA 1656832 ----a-w- C:\WINDOWS\Sysnative\GdiPlus.dll 2014-09-01 11:39:16 5AEFB4F09549545FA3BBD58A6FFF4962 924160 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2014-09-01 11:39:16 5ABA673EF6433BE68AAE77AE5C5FAFAA 412672 ----a-w- C:\WINDOWS\Sysnative\FWPUCLNT.DLL 2014-09-01 11:39:16 4DD9C026AAB3C12A5BF7FF9A0C038422 186368 ----a-w- C:\WINDOWS\Sysnative\dafWfdProvider.dll 2014-09-01 11:39:16 48F25CC79C6CCFD4B776C8FDA9ED7271 160768 ----a-w- C:\WINDOWS\Sysnative\AppxAllUserStore.dll 2014-09-01 11:39:16 3ED1FD93AA4C381A374C3835CF7A5C92 201216 ----a-w- C:\WINDOWS\Sysnative\ReInfo.dll 2014-09-01 11:39:16 398990EFC34218C3B6C4E6384502083B 2900992 ----a-w- C:\WINDOWS\Sysnative\msftedit.dll 2014-09-01 11:39:16 332E5E35DE9E8175A9550501E57E0612 1542768 ----a-w- C:\WINDOWS\Sysnative\ole32.dll 2014-09-01 11:39:16 2DE56913AE88DF760F279264023908BC 1843712 ----a-w- C:\WINDOWS\Sysnative\Display.dll 2014-09-01 11:39:16 2C727D11CDF4F8B2477FC2B1B305ECB9 512000 ----a-w- C:\WINDOWS\Sysnative\wlidprov.dll 2014-09-01 11:39:16 1DCD97010190EF9377E77AB0A846C720 115200 ----a-w- C:\WINDOWS\Sysnative\DevPropMgr.dll 2014-09-01 11:39:16 1B2CAD40A6FD2E9DC336F3A338293B29 2331000 ----a-w- C:\WINDOWS\Sysnative\msxml6.dll 2014-09-01 11:39:16 19F84D6153C06FE71203517BDAC9EA9F 102912 ----a-w- C:\WINDOWS\Sysnative\davclnt.dll 2014-09-01 11:39:16 18297BC1CE8A0C0BF9A703A3C45DACC1 462336 ----a-w- C:\WINDOWS\Sysnative\wlangpui.dll 2014-09-01 11:39:16 16E9AD0F7A34C4F071E40CDD76E7C86D 113648 ----a-w- C:\WINDOWS\Sysnative\userenv.dll 2014-09-01 11:39:16 14BEA911F78B44E47CBD18210E541A43 212992 ----a-w- C:\WINDOWS\Sysnative\cdd.dll 2014-09-01 11:39:16 12B0701B1CEC1A7BB0E4C71D97661E23 387210 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml 2014-09-01 11:39:16 06E5962471CFC5890F6B7AB2BF527250 950784 ----a-w- C:\WINDOWS\Sysnative\ReAgent.dll 2014-09-01 11:39:16 0633C74EFAAEF72FCC33B86CB86B2ED5 79360 ----a-w- C:\WINDOWS\Sysnative\w32tm.exe 2014-09-01 11:39:16 06304D50B5228BF1EB6E829A72A629DB 271872 ----a-w- C:\WINDOWS\Sysnative\spp.dll 2014-09-01 11:39:16 04D6FAB6BE09C83DF591D58E1FBADA59 274944 ----a-w- C:\WINDOWS\Sysnative\WsmWmiPl.dll 2014-09-01 11:38:01 B312E157D20E727F30EAB3A250441B6F 284672 ----a-w- C:\WINDOWS\Sysnative\WUDFHost.exe 2014-09-01 11:38:01 9CDC2059A23E3C9B57696178508777E7 99840 ----a-w- C:\WINDOWS\Sysnative\WUDFSvc.dll 2014-09-01 11:38:01 50A49F3F16EF82E30BFB11E6B6A8F4A6 16871936 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2014-09-01 11:38:01 42D257559F97B30A94A027EB4555C62F 323584 ----a-w- C:\WINDOWS\Sysnative\DaOtpCredentialProvider.dll 2014-09-01 11:38:01 313117AE2B0986ED7D3AA6AE10603239 216368 ----a-w- C:\WINDOWS\Sysnative\rsaenh.dll 2014-09-01 11:38:01 1A54E3DF2CBB8DBE8A17C87BB07E3A7E 209408 ----a-w- C:\WINDOWS\Sysnative\WUDFPlatform.dll 2014-09-01 11:38:01 08DCA300264238F9AE941302321F3D54 423768 ----a-w- C:\WINDOWS\Sysnative\hal.dll 2014-09-01 11:37:43 C3028569F244470F3D54026884E16E06 1417216 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2014-09-01 11:37:43 423D68307E57654A000AA484B009DD16 735232 ----a-w- C:\WINDOWS\Sysnative\adtschema.dll 2014-09-01 11:37:43 3B78D6DC57654CDD96E073724A2228AE 436224 ----a-w- C:\WINDOWS\Sysnative\certcli.dll 2014-09-01 11:37:30 D178F55D53B9A10FFBDC134C95517846 28320 ----a-w- C:\WINDOWS\Sysnative\mrt100.dll 2014-09-01 11:37:30 A750229C96A406EE123F43916053F142 86688 ----a-w- C:\WINDOWS\Sysnative\mrt_map.dll 2014-09-01 11:37:26 00AD15C6BA3C337CB68A476C0AD05338 918528 ----a-w- C:\WINDOWS\Sysnative\MrmCoreR.dll 2014-09-01 11:37:02 FE7D99399F7761AA2695A7B1AD30DAAF 1431040 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2014-09-01 11:37:02 F00D0AE7648CA45C6434E2885485BE0B 452096 ----a-w- C:\WINDOWS\Sysnative\dxtmsft.dll 2014-09-01 11:37:02 ECA387DCD57F683C52171C766CF400F0 23645696 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2014-09-01 11:37:02 DB382D89D8004F40BD2C55BAE6A15B30 2774528 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2014-09-01 11:37:02 C02C78DE9BB4E68F6C78B1588ADD6ADC 83968 ----a-w- C:\WINDOWS\Sysnative\MshtmlDac.dll 2014-09-01 11:37:02 BAC44396088ECC1C9021ED3E3345337C 846336 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2014-09-01 11:37:02 920F690FC7424DE71888AA2E46E917EA 758272 ----a-w- C:\WINDOWS\Sysnative\jscript9diag.dll 2014-09-01 11:37:02 8E71A5CB5312B8392D4DA4CA37BB5868 2266624 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2014-09-01 11:37:02 6ED6DA2A04F8F0C9BDAD647284BAEFB6 548352 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2014-09-01 11:37:02 52D2151908C2A6388B6561A373488F6F 692736 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2014-09-01 11:37:02 472C409F9B0FF67C1015F511C73E1889 5824512 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2014-09-01 11:37:02 39A85C005BCDEEF4092646EBBC2526AA 2087936 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2014-09-01 11:37:02 38D14F3D0A289050CA9BF8E98F37313F 333312 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2014-09-01 11:37:02 2639E152D246F2A651F09764807CA153 85504 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll 2014-09-01 11:37:02 1FD1F16C35946BA28FDEB40F18B7729D 631808 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2014-09-01 11:37:02 1DE8B71A1C7D8943034188556AF50B07 292864 ----a-w- C:\WINDOWS\Sysnative\dxtrans.dll 2014-09-01 11:37:02 1B26610C1659EF54ED000233FB96F20C 13547008 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2014-09-01 11:37:02 19FA60D3AE1804A559306DE931A5B415 72704 ----a-w- C:\WINDOWS\Sysnative\JavaScriptCollectionAgent.dll 2014-09-01 11:36:29 E66AC3CA92FC471BFE69F61549193A64 3463680 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2014-09-01 11:36:29 CCC6D7250D01DA7E5499B0722CF6CAE3 1054208 ----a-w- C:\WINDOWS\Sysnative\twinui.appcore.dll 2014-09-01 11:36:29 C5FA4562E9ACB7323B3FB333E6C021CF 13287936 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2014-09-01 11:36:29 C2F515FC027867E5EAF12AC9815B3ABD 923136 ----a-w- C:\WINDOWS\Sysnative\WSShared.dll 2014-09-01 11:36:29 9FA466A42109F408AC6C2848E851C38A 555736 ----a-w- C:\WINDOWS\Sysnative\twinapi.appcore.dll 2014-09-01 11:36:29 53BEF9A65EA686018B9EDF9665F5EBDE 827392 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll 2014-09-01 11:36:29 4A12C727502A07C4B89B663B942DF289 54776 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2014-09-01 11:36:29 2C28079658CCA1E8C3810E185CCC2234 93696 ----a-w- C:\WINDOWS\Sysnative\wudriver.dll 2014-09-01 11:36:14 3D748E5558FD9A9F03182CB2330698DC 1018880 ----a-w- C:\WINDOWS\Sysnative\termsrv.dll 2014-09-01 11:35:40 78FC2B2BA0E5E1C9249E3157D4EE9BC7 586240 ----a-w- C:\WINDOWS\Sysnative\qedit.dll 2014-09-01 11:35:37 201FE8AAD76FB1E7FB5A3B1337435DC1 2151424 ----a-w- C:\WINDOWS\Sysnative\msxml3.dll 2014-09-01 11:35:34 CC8E86B9C18BCA38D3C467CFD661A466 1975296 ----a-w- C:\WINDOWS\Sysnative\DWrite.dll 2014-09-01 11:35:34 3FA6DC6B29717E32E211C1FD821F2C75 1345536 ----a-w- C:\WINDOWS\Sysnative\FntCache.dll 2014-09-01 11:31:46 15750011454B89F4950D7E7E4A947EC1 834048 ----a-w- C:\WINDOWS\Sysnative\osk.exe 2014-09-01 11:31:35 CCDFFC83004AF62D0153CF45289028AF 3360256 ----a-w- C:\WINDOWS\Sysnative\rdpcorets.dll 2014-09-01 11:31:25 FD3638782572A8281BCF12520F6579F4 79872 ----a-w- C:\WINDOWS\Sysnative\WSReset.exe 2014-09-01 11:31:25 E9F333234A5641E2FEF2F5240BDD56B8 35328 ----a-w- C:\WINDOWS\Sysnative\wuapp.exe 2014-09-01 11:31:25 850FC6B2E385766B9972CDBE947989F6 381440 ----a-w- C:\WINDOWS\Sysnative\WUSettingsProvider.dll 2014-09-01 11:31:25 736046C9AFD66BA29BA61ACD582E7A7B 137728 ----a-w- C:\WINDOWS\Sysnative\wuwebv.dll 2014-09-01 11:31:25 68CB2B575F0C67BB14590D1471285287 201728 ----a-w- C:\WINDOWS\Sysnative\ubpm.dll 2014-09-01 11:31:25 4FB80968811FAD6E88ABFAA98E51305C 1705472 ----a-w- C:\WINDOWS\Sysnative\wucltux.dll 2014-09-01 11:31:25 3DF281C1553A6124DEF875C19D46AC0D 190976 ----a-w- C:\WINDOWS\Sysnative\storewuauth.dll 2014-09-01 11:31:25 1EC3AACDB335533A7470245C683ACF94 56320 ----a-w- C:\WINDOWS\Sysnative\wups.dll 2014-09-01 11:31:02 87CEF71F9D5951C9379D2F956C07C37D 1336624 ----a-w- C:\WINDOWS\Sysnative\gdi32.dll 2014-09-01 11:31:02 568D6F1C730EC3A9B381F01020D600DC 4148224 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2014-09-01 11:30:47 E7DE316FEEFC79327CFAD8F527979CC0 3118080 ----a-w- C:\WINDOWS\Sysnative\Wpc.dll 2014-09-01 11:30:47 E2F4125BFAC99244088324A1841C0B83 3048880 ----a-w- C:\WINDOWS\Sysnative\WpcMon.exe 2014-09-01 11:30:47 6BC31FB4E24A962C98801D3687A984C0 2861056 ----a-w- C:\WINDOWS\Sysnative\WpcWebSync.dll 2014-09-01 11:30:05 F587513213947A4C7EF47B660DAAFBC5 271872 ----a-w- C:\WINDOWS\Sysnative\rstrui.exe 2014-09-01 11:30:05 EAE6ED6C5076CF765EB731B92A237149 955904 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2014-09-01 11:30:05 AE2B9504C975B529D92D9E6603F6D33F 609448 ----a-w- C:\WINDOWS\Sysnative\mf.dll 2014-09-01 11:30:05 A1CD5194ACC156A852136B303F087260 491744 ----a-w- C:\WINDOWS\Sysnative\mfsvr.dll 2014-09-01 11:30:05 9ED0E72966FB08F7E6DB15E5519AF8D1 1379064 ----a-w- C:\WINDOWS\Sysnative\wmpmde.dll 2014-09-01 11:30:05 98A184F6EC43B178901FCD5D4E2EC43B 1222656 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Streaming.dll 2014-09-01 11:30:05 9465F8E72887AC6CCDD97F738A5AB6B6 70656 ----a-w- C:\WINDOWS\Sysnative\srclient.dll 2014-09-01 11:30:05 87CF824E47489DD972FB4FB9FC4EDD0A 324888 ----a-w- C:\WINDOWS\Sysnative\MFCaptureEngine.dll 2014-09-01 11:30:05 7FB9EC74ADFB2353B7782C3EF833F5B7 765408 ----a-w- C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll 2014-09-01 11:30:05 6873D09262D32B95D6AC3026FCF8B424 1230336 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll 2014-09-01 11:30:05 414B81DE6CE46022ED43051C09EDB00B 467968 ----a-w- C:\WINDOWS\Sysnative\srcore.dll 2014-09-01 11:30:05 411DBFCD6ABAB75B6F7950677AEEFB7D 1403856 ----a-w- C:\WINDOWS\Sysnative\winmde.dll 2014-09-01 11:30:05 0BDD786156C820F49EEF5D348B4ACFF4 335872 ----a-w- C:\WINDOWS\Sysnative\MDEServer.exe 2014-09-01 11:30:05 072A99F351C505A45C9FDA32E7324602 28408 ----a-w- C:\WINDOWS\Sysnative\mfpmp.exe 2014-09-01 11:30:03 99277BE68298288A0E27CF9E50FAD091 881616 ----a-w- C:\WINDOWS\Sysnative\mfplat.dll 2014-09-01 11:30:03 69A374DE46C7BAAE30BFB1E40D69C5C6 761856 ----a-w- C:\WINDOWS\Sysnative\WorkfoldersControl.dll 2014-09-01 11:30:03 5EE916C3272A19B459717A8D2397B07A 55296 ----a-w- C:\WINDOWS\Sysnative\energyprov.dll 2014-09-01 11:30:03 5071E71CC05346D88C5A08EB8B5A05E3 1584128 ----a-w- C:\WINDOWS\Sysnative\workfolderssvc.dll 2014-09-01 11:30:03 315502228EB37F36E86EF75CB1DA1D44 201920 ----a-w- C:\WINDOWS\Sysnative\MSVideoDSP.dll 2014-09-01 11:30:03 22B8B1F946ACFCB03832793A25216D8C 186880 ----a-w- C:\WINDOWS\Sysnative\WorkFoldersShell.dll 2014-09-01 11:30:03 1517EE52367CABAA5615AC736DC96C7D 125496 ----a-w- C:\WINDOWS\Sysnative\dwmapi.dll 2014-09-01 11:30:02 F4E351BB95D473CB55BB7C1A1FEB2798 467496 ----a-w- C:\WINDOWS\Sysnative\AudioSes.dll 2014-09-01 11:30:02 F4C09C622BC55A80F775DF7D8AB9984F 6645248 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll 2014-09-01 11:30:02 F2895547FC275642A29692DC344A847F 296960 ----a-w- C:\WINDOWS\Sysnative\wlanapi.dll 2014-09-01 11:30:02 EF252510DB6C3511E30418BD2AC95A2D 1527296 ----a-w- C:\WINDOWS\Sysnative\wlansvc.dll 2014-09-01 11:30:02 EEC46BC17F28C528AB7FAC20AFDF69E3 462336 ----a-w- C:\WINDOWS\Sysnative\XpsGdiConverter.dll 2014-09-01 11:30:02 ED7C0A11E655CD8B89BE499F99D56098 486912 ----a-w- C:\WINDOWS\Sysnative\winspool.drv 2014-09-01 11:30:02 E86E7792A2A0854D5560371BBDDA760B 1057280 ----a-w- C:\WINDOWS\Sysnative\rdvidcrl.dll 2014-09-01 11:30:02 E369C59F2C0852DDD090C07E0DDE0051 1436160 ----a-w- C:\WINDOWS\Sysnative\VSSVC.exe 2014-09-01 11:30:02 D872C6095AACC13AD897DB5E4D2B5D91 805376 ----a-w- C:\WINDOWS\Sysnative\win32spl.dll 2014-09-01 11:30:02 CFB353B4E33AFE922C3A62DBC9C9B0A8 7425368 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2014-09-01 11:30:02 CB79B5D367376E7B49E2D95BFFB0BEEB 364640 ----a-w- C:\WINDOWS\Sysnative\AUDIOKSE.dll 2014-09-01 11:30:02 BF6FBC9D97A24FABB0AE8B878279CF0B 244880 ----a-w- C:\WINDOWS\Sysnative\audiodg.exe 2014-09-01 11:30:02 BAF51BE2DEB387BD99CAC4E3B7850FEC 250368 ----a-w- C:\WINDOWS\Sysnative\rdpencom.dll 2014-09-01 11:30:02 B6BD22DDEDDD8665080D664749ACFEF5 64512 ----a-w- C:\WINDOWS\Sysnative\tsgqec.dll 2014-09-01 11:30:02 B24960B79BDE7D5ED1EA638027F9E8F0 143872 ----a-w- C:\WINDOWS\Sysnative\BootMenuUX.dll 2014-09-01 11:30:02 AF3FF97AC2A73E70F8A8D11FB694175B 449536 ----a-w- C:\WINDOWS\Sysnative\defragsvc.dll 2014-09-01 11:30:02 AEDD44FDB8B521D443A07146F5CA3A53 7173120 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll 2014-09-01 11:30:02 AE7D8835A29FADB39C0D095BA32A9462 21268952 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2014-09-01 11:30:02 977D67467950D8048E94651EE6081B99 370176 ----a-w- C:\WINDOWS\Sysnative\wlanmsm.dll 2014-09-01 11:30:02 9654DE19551093CD73874281E1573C94 135168 ----a-w- C:\WINDOWS\Sysnative\wscsvc.dll 2014-09-01 11:30:02 95471DDCB3B3FF70015FD9AA13404F44 281600 ----a-w- C:\WINDOWS\Sysnative\resutils.dll 2014-09-01 11:30:02 8E1866A4E96F1159B6625627860A0454 2100736 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsAdminFlowUI.dll 2014-09-01 11:30:02 88BCAEABEB2A46DB7B336B8432720AC8 443904 ----a-w- C:\WINDOWS\Sysnative\wlansec.dll 2014-09-01 11:30:02 88ACBA95BB55B8226D52117462B76CD4 307304 ----a-w- C:\WINDOWS\Sysnative\wintrust.dll 2014-09-01 11:30:02 886767FD022213F7885416134E9082E5 201216 ----a-w- C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll 2014-09-01 11:30:02 8596E6030C8DE66439DDF21C7F7B5006 40960 ----a-w- C:\WINDOWS\Sysnative\Windows.Shell.Search.UriHandler.dll 2014-09-01 11:30:02 850EBB87584484DC16F917E7B6F4A304 718336 ----a-w- C:\WINDOWS\Sysnative\swprv.dll 2014-09-01 11:30:02 82FE5F302FD7C7EF0E41465BB873EFC7 11264 ----a-w- C:\WINDOWS\Sysnative\wlanhlp.dll 2014-09-01 11:30:02 7E4A8D95B9DBC2CB588B91848A0AE731 2688000 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers.dll 2014-09-01 11:30:02 7B3255A0B833908E4A7ACEA6245D344E 426496 ----a-w- C:\WINDOWS\Sysnative\clusapi.dll 2014-09-01 11:30:02 7B12172CCE581F76C9335D7A47E0AD50 130144 ----a-w- C:\WINDOWS\Sysnative\gpapi.dll 2014-09-01 11:30:02 79B134ECE836B406B212E28C24011538 834048 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2014-09-01 11:30:02 78D26F162E015FF644785C8836B617CA 1287168 ----a-w- C:\WINDOWS\Sysnative\mispace.dll 2014-09-01 11:30:02 6B7B2211C293218706D491204FCE8695 1126912 ----a-w- C:\WINDOWS\Sysnative\SearchFolder.dll 2014-09-01 11:30:02 67176AA6EAF34FF2A962F14EB8F0478B 263424 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsAdminFlows.exe 2014-09-01 11:30:02 64B2A2630C964BF135A84A52FB2EEF9A 47616 ----a-w- C:\WINDOWS\Sysnative\tlscsp.dll 2014-09-01 11:30:02 626D19F1771E1AE72208AE9A8F3082F7 491520 ----a-w- C:\WINDOWS\Sysnative\GeofenceMonitorService.dll 2014-09-01 11:30:02 4684C8E852065C0A7937C395C165A24F 1466856 ----a-w- C:\WINDOWS\Sysnative\propsys.dll 2014-09-01 11:30:02 46378ECCB4A29AA81BF296641C2501EF 323072 ----a-w- C:\WINDOWS\Sysnative\srvsvc.dll 2014-09-01 11:30:02 383DA813409316D69603C1D849834D24 1308160 ----a-w- C:\WINDOWS\Sysnative\gpsvc.dll 2014-09-01 11:30:02 2A4177EE5446877BD24DD72504105603 191488 ----a-w- C:\WINDOWS\Sysnative\rpchttp.dll 2014-09-01 11:30:02 1697E09CDA4DD8741B8276F48A8514DE 32600 ----a-w- C:\WINDOWS\Sysnative\ploptin.dll 2014-09-01 11:30:02 151427E526E96471A45FF6CC2257FBA0 8652800 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Search.dll 2014-09-01 11:30:02 067CB90C277DB4A737D5DEABA3055972 407016 ----a-w- C:\WINDOWS\Sysnative\services.exe 2014-09-01 11:30:02 01851563CB6FB986A4C0221C15AB6ADC 463256 ----a-w- C:\WINDOWS\Sysnative\AudioEng.dll 2014-09-01 11:26:42 E35AD6DAECED1213658E0976A16D6266 1166520 ----a-w- C:\WINDOWS\Sysnative\PresentationNative_v0300.dll 2014-09-01 11:26:42 DF290FC4E1116D92F34D8B6410AE544E 124112 ----a-w- C:\WINDOWS\Sysnative\PresentationCFFRasterizerNative_v0300.dll 2014-09-01 11:12:59 2929F19051EF07B9AAD0071270D31A95 22980 ----a-w- C:\WINDOWS\Sysnative\emptyregdb.dat 2014-09-01 10:47:08 E446AA183E6344CF84A98730098D3D46 64000 ----a-w- C:\WINDOWS\Sysnative\OpenCL.DLL ====== C:\WINDOWS\Sysnative\drivers ===== 2014-09-04 15:29:29 5C42CEE3E2018E1DFC6E3E17240A432A 206848 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys 2014-09-04 15:29:08 7A1A3F213CDB3363D179D5014272025D 402432 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2014-09-04 15:29:06 674A4702E4E144E8710ED1A2EC6DD049 96768 ----a-w- C:\WINDOWS\Sysnative\drivers\agilevpn.sys 2014-09-04 15:29:04 65ED7B9CFEA893DF7748D5FF692690DE 38912 ----a-w- C:\WINDOWS\Sysnative\drivers\vwifimp.sys 2014-09-04 15:29:01 35BF5C5F5E3C9902C98978C7640574DA 71680 ----a-w- C:\WINDOWS\Sysnative\drivers\vwififlt.sys 2014-09-01 12:40:47 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf 2014-09-01 11:41:55 313DCE665B57000B18CB26C6B6A10DFE 1557848 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2014-09-01 11:41:23 D18EC2C83C2F773C9476A4FB0AA4C314 295424 ----a-w- C:\WINDOWS\Sysnative\drivers\ks.sys 2014-09-01 11:39:16 BFBE1C5F57FE7A885673A1962D5532B7 136024 ----a-w- C:\WINDOWS\Sysnative\drivers\wfplwfs.sys 2014-09-01 11:39:16 A03F362C5557E238CBFA914689C77248 134144 ----a-w- C:\WINDOWS\Sysnative\drivers\dfsc.sys 2014-09-01 11:39:16 7FC5667DF73D4B04AA457CC3A4180E09 157016 ----a-w- C:\WINDOWS\Sysnative\drivers\wof.sys 2014-09-01 11:39:16 41CF802064F72E55F50CA0A221FD36D4 49152 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpipreg.sys 2014-09-01 11:39:16 4030CB06B8D963A45CED9E60C9F2A11E 379224 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2014-09-01 11:39:16 3E28B99198B514DFEB152EACF913025E 283648 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys 2014-09-01 11:39:16 1D55DADC22D21883A2F80297F5A5AE48 140288 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxdav.sys 2014-09-01 11:39:16 1C80517BE6836A812F6A9B99B8321351 2013016 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2014-09-01 11:39:16 179A41249055D5F039F1B6703F3B6D2B 376152 ----a-w- C:\WINDOWS\Sysnative\drivers\clfs.sys 2014-09-01 11:39:15 FD9C9E9E3F0ED51502C7E8C066BE26B9 79360 ----a-w- C:\WINDOWS\Sysnative\drivers\IPMIDrv.sys 2014-09-01 11:39:15 ABB7341766902F5AAB45E15F34D19E15 111616 ----a-w- C:\WINDOWS\Sysnative\drivers\hidclass.sys 2014-09-01 11:39:15 8DB8EAB9D0C6A5DF0BDCADEA239220B4 33280 ----a-w- C:\WINDOWS\Sysnative\drivers\hidusb.sys 2014-09-01 11:38:01 FE0ADF5028EB8C1339B66B3AEDE3FEF9 440664 ----a-w- C:\WINDOWS\Sysnative\drivers\usbport.sys 2014-09-01 11:38:01 D79920BE4E6683D3AB50F71457A4F6C6 27480 ----a-w- C:\WINDOWS\Sysnative\drivers\usbd.sys 2014-09-01 11:38:01 D537815E450A149752C15868392AD1F3 110592 ----a-w- C:\WINDOWS\Sysnative\drivers\WUDFPf.sys 2014-09-01 11:38:01 93435654DCA210298BA0F986EB51C679 419672 ----a-w- C:\WINDOWS\Sysnative\drivers\usbhub.sys 2014-09-01 11:38:01 83C9C45D59C72FEFDAE9A5686BE31FEA 467800 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2014-09-01 11:38:01 7CCBBCEE408A5DBE3FE47297DB5A6CFC 227840 ----a-w- C:\WINDOWS\Sysnative\drivers\WUDFRd.sys 2014-09-01 11:38:01 48BA326A3DBA5B5BEB5F2777F4618696 89944 ----a-w- C:\WINDOWS\Sysnative\drivers\usbehci.sys 2014-09-01 11:38:01 25AC0B50A71938890970E1508F107196 2518360 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2014-09-01 11:38:01 064260B3A5868AC894A4943543BC7AB7 37376 ----a-w- C:\WINDOWS\Sysnative\drivers\usbuhci.sys 2014-09-01 11:37:43 1CD3A907D64D08F49208DA00B69BF35E 565576 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2014-09-01 11:36:10 374E27295F0A9DCAA8FC96370F9BEEA5 563200 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys 2014-09-01 11:30:47 182561A14F2E93E81E66FE3700D17A5A 55328 ----a-w- C:\WINDOWS\Sysnative\drivers\wpcfltr.sys 2014-09-01 11:30:33 F5D4FA3E1F4879C361FFF3855259D2C2 35856 ----a-w- C:\WINDOWS\Sysnative\drivers\WdBoot.sys 2014-09-01 11:30:33 6CC1BB8F6851A262E2E824F0E92D5EEF 123224 ----a-w- C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys 2014-09-01 11:30:33 019CC610AD95FF47EAD7C08B7A683B96 257880 ----a-w- C:\WINDOWS\Sysnative\drivers\WdFilter.sys 2014-09-01 11:30:05 F152D55E497E12256290C43B31C7D0CE 589656 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys 2014-09-01 11:30:02 FD163F487CBA9C98AFFEB546C80F49A2 677376 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2014-09-01 11:30:02 F88CC88F4A6D8476F1664E805CA18CC2 180056 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2014-09-01 11:30:02 D90AB68D0FAC9F357F663670FDBB511E 275800 ----a-w- C:\WINDOWS\Sysnative\drivers\msiscsi.sys 2014-09-01 11:30:02 CADCE0D6C30427F70A4BFA426256F68C 337240 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys 2014-09-01 11:30:02 8FCE57F7E5CDA5751FDE01A316180488 428888 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS 2014-09-01 11:30:02 78514B073CC5775800A65BFB82A0D66B 443904 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2014-09-01 11:30:02 716059F37BCCB1ABEDE99EBE82E8E362 246272 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2014-09-01 11:30:02 6592D192E2823C043EDBC010E7774053 360792 ----a-w- C:\WINDOWS\Sysnative\drivers\fltMgr.sys 2014-09-01 11:30:02 4C1E71E37B56C768900B1FCF81205027 372568 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys 2014-09-01 11:30:02 4BB9BC49DEE1A319EC58274A7BBED663 310616 ----a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys 2014-09-01 11:30:02 498288DD5CA42C2D36D125893E968C53 77312 ----a-w- C:\WINDOWS\Sysnative\drivers\hdaudbus.sys 2014-09-01 11:30:02 33977549C2CED09936E05BEE7659EAFF 384856 ----a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys 2014-09-01 10:46:52 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf 2014-08-31 14:57:08 68430AD3FB0FADBFA5D1677617D1E1F5 50976 ----a-w- C:\WINDOWS\Sysnative\drivers\avgtpx64.sys 2014-08-27 19:38:48 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys 2014-08-27 19:38:26 F92B0E478C0FAA6D6661E6E977247E60 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2014-08-27 19:38:26 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2014-08-27 19:38:26 0664F6335F108F38FE08C3CA747311EE 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys ====== C:\WINDOWS\Tasks ====== 2014-09-01 12:05:53 A6D432B7E142B585CA1BCBB4CB1CDB75 3942 ----a-w- C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{411CD6AA-4516-4D16-AE23-B347076DDA49} 2014-09-01 12:00:34 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\WPD 2014-08-28 12:09:44 318CEB10DA632D014525752F97D13C9C 3332 ----a-w- C:\WINDOWS\Sysnative\Tasks\{5CDD1CF4-5182-4024-8F02-E833E6B2A3C3} ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-09-07 18:04:36 -------- d-----w- C:\Program Files\Common Files\Microsoft 2014-09-07 18:04:36 -------- d-----w- C:\Program Files\Adware-Removal-Tool 2014-09-01 11:27:14 -------- d-----w- C:\Program Files\Reference Assemblies 2014-09-01 11:27:14 -------- d-----w- C:\Program Files\MSBuild 2014-09-01 10:47:40 -------- d-----w- C:\Program Files\Common Files\EPSON 2014-09-01 10:47:18 -------- d-----w- C:\Program Files\Realtek ======= C:\PROGRA~2 ===== 2014-09-01 11:27:16 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2014-09-01 11:27:16 -------- d-----w- C:\PROGRA~2\MSBuild 2014-09-01 10:47:10 -------- d-----w- C:\PROGRA~2\Intel 2014-09-01 10:46:59 -------- d-----w- C:\PROGRA~2\COMMON~1\Intel 2014-08-28 11:50:29 -------- d-----w- C:\PROGRA~2\MSXML 4.0 2014-08-27 17:41:33 -------- d-----w- C:\PROGRA~2\Stronghold AntiMalware 2014-08-27 16:03:19 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard ======= C: ===== 2014-08-27 16:03:56 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ====== C:\Users\Co\AppData\Roaming ====== 2014-09-03 15:32:09 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft 2014-09-03 10:36:34 967A4B1EFFEC01F6E2AB3EB5E2770E5E 31147 ----a-w- C:\Users\Co\AppData\Local\recently-used.xbel 2014-09-01 12:49:42 F671F128B705D9606E2196BF3D63FA91 254152 ----a-w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2014-09-01 12:05:58 -------- d-sh--w- C:\Users\Co\AppData\Locallow\EmieUserList 2014-09-01 12:05:53 -------- d-sh--w- C:\Users\Co\AppData\Local\EmieUserList 2014-09-01 12:05:53 -------- d-sh--w- C:\Users\Co\AppData\Local\EmieSiteList 2014-09-01 12:03:49 -------- d-sh--w- C:\Users\Co\AppData\Locallow\EmieSiteList 2014-09-01 11:59:21 -------- d-s---w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft 2014-09-01 11:13:06 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Adobe 2014-09-01 11:08:12 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2014-09-01 11:01:37 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help 2014-09-01 11:01:37 -------- d-----w- C:\Users\Default\AppData\Local\Google 2014-09-01 11:01:37 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help 2014-09-01 11:01:37 -------- d-----w- C:\Users\Default User\AppData\Local\Google 2014-09-01 10:54:16 -------- d-s---w- C:\Users\Co\AppData\Roaming\Microsoft 2014-09-01 10:54:16 -------- d-----w- C:\Users\Co\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-09-01 10:54:16 -------- d-----w- C:\Users\Co\AppData\Local\Temp 2014-09-01 10:54:16 -------- d-----w- C:\Users\Co\AppData\Local\Microsoft 2014-09-01 10:54:16 -------- d-----r- C:\Users\Co\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-09-01 10:54:16 -------- d-----r- C:\Users\Co\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-09-01 10:54:16 -------- d-----r- C:\Users\Co\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-09-01 10:52:44 -------- d-s---w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Locallow\Microsoft 2014-09-01 10:47:50 -------- d-s---w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Microsoft 2014-08-30 14:27:01 -------- d-s---w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Locallow\Microsoft ====== C:\Users\Co ====== 2014-09-02 14:53:57 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Co\Downloads\RSITx64.exe 2014-09-01 12:03:10 -------- d---a-w- C:\Users\Co\OneDrive 2014-09-01 11:58:00 -------- d-sh--w- C:\Users\Co\IntelGraphicsProfiles 2014-09-01 11:57:47 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Co\ntuser.ini 2014-09-01 10:54:16 -------- d--h--w- C:\Users\Co\AppData 2014-09-01 10:54:16 -------- d-----r- C:\Users\Co\Favorites 2014-09-01 10:54:16 -------- d-----r- C:\Users\Co\Documents 2014-09-01 10:54:16 -------- d-----r- C:\Users\Co\Desktop 2014-09-01 10:47:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2014-09-01 10:47:38 -------- d-----w- C:\ProgramData\EPSON 2014-08-28 11:48:33 E249A2F34A523A0A6EF495FEC8C00517 289224536 ----a-w- C:\Users\Co\Downloads\nero [1].exe 2014-08-27 17:41:38 -------- d-----w- C:\Users\Public\Documents\Stronghold AntiMalware ====== C: exe-files == 2014-09-09 15:10:09 AD72152F95A04ACFD7E74A9B4BBA522A 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-272173987-287010755-2856044853-1001\$IPL0OWR.exe 2014-09-09 15:05:16 D51F5780C2CAC6A22F21EF15BB8EDDFE 1290240 ----a-w- C:\$Recycle.Bin\S-1-5-21-272173987-287010755-2856044853-1001\$RPL0OWR.exe 2014-09-09 10:52:21 AAF855CC9841E2994E5C8F33C8C8173C 267264 ----a-w- C:\Users\Co\AppData\Local\Packages\TuneIn.TuneInRadio_6bhtb546zcxnj\AC\Microsoft\CLR_v4.0_32\NativeImages\TuneIn\8e7198646450a0db3a13a786cc8801bb\TuneIn.ni.exe 2014-09-07 18:04:40 785CC096C1286D187B1C5C6AE95BA774 118440 ----a-w- C:\Program Files\Adware-Removal-Tool\ARTP3.exe 2014-09-07 18:04:40 6CBB5C25FF043CE3D4F872777C0225FA 55976 ----a-w- C:\Program Files\Adware-Removal-Tool\ARTP2.exe 2014-09-07 18:04:40 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Windows\SysWOW64\subinacl.exe 2014-09-06 12:53:22 2FB742C226D0474202D28A5724E6CA4B 7235664 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.103\37.0.2062.103_36.0.1985.143_chrome_updater.exe 2014-09-04 15:29:36 642F850B5D94E08AB6CFF997BE09C688 86816 ----a-w- C:\Windows\BrowserChoice\browserchoice.exe 2014-09-04 15:29:28 11FD8DDAB6014EECCE88F1F581604C30 1120256 ----a-w- C:\Windows\System32\SkyDrive.exe 2014-09-04 15:29:10 9289A1927350EA1F7FD4D4DC64D3F32F 1408504 ----a-w- C:\Windows\Camera\Camera.exe 2014-09-04 15:29:06 1064CF2438DC44A13EFD13551915586D 321024 ----a-w- C:\Windows\System32\IME\SHARED\ImeBroker.exe 2014-09-04 15:29:04 34215162FF8440E3342071D5A7FDCB3C 1192280 ----a-w- C:\Windows\Boot\PCAT\memtest.exe 2014-09-04 15:29:03 FEF22922E4FA075C6C1FFF4385D74A95 99136 ----a-w- C:\Windows\FileManager\FileManager.exe 2014-09-04 15:29:03 A83FCE24AE4103F9DA32E8707C4B4C43 124928 ----a-w- C:\Windows\SysWOW64\wbem\WMIADAP.exe 2014-09-04 15:29:03 2616E8E9C8B66A67CFB6197E9517A2F2 123392 ----a-w- C:\Windows\System32\Robocopy.exe 2014-09-04 15:29:03 0C8AF6461266A72BE61552BB42BC13D8 361496 ----a-w- C:\Windows\FileManager\PhotosApp.exe 2014-09-04 15:29:02 CFD6DBED27511D7A5FBE33AFA7E6B669 76800 ----a-w- C:\Windows\System32\BulkOperationHost.exe 2014-09-04 15:29:02 4E07710A2C9EA43E7509BF7D0452430E 106496 ----a-w- C:\Windows\SysWOW64\Robocopy.exe 2014-09-04 15:29:01 A09657B30C532DCF848F2B33404EF190 166400 ----a-w- C:\Windows\System32\wbem\WMIADAP.exe 2014-09-04 15:28:13 BB7F878413AD3C2E7E89C96193D405DF 57856 ----a-w- C:\Windows\System32\drvcfg.exe 2014-09-04 15:28:13 A9BC10505829051B83D749011F0D45BE 156672 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe 2014-09-04 15:28:13 8E472AA2E916417B55BC1E6727957453 110592 ----a-w- C:\Windows\System32\drvinst.exe 2014-09-04 15:28:13 679A800CFFBB8EA970506887045F2E41 46752 ----a-w- C:\Windows\System32\CompatTel\wicainventory.exe 2014-09-04 15:28:13 61F5222289E052C40274ECD182A8AA99 98816 ----a-w- C:\Windows\SysWOW64\drvinst.exe === C: other files == 2014-09-04 15:29:29 5C42CEE3E2018E1DFC6E3E17240A432A 206848 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2014-09-04 15:29:08 7A1A3F213CDB3363D179D5014272025D 402432 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2014-09-04 15:29:06 674A4702E4E144E8710ED1A2EC6DD049 96768 ----a-w- C:\Windows\System32\drivers\agilevpn.sys 2014-09-04 15:29:04 65ED7B9CFEA893DF7748D5FF692690DE 38912 ----a-w- C:\Windows\System32\drivers\vwifimp.sys 2014-09-04 15:29:01 35BF5C5F5E3C9902C98978C7640574DA 71680 ----a-w- C:\Windows\System32\drivers\vwififlt.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus SX535WD" [HKEY_USERS\S-1-5-21-272173987-287010755-2856044853-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus SX535WD" "EPLTarget\P0000000000000001"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE /EPT EPLTarget\P0000000000000001 /M Epson Stylus SX535WD" "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "GoogleChromeAutoLaunch_88ED181663D1D9461548BB4761BE50C9"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "BrowserChoice"="C:\Windows\BrowserChoice\browserchoice.exe /run" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus SX535WD" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus SX535WD" "EPLTarget\P0000000000000001"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE /EPT EPLTarget\P0000000000000001 /M Epson Stylus SX535WD" "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "GoogleChromeAutoLaunch_88ED181663D1D9461548BB4761BE50C9"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "BrowserChoice"="C:\Windows\BrowserChoice\browserchoice.exe /run" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" ==== Startup Folders ====================== 2014-04-22 17:34:21 1057 ----a-w- C:\Users\Co\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-07-14 15:16:42 1308 ----a-w- C:\Users\Co\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08-07-2014 19:22] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-09-2013 15:16] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\ALU" [C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe] "C:\WINDOWS\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Hotkey Utility" ["C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe"] "C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.5.0.19\WSCStub.exe"] "C:\WINDOWS\SysNative\tasks\Power Management" ["C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{411CD6AA-4516-4D16-AE23-B347076DDA49}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Norton 360\Norton Error Analyzer" [C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.5.0.19\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton 360\Norton Error Processor" [C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.5.0.19\SymErr.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\IPSFF" [16-07-2014 13:24] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Co\AppData\Roaming\Mozilla\Firefox\Profiles\qvu28ta8.default - Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Co\AppData\Roaming\Mozilla\Firefox\Profiles\qvu28ta8.default 4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions iikflkcanblccfahdhdonehdalibjnif - No path found[] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.5.0.19\Exts\Chrome.crx[31-07-2014 07:47] Google Docs - Co\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Co\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Co\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Co\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Identity Safe - Co\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif Norton Security Toolbar - Co\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - Co\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Co\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Co\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Search Bar"="http://www.google.com" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com" "Start Page Redirect Cache"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com" "Start Page Redirect Cache"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page Redirect Cache"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page Redirect Cache"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.5.0.19\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.5.0.19\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.5.0.19\coIEPlg.dll O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX535WD" O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE /EPT "EPLTarget\P0000000000000001" /M "Epson Stylus SX535WD" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_88ED181663D1D9461548BB4761BE50C9] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [BrowserChoice] "C:\Windows\BrowserChoice\browserchoice.exe" /run O4 - HKUS\S-1-5-18\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX535WD" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX535WD" (User 'Default user') O4 - Startup: Dropbox.lnk = Co\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.5.0.19\N360.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Co\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Co\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Co\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=197 folders=61 34867579 bytes) ==== Empty Temp Folders ====================== C:\Users\Co\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Co\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~3\boost_interprocess" not found ==== EOF on di 09-09-2014 at 19:21:12,74 ======================