Zoek.exe v5.0.0.0 Updated 18-March-2015 Tool run by annick on do 19/03/2015 at 15:10:30,08. Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86 Running in: Safe Mode NETWORK Internet Access Detected Launched: C:\Users\annick\Downloads\zoek (1).exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== ==== Empty Folders Check ====================== C:\Program Files\DefaultTab deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\NeroInstall.bak deleted successfully C:\Program Files\Samsung deleted successfully C:\PROGRA~2\AVAST Software deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\Users\annick\AppData\Roaming\Samsung deleted successfully C:\Users\annick\AppData\Local\Samsung deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-643662380-161925641-3501711182-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-643662380-161925641-3501711182-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe AIR Adobe Flash Player 16 ActiveX Adobe Flash Player 16 NPAPI Adobe Photoshop Elements 6 Adobe Photoshop Elements 6.0 Adobe Reader 8 Adobe Reader 8.1.2 - Nederlands Adobe Shockwave Player Aff Packages AVG 2014 AVG Web TuneUp Belgium e-ID middleware 4.0.7 (build 7453) Bescherm uw gegevens Bing Bar Browser Address Error Redirector Carbonite Compatibiliteitspakket voor het 2007 Microsoft Office system CyberLink PowerCinema Darts 14 versie 1 Facebook Video Calling 3.1.0.521 Free YouTube to MP3 Converter version 3.12.35.514 Google BAE Google Chrome Google Desktop Google Toolbar Google Update Helper GoogleDesktop HDRegBENL Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) HP Deskjet 3070 B611 series Basissoftware van het apparaat HP Deskjet 3070 B611 series Haelp HP Deskjet 3070 B611 series Productverbeteringsonderzoek HP Photo Creations HP Update Infocentre Rev. 2.0.0.1 Intel(R) Graphics Media Accelerator Driver IrfanView (remove only) Java 7 Update 71 Java Auto Updater Malwarebytes Anti-Malware versie 2.0.4.1028 Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office PowerPoint Viewer 2007 (Dutch) Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (Dutch) 2007 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Works Microsoft Works 9 Microsoft XML Parser Microsoft© Office Trial 2007 Mozilla Firefox 34.0.5 (x86 en-US) Mozilla Maintenance Service Mozilla Thunderbird 17.0.8 (x86 nl) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyFreeCodec Nero 8 Essentials neroxml Packard Bell ImageWriter Packard Bell LCD Test Packard Bell Updator PokerStars.be Power Cinema 6 Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Reimage Repair SeaTools for Windows Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870) SetUp My PC Shockwave Director 10.3 Skype 3.6.2.248 SkypeT 6.18 Spotify Stuurprogrammapakket voor Windows - Fedict SmartCard (03/25/2014 4.0.7.4) Synaptics Pointing Device Driver Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Twoo 2.1.1011 Unity Web Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition Update for Microsoft Office Word 2007 (KB974631) Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VASCO Card Reader Plug-In (32-Bit) VASCO Smart Card Reader Plug-In (User) VCRedistSetup Visual Studio 2012 x86 Redistributables VLC media player 2.1.2 WinThruster Wise Registry Cleaner 8.31 X10 Hardware(TM) Zoosk Messenger ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\Explorer.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\annick\Downloads\zoek (1).exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtector deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ReimageRealTimeProtector deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.4.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.4.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WtuSystemSupport deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default user.js not found ---- Lines mysearch removed from prefs.js ---- user_pref("browser.startup.homepage", "https://mysearch.avg.com/?cid={88914AA8-140E-498F-A3D9-2ACCB51EB12E}&mid=e8468e90d50247d398aed16acdedc412-d8ed8 ---- FireFox user.js and prefs.js backups ---- prefs_20151903_1523_.backup ProfilePath: C:\Users\annick\AppData\Roaming\Thunderbird\Profiles\8bdce2e0.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20151903_1523_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- "vProt"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Program Files\DefaultTab not found C:\Program Files\NeroInstall.bak not found C:\Program Files\Samsung not found C:\Program Files\Daanav File Extension Changer deleted C:\Program Files\AVG Web TuneUp deleted C:\Program Files\Common Files\AVG Secure Search deleted C:\Program Files\Reimage deleted C:\ProgramData\Avg_Update_0215tb deleted C:\ProgramData\AVG Web TuneUp deleted C:\Program Files\WinThruster deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster deleted C:\Users\annick\AppData\Local\AVG Web TuneUp deleted C:\Program Files\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml deleted C:\Program Files\Common Files\DVDVideoSoft\bin deleted C:\Program Files\RightSurf deleted C:\Program Files\MyPC Backup deleted C:\Program Files\Wise\Wise Registry Cleaner deleted C:\Users\annick\AppData\Roaming\1H1Q deleted C:\Users\annick\AppData\Roaming\Solvusoft deleted C:\Users\annick\AppData\Roaming\skype.ini deleted C:\Users\annick\AppData\Roaming\DefaultTab deleted C:\Users\annick\AppData\Roaming\systweak deleted C:\Users\annick\AppData\Roaming\OpenCandy deleted C:\PROGRA~2\Avg_Update_0414b deleted C:\PROGRA~2\Avg_Update_1214tb deleted C:\PROGRA~2\AVG Security Toolbar deleted C:\PROGRA~2\Reimage Protector deleted C:\PROGRA~2\AVG Secure Search deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair deleted C:\Users\annick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup deleted C:\Users\annick\Downloads\avg_free_stb_all_2014_4577_cnet.exe deleted C:\rei deleted C:\Users\annick\Downloads\FreeYouTubeToMP3Converter(1).exe deleted C:\Users\annick\Downloads\ReimageRepair (1).exe deleted C:\Users\annick\Downloads\ReimageRepair (2).exe deleted C:\Users\annick\Downloads\ReimageRepair.exe deleted C:\Users\annick\AppData\LocalLow\AVG Web TuneUp deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted C:\Windows\Reimage.ini deleted C:\Windows\Tasks\ReimageUpdater.job deleted C:\Windows\tasks\WinThruster.job deleted C:\Windows\system32\tasks\AVG_SYS_TASK_0214d deleted C:\end deleted C:\Windows\system32\roboot.exe deleted C:\Users\annick\Documents\Optimizer Pro deleted C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\searchplugins\avg-secure-search.xml deleted C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\trash\{635abd67-4fe9-1b23-4f01-e679fa7484c1} deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\searchplugins\badoo.xml" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\chrome.manifest" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\icon.png" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\install.rdf" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\chrome\avg.jar" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\components\avg-dnt-policy.js" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\components\toolbarhomeApi.js" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\components\xpcomApi.js" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\modules\avg-dnt-adapter.js" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\modules\avg.xml" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\modules\avgJsm.js" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\modules\HistoryCleaner.js" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\modules\inflate.js" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\modules\IOJsm.js" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\modules\Preferences.js" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\modules\webSQL.jsm" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\modules\XMLHTTPUtilsJsm.js" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\locale\en-US\global.dtd" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\locale\en-US\global.properties" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\chrome" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\components" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\locale" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\modules" deleted "C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\avg@toolbar\locale\en-US" deleted ==== System Specs ====================== Windows: Windows Vista Home Basic Edition Service Pack 2 (Build 6002) Memory (RAM): 3001 MB CPU Info: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz CPU Speed: 1997,1 MHz Sound Card: Not detected Display Adapters: | RDP Encoder Mirror Driver Monitors: 1x; Screen Resolution: 800 X 600 - 32 bit Network: Network Present Network Adapters: Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0) | Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GSA-T50N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 137,0GB Hard Disks - Free: C: 96,2GB Manufacturer *: Phoenix Technologies LTD BIOS Info: AT/AT COMPATIBLE | 10/08/08 | PacBel - 20081008 Time Zone: Romance (standaardtijd) Motherboard *: PACKARD BELL BV PE2L Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated) Default Browser: Google Chrome 41.0.2272.89 Internet Explorer version: 7.0.6002.18005 Mozilla Firefox version: 34.0.5 (x86 en-US) Google Chrome version: 41.0.2272.89 Adobe Reader version: 8.1.0.2007051100 Sun Java version: 1.7.0_71 (32-bit) Flash Player version: 16.0.0.305 Shockwave Player version: 10.3r24 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-03-19 12:30:01 D07D4C3038F3578FFCE1C0237F2A1253 2926592 ----a-w- C:\Windows\explorer.exe ====== C:\Users\annick\AppData\Local\Temp ==== 2015-03-17 07:16:40 D7AD0AD3162BCD50E1D2E462E8C748EA 264488 ----a-w- C:\Users\annick\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes.dll 2015-03-17 07:16:40 9BD51360CB8F1A2206642599D40FD258 419048 ----a-w- C:\Users\annick\AppData\Local\Temp\MSS\3.8.150.1\mcbrwsr2.dll 2015-03-17 07:16:40 7A5A07D9A323DFD9097C9CF39E6802E6 153760 ----a-w- C:\Users\annick\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes_LD.dll 2015-03-17 07:16:40 74557BFD04530E512DBB9C151C4DA110 499384 ----a-w- C:\Users\annick\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe 2015-03-17 07:16:40 26FD227409FB73C4D958602B8A3EFFA0 577632 ----a-w- C:\Users\annick\AppData\Local\Temp\MSS\3.8.150.1\McInstallerStartup.dll ====== Java Cache ===== ====== C:\Windows\system32 ===== 2015-03-19 12:33:18 0976F625A65CBFB8E45A8B0374CC3C43 928768 ----a-w- C:\Windows\System32\scavenge.dll 2015-03-19 12:33:13 85C04F75503F73C21AEC0AEB815065B9 57856 ----a-w- C:\Windows\System32\compcln.exe 2015-03-19 12:30:14 E14170AEA125119B98FA2BDE3FF4F462 241128 ----a-w- C:\Windows\System32\rsaenh.dll 2015-03-19 12:30:14 D066FF44590F6F7433F60674C74394C6 38400 ----a-w- C:\Windows\System32\rtffilt.dll 2015-03-19 12:30:14 C9EE7FF225EAC1CB9C78C413667CDB80 87552 ----a-w- C:\Windows\System32\SearchFilterHost.exe 2015-03-19 12:30:14 B5EF1DA337DB9859709A387638AC5E07 185344 ----a-w- C:\Windows\System32\SearchProtocolHost.exe 2015-03-19 12:30:14 AED0DFF80C6B3914769407E78D7AB21A 441344 ----a-w- C:\Windows\System32\SearchIndexer.exe 2015-03-19 12:30:14 723F45FB4C5D362EFC64D8F9D9B0B7B7 324608 ----a-w- C:\Windows\System32\sdohlp.dll 2015-03-19 12:30:14 453DE2958C885527E20C79A3FEFE6AF7 57344 ----a-w- C:\Windows\System32\samlib.dll 2015-03-19 12:30:14 0CFCDE5D9D074D96B78D1F1CBF1AAB1D 466944 ----a-w- C:\Windows\System32\riched20.dll 2015-03-19 12:30:13 E60FA45D987DBA869B28532E2F0E6B76 245760 ----a-w- C:\Windows\System32\scansetting.dll 2015-03-19 12:30:13 77B7A11A0C3D78D3386398FBBEA1B632 95232 ----a-w- C:\Windows\System32\SCardSvr.dll 2015-03-19 12:30:13 3DB1530CDD7AEF2BCFA6FB77D097CDDA 172032 ----a-w- C:\Windows\System32\scrrun.dll 2015-03-19 12:30:13 3B5B4D53FEC14F7476CA29A20CC31AC9 550400 ----a-w- C:\Windows\System32\rpcss.dll 2015-03-19 12:30:13 305460BC9F6C2888D291ADCB23FC5AE1 127488 ----a-w- C:\Windows\System32\rpchttp.dll 2015-03-19 12:30:12 D90911B3FA05D7B930C1286084B404DE 306176 ----a-w- C:\Windows\System32\scesrv.dll 2015-03-19 12:30:12 8FC182167381E9915651267044105EE1 177152 ----a-w- C:\Windows\System32\scecli.dll 2015-03-19 12:30:12 7808BF0E367ED7348808879CEF482AB3 483328 ----a-w- C:\Windows\System32\samsrv.dll 2015-03-19 12:30:12 74B514A1FB5742CFB0DDC700D832D166 140288 ----a-w- C:\Windows\System32\scksp.dll 2015-03-19 12:30:12 01DDF42F77DA1348173C5DC8CB28BDC2 180224 ----a-w- C:\Windows\System32\scrobj.dll 2015-03-19 12:30:09 CE42E875BFF00D9561C6E1B0FF2C8943 327168 ----a-w- C:\Windows\System32\P2PGraph.dll 2015-03-19 12:30:09 9104EDD1D3BF91AD079A73FBB515E492 31744 ----a-w- C:\Windows\System32\perfdisk.dll 2015-03-19 12:30:09 7E05BE3F599B3F0C46389241C6820C8B 464384 ----a-w- C:\Windows\System32\pcaui.dll 2015-03-19 12:30:09 295363D4317820AED0D527E15B90A8ED 242176 ----a-w- C:\Windows\System32\pdh.dll 2015-03-19 12:30:09 1B360BE74EEF51393234D23552AEE403 1248768 ----a-w- C:\Windows\System32\PerfCenterCPL.dll 2015-03-19 12:30:09 0C8E8E61AD1EB0B250B846712C917506 644608 ----a-w- C:\Windows\System32\p2psvc.dll 2015-03-19 12:30:09 008EA1117A5F3A1866FCC94F34D1424E 124928 ----a-w- C:\Windows\System32\phon.ime 2015-03-19 12:30:08 ED49ADAF173B23E48A9BA110BD80160F 293376 ----a-w- C:\Windows\System32\photowiz.dll 2015-03-19 12:30:08 DE4DAA15B2405AB4D5B2476F1B7C8F1E 58368 ----a-w- C:\Windows\System32\PnPUnattend.exe 2015-03-19 12:30:08 BE7C04C89126072D368D3DDCE0710985 425472 ----a-w- C:\Windows\System32\PhotoMetadataHandler.dll 2015-03-19 12:30:08 B26C0D2B2186AC508B5EFF976BB7FF9D 241152 ----a-w- C:\Windows\System32\PortableDeviceApi.dll 2015-03-19 12:30:08 AAC78A91ED32BC0CA7FC8AEC39975016 704512 ----a-w- C:\Windows\System32\PhotoScreensaver.scr 2015-03-19 12:30:08 8DDC387167FA0234F3656EB34C78BFFB 723968 ----a-w- C:\Windows\System32\powercpl.dll 2015-03-19 12:30:08 75AD59B9B12EB194486BE8D97B062994 1823744 ----a-w- C:\Windows\System32\pnidui.dll 2015-03-19 12:30:08 676F4C701FA3B1AC18A85E3360A5BBE4 69632 ----a-w- C:\Windows\System32\PNPXAssoc.dll 2015-03-19 12:30:08 5A87FD90634C9A05157469DA2441EBB4 94720 ----a-w- C:\Windows\System32\PortableDeviceClassExtension.dll 2015-03-19 12:30:08 48EFB6849AA0F6785D05EB468E13F17F 1107968 ----a-w- C:\Windows\System32\pidgenx.dll 2015-03-19 12:30:08 290A5AA84C6F06E0B82E94F419FEE9C5 160768 ----a-w- C:\Windows\System32\PortableDeviceTypes.dll 2015-03-19 12:30:08 24843AC00885464EA397FE56CBCBAAD7 181760 ----a-w- C:\Windows\System32\pnpsetup.dll 2015-03-19 12:30:08 13E4FB6985AC5744609E4289319BF220 33280 ----a-w- C:\Windows\System32\PnPutil.exe 2015-03-19 12:30:08 101F8F0632F0E4E3195FE76FD0097329 542208 ----a-w- C:\Windows\System32\pnpui.dll 2015-03-19 12:30:07 BCAA8437FC3CC898C76BA120F88CFBCD 82944 ----a-w- C:\Windows\System32\nslookup.exe 2015-03-19 12:30:07 8629B71343F61E1140243581C63BC0C7 2644480 ----a-w- C:\Windows\System32\NlsLexicons0009.dll 2015-03-19 12:30:07 6C235B6FF358E8CA7D6CD2954C1F933E 130560 ----a-w- C:\Windows\System32\PkgMgr.exe 2015-03-19 12:30:07 1298AE079E74D8691BF1722CF1E32F67 89088 ----a-w- C:\Windows\System32\pintlgnt.ime 2015-03-19 12:30:06 CE89D942BECC4E4350FC76D4A0443997 16896 ----a-w- C:\Windows\System32\rasdial.exe 2015-03-19 12:30:06 CD08EEC61C591AF59A39F4363C567D30 121344 ----a-w- C:\Windows\System32\ntmarta.dll 2015-03-19 12:30:06 C92BC5620E0A10EC6BE471C3B9FA2844 102912 ----a-w- C:\Windows\System32\occache.dll 2015-03-19 12:30:06 BC89C1733F25EEADD9C765D2C9C0E8B8 35840 ----a-w- C:\Windows\System32\ocsetup.exe 2015-03-19 12:30:06 B64AC7967D6B9FB2D6152AC768A1CB88 1541120 ----a-w- C:\Windows\System32\onex.dll 2015-03-19 12:30:06 A944A73CEC5921B871542FE5CC5E03E4 88576 ----a-w- C:\Windows\System32\olepro32.dll 2015-03-19 12:30:06 A1B46928E107D770053E6B4D248298A5 114688 ----a-w- C:\Windows\System32\odbccp32.dll 2015-03-19 12:30:06 94B67798159ACB26D7104E55903B6FEF 642560 ----a-w- C:\Windows\System32\rasgcw.dll 2015-03-19 12:30:06 87F1B6EF700AF7C0BCEBE380964EE9DE 40960 ----a-w- C:\Windows\System32\odbcconf.dll 2015-03-19 12:30:06 877F2939794EBA4F3D1BB967007E99E8 182272 ----a-w- C:\Windows\System32\osk.exe 2015-03-19 12:30:06 82A79D5BE740D0AE9C91AA6DE4B3AC5A 281088 ----a-w- C:\Windows\System32\raschap.dll 2015-03-19 12:30:06 795166DED9B1B32136B150A12A1DEBAE 12240896 ----a-w- C:\Windows\System32\NlsLexicons0007.dll 2015-03-19 12:30:06 75D47445D70CA6F9F894B032FBC64FCF 262144 ----a-w- C:\Windows\System32\rasmans.dll 2015-03-19 12:30:06 74A20AB7737D972815556A016B46674A 155136 ----a-w- C:\Windows\System32\rasmontr.dll 2015-03-19 12:30:06 70352EFA22EAFF59D50F0ADF7D27D918 136192 ----a-w- C:\Windows\System32\nlhtml.dll 2015-03-19 12:30:06 3CB863B78642405371CB3A71C07E2382 286720 ----a-w- C:\Windows\System32\rasapi32.dll 2015-03-19 12:30:06 2DD6AF8E97F59C9D39329BBC2A81F13F 825856 ----a-w- C:\Windows\System32\rasdlg.dll 2015-03-19 12:30:06 23E10EC351836F14606CCCFF5C6CF292 97792 ----a-w- C:\Windows\System32\oleprn.dll 2015-03-19 12:30:06 1D6B95871DC006190964B04E5657E35F 69632 ----a-w- C:\Windows\System32\rastapi.dll 2015-03-19 12:30:06 16FF3D15D12BFBB0B805FFE71BE3FA15 216064 ----a-w- C:\Windows\System32\ntprint.dll 2015-03-19 12:30:06 16FC5B430123238E522B18E63C257AF8 2153472 ----a-w- C:\Windows\System32\oobefldr.dll 2015-03-19 12:30:06 16D06DC26B8BD160AD81EE271D9577D8 392170 ----a-w- C:\Windows\System32\onex.tmf 2015-03-19 12:30:06 1361CD59C411F47E2E2829B9A44BADD4 52736 ----a-w- C:\Windows\System32\rasdiag.dll 2015-03-19 12:30:06 06588D3E301B53D24281DACEE3C34FE3 194560 ----a-w- C:\Windows\System32\offfilt.dll 2015-03-19 12:30:05 FBA13EE4F0838CB6C340128DACF9CF12 612864 ----a-w- C:\Windows\System32\rdpencom.dll 2015-03-19 12:30:05 EABE8490A252D8B2020357D560A93850 124928 ----a-w- C:\Windows\System32\qintlgnt.ime 2015-03-19 12:30:05 E67DAF21DDBE6D4B5771E12902902EEA 107008 ----a-w- C:\Windows\System32\rdpwsx.dll 2015-03-19 12:30:05 E5866CA09AC74AC6C1F8501BB60DFD90 779136 ----a-w- C:\Windows\System32\PresentationNative_v0300.dll 2015-03-19 12:30:05 DE4E8E68DE8CFBEB1B5C6B6E6022D98C 61952 ----a-w- C:\Windows\System32\reg.exe 2015-03-19 12:30:05 CB3860A11E8D3A91658E18753C183DA4 666624 ----a-w- C:\Windows\System32\printfilterpipelinesvc.exe 2015-03-19 12:30:05 C4F3693767A2B93A64C6D67CFC2DAC63 869888 ----a-w- C:\Windows\System32\printui.dll 2015-03-19 12:30:05 B458B58F7BB97C48D01AC3CF5805AAAC 1381376 ----a-w- C:\Windows\System32\Query.dll 2015-03-19 12:30:05 A6250DF429D0D78DACFBC6B87074E584 67584 ----a-w- C:\Windows\System32\regapi.dll 2015-03-19 12:30:05 9EFF12E09FF0EA85D43A3AC1F1EEBCE9 880640 ----a-w- C:\Windows\System32\RacEngn.dll 2015-03-19 12:30:05 9E6894EA18DAFF37B63E1005F83AE4AB 107008 ----a-w- C:\Windows\System32\regsvc.dll 2015-03-19 12:30:05 9DC3723519F52B6BC63EACD4BD411313 376832 ----a-w- C:\Windows\System32\rasplap.dll 2015-03-19 12:30:05 9A7F4B2EDACD11444D048AA19CBB26AF 98816 ----a-w- C:\Windows\System32\powrprof.dll 2015-03-19 12:30:05 93952506C6D67330367F7E7934B6A02F 758784 ----a-w- C:\Windows\System32\qmgr.dll 2015-03-19 12:30:05 8F960A1A3D9A7B829FD9DCE2689030F6 505344 ----a-w- C:\Windows\System32\qedit.dll 2015-03-19 12:30:05 8E4FC51E6FF06C39E7298F443B38442E 26112 ----a-w- C:\Windows\System32\printfilterpipelineprxy.dll 2015-03-19 12:30:05 8B645890A93F1FBBC7DA3E07CC72D762 259584 ----a-w- C:\Windows\System32\rasppp.dll 2015-03-19 12:30:05 859E02E3346DC681DFAC96225D2797C6 340992 ----a-w- C:\Windows\System32\RelMon.dll 2015-03-19 12:30:05 79DB32BA1FED01EC05A5D5158CF1A279 43520 ----a-w- C:\Windows\System32\rekeywiz.exe 2015-03-19 12:30:05 4C58B5E71FEEFD18BB7F537343C7219A 153 ----a-w- C:\Windows\System32\RacUREx.xml 2015-03-19 12:30:05 429A7B2973A57B1EF405DF270CF3F90C 551936 ----a-w- C:\Windows\System32\prnntfy.dll 2015-03-19 12:30:05 199FBF92E3F750637F2C027A4792949B 102816 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2015-03-19 12:30:05 1171CEB628BA19D69182935FF81DE24E 124928 ----a-w- C:\Windows\System32\quick.ime 2015-03-19 12:30:05 07400BC21119204892795F015052CDF4 9212 ----a-w- C:\Windows\System32\RacUR.xml 2015-03-19 12:30:04 ED3CA4BCB1F7C14B369019BEC6A4448D 69632 ----a-w- C:\Windows\System32\sendmail.dll 2015-03-19 12:30:04 E4EAF0C5C1B41B5C83386CF212CA9584 302592 ----a-w- C:\Windows\System32\QAGENTRT.DLL 2015-03-19 12:30:04 D1F4E028FDC4F8BACB94E07B44969C4E 166400 ----a-w- C:\Windows\System32\puiapi.dll 2015-03-19 12:30:04 971F512A83EC50B8A72C8F8BFBF4E5B2 497152 ----a-w- C:\Windows\System32\qdvd.dll 2015-03-19 12:30:04 88E1D14E26CB222D6B94AF85490E37F8 71680 ----a-w- C:\Windows\System32\propdefs.dll 2015-03-19 12:30:04 7DACD94118E2D8B6D72F47ADEB0367BF 754688 ----a-w- C:\Windows\System32\propsys.dll 2015-03-19 12:30:04 57418956DDAE128D1023C508E7D07071 50664 ----a-w- C:\Windows\System32\PSHED.DLL 2015-03-19 12:30:04 31016280DB16915C88EC6829E1628DA4 217088 ----a-w- C:\Windows\System32\psisrndr.ax 2015-03-19 12:30:04 16628EE6CDFDA509820509D7E65F3F62 293376 ----a-w- C:\Windows\System32\psisdecd.dll 2015-03-19 12:30:04 0508FAA222D28835310B7BFCA7A77346 153088 ----a-w- C:\Windows\System32\profsvc.dll 2015-03-19 12:30:03 D4E6D91C1349B7BFB3599A6ADA56851B 279552 ----a-w- C:\Windows\System32\services.exe 2015-03-19 12:30:03 551F51B66E5EA87A38D8197EB3BDB57A 1591296 ----a-w- C:\Windows\System32\setupapi.dll 2015-03-19 12:30:03 2AA4117EE5F4765AD8404DCF9D552C71 1068032 ----a-w- C:\Windows\System32\shdocvw.dll 2015-03-19 12:30:03 291B27D159AE56A049C1526AF4B3957E 627200 ----a-w- C:\Windows\System32\sethc.exe 2015-03-19 12:30:02 BBE1CD4620CBA35F383E5C499F5CECA5 93696 ----a-w- C:\Windows\System32\eappgnui.dll 2015-03-19 12:30:02 3AB4023CBD406AC33AB8CDFF6C8079A0 183808 ----a-w- C:\Windows\System32\eapphost.dll 2015-03-19 12:30:01 AD4C3968CE1DB3A3A4632E1CDECA9555 344698 ----a-w- C:\Windows\System32\eaphost.tmf 2015-03-19 12:30:01 9E5C1D19851FAE2ACDBA118AB20D55AC 120320 ----a-w- C:\Windows\System32\EhStorAPI.dll 2015-03-19 12:30:01 84B8827562B005C118CADBA0F25DB2C6 444416 ----a-w- C:\Windows\System32\dsound.dll 2015-03-19 12:30:01 7095D31979FFB0B917987B388779BD01 205824 ----a-w- C:\Windows\System32\eudcedit.exe 2015-03-19 12:30:01 61216539E55DDF2F78E421E7EF140650 20992 ----a-w- C:\Windows\System32\ExplorerFrame.dll 2015-03-19 12:30:01 5D0FE613570CABE3992F7DBCD68E61D1 135680 ----a-w- C:\Windows\System32\eappcfg.dll 2015-03-19 12:30:01 2495C4204C63678F8FD5D488CA7DAD26 485888 ----a-w- C:\Windows\System32\evr.dll 2015-03-19 12:30:01 22DC784B32BEE306A99F50D6DC2460BC 1459200 ----a-w- C:\Windows\System32\esent.dll 2015-03-19 12:30:01 187AA172E7A5BD212613FBB9D9F770D5 137728 ----a-w- C:\Windows\System32\dsprop.dll 2015-03-19 12:30:01 1303F1E8C79BDB50EA942B7494761EB8 187904 ----a-w- C:\Windows\System32\eapp3hst.dll 2015-03-19 12:30:01 01DD1004181FD46ECDC3628228EB269D 81920 ----a-w- C:\Windows\System32\dwm.exe 2015-03-19 12:30:00 DFB6B71CDABA9DFB49C9D2B318B97A1A 130560 ----a-w- C:\Windows\System32\dhcpcsvc6.dll 2015-03-19 12:30:00 B26BFFCDFD2CBB6BA216259B2CE8C040 133120 ----a-w- C:\Windows\System32\extmgr.dll 2015-03-19 12:30:00 A9F36F9BEC6F23F5B6EDF1EB4D1AA452 119808 ----a-w- C:\Windows\System32\diskpart.exe 2015-03-19 12:30:00 9028559C132146FB75EB7ACF384B086A 204288 ----a-w- C:\Windows\System32\dhcpcsvc.dll 2015-03-19 12:30:00 8C5E46B7E724C216F55325FB77AB5ABD 54784 ----a-w- C:\Windows\System32\dimsroam.dll 2015-03-19 12:30:00 7FC1EF4BC7AFB9F7B6A54C8D047ADE91 7168 ----a-w- C:\Windows\System32\f3ahvoas.dll 2015-03-19 12:30:00 7366AB74CF8489749AC4CBFBAEE9F9E2 75264 ----a-w- C:\Windows\System32\dot3msm.dll 2015-03-19 12:30:00 67058C46504BC12D821F38CF99B7B28F 268800 ----a-w- C:\Windows\System32\es.dll 2015-03-19 12:30:00 5CAA965A14ADBDEF4359F3D2BEA9D9F7 378368 ----a-w- C:\Windows\System32\devmgr.dll 2015-03-19 12:30:00 4E6B23DFC917EA39306B529B773950F4 564224 ----a-w- C:\Windows\System32\emdmgmt.dll 2015-03-19 12:30:00 4DF0D81B2B19B87DBFF241619DCDDC31 442788 ----a-w- C:\Windows\System32\dot3.tmf 2015-03-19 12:30:00 358A03A7A47F0AD71E84306AC635A626 117248 ----a-w- C:\Windows\System32\EhStorAuthn.dll 2015-03-19 12:30:00 324FD74686B1EF5E7C19A8AF49E748F6 175616 ----a-w- C:\Windows\System32\dot3svc.dll 2015-03-19 12:30:00 2CC3DCFB533A1035B13DCAB6160AB38B 2092544 ----a-w- C:\Windows\System32\dfsr.exe 2015-03-19 12:30:00 29B84718CDCBCA66A47B64AA2B02318F 407040 ----a-w- C:\Windows\System32\dpapimig.exe 2015-03-19 12:30:00 206B492CC40E0E0C01F6EA73F724AB9A 230912 ----a-w- C:\Windows\System32\diskraid.exe 2015-03-19 12:30:00 1E73E1591DA1D44E5F865E8ADD8C09FF 37376 ----a-w- C:\Windows\System32\EhStorPwdMgr.dll 2015-03-19 12:30:00 1DFC366D2154EF2B381A7F2CB165C7F4 1078784 ----a-w- C:\Windows\System32\diagperf.dll 2015-03-19 12:30:00 14E4470BF8ACA69A85D741BA99F75F96 114176 ----a-w- C:\Windows\System32\EhStorShell.dll 2015-03-19 12:30:00 07D79E9B1569ECC5EFC487E9F4C8235D 49664 ----a-w- C:\Windows\System32\dot3cfg.dll 2015-03-19 12:29:59 F01C34454A2DBA34439C2FB2B6CDDB9A 128000 ----a-w- C:\Windows\System32\gpresult.exe 2015-03-19 12:29:59 D07E4D54CC014C4D3FEB9EFC2304C84E 88064 ----a-w- C:\Windows\System32\fdBth.dll 2015-03-19 12:29:59 D01817B15EFF45054FC24D63AD183F72 284672 ----a-w- C:\Windows\System32\drmmgrtn.dll 2015-03-19 12:29:59 CD5D0AEEE35DFD4E986A5AA1500A6E66 576512 ----a-w- C:\Windows\System32\gpsvc.dll 2015-03-19 12:29:59 BF741696C521FF5503CDE10E36345E4D 9728 ----a-w- C:\Windows\System32\fdBthProxy.dll 2015-03-19 12:29:59 BADB6B77C2C9F729528543D79418429F 16896 ----a-w- C:\Windows\System32\gpupdate.exe 2015-03-19 12:29:59 9F4C8DA21AC626BFB92DD9C7C6FF7F23 41472 ----a-w- C:\Windows\System32\hbaapi.dll 2015-03-19 12:29:59 9A7E344C3D52EE1A2EF003B33B1C1BF1 454144 ----a-w- C:\Windows\System32\IasMigPlugin.dll 2015-03-19 12:29:59 965AC9FBF2C67231C157E99C03C58D24 54272 ----a-w- C:\Windows\System32\feclient.dll 2015-03-19 12:29:59 8F29E2E9FA5830317158BB6AE5D2BBA0 58880 ----a-w- C:\Windows\System32\iasacct.dll 2015-03-19 12:29:59 88198AEB7F71DD2F8B6176533D70F63E 142336 ----a-w- C:\Windows\System32\fontext.dll 2015-03-19 12:29:59 8527C6F8DFF8CD9502FC4688CCBAEF77 105472 ----a-w- C:\Windows\System32\dmsynth.dll 2015-03-19 12:29:59 84067081F3318162797385E11A8F0582 26112 ----a-w- C:\Windows\System32\hidserv.dll 2015-03-19 12:29:59 7C7C620860819A62F926D7EC0B72C50B 978432 ----a-w- C:\Windows\System32\drmv2clt.dll 2015-03-19 12:29:59 78700DB5A0C319A9C3765F0673140092 69120 ----a-w- C:\Windows\System32\fdWCN.dll 2015-03-19 12:29:59 77784A2BD5912A4EC6284255865526BC 147456 ----a-w- C:\Windows\System32\Faultrep.dll 2015-03-19 12:29:59 6A7908973D49248E4018E8E61B3DCDAA 247808 ----a-w- C:\Windows\System32\drvstore.dll 2015-03-19 12:29:59 68EF5A4ECAB4FE38ACE1B7DBA86EEC71 47104 ----a-w- C:\Windows\System32\iasdatastore.dll 2015-03-19 12:29:59 520FCEF4D87E37C17BB6D554B2A332E8 463872 ----a-w- C:\Windows\System32\IasMigReader.exe 2015-03-19 12:29:59 4BAEC13BCAA595639EBB5185278DEFEA 67072 ----a-w- C:\Windows\System32\fdWSD.dll 2015-03-19 12:29:59 488F6147CBBF38ADFA29710537E02E61 194048 ----a-w- C:\Windows\System32\drvinst.exe 2015-03-19 12:29:59 443C5961CACD4ABC16648874AF06E4A0 68096 ----a-w- C:\Windows\System32\fdSSDP.dll 2015-03-19 12:29:59 3105CFE0ADAAED21148597001478E89F 19968 ----a-w- C:\Windows\System32\fc.exe 2015-03-19 12:29:59 24468F62F811EC51F1DE9FA080E7D2C1 70656 ----a-w- C:\Windows\System32\iashlpr.dll 2015-03-19 12:29:59 1E767541B585BB3ED02FF33BC60E92A7 150528 ----a-w- C:\Windows\System32\iasnap.dll 2015-03-19 12:29:59 1BAF5FE4C31D20CF805B2FA7A7C2B886 80384 ----a-w- C:\Windows\System32\hdwwiz.exe 2015-03-19 12:29:59 186954438DE3DDBF0B46F895B7936DE3 60928 ----a-w- C:\Windows\System32\findstr.exe 2015-03-19 12:29:59 1111EA117266132F5057ED8F35C47ACD 57344 ----a-w- C:\Windows\System32\iasads.dll 2015-03-19 12:29:59 0FEA204289B8C5EAC19C1BC3809ECCF0 101888 ----a-w- C:\Windows\System32\dmusic.dll 2015-03-19 12:29:58 BFEB58743A6D96B609DA0F1FD0ACE4EB 53760 ----a-w- C:\Windows\System32\fdeploy.dll 2015-03-19 12:29:58 B0D12F4344EB2AE96E487D2DF6F74413 595456 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2015-03-19 12:29:58 ABAEAEE763E287BDD39094C4165E1F3F 24064 ----a-w- C:\Windows\System32\fdProxy.dll 2015-03-19 12:29:58 A5CBDC87E694154F90DBA134733E7E8B 1342464 ----a-w- C:\Windows\System32\brcpl.dll 2015-03-19 12:29:58 A59DCD3DB4E966582F6FA83F2977C137 196608 ----a-w- C:\Windows\System32\fsquirt.exe 2015-03-19 12:29:58 7856E3B4594714EF89BB97375E8644EE 297472 ----a-w- C:\Windows\System32\gdi32.dll 2015-03-19 12:29:58 780E82F54147B3D11F52D3128B727534 2134528 ----a-w- C:\Windows\System32\FunctionDiscoveryFolder.dll 2015-03-19 12:29:58 7258434974EA735725FD2D4A65C5E821 115712 ----a-w- C:\Windows\System32\AudioSes.dll 2015-03-19 12:29:58 68E2A1A0407A66CF50DA0300852424AB 315392 ----a-w- C:\Windows\System32\audiosrv.dll 2015-03-19 12:29:58 58C2521D87C494831A625202C80354AD 1985024 ----a-w- C:\Windows\System32\authui.dll 2015-03-19 12:29:58 4EDA94333BDB75B1BC0A7610BED34F00 153088 ----a-w- C:\Windows\System32\fundisc.dll 2015-03-19 12:29:58 4E51A7052D162B2BA85612B486A68A45 950784 ----a-w- C:\Windows\System32\gpedit.dll 2015-03-19 12:29:58 42608AE9AF2641EE473A1797C25CFFC2 28672 ----a-w- C:\Windows\System32\FwRemoteSvr.dll 2015-03-19 12:29:58 34DA5AE04CA114B23D93CD9D4D05FCB7 636416 ----a-w- C:\Windows\System32\autofmt.exe 2015-03-19 12:29:58 3437B9E218A2E4586BEF4F7A3BD00777 88576 ----a-w- C:\Windows\System32\audiodg.exe 2015-03-19 12:29:58 2AE61DEF9112DA8948EEAB3631FF4525 516608 ----a-w- C:\Windows\System32\autoplay.dll 2015-03-19 12:29:58 1E2940E465AA5B2C4840E8D220BF1F32 41984 ----a-w- C:\Windows\System32\ftp.exe 2015-03-19 12:29:58 1AE011BB950A5E0B05023D2AFEC3666D 79872 ----a-w- C:\Windows\System32\authz.dll 2015-03-19 12:29:58 15B7BDA10B91FE62466F2A18682C16E8 656896 ----a-w- C:\Windows\System32\autoconv.exe 2015-03-19 12:29:58 10761177A6EBE45843F443E99509F5E7 643072 ----a-w- C:\Windows\System32\autochk.exe 2015-03-19 12:29:58 0F420E81062757EA8363CBACD4D40D6D 75264 ----a-w- C:\Windows\System32\gpapi.dll 2015-03-19 12:29:57 EC43D9CC95C3BB5FEFDBCF22D375E1F5 617984 ----a-w- C:\Windows\System32\adtschema.dll 2015-03-19 12:29:57 E9B9C1B98C8D6D48407E1C1203EAC659 199168 ----a-w- C:\Windows\System32\adsldpc.dll 2015-03-19 12:29:57 DE0DD9AE3430F84A96B5501112A696BE 274432 ----a-w- C:\Windows\System32\bcrypt.dll 2015-03-19 12:29:57 C789AF0F724FDA5852FB9A7D3A432381 334848 ----a-w- C:\Windows\System32\BFE.DLL 2015-03-19 12:29:57 C01CF069D98F0E9ED9E8012099D26DC7 593408 ----a-w- C:\Windows\System32\comuid.dll 2015-03-19 12:29:57 B07C9EE041AC911B73755317DF39B862 45568 ----a-w- C:\Windows\System32\bthci.dll 2015-03-19 12:29:57 AC40F8899BEC013EB1CA7CCC2D69E00C 1730560 ----a-w- C:\Windows\System32\apds.dll 2015-03-19 12:29:57 9AFFE233D49471292E8328FA5775B9DA 757248 ----a-w- C:\Windows\System32\azroles.dll 2015-03-19 12:29:57 95A5497D129D95D12A46F7848AFFE1DB 1209856 ----a-w- C:\Windows\System32\comsvcs.dll 2015-03-19 12:29:57 941486AB385556BF6A62342F8CA15BD8 2515968 ----a-w- C:\Windows\System32\accessibilitycpl.dll 2015-03-19 12:29:57 93E317D7AD783D8EAEE2E3500BFE889D 178176 ----a-w- C:\Windows\System32\credui.dll 2015-03-19 12:29:57 6659EC6006FD99A3AF1B8A6306F8BE3C 978944 ----a-w- C:\Windows\System32\crypt32.dll 2015-03-19 12:29:57 632557F2495931D952161465AA177B3B 31744 ----a-w- C:\Windows\System32\bitsigd.dll 2015-03-19 12:29:57 6080A176D09435FC8E6E800996656E18 69120 ----a-w- C:\Windows\System32\conime.exe 2015-03-19 12:29:57 50CAA7072C171B9887215C83D52069E4 800768 ----a-w- C:\Windows\System32\advapi32.dll 2015-03-19 12:29:57 4504819D18FAC09B6108D8728467E5B2 1324032 ----a-w- C:\Windows\System32\browseui.dll 2015-03-19 12:29:57 27FC7C228999D739C11F76120A121525 75264 ----a-w- C:\Windows\System32\adsmsext.dll 2015-03-19 12:29:57 23A732A29E183E9874C86FD93CC7B9B9 130024 ----a-w- C:\Windows\System32\basecsp.dll 2015-03-19 12:29:57 19DF185D42AA0DE80AD78C58D4A4E936 1122304 ----a-w- C:\Windows\System32\appwiz.cpl 2015-03-19 12:29:57 1107BD574A84367735FEC38B9BD64E6B 171008 ----a-w- C:\Windows\System32\apphelp.dll 2015-03-19 12:29:57 02F0BE91B0F2B1C30F6F48334F47D625 542720 ----a-w- C:\Windows\System32\blackbox.dll 2015-03-19 12:29:56 FB27772BEAF8E1D28CCD825C09DA939B 129024 ----a-w- C:\Windows\System32\cryptsvc.dll 2015-03-19 12:29:56 D922592AB65C5D9B88B30B4510A3464E 31744 ----a-w- C:\Windows\System32\cscapi.dll 2015-03-19 12:29:56 CFBD2E1FE18B50748A76703A2DC6D4E3 61440 ----a-w- C:\Windows\System32\davclnt.dll 2015-03-19 12:29:56 C2D9DA17737BF49E3B8E8E3C142B3008 45056 ----a-w- C:\Windows\System32\dataclen.dll 2015-03-19 12:29:56 C1BB3EF5FAFCBC9573DEEB57E8DF9309 22016 ----a-w- C:\Windows\System32\cscdll.dll 2015-03-19 12:29:56 8AAEEE8E59A70F37579993D118A34EE0 1788416 ----a-w- C:\Windows\System32\d3d9.dll 2015-03-19 12:29:56 86497C6A9825B6252804D5C4E189AA67 49152 ----a-w- C:\Windows\System32\cmmon32.exe 2015-03-19 12:29:56 74A68B1E09AB06FBFB494179F84544FF 478208 ----a-w- C:\Windows\System32\DevicePairing.dll 2015-03-19 12:29:56 72EC7D98F26B962414899C83F20A9442 481792 ----a-w- C:\Windows\System32\cmdial32.dll 2015-03-19 12:29:56 5AAE542EBB0F3CA7C1E5E6D5457BA2CE 65536 ----a-w- C:\Windows\System32\DevicePairingWizard.exe 2015-03-19 12:29:56 5A736A107416E9B55D5B5F77B06921B4 46080 ----a-w- C:\Windows\System32\csrstub.exe 2015-03-19 12:29:56 4AA2A0E26CEF1A803741253DCF9A1503 450560 ----a-w- C:\Windows\System32\comdlg32.dll 2015-03-19 12:29:56 493083D1BF3D62A2C2C6BE1D2194289E 26112 ----a-w- C:\Windows\System32\DeviceEject.exe 2015-03-19 12:29:56 447983959A8CF49C4CC3B65DED69AF28 1856512 ----a-w- C:\Windows\System32\dbgeng.dll 2015-03-19 12:29:56 3C7A18013E99EAA45188A7C57B1AA758 54784 ----a-w- C:\Windows\System32\DevicePairingProxy.dll 2015-03-19 12:29:56 36509ECC02172D09507A16FAD12C566F 1645568 ----a-w- C:\Windows\System32\connect.dll 2015-03-19 12:29:56 248A1F31ABB58DDDDC01490EF0BDC777 971264 ----a-w- C:\Windows\System32\cryptui.dll 2015-03-19 12:29:55 63F2534E7E063B4F2054433597D7A1B9 135168 ----a-w- C:\Windows\System32\cscript.exe 2015-03-19 12:29:54 423CFD439195B8178208DE7BEEE52540 1502720 ----a-w- C:\Windows\System32\certmgr.dll 2015-03-19 12:29:54 1E8F6E00EB118B7F381E437337856A46 37376 ----a-w- C:\Windows\System32\cdd.dll 2015-03-19 12:29:53 C0ABD66F31C0B84CD944802E6D3D02C2 640512 ----a-w- C:\Windows\System32\bthprops.cpl 2015-03-19 12:29:53 AC48FD62E22C4425879FCA5A63F50497 323584 ----a-w- C:\Windows\System32\certcli.dll 2015-03-19 12:29:53 A4C8377FA4A994E07075107DBE2E3DCE 40960 ----a-w- C:\Windows\System32\bthserv.dll 2015-03-19 12:29:53 7F5936A3FF5E83272EA1DC8985B2A228 34304 ----a-w- C:\Windows\System32\bthudtask.exe 2015-03-19 12:29:53 039F5070FD21A0FA3ABA305E393F75E7 633856 ----a-w- C:\Windows\System32\CertEnrollUI.dll 2015-03-19 12:29:53 0053319C4438CDE659AA75C19BBD22F1 1112064 ----a-w- C:\Windows\System32\CertEnroll.dll 2015-03-19 12:29:52 E04FA091879E982F77024DF9461649E3 124928 ----a-w- C:\Windows\System32\cintlgnt.ime 2015-03-19 12:29:52 701E62EE60DAFD5B6951B6999CB01F95 44032 ----a-w- C:\Windows\System32\cbsra.exe 2015-03-19 12:29:51 D7659D3B5B92C31E84E53C1431F35132 245736 ----a-w- C:\Windows\System32\clfs.sys 2015-03-19 12:29:51 9E447B628CBF81F006218E7B6127B7E2 58368 ----a-w- C:\Windows\System32\cipher.exe 2015-03-19 12:29:51 9996E936E9926108FBEDED4171B129B7 1671680 ----a-w- C:\Windows\System32\chsbrkr.dll 2015-03-19 12:29:51 9247AB566A1DF0C012D1A518AB0FCD52 6103040 ----a-w- C:\Windows\System32\chtbrkr.dll 2015-03-19 12:29:51 3048B1D3029D5D8424E018BD7FBFDA75 10752 ----a-w- C:\Windows\System32\CHxReadingStringIME.dll 2015-03-19 12:29:51 22F73612087430A94DBE912AB58E0C79 614376 ----a-w- C:\Windows\System32\ci.dll 2015-03-19 12:29:50 56C182F55BF68556C974E9AD32BF56BF 215552 ----a-w- C:\Windows\System32\certreq.exe 2015-03-19 12:29:50 312EC3E37A0A1F2006534913E37B4423 40448 ----a-w- C:\Windows\System32\certprop.dll 2015-03-19 12:29:49 8889FEEAA1E6FC925F5E919786891A70 1053696 ----a-w- C:\Windows\System32\msdtctm.dll 2015-03-19 12:29:49 82B32A0529D2406F07D4B271B4134C13 52224 ----a-w- C:\Windows\System32\msfeedsbs.dll 2015-03-19 12:29:49 50AE4C1B7A68DE9FFD3D433C93BA270A 124928 ----a-w- C:\Windows\System32\chajei.ime 2015-03-19 12:29:49 4533F3B0E9AD11A1C02B191F5D873DE2 799744 ----a-w- C:\Windows\System32\certutil.exe 2015-03-19 12:29:49 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B 564224 ----a-w- C:\Windows\System32\msftedit.dll 2015-03-19 12:29:48 DC14113D196060C83BDD99D20E4DBE8E 332800 ----a-w- C:\Windows\System32\msihnd.dll 2015-03-19 12:29:48 D151AE6587F22CED36C6BF5787C25FCA 409600 ----a-w- C:\Windows\System32\msexch40.dll 2015-03-19 12:29:48 C559672F31ABE6BA7277DD73C4502238 73216 ----a-w- C:\Windows\System32\msiexec.exe 2015-03-19 12:29:48 401DFFDBBBD3F07C747ED1AE2BB88106 2241536 ----a-w- C:\Windows\System32\msi.dll 2015-03-19 12:29:48 35525EE95CEDB5E9908CFF676C7A2D97 339968 ----a-w- C:\Windows\System32\msexcl40.dll 2015-03-19 12:29:46 EF9E3316F1106998D1904C3578C63C32 560640 ----a-w- C:\Windows\System32\msdtcprx.dll 2015-03-19 12:29:46 E3C3BD69701CE6B7B17101E4F7740534 807424 ----a-w- C:\Windows\System32\msctf.dll 2015-03-19 12:29:46 89C91775A8332D9DB03AFE8A884185F9 84992 ----a-w- C:\Windows\System32\msctfp.dll 2015-03-19 12:29:46 7570C39D5CA95CFF5E3D49789A347542 85504 ----a-w- C:\Windows\System32\msctfui.dll 2015-03-19 12:29:46 43E1054C713C48D252A1826C5E14AACA 19456 ----a-w- C:\Windows\System32\MsCtfMonitor.dll 2015-03-19 12:29:44 ED21401F1E2F6BC2F54C462BB66D0D6B 2560 ----a-w- C:\Windows\System32\msimsg.dll 2015-03-19 12:29:43 69405254E704895F4F519422818D35B6 1102848 ----a-w- C:\Windows\System32\mmsys.cpl 2015-03-19 12:29:43 5DE62C6E9108F14F6794060A9BDECAEC 407552 ----a-w- C:\Windows\System32\MPSSVC.dll 2015-03-19 12:29:43 56E315ACFB08A177B4D01E42B9044DB5 97792 ----a-w- C:\Windows\System32\mprapi.dll 2015-03-19 12:29:43 56B5914070B2C243DFB3D186070DA89D 150528 ----a-w- C:\Windows\System32\MMDevAPI.dll 2015-03-19 12:29:43 2E837F3D406224DF131C34BC8F71621E 288256 ----a-w- C:\Windows\System32\modemui.dll 2015-03-19 12:29:43 1F94EA31C9543B855F53BDAC7792DA4E 68608 ----a-w- C:\Windows\System32\mpr.dll 2015-03-19 12:29:42 C94108296530A097B2E1E18C101E4703 467456 ----a-w- C:\Windows\System32\netapi32.dll 2015-03-19 12:29:42 9CEDC24DC2A88624A4431C96A13C0C94 80720 ----a-w- C:\Windows\System32\mscories.dll 2015-03-19 12:29:42 74E6A4BCEC88F11E5CCD3626BCFFD509 218624 ----a-w- C:\Windows\System32\mscandui.dll 2015-03-19 12:29:42 5F1DEC3824E566457F53F24F493FEF08 391680 ----a-w- C:\Windows\System32\mscms.dll 2015-03-19 12:29:42 39F8C798CD91E03A26C3A733108CCE41 155456 ----a-w- C:\Windows\System32\mscorier.dll 2015-03-19 12:29:42 166F004D73EA2CF4AC61800CA469458D 21504 ----a-w- C:\Windows\System32\msacm32.drv 2015-03-19 12:29:41 A57260867734FB1F68241ECA3D589F76 204288 ----a-w- C:\Windows\System32\ncrypt.dll 2015-03-19 12:29:41 95DAECF0FB120A7B5DA679CC54E37DDE 592896 ----a-w- C:\Windows\System32\netlogon.dll 2015-03-19 12:29:41 63EF059BD3CC6194C6514068979A543A 180736 ----a-w- C:\Windows\System32\netplwiz.dll 2015-03-19 12:29:41 601C4575875A03798498558D0DB1C91A 310272 ----a-w- C:\Windows\System32\mtxclu.dll 2015-03-19 12:29:41 29215EAF81447CB95F82FDE671751330 445952 ----a-w- C:\Windows\System32\ncryptui.dll 2015-03-19 12:29:41 28622FC22E0D46EE0A494EF084235F74 2225664 ----a-w- C:\Windows\System32\netcenter.dll 2015-03-19 12:29:41 1CE4A2790EB4A96F4ED1E4264866AFE6 805376 ----a-w- C:\Windows\System32\NaturalLanguage6.dll 2015-03-19 12:29:41 1C4DB2F8A68BF7BF891E76C429129DFD 19968 ----a-w- C:\Windows\System32\NcdProp.dll 2015-03-19 12:29:40 F85134BF76CB335A39F8D7BC4173D4FB 35328 ----a-w- C:\Windows\System32\msscb.dll 2015-03-19 12:29:40 E98E402067978DB38282158F9E8609CA 3174400 ----a-w- C:\Windows\System32\netshell.dll 2015-03-19 12:29:40 E1B80644E7125231AAEF62FC2C81C8FE 469504 ----a-w- C:\Windows\System32\newdev.dll 2015-03-19 12:29:40 DD251E13AAAA5F5AF09934759A4E1FC5 74752 ----a-w- C:\Windows\System32\newdev.exe 2015-03-19 12:29:40 D3D1CE8FF30786D50272DA3085149904 408064 ----a-w- C:\Windows\System32\msinfo32.exe 2015-03-19 12:29:40 C6DA42ADA0C5FC8CB05744229D632B47 163328 ----a-w- C:\Windows\System32\msutb.dll 2015-03-19 12:29:40 BDDE0F9ED0F89E16B63401D9EC033870 80896 ----a-w- C:\Windows\System32\MSNP.ax 2015-03-19 12:29:40 AC6B8F8058EE27932F9AF8A2D959D201 31232 ----a-w- C:\Windows\System32\msimtf.dll 2015-03-19 12:29:40 A4D9AB211B376EB363550A250A64D84D 643072 ----a-w- C:\Windows\System32\msrepl40.dll 2015-03-19 12:29:40 A479AE2DA6D04C4DBC3A76C4B6347E78 39936 ----a-w- C:\Windows\System32\networkitemfactory.dll 2015-03-19 12:29:40 9A4B7595905E5A0DD530ECD23F77A578 319488 ----a-w- C:\Windows\System32\msrd2x40.dll 2015-03-19 12:29:40 9371540C7231BC156501AB933F269762 24576 ----a-w- C:\Windows\System32\msjint40.dll 2015-03-19 12:29:40 81379121E6028612D821009636A6BB95 368640 ----a-w- C:\Windows\System32\mspbde40.dll 2015-03-19 12:29:40 7CE1E4240F9FA41EE85683B9EEAB8767 1589248 ----a-w- C:\Windows\System32\msjet40.dll 2015-03-19 12:29:40 79B0463638C7ED08DB71FE3437C95A44 290816 ----a-w- C:\Windows\System32\msjtes40.dll 2015-03-19 12:29:40 681D46C02A26F00C5F767B78BDAC7D1E 3072000 ----a-w- C:\Windows\System32\networkmap.dll 2015-03-19 12:29:40 5FCE2CD84F17C95B3F8EB9706E03F3B7 193024 ----a-w- C:\Windows\System32\msrating.dll 2015-03-19 12:29:40 584C4A26F210B823BBF73BB985CAA2CE 179712 ----a-w- C:\Windows\System32\msnetobj.dll 2015-03-19 12:29:40 534FD777CB2684392411CE7BCBBDF78E 61440 ----a-w- C:\Windows\System32\msjter40.dll 2015-03-19 12:29:40 52CB0185C73E1BA86CC7F726F22523C3 368640 ----a-w- C:\Windows\System32\msjetoledb40.dll 2015-03-19 12:29:40 447E79497D059943519434A7D5EA0963 344064 ----a-w- C:\Windows\System32\msrd3x40.dll 2015-03-19 12:29:40 2955A48BE10FD1F7A112B0A890A6271D 16384 ----a-w- C:\Windows\System32\msisip.dll 2015-03-19 12:29:40 2657D7BB993F49B1A3C554D766FA09F9 60416 ----a-w- C:\Windows\System32\msscntrs.dll 2015-03-19 12:29:40 2310A32BB0164552A311BFA02102A3D6 406528 ----a-w- C:\Windows\System32\msvcp60.dll 2015-03-19 12:29:40 1A703DA65271886A8DDFB31ACA215DAE 241664 ----a-w- C:\Windows\System32\msltus40.dll 2015-03-19 12:29:40 04044BF8E6989BE45FA718C24407CA28 2226688 ----a-w- C:\Windows\System32\networkexplorer.dll 2015-03-19 12:29:39 FEA6D21F78922D641A0C9346D885133B 33280 ----a-w- C:\Windows\System32\mssprxy.dll 2015-03-19 12:29:39 F67843CFD59FB2015823E2CE2D2A65D8 35168 ----a-w- C:\Windows\System32\infocardcpl.cpl 2015-03-19 12:29:39 F5E991236960137B1F5449C5E5DF4656 679936 ----a-w- C:\Windows\System32\msvcrt.dll 2015-03-19 12:29:39 EE60FC8F65B94C392DE0F75533C014FB 84992 ----a-w- C:\Windows\System32\mstlsapi.dll 2015-03-19 12:29:39 E6AA880A6AE64D9C5FED9D7CCC9DA8EF 99680 ----a-w- C:\Windows\System32\infocardapi.dll 2015-03-19 12:29:39 E0B787702BAF0CF4CEDF8F61B71F8383 618496 ----a-w- C:\Windows\System32\mswstr10.dll 2015-03-19 12:29:39 D2A8D0EE4EEAAE913A19AC37E2CD07ED 217600 ----a-w- C:\Windows\System32\InkEd.dll 2015-03-19 12:29:39 B9E13F49530213AB974E070A60DEB97B 87040 ----a-w- C:\Windows\System32\mssitlb.dll 2015-03-19 12:29:39 B2D4F14BB320E724D23B5F6795BBBC85 231424 ----a-w- C:\Windows\System32\msshsq.dll 2015-03-19 12:29:39 A02537DD475CC0BAB7FC07F9B44720C0 454656 ----a-w- C:\Windows\System32\msxbde40.dll 2015-03-19 12:29:39 9ED83C84DA75E974F496721B6F8AE02E 1827840 ----a-w- C:\Windows\System32\inetcpl.cpl 2015-03-19 12:29:39 946D35645E672E01B35ED194F9BE4F7A 282624 ----a-w- C:\Windows\System32\mstext40.dll 2015-03-19 12:29:39 8617350C9B590B63E620881092751BCB 223232 ----a-w- C:\Windows\System32\mswsock.dll 2015-03-19 12:29:39 771AF583BC58373A84496CCD52C36E33 670720 ----a-w- C:\Windows\System32\mssvp.dll 2015-03-19 12:29:39 7483E59A7A7A7891ACD4C63EE97D1BF1 856064 ----a-w- C:\Windows\System32\mswdat10.dll 2015-03-19 12:29:39 73F97C8899429EFAEE8C8944DCC08C2E 1544704 ----a-w- C:\Windows\System32\MSVidCtl.dll 2015-03-19 12:29:39 5E542EDAEFCDA1684463B58C0F86283A 203264 ----a-w- C:\Windows\System32\mssphtb.dll 2015-03-19 12:29:39 582BE479E7E286BB3B31C5A4C3DC3987 11776 ----a-w- C:\Windows\System32\msshooks.dll 2015-03-19 12:29:39 501F9CDADC4BF4069BC90B3C2BB298AE 414208 ----a-w- C:\Windows\System32\msscp.dll 2015-03-19 12:29:39 3618C1D17AF65C2405009AE02160D298 43008 ----a-w- C:\Windows\System32\msstrc.dll 2015-03-19 12:29:39 351319EF11C263C95FB721AC76F436D6 351744 ----a-w- C:\Windows\System32\mssph.dll 2015-03-19 12:29:39 34668001FFE132F076E6177F607BCDE9 15360 ----a-w- C:\Windows\System32\inetppui.dll 2015-03-19 12:29:39 2E8E30F3B318A9FDA5A2485723F4C2B3 122368 ----a-w- C:\Windows\System32\inetpp.dll 2015-03-19 12:29:39 218B73EA8341EA9FDF018D43052E790A 1480704 ----a-w- C:\Windows\System32\mssrch.dll 2015-03-19 12:29:38 EBAE6CE901EDB7F0F794589BF5FDF695 619864 ----a-w- C:\Windows\System32\icardagt.exe 2015-03-19 12:29:38 E3E821B879CF04AA13865D5E6A1FC2A0 413696 ----a-w- C:\Windows\System32\imkr80.ime 2015-03-19 12:29:38 D0494460421A03CD5225CCA0059AA146 364032 ----a-w- C:\Windows\System32\IPSECSVC.DLL 2015-03-19 12:29:38 CAC183ABA07231B031EC0627E3A4A618 76288 ----a-w- C:\Windows\System32\iassvcs.dll 2015-03-19 12:29:38 C8BDCECEE082B54F0BAC838BF0A34597 114688 ----a-w- C:\Windows\System32\imm32.dll 2015-03-19 12:29:38 C192DD0C53FD0616AC31A9E0ADAE0C39 396288 ----a-w- C:\Windows\System32\ipsmsnap.dll 2015-03-19 12:29:38 AE5FA997C88C6A15C841DA275058B332 16384 ----a-w- C:\Windows\System32\iscsilog.dll 2015-03-19 12:29:38 A763901E05BBF173CE4C01D1E82B20D3 200704 ----a-w- C:\Windows\System32\input.dll 2015-03-19 12:29:38 A5CBBED853E6183D4E067B42B73A20DA 26624 ----a-w- C:\Windows\System32\ipconfig.exe 2015-03-19 12:29:38 A080A841827D71F86ACEDC48F3B5AF64 158208 ----a-w- C:\Windows\System32\iasrad.dll 2015-03-19 12:29:38 97C89AA7146D73B387AADAA11D8B56F1 33792 ----a-w- C:\Windows\System32\iaspolcy.dll 2015-03-19 12:29:38 5A1B9A7761FB1BA3A42C8F7F0EB49994 252928 ----a-w- C:\Windows\System32\iassdo.dll 2015-03-19 12:29:38 4FE8425F21B3F0F8C4B4726351D43EAA 91648 ----a-w- C:\Windows\System32\IPHLPAPI.DLL 2015-03-19 12:29:38 34B7FA82A85231348C170EF39B636DB4 9048 ----a-w- C:\Windows\System32\icardres.dll 2015-03-19 12:29:38 240B65CDA06C38733DF9B65E1D314BC7 182272 ----a-w- C:\Windows\System32\iassam.dll 2015-03-19 12:29:38 17CBA378C42E4525A3BC9DDD77EF5DD2 29696 ----a-w- C:\Windows\System32\ifmon.dll 2015-03-19 12:29:38 0170442A2DF1127A9F4330FDDAEC35F6 759296 ----a-w- C:\Windows\System32\ipsecsnp.dll 2015-03-19 12:29:37 E176452A085570571A38C0CB33B1F99A 119296 ----a-w- C:\Windows\System32\iasrecst.dll 2015-03-19 12:29:37 C3EB60969612B265FB7265E76B6AEA6F 677376 ----a-w- C:\Windows\System32\imapi2fs.dll 2015-03-19 12:29:37 C399E29AC25746CDC126DC621F41F219 107520 ----a-w- C:\Windows\System32\imapi.dll 2015-03-19 12:29:37 AE4DAA8F0F9AE5EC2DE1ACB5D37AFA55 883712 ----a-w- C:\Windows\System32\IMJP10.IME 2015-03-19 12:29:37 9B0726A03B790E5B82BED44D24009BEF 378368 ----a-w- C:\Windows\System32\imapi2.dll 2015-03-19 12:29:37 9908D8A397B76CD8D31D0D383C5773C9 438784 ----a-w- C:\Windows\System32\IKEEXT.DLL 2015-03-19 12:29:37 7F470535CDBE0B83FE7D96146E513F84 398848 ----a-w- C:\Windows\System32\iedkcs32.dll 2015-03-19 12:29:37 5178E1791950054638DA0CC444E2D187 729600 ----a-w- C:\Windows\System32\IMJP10K.DLL 2015-03-19 12:29:37 0A1742349EB0D74DB1ABB5F1A6FC0C77 230400 ----a-w- C:\Windows\System32\ieaksie.dll 2015-03-19 12:29:36 FAF53B680C7DE42328EAE23638934D10 41984 ----a-w- C:\Windows\System32\mimefilt.dll 2015-03-19 12:29:36 E1A0CB2579D30466E43957E98B68A586 12800 ----a-w- C:\Windows\System32\mmcico.dll 2015-03-19 12:29:36 CBBFCB6801D0A9F9BD4D477284C86D1C 52224 ----a-w- C:\Windows\System32\mmci.dll 2015-03-19 12:29:36 C99403A5B641520DAED0021DDA06F272 2012160 ----a-w- C:\Windows\System32\milcore.dll 2015-03-19 12:29:36 C732992FF9798F2ACBF86314F0E4A6F5 208896 ----a-w- C:\Windows\System32\mfplat.dll 2015-03-19 12:29:36 BB96D0590B491CDEA2EBF6D697BE8976 1792512 ----a-w- C:\Windows\System32\mmc.exe 2015-03-19 12:29:36 99BFB01E148169E6E8DA7B7232F874CE 2167808 ----a-w- C:\Windows\System32\mmcndmgr.dll 2015-03-19 12:29:36 83199EF88D691E730B80666E29F90D58 17408 ----a-w- C:\Windows\System32\midimap.dll 2015-03-19 12:29:35 FD44B4D9129EDD68BBD0A26683024EF9 93696 ----a-w- C:\Windows\System32\Kswdmcap.ax 2015-03-19 12:29:35 FC9EF8CC90B8524FA0FC8526FF9F9C2F 19944 ----a-w- C:\Windows\System32\kdusb.dll 2015-03-19 12:29:35 CF9BA9125C32978B33A1E6D5D34A2884 17896 ----a-w- C:\Windows\System32\kd1394.dll 2015-03-19 12:29:35 A35B257A0A45EFCBF548E74E7E883268 143872 ----a-w- C:\Windows\System32\korwbrkr.dll 2015-03-19 12:29:35 8DDFDF8A433DC09F92ACA1F3DE4DE067 356864 ----a-w- C:\Windows\System32\MediaMetadataHandler.dll 2015-03-19 12:29:35 5F61BE656699A41F4EBBE6169B6810CF 438744 ----a-w- C:\Windows\System32\mcupdate_GenuineIntel.dll 2015-03-19 12:29:35 48E083898FE5611006725796B055011B 17384 ----a-w- C:\Windows\System32\kdcom.dll 2015-03-19 12:29:35 44DA7EE9F50381DBA0F63BB2401DC8FD 48128 ----a-w- C:\Windows\System32\l2nacp.dll 2015-03-19 12:29:35 338104E0E18307CD65604FE317B5FB8D 950272 ----a-w- C:\Windows\System32\mblctr.exe 2015-03-19 12:29:34 E7D0F91E44D9D3B2116FA549BDCDB756 218624 ----a-w- C:\Windows\System32\wdscore.dll 2015-03-19 12:29:34 E47C854A28A81F2939F42CBE9FEA994C 710144 ----a-w- C:\Windows\System32\Magnify.exe 2015-03-19 12:29:34 D29E2C7FECB1F1027DAE779B00A3E956 57344 ----a-w- C:\Windows\System32\logman.exe 2015-03-19 12:29:34 C87DA82ADB2B3A50C764268684D7919D 101376 ----a-w- C:\Windows\System32\shsetup.dll 2015-03-19 12:29:34 C634E1F76E1FCA6D010F279A2FFF95E6 94720 ----a-w- C:\Windows\System32\logagent.exe 2015-03-19 12:29:34 BF899F57858B8C6F162D9EEB2370641C 1143296 ----a-w- C:\Windows\System32\wercon.exe 2015-03-19 12:29:34 B51BF7934D2B657454F66035AA5BFA03 3662128 ----a-w- C:\Windows\System32\locale.nls 2015-03-19 12:29:34 8BE000F9A0B0FF7194AAEFB02C9BDE99 876032 ----a-w- C:\Windows\System32\wer.dll 2015-03-19 12:29:34 8208E4895BA625884FF3699CCA1D9E3D 233984 ----a-w- C:\Windows\System32\webcheck.dll 2015-03-19 12:29:34 04C37D8107320312FBAE09926103D5E2 199680 ----a-w- C:\Windows\System32\WebClnt.dll 2015-03-19 12:29:33 F87ADBE3B7BF98C8DB90DC9AA601E890 1555456 ----a-w- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll 2015-03-19 12:29:33 F7F4AD3D174CB5EC3C12F04C99478B84 712704 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2015-03-19 12:29:33 DA06BE393317EA5756B218633A537B47 860160 ----a-w- C:\Windows\System32\WerFaultSecure.exe 2015-03-19 12:29:33 A3EB38D309C5682BBA0E23732C5D4AF2 208966 ----a-w- C:\Windows\System32\WFP.TMF 2015-03-19 12:29:33 A1B40A28F38D27A7E3229EE4C7064434 1017856 ----a-w- C:\Windows\System32\wevtsvc.dll 2015-03-19 12:29:33 73B702923D1CB50E2CCB3A7C1EBD8F22 347648 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll 2015-03-19 12:29:33 72F1789EBA824BB977DB83B0A0B57B26 31232 ----a-w- C:\Windows\System32\whealogr.dll 2015-03-19 12:29:33 4DF066ECEE5A7B20BF8B39EF4D646600 167424 ----a-w- C:\Windows\System32\wdmaud.drv 2015-03-19 12:29:33 2C2DE9CD93DD4F11F8715B7334EB40A7 163840 ----a-w- C:\Windows\System32\wevtutil.exe 2015-03-19 12:29:33 1959E5AAEE0D988C10F19CEC7DFF2242 1020928 ----a-w- C:\Windows\System32\wdc.dll 2015-03-19 12:29:32 FE7742C93F6904A9B08BC6749C039CE9 128000 ----a-w- C:\Windows\System32\vdsutil.dll 2015-03-19 12:29:32 DF1F51D2938A403BFE671B13A12FA434 17408 ----a-w- C:\Windows\System32\vdmdbg.dll 2015-03-19 12:29:32 CD88D1B7776DC17A119049742EC07EB4 385536 ----a-w- C:\Windows\System32\vds.exe 2015-03-19 12:29:32 C90B296C43EDD9DD1751AD3B590ACDE6 443392 ----a-w- C:\Windows\System32\win32spl.dll 2015-03-19 12:29:32 7BEDD051B53821B040EAD42DB0724848 217088 ----a-w- C:\Windows\System32\WerFault.exe 2015-03-19 12:29:32 759CAC5C047B3DE16E2A59351527DBB3 507904 ----a-w- C:\Windows\System32\vdsdyn.dll 2015-03-19 12:29:32 75510147B94598407666F4802797C75A 627712 ----a-w- C:\Windows\System32\user32.dll 2015-03-19 12:29:32 6E45D15DAAA98D105AB3280D2BCA7C13 547840 ----a-w- C:\Windows\System32\wiaaut.dll 2015-03-19 12:29:32 69827805A221C21450BA22F4326A2EE3 20480 ----a-w- C:\Windows\System32\version.dll 2015-03-19 12:29:32 5DE7D67E49B88F5F07F3E53C4B92A352 453120 ----a-w- C:\Windows\System32\wiaservc.dll 2015-03-19 12:29:32 4DE3C4D07BAFDE616EFA0ADE076CBAC2 250368 ----a-w- C:\Windows\System32\wevtapi.dll 2015-03-19 12:29:32 32B88481D3B326DA6DEB07B1D03481E7 126976 ----a-w- C:\Windows\System32\wersvc.dll 2015-03-19 12:29:31 E3CE1997725EE8E14F7B4A7CD746538E 1123840 ----a-w- C:\Windows\System32\usercpl.dll 2015-03-19 12:29:31 A3CD60FD826381B49F03832590E069AF 413696 ----a-w- C:\Windows\System32\wcncsvc.dll 2015-03-19 12:29:31 9EF2D0475B0DC496ACD0B7034D593840 1533440 ----a-w- C:\Windows\System32\wcnwiz.dll 2015-03-19 12:29:31 665417528489096BBCB8AEA46D3DA924 108544 ----a-w- C:\Windows\System32\userenv.dll 2015-03-19 12:29:31 2999CA596EB9E4BEDBA65EF2A47EECB1 165376 ----a-w- C:\Windows\System32\WcnNetsh.dll 2015-03-19 12:29:31 1509E705F3AC1D474C92454A5C2DD81F 29184 ----a-w- C:\Windows\System32\uxsms.dll 2015-03-19 12:29:31 10FB8976B556A75098868CFFAD6DC576 638976 ----a-w- C:\Windows\System32\Utilman.exe 2015-03-19 12:29:31 0BA42FAEEE97512603876A908EDB6BF4 968192 ----a-w- C:\Windows\System32\wcnwiz2.dll 2015-03-19 12:29:30 DB3D19F850C6EB32BDCB9BC0836ACDDB 1055232 ----a-w- C:\Windows\System32\VSSVC.exe 2015-03-19 12:29:30 D0A95E567224B4C347CBDD6541E5D928 17920 ----a-w- C:\Windows\System32\wscisvif.dll 2015-03-19 12:29:30 A0F4852A5DB9754BEC06F84B400AE743 33280 ----a-w- C:\Windows\System32\wscapi.dll 2015-03-19 12:29:30 96EA68B9EB310A69C25EBB0282B2B9DE 282624 ----a-w- C:\Windows\System32\w32time.dll 2015-03-19 12:29:30 4DBA143F06BAD1DF935CB9603140CF2A 20992 ----a-w- C:\Windows\System32\wsdchngr.dll 2015-03-19 12:29:30 2E97EB05C0FD5AA7E229481584C73309 291328 ----a-w- C:\Windows\System32\WscEapPr.dll 2015-03-19 12:29:30 17FC3EDA0162F513E858B8C8FA7FA6E0 1077248 ----a-w- C:\Windows\System32\vssapi.dll 2015-03-19 12:29:30 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 177664 ----a-w- C:\Windows\System32\WSDMon.dll 2015-03-19 12:29:29 F7097578CB9BF8A5D58474BC453C3750 1505280 ----a-w- C:\Windows\System32\wucltux.dll 2015-03-19 12:29:29 EFA80360111D8D179E39E314A49C9ED4 34304 ----a-w- C:\Windows\System32\wshbth.dll 2015-03-19 12:29:29 EABB7AF39A6587B57AA70EFD8ECD2661 657408 ----a-w- C:\Windows\System32\WMVXENCD.DLL 2015-03-19 12:29:29 E6F3825DA75D9FBE36C9226914F8DAA1 273920 ----a-w- C:\Windows\System32\wow32.dll 2015-03-19 12:29:29 CFC5A04558F5070CEE3E3A7809F3FF52 140288 ----a-w- C:\Windows\System32\wpcsvc.dll 2015-03-19 12:29:29 9C50130E941A24805A608E6F3D2A3C8F 90112 ----a-w- C:\Windows\System32\wshext.dll 2015-03-19 12:29:29 7C0FC379D4B066C2D2189792DED0E4AA 56320 ----a-w- C:\Windows\System32\xmlfilter.dll 2015-03-19 12:29:29 62C92BE2414AC9D0BC0196CA52D2CD2B 1689600 ----a-w- C:\Windows\System32\wscui.cpl 2015-03-19 12:29:29 5D2FDA874FED0D3FEDF41F5961663F3B 532992 ----a-w- C:\Windows\System32\wpcao.dll 2015-03-19 12:29:29 505C5319786CFF7A9D2CB7C8197B1F1D 532480 ----a-w- C:\Windows\System32\wuapi.dll 2015-03-19 12:29:29 487565A576DCBA47D2E44FA116E15D64 1382912 ----a-w- C:\Windows\System32\WMVSDECD.DLL 2015-03-19 12:29:29 31B74857F3CF3C35136EDBEE15B2ECBF 29184 ----a-w- C:\Windows\System32\wsepno.dll 2015-03-19 12:29:29 1E3137F06CD92ED2654B59D010B13BE7 1580544 ----a-w- C:\Windows\System32\wpccpl.dll 2015-03-19 12:29:29 1CA6C40261DDC0425987980D0CD2AAAB 61440 ----a-w- C:\Windows\System32\wscsvc.dll 2015-03-19 12:29:29 1259E03DCD5F265B23DB738FB075DF8C 155648 ----a-w- C:\Windows\System32\wscript.exe 2015-03-19 12:29:29 10BE37532F4AD750958AB53A786F74BD 140800 ----a-w- C:\Windows\System32\wusa.exe 2015-03-19 12:29:29 0B5AC46982E77CAF3EC1D55C9AC6AB56 223744 ----a-w- C:\Windows\System32\wscntfy.dll 2015-03-19 12:29:29 0832B2F03FDF247F048A2A07810CF5CC 1575936 ----a-w- C:\Windows\System32\WMVENCOD.DLL 2015-03-19 12:29:29 01E1499A7A4FCA7CDE102B60976544C1 1695232 ----a-w- C:\Windows\System32\wuaueng.dll 2015-03-19 12:29:28 C411C80F90D6732380352B98B37BBD53 19968 ----a-w- C:\Windows\System32\winrnr.dll 2015-03-19 12:29:28 B8A609FB5EFB4E44FC1355B1C01C64BC 287744 ----a-w- C:\Windows\System32\Wldap32.dll 2015-03-19 12:29:28 94FF7D87E0639701DF79A40C436149C5 202752 ----a-w- C:\Windows\System32\wlanui.dll 2015-03-19 12:29:28 91D995A67D9447592A1BF21CBC15C628 83456 ----a-w- C:\Windows\System32\wlgpclnt.dll 2015-03-19 12:29:28 8992F45DED6B63B919BDEB6D270FF9C8 135168 ----a-w- C:\Windows\System32\wshom.ocx 2015-03-19 12:29:28 858F65A141F97D3DC404FD32A6F394AD 3217408 ----a-w- C:\Windows\System32\WinSAT.exe 2015-03-19 12:29:28 6A4ACF2A646637BEA955A7263AE0C424 399360 ----a-w- C:\Windows\System32\wlangpui.dll 2015-03-19 12:29:28 627920CFF5DFCF8CF54CF2D592D61307 115712 ----a-w- C:\Windows\System32\WinSCard.dll 2015-03-19 12:29:28 56A1CFFFFC8D646A0388DFBF3EC362CF 244224 ----a-w- C:\Windows\System32\wisptis.exe 2015-03-19 12:29:28 2EEC42B4831B9CECB5AE14D63DAA6704 926184 ----a-w- C:\Windows\System32\winresume.exe 2015-03-19 12:29:28 2EC3531A49A6937446259C540EDE4535 1671680 ----a-w- C:\Windows\System32\wlanpref.dll 2015-03-19 12:29:28 1EDE113859276E4B0F19B80F39E2CC95 50688 ----a-w- C:\Windows\System32\wsnmp32.dll 2015-03-19 12:29:27 934511EFE4461F84CA946B9C0321F365 189952 ----a-w- C:\Windows\System32\winmm.dll 2015-03-19 12:29:27 898E7C06A350D4A1A64A9EA264D55452 314368 ----a-w- C:\Windows\System32\winlogon.exe 2015-03-19 12:29:27 845D8122008558B9A3A5EE81B15C8C46 321536 ----a-w- C:\Windows\System32\WMPhoto.dll 2015-03-19 12:29:27 4DF10CE50010D70152944B51E03588B0 533504 ----a-w- C:\Windows\System32\wmdrmsdk.dll 2015-03-19 12:29:27 3F7572CD9C6DB0B25FE0863F36FF6B76 303616 ----a-w- C:\Windows\System32\wmpeffects.dll 2015-03-19 12:29:27 3159B65312AEC7CDFAD346D5A1C5068B 996352 ----a-w- C:\Windows\System32\WMNetMgr.dll 2015-03-19 12:29:27 2D1179CDEC6B7400105E68F6AC9B4EFE 258048 ----a-w- C:\Windows\System32\winspool.drv 2015-03-19 12:29:27 074DF633D8C15656560F0388AA7F6237 986600 ----a-w- C:\Windows\System32\winload.exe 2015-03-19 12:29:26 F9F9E7F0D4EBAC06334C9BF76C9E11B4 1224192 ----a-w- C:\Windows\System32\sud.dll 2015-03-19 12:29:26 E9E66706083BFE4B0070EE0A5E8D42DB 107612 ----a-w- C:\Windows\System32\StructuredQuerySchema.bin 2015-03-19 12:29:26 8EAE44A2EBCBB5D12C5454573EA1F621 586752 ----a-w- C:\Windows\System32\stobject.dll 2015-03-19 12:29:26 7E04B7EDE397A41D56212238A8F97354 378368 ----a-w- C:\Windows\System32\srcore.dll 2015-03-19 12:29:26 744F08CF9ACFFB1C715191D04DEEE907 301568 ----a-w- C:\Windows\System32\srchadmin.dll 2015-03-19 12:29:26 61BB723E9AF2D1505337402F4AE79E94 55808 ----a-w- C:\Windows\System32\Storprop.dll 2015-03-19 12:29:25 FE78D886A33624E0FA74164B274DE7A8 42496 ----a-w- C:\Windows\System32\slcinst.dll 2015-03-19 12:29:25 F21FD248040681CCA1FB6C9A03AAA93D 311808 ----a-w- C:\Windows\System32\swprv.dll 2015-03-19 12:29:25 E9FE5581D082B176648DEF4F6545309B 103936 ----a-w- C:\Windows\System32\sysclass.dll 2015-03-19 12:29:25 E82FE16FD3F4569EF5D5381901D02EC0 361984 ----a-w- C:\Windows\System32\SLUI.exe 2015-03-19 12:29:25 DA887F28054D78EE8637BEBB924A2DB5 12288 ----a-w- C:\Windows\System32\slwga.dll 2015-03-19 12:29:25 D665F6708EE24DF5B9A0E095ED52ED73 389632 ----a-w- C:\Windows\System32\sysmon.ocx 2015-03-19 12:29:25 C6DF7A87063D006ECF1FD8156CB6DE3F 228352 ----a-w- C:\Windows\System32\SLC.dll 2015-03-19 12:29:25 BCDBB5CEA1E8AEA0FA353691EB003728 92918 ----a-w- C:\Windows\System32\slmgr.vbs 2015-03-19 12:29:25 B8B5311F8EE686E4AE42A45DA63E4AFD 705536 ----a-w- C:\Windows\System32\SmiEngine.dll 2015-03-19 12:29:25 B25DBBA6C63A61FF4AFDB5ADAB4E70CB 134656 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll 2015-03-19 12:29:25 A0D83B84678410994372D7D4BABAF7E0 67584 ----a-w- C:\Windows\System32\slwmi.dll 2015-03-19 12:29:25 9A51B04E9886AA4EE90093586B0BA88D 558080 ----a-w- C:\Windows\System32\sysmain.dll 2015-03-19 12:29:25 98AF15A94CD6AC37248E72E5FE789B35 64000 ----a-w- C:\Windows\System32\smss.exe 2015-03-19 12:29:25 967D0C026913D6A628C4BE8F4EFF2AC6 185856 ----a-w- C:\Windows\System32\SLLUA.exe 2015-03-19 12:29:25 862BB4CBC05D80C5B45BE430E5EF872F 3408896 ----a-w- C:\Windows\System32\SLsvc.exe 2015-03-19 12:29:25 81638E6E467193699B5A800732ECBDE4 83456 ----a-w- C:\Windows\System32\SMBHelperClass.dll 2015-03-19 12:29:25 6EDC422215CD78AA8A9CDE6B30ABBD35 60928 ----a-w- C:\Windows\System32\SLUINotify.dll 2015-03-19 12:29:25 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 2205184 ----a-w- C:\Windows\System32\SyncCenter.dll 2015-03-19 12:29:25 3F1B146BBB4F11E26543938F42257B86 425472 ----a-w- C:\Windows\System32\shwebsvc.dll 2015-03-19 12:29:25 3CEADB7938575606D5334E44A7274B92 777216 ----a-w- C:\Windows\System32\slcc.dll 2015-03-19 12:29:25 1D40A5268C1517BC445BA0053584C4AA 1081344 ----a-w- C:\Windows\System32\SLCExt.dll 2015-03-19 12:29:24 E953D69576A1BF077E709A0231E4714C 289792 ----a-w- C:\Windows\System32\spinstall.exe 2015-03-19 12:29:24 E79FDA8D320147FDC347C504B3487F87 160768 ----a-w- C:\Windows\System32\spoolss.dll 2015-03-19 12:29:24 DEAD790AF988C4C70B6371FC02AA9104 11776 ----a-w- C:\Windows\System32\spwinsat.dll 2015-03-19 12:29:24 B731203932CC0DBEC910A9AABBFEBD43 190464 ----a-w- C:\Windows\System32\sperror.dll 2015-03-19 12:29:24 A2F612CBFEE5268CB7DB88EAF3992454 582144 ----a-w- C:\Windows\System32\SLCommDlg.dll 2015-03-19 12:29:24 A052F8FF7D6C6C32BCDCDA745134E569 524288 ----a-w- C:\Windows\System32\sqlsrv32.dll 2015-03-19 12:29:24 96DD35AB1C1420E0CD70EF9ECD32B825 197632 ----a-w- C:\Windows\System32\SndVol.exe 2015-03-19 12:29:24 73157FFB9EF9E9C61740A5F9CA5C7B17 112640 ----a-w- C:\Windows\System32\spreview.exe 2015-03-19 12:29:24 6F7C27002EA0F9496070A1150C977DEC 9239 ----a-w- C:\Windows\System32\spcinstrumentation.man 2015-03-19 12:29:24 43AEF7355D24090CA7C24C83846BD981 142336 ----a-w- C:\Windows\System32\spp.dll 2015-03-19 12:29:24 39351FB421C6450FBDDB51B4FBA0155D 125952 ----a-w- C:\Windows\System32\softkbd.dll 2015-03-19 12:29:24 27E22847E91344C338016F6A4276F041 164352 ----a-w- C:\Windows\System32\spwizui.dll 2015-03-19 12:29:24 12013A429B4F658D33CB71CA0C7F8703 13312 ----a-w- C:\Windows\System32\spcmsg.dll 2015-03-19 12:29:23 7EE55302291DD7AA5C2237B0CC7D49E1 35680 ----a-w- C:\Windows\System32\TsWpfWrp.exe 2015-03-19 12:29:23 1904DBA08C2D63CE2025CAD78F5DF2BB 38400 ----a-w- C:\Windows\System32\TSTheme.exe 2015-03-19 12:29:22 D30A7946B3207C9DBE40361E3B083716 324096 ----a-w- C:\Windows\System32\untfs.dll 2015-03-19 12:29:22 C5E7F8A996EC0A82D508FD9064A5569E 222720 ----a-w- C:\Windows\System32\umpnpmgr.dll 2015-03-19 12:29:22 B96B60EC821F86D445C9739A0F3DED59 280064 ----a-w- C:\Windows\System32\unimdm.tsp 2015-03-19 12:29:22 7D80F287AEEDD39C03E118E0EBD3311E 342528 ----a-w- C:\Windows\System32\zipfldr.dll 2015-03-19 12:29:22 7A623F6B4C51F6F2BC1A31D5787FC0A7 203264 ----a-w- C:\Windows\System32\uDWM.dll 2015-03-19 12:29:22 75DFEB04C0C978810720283C1B5CD7B1 130008 ----a-w- C:\Windows\System32\systemsf.ebd 2015-03-19 12:29:22 5C9541EFCE477BFCFFD0EF9B1A175457 99840 ----a-w- C:\Windows\System32\ulib.dll 2015-03-19 12:29:22 2A7D73202A7299CD35AC6D0D96128B5B 842240 ----a-w- C:\Windows\System32\systemcpl.dll 2015-03-19 12:29:19 E4060CFE50F87C72316CB0FDB20E4913 170496 ----a-w- C:\Windows\System32\tcpipcfg.dll 2015-03-19 12:29:19 DEB9D08750423069647C3A066CEC7A1B 1576960 ----a-w- C:\Windows\System32\tquery.dll 2015-03-19 12:29:19 D7673E4B38CE21EE54C59EEEB65E2483 242688 ----a-w- C:\Windows\System32\tapisrv.dll 2015-03-19 12:29:19 BB0EB921877A1A7EF15AE2D97A71CBA9 135168 ----a-w- C:\Windows\System32\tcpmon.dll 2015-03-19 12:29:19 AE240477D5C1EB209D172FE9D9D0C121 125952 ----a-w- C:\Windows\System32\tintlgnt.ime 2015-03-19 12:29:18 BB95DA09BEF6E7A131BFF3BA5032090D 449024 ----a-w- C:\Windows\System32\termsrv.dll 2015-03-19 12:29:18 7AF5FFF227F2365B2E37C61F5DC84A01 1152000 ----a-w- C:\Windows\System32\themecpl.dll 2015-03-19 12:29:18 4CF66D8014ECB3BF517E38C5B90AAC74 615424 ----a-w- C:\Windows\System32\themeui.dll 2015-03-19 12:29:18 1D74B130D34A945CA5795C92C1BF8E93 313344 ----a-w- C:\Windows\System32\thawbrkr.dll ====== C:\Windows\system32\drivers ===== 2015-03-19 12:30:14 EEC7EE5675294B03E88AA868540007C1 113664 ----a-w- C:\Windows\System32\drivers\rmcast.sys 2015-03-19 12:30:13 E098C8F476C41E94C7665658EF8C61A5 33280 ----a-w- C:\Windows\System32\drivers\rndismpx.sys 2015-03-19 12:30:13 D9225D107E40D0FA5C5069446759C8E9 33280 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys 2015-03-19 12:30:09 99514FAA8DF93D34B5589187DB3AA0BA 72192 ----a-w- C:\Windows\System32\drivers\pacer.sys 2015-03-19 12:30:09 941DC1D19E7E8620F40BBC206981EFDB 149480 ----a-w- C:\Windows\System32\drivers\pci.sys 2015-03-19 12:30:09 6429D10C5D149AC9EB2D95052A390CFF 43496 ----a-w- C:\Windows\System32\drivers\pciidex.sys 2015-03-19 12:30:09 57389FA59A36D96B3EB09D0CB91E9CDC 54248 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2015-03-19 12:30:08 218286724EC530FF252648369E05B090 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys 2015-03-19 12:30:07 D36F239D7CCE1931598E8FB90A0DBC26 35328 ----a-w- C:\Windows\System32\drivers\npfs.sys 2015-03-19 12:30:07 6A4A98CEE84CF9E99564510DDA4BAA47 1083880 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2015-03-19 12:30:06 85C44FDFF9CF7E72A40DCB7EC06A4416 148480 ----a-w- C:\Windows\System32\drivers\nwifi.sys 2015-03-19 12:30:05 B14C9D5B9ADD2F84F70570BBBFAA7935 225280 ----a-w- C:\Windows\System32\drivers\rdbss.sys 2015-03-19 12:30:05 6482707F9F4DA0ECBAB43B2E0398A101 148992 ----a-w- C:\Windows\System32\drivers\rfcomm.sys 2015-03-19 12:30:05 509A98DD18AF4375E1FC40BC175F1DEF 41472 ----a-w- C:\Windows\System32\drivers\raspppoe.sys 2015-03-19 12:30:05 30BFBDFB7F95559EDE971F9DDB9A00BA 180736 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2015-03-19 12:30:05 2005F4A1E05FA09389AC85840F0A9E4D 69120 ----a-w- C:\Windows\System32\drivers\rassstp.sys 2015-03-19 12:30:02 7F64EA048DCFAC7ACF8B4D7B4E6FE371 141288 ----a-w- C:\Windows\System32\drivers\ecache.sys 2015-03-19 12:30:01 FB85F7F69E9B109820409243F578CC4D 626176 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2015-03-19 12:30:01 C8D5369BFE193B5FB53337DCE77CE314 76288 ----a-w- C:\Windows\System32\drivers\dxg.sys 2015-03-19 12:30:01 C67EBF9C05531C406E1E079FF669A2E6 27624 ----a-w- C:\Windows\System32\drivers\Dumpata.sys 2015-03-19 12:30:01 22B408651F9123527BCEE54B4F6C5CAE 136704 ----a-w- C:\Windows\System32\drivers\exfat.sys 2015-03-19 12:30:00 5D4AEFC3386920236A548271F8F1AF6A 53736 ----a-w- C:\Windows\System32\drivers\disk.sys 2015-03-19 12:30:00 494075282E23D838F43A4C9FB7143959 19456 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2015-03-19 12:29:59 CCA4B519B17E23A00B826C55716809CC 12800 ----a-w- C:\Windows\System32\drivers\hidusb.sys 2015-03-19 12:29:59 5961CADB7CAD938368D2028725EF771D 39424 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2015-03-19 12:29:59 1E9B9A70D332103C52995E957DC09EF8 142848 ----a-w- C:\Windows\System32\drivers\fastfat.sys 2015-03-19 12:29:59 062452B7FFD68C8C042A6261FE8DFF4A 561152 ----a-w- C:\Windows\System32\drivers\hdaudbus.sys 2015-03-19 12:29:59 01334F9EA68E6877C4EF05D3EA8ABB05 190424 ----a-w- C:\Windows\System32\drivers\fltMgr.sys 2015-03-19 12:29:58 73594DBC99E22958150192EE99BC48CE 99816 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2015-03-19 12:29:58 64B0052340B8EC28FA8A56B708AE71CC 109032 ----a-w- C:\Windows\System32\drivers\ataport.sys 2015-03-19 12:29:58 1F05B78AB91C9075565A9D8A4B880BC4 19944 ----a-w- C:\Windows\System32\drivers\atapi.sys 2015-03-19 12:29:57 B1564976D98E91FC764D5DC28A0297DA 93696 ----a-w- C:\Windows\System32\drivers\bridge.sys 2015-03-19 12:29:57 82B296AE1892FE3DBEE00C9CF92F8AC7 265688 ----a-w- C:\Windows\System32\drivers\acpi.sys 2015-03-19 12:29:57 6D39C954799B63BA866910234CF7D726 22528 ----a-w- C:\Windows\System32\drivers\bthenum.sys 2015-03-19 12:29:57 36975327EF03949CC378AB01E316B574 35304 ----a-w- C:\Windows\System32\drivers\crashdmp.sys 2015-03-19 12:29:54 6B4BFFB9BECD728097024276430DB314 67072 ----a-w- C:\Windows\System32\drivers\cdrom.sys 2015-03-19 12:29:53 94E2941280E3756A5E0BCB467865C43A 29696 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS 2015-03-19 12:29:52 5A3ABAA2F8EECE7AEFB942773766E3DB 507904 ----a-w- C:\Windows\System32\drivers\bthport.sys 2015-03-19 12:29:51 0767B09C74D935A590B4879D14463B64 125928 ----a-w- C:\Windows\System32\drivers\Classpnp.sys 2015-03-19 12:29:42 82CEA0395524AACFEB58BA1448E8325C 114688 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2015-03-19 12:29:41 ECD64230A59CBD93C85F1CD1CAB9F3F6 185856 ----a-w- C:\Windows\System32\drivers\netbt.sys 2015-03-19 12:29:41 818F648618AE34F729FDB47EC68345C3 121344 ----a-w- C:\Windows\System32\drivers\ndiswan.sys 2015-03-19 12:29:41 6A57B5733D4CB702C8EA4542E836B96C 48104 ----a-w- C:\Windows\System32\drivers\mup.sys 2015-03-19 12:29:41 1357274D1883F68300AEADD15D7BBB42 527848 ----a-w- C:\Windows\System32\drivers\ndis.sys 2015-03-19 12:29:41 063EE4D3CB88A14EAB9901875CEE98B1 223208 ----a-w- C:\Windows\System32\drivers\netio.sys 2015-03-19 12:29:40 B49456D70555DE905C311BCDA6EC6ADB 161752 ----a-w- C:\Windows\System32\drivers\msrpc.sys 2015-03-19 12:29:40 232FA340531D940AAC623B121A595034 180712 ----a-w- C:\Windows\System32\drivers\msiscsi.sys 2015-03-19 12:29:35 EF73C1E29FBE7B0FD0274BF4394E346A 149504 ----a-w- C:\Windows\System32\drivers\ks.sys 2015-03-19 12:29:35 EDE59EC70E25C24581ADD1FBEC7325F7 17408 ----a-w- C:\Windows\System32\drivers\kbdhid.sys 2015-03-19 12:29:32 BE3DA31C191BC222D9AD503C5224F2AD 65536 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2015-03-19 12:29:31 A1C100A87D981AD0774FBC0B4B82E913 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys 2015-03-19 12:29:31 4A5C31E2C1646034E6A60EBA4C747FF6 33280 ----a-w- C:\Windows\System32\drivers\watchdog.sys 2015-03-19 12:29:30 23E41B834759917BFD6B9A0D625D0C28 292840 ----a-w- C:\Windows\System32\drivers\volmgrx.sys 2015-03-19 12:29:30 147281C01FCB1DF9252DE2A10D5E7093 226280 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2015-03-19 12:29:26 70A92E46A2F459CDEDE3CA558CB26B6A 52992 ----a-w- C:\Windows\System32\drivers\stream.sys 2015-03-19 12:29:26 47E55AFE1ED1D5AFF09690DB226F4A7A 122344 ----a-w- C:\Windows\System32\drivers\Storport.sys 2015-03-19 12:29:25 7B75299A4D201D6A6533603D6914AB04 66560 ----a-w- C:\Windows\System32\drivers\smb.sys 2015-03-19 12:29:24 A7F8BAD9590ADDC425B4003E94780DFA 684032 ----a-w- C:\Windows\System32\drivers\spsys.sys 2015-03-19 12:29:23 D9728AF68C4C7693CB100B8441CBDEC6 226816 ----a-w- C:\Windows\System32\drivers\udfs.sys 2015-03-19 12:29:22 EAE017D3AA298374A1967B96C379C5AB 25856 ----a-w- C:\Windows\System32\drivers\USBCAMD2.sys 2015-03-19 12:29:22 D06F193F3E9CC3B356DF97F6A43C054A 25856 ----a-w- C:\Windows\System32\drivers\USBCAMD.sys 2015-03-19 12:29:22 830D5D8456B822C1247C1E59B4C464FA 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2015-03-19 12:29:22 79E96C23A97CE7B8F14D310DA2DB0C9B 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2015-03-19 12:29:22 4673BBCB006AF60E7ABDDBE7A130BA42 196096 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2015-03-19 12:29:22 35C9095FA7076466AFBFC5B9EC4B779E 15872 ----a-w- C:\Windows\System32\drivers\usb8023x.sys 2015-03-19 12:29:22 32DB9517628FF0D070682AAB61E688F0 73216 ----a-w- C:\Windows\System32\drivers\USBAUDIO.sys 2015-03-19 12:29:18 76B06EB8A01FC8624D699E7045303E54 72192 ----a-w- C:\Windows\System32\drivers\tdx.sys 2015-03-19 12:29:18 3CAD38910468EAB9A6479E2F01DB43C7 53224 ----a-w- C:\Windows\System32\drivers\termdd.sys ====== C:\Windows\Tasks ====== 2015-03-13 23:20:59 F17A98760CD76BDF00310DB03D4D4677 3050 ----a-w- C:\Windows\system32\Tasks\{AE2EB641-34CB-4295-95FF-C85FCC9D91DB} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-03-18 19:24:35 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Users\annick\AppData\Roaming ====== ====== C:\Users\annick ====== 2015-03-19 12:15:18 4A7FD28D0D3012D7C1B6A3785B54D152 498580680 ----a-w- C:\Users\annick\Downloads\Windows6.0-KB948465-X86.exe 2015-03-18 19:24:24 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\annick\Downloads\RSIT (5).exe 2015-03-18 19:12:21 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\annick\Downloads\RSIT (4).exe 2015-03-18 19:12:21 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\annick\Downloads\RSIT (3).exe 2015-03-18 19:10:17 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\annick\Downloads\RSIT (2).exe 2015-03-18 19:09:00 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\annick\Downloads\RSIT (1).exe 2015-03-18 19:08:25 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\annick\Downloads\RSITx64.exe 2015-03-18 19:08:02 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\annick\Downloads\RSIT.exe 2015-03-15 22:09:19 -------- d-----w- C:\ProgramData\Kaspersky Lab Setup Files 2015-03-15 22:03:15 A539A23174E6EDEAE2FC39EEFEFF3029 196444992 ----a-w- C:\Users\annick\Downloads\kts15.0.2.361en_7342 (1).exe 2015-03-15 21:46:11 4B8C3B1208B4BF9ABD767254F08607B1 14916896 ----a-w- C:\Users\annick\Downloads\aso3setup_25520_25520_25520.exe 2015-03-13 23:20:34 D5F4AB6063B3B3795B1C0F0CF30C7DFB 359656 ----a-w- C:\Users\annick\Downloads\msicuu2.exe ====== C: exe-files == 2015-03-19 12:41:36 73157FFB9EF9E9C61740A5F9CA5C7B17 112640 ----a-w- C:\Windows\System32\SPReview\spreview.exe 2015-03-19 12:33:13 85C04F75503F73C21AEC0AEB815065B9 57856 ----a-w- C:\Windows\System32\compcln.exe 2015-03-19 12:30:14 C9EE7FF225EAC1CB9C78C413667CDB80 87552 ----a-w- C:\Windows\System32\SearchFilterHost.exe 2015-03-19 12:30:14 B5EF1DA337DB9859709A387638AC5E07 185344 ----a-w- C:\Windows\System32\SearchProtocolHost.exe 2015-03-19 12:30:14 AED0DFF80C6B3914769407E78D7AB21A 441344 ----a-w- C:\Windows\System32\SearchIndexer.exe 2015-03-19 12:30:08 DE4DAA15B2405AB4D5B2476F1B7C8F1E 58368 ----a-w- C:\Windows\System32\PnPUnattend.exe 2015-03-19 12:30:08 13E4FB6985AC5744609E4289319BF220 33280 ----a-w- C:\Windows\System32\PnPutil.exe 2015-03-19 12:30:07 BCAA8437FC3CC898C76BA120F88CFBCD 82944 ----a-w- C:\Windows\System32\nslookup.exe 2015-03-19 12:30:07 6C235B6FF358E8CA7D6CD2954C1F933E 130560 ----a-w- C:\Windows\System32\PkgMgr.exe 2015-03-19 12:30:06 CE89D942BECC4E4350FC76D4A0443997 16896 ----a-w- C:\Windows\System32\rasdial.exe 2015-03-19 12:30:06 BC89C1733F25EEADD9C765D2C9C0E8B8 35840 ----a-w- C:\Windows\System32\ocsetup.exe 2015-03-19 12:30:06 877F2939794EBA4F3D1BB967007E99E8 182272 ----a-w- C:\Windows\System32\osk.exe 2015-03-19 12:30:05 DE4E8E68DE8CFBEB1B5C6B6E6022D98C 61952 ----a-w- C:\Windows\System32\reg.exe 2015-03-19 12:30:05 CB3860A11E8D3A91658E18753C183DA4 666624 ----a-w- C:\Windows\System32\printfilterpipelinesvc.exe 2015-03-19 12:30:05 79DB32BA1FED01EC05A5D5158CF1A279 43520 ----a-w- C:\Windows\System32\rekeywiz.exe 2015-03-19 12:30:04 3F903BDD206EB3C688651048B5E304E1 1081856 ----a-w- C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe 2015-03-19 12:30:03 D4E6D91C1349B7BFB3599A6ADA56851B 279552 ----a-w- C:\Windows\System32\services.exe 2015-03-19 12:30:03 291B27D159AE56A049C1526AF4B3957E 627200 ----a-w- C:\Windows\System32\sethc.exe 2015-03-19 12:30:01 D07D4C3038F3578FFCE1C0237F2A1253 2926592 ----a-w- C:\Windows\explorer.exe 2015-03-19 12:30:01 7095D31979FFB0B917987B388779BD01 205824 ----a-w- C:\Windows\System32\eudcedit.exe 2015-03-19 12:30:01 01DD1004181FD46ECDC3628228EB269D 81920 ----a-w- C:\Windows\System32\dwm.exe 2015-03-19 12:30:00 A9F36F9BEC6F23F5B6EDF1EB4D1AA452 119808 ----a-w- C:\Windows\System32\diskpart.exe 2015-03-19 12:30:00 2CC3DCFB533A1035B13DCAB6160AB38B 2092544 ----a-w- C:\Windows\System32\dfsr.exe 2015-03-19 12:30:00 29B84718CDCBCA66A47B64AA2B02318F 407040 ----a-w- C:\Windows\System32\dpapimig.exe 2015-03-19 12:30:00 206B492CC40E0E0C01F6EA73F724AB9A 230912 ----a-w- C:\Windows\System32\diskraid.exe 2015-03-19 12:29:59 F01C34454A2DBA34439C2FB2B6CDDB9A 128000 ----a-w- C:\Windows\System32\gpresult.exe 2015-03-19 12:29:59 BADB6B77C2C9F729528543D79418429F 16896 ----a-w- C:\Windows\System32\gpupdate.exe 2015-03-19 12:29:59 6ED28075D6D9E0C0464048A30432A142 721408 ----a-w- C:\Program Files\Microsoft Games\Hearts\Hearts.exe 2015-03-19 12:29:59 520FCEF4D87E37C17BB6D554B2A332E8 463872 ----a-w- C:\Windows\System32\IasMigReader.exe 2015-03-19 12:29:59 488F6147CBBF38ADFA29710537E02E61 194048 ----a-w- C:\Windows\System32\drvinst.exe 2015-03-19 12:29:59 3105CFE0ADAAED21148597001478E89F 19968 ----a-w- C:\Windows\System32\fc.exe 2015-03-19 12:29:59 21AD332BE723EFE40D9F32AD97BA8376 724480 ----a-w- C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe 2015-03-19 12:29:59 1BAF5FE4C31D20CF805B2FA7A7C2B886 80384 ----a-w- C:\Windows\System32\hdwwiz.exe 2015-03-19 12:29:59 186954438DE3DDBF0B46F895B7936DE3 60928 ----a-w- C:\Windows\System32\findstr.exe 2015-03-19 12:29:58 A59DCD3DB4E966582F6FA83F2977C137 196608 ----a-w- C:\Windows\System32\fsquirt.exe 2015-03-19 12:29:58 A59DCD3DB4E966582F6FA83F2977C137 196608 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bth.inf_00899617\fsquirt.exe 2015-03-19 12:29:58 34DA5AE04CA114B23D93CD9D4D05FCB7 636416 ----a-w- C:\Windows\System32\autofmt.exe 2015-03-19 12:29:58 3437B9E218A2E4586BEF4F7A3BD00777 88576 ----a-w- C:\Windows\System32\audiodg.exe 2015-03-19 12:29:58 1E2940E465AA5B2C4840E8D220BF1F32 41984 ----a-w- C:\Windows\System32\ftp.exe 2015-03-19 12:29:58 15B7BDA10B91FE62466F2A18682C16E8 656896 ----a-w- C:\Windows\System32\autoconv.exe 2015-03-19 12:29:58 10761177A6EBE45843F443E99509F5E7 643072 ----a-w- C:\Windows\System32\autochk.exe 2015-03-19 12:29:57 6080A176D09435FC8E6E800996656E18 69120 ----a-w- C:\Windows\System32\conime.exe 2015-03-19 12:29:56 86497C6A9825B6252804D5C4E189AA67 49152 ----a-w- C:\Windows\System32\cmmon32.exe 2015-03-19 12:29:56 5AAE542EBB0F3CA7C1E5E6D5457BA2CE 65536 ----a-w- C:\Windows\System32\DevicePairingWizard.exe 2015-03-19 12:29:56 5A736A107416E9B55D5B5F77B06921B4 46080 ----a-w- C:\Windows\System32\csrstub.exe 2015-03-19 12:29:56 493083D1BF3D62A2C2C6BE1D2194289E 26112 ----a-w- C:\Windows\System32\DeviceEject.exe 2015-03-19 12:29:55 63F2534E7E063B4F2054433597D7A1B9 135168 ----a-w- C:\Windows\System32\cscript.exe 2015-03-19 12:29:53 7F5936A3FF5E83272EA1DC8985B2A228 34304 ----a-w- C:\Windows\System32\bthudtask.exe 2015-03-19 12:29:52 701E62EE60DAFD5B6951B6999CB01F95 44032 ----a-w- C:\Windows\System32\cbsra.exe 2015-03-19 12:29:52 055C9B5A3E4D2100F5607087B2B006F9 2944512 ----a-w- C:\Program Files\Movie Maker\CaptureWizard.exe 2015-03-19 12:29:51 9E447B628CBF81F006218E7B6127B7E2 58368 ----a-w- C:\Windows\System32\cipher.exe 2015-03-19 12:29:50 56C182F55BF68556C974E9AD32BF56BF 215552 ----a-w- C:\Windows\System32\certreq.exe 2015-03-19 12:29:49 4533F3B0E9AD11A1C02B191F5D873DE2 799744 ----a-w- C:\Windows\System32\certutil.exe 2015-03-19 12:29:48 C559672F31ABE6BA7277DD73C4502238 73216 ----a-w- C:\Windows\System32\msiexec.exe 2015-03-19 12:29:40 DD251E13AAAA5F5AF09934759A4E1FC5 74752 ----a-w- C:\Windows\System32\newdev.exe 2015-03-19 12:29:40 D3D1CE8FF30786D50272DA3085149904 408064 ----a-w- C:\Windows\System32\msinfo32.exe 2015-03-19 12:29:40 D3D1CE8FF30786D50272DA3085149904 408064 ----a-w- C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe 2015-03-19 12:29:40 574F7EB2D1A291C99324D9EFC2ACC2B9 1315840 ----a-w- C:\Windows\System32\oobe\msoobe.exe 2015-03-19 12:29:39 EB851C302B2A75908FE5AF34472A08BC 361472 ----a-w- C:\Windows\System32\IME\IMETC10\IMTCPROP.exe 2015-03-19 12:29:38 F13604BABB4C2AF86E0D2858A2EEC4CF 87552 ----a-w- C:\Windows\System32\IME\IMESC5\IMSCPROP.exe 2015-03-19 12:29:38 EBAE6CE901EDB7F0F794589BF5FDF695 619864 ----a-w- C:\Windows\System32\icardagt.exe 2015-03-19 12:29:38 A8986E339A9215B9410484814224531E 299520 ----a-w- C:\Program Files\Internet Explorer\ieuser.exe 2015-03-19 12:29:38 A5CBBED853E6183D4E067B42B73A20DA 26624 ----a-w- C:\Windows\System32\ipconfig.exe 2015-03-19 12:29:38 2C5168C856455CC43C4B4E1CC1920001 636080 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2015-03-19 12:29:37 DC289E2856F08B26A474BC8826B1B5BA 105472 ----a-w- C:\Windows\System32\IME\IMEJP10\imjpuexc.exe 2015-03-19 12:29:37 D3D0B9D1491F62B489DA0CE2CF091129 252416 ----a-w- C:\Windows\System32\IME\shared\IMEPADSV.EXE 2015-03-19 12:29:37 C9B9E01C077CEA69CD51F4C9FB3510C2 285184 ----a-w- C:\Windows\System32\IME\shared\IMCCPHR.exe 2015-03-19 12:29:37 C839042193F589E667FAF1D4474DD468 60416 ----a-w- C:\Windows\System32\IME\IMEJP10\IMJPMGR.EXE 2015-03-19 12:29:37 BCD818D60A94614B79E3CCA1204882AE 87040 ----a-w- C:\Program Files\Internet Explorer\iedw.exe 2015-03-19 12:29:37 A547F2E6EE21B65A9EC308F9AD9715C5 310784 ----a-w- C:\Windows\System32\IME\IMEJP10\IMJPDCT.EXE 2015-03-19 12:29:37 9F43A02154881DCB6AF350D0C361F339 59392 ----a-w- C:\Windows\System32\IME\IMEJP10\IMJPDSVR.EXE 2015-03-19 12:29:37 8C40C45EBA2DBFB487415A66E43906D6 44544 ----a-w- C:\Windows\System32\IME\IMEJP10\IMJPUEX.EXE 2015-03-19 12:29:37 319A08B6652EB7F2CDA681DF4F1DA7C6 24064 ----a-w- C:\Windows\System32\IME\IMEJP10\imjppdmg.exe 2015-03-19 12:29:36 C8C383E6AA546780B2AD3034D6F6ACEF 958464 ----a-w- C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe 2015-03-19 12:29:36 BB96D0590B491CDEA2EBF6D697BE8976 1792512 ----a-w- C:\Windows\System32\mmc.exe 2015-03-19 12:29:35 338104E0E18307CD65604FE317B5FB8D 950272 ----a-w- C:\Windows\System32\mblctr.exe 2015-03-19 12:29:34 E47C854A28A81F2939F42CBE9FEA994C 710144 ----a-w- C:\Windows\System32\Magnify.exe 2015-03-19 12:29:34 D29E2C7FECB1F1027DAE779B00A3E956 57344 ----a-w- C:\Windows\System32\logman.exe 2015-03-19 12:29:34 C634E1F76E1FCA6D010F279A2FFF95E6 94720 ----a-w- C:\Windows\System32\logagent.exe 2015-03-19 12:29:34 BF899F57858B8C6F162D9EEB2370641C 1143296 ----a-w- C:\Windows\System32\wercon.exe 2015-03-19 12:29:34 22F3DFB7C939D601C4F9672035908C41 405992 ----a-w- C:\Windows\Boot\PCAT\memtest.exe 2015-03-19 12:29:33 DA06BE393317EA5756B218633A537B47 860160 ----a-w- C:\Windows\System32\WerFaultSecure.exe 2015-03-19 12:29:33 2C2DE9CD93DD4F11F8715B7334EB40A7 163840 ----a-w- C:\Windows\System32\wevtutil.exe 2015-03-19 12:29:32 CD88D1B7776DC17A119049742EC07EB4 385536 ----a-w- C:\Windows\System32\vds.exe 2015-03-19 12:29:32 7F79769473C0DDEDC7CC3D9D0139DA44 58368 ----a-w- C:\Program Files\Movie Maker\VideoCameraAutoPlayManager.exe 2015-03-19 12:29:32 7BEDD051B53821B040EAD42DB0724848 217088 ----a-w- C:\Windows\System32\WerFault.exe 2015-03-19 12:29:32 790222D6CCFC576F0D07D418E6115D85 967680 ----a-w- C:\Program Files\Windows Calendar\WinCal.exe 2015-03-19 12:29:32 52BC119E49F88F2A5D1466230B1275C7 403968 ----a-w- C:\Program Files\Windows Collaboration\WinCollab.exe 2015-03-19 12:29:31 10FB8976B556A75098868CFFAD6DC576 638976 ----a-w- C:\Windows\System32\Utilman.exe 2015-03-19 12:29:30 DB3D19F850C6EB32BDCB9BC0836ACDDB 1055232 ----a-w- C:\Windows\System32\VSSVC.exe 2015-03-19 12:29:29 D2552AAE81031C42FA26E19AA9A5E04E 299368 ----a-w- C:\Windows\System32\XPSViewer\XPSViewer.exe 2015-03-19 12:29:29 1259E03DCD5F265B23DB738FB075DF8C 155648 ----a-w- C:\Windows\System32\wscript.exe 2015-03-19 12:29:29 10BE37532F4AD750958AB53A786F74BD 140800 ----a-w- C:\Windows\System32\wusa.exe 2015-03-19 12:29:28 858F65A141F97D3DC404FD32A6F394AD 3217408 ----a-w- C:\Windows\System32\WinSAT.exe 2015-03-19 12:29:28 56A1CFFFFC8D646A0388DFBF3EC362CF 244224 ----a-w- C:\Windows\System32\wisptis.exe 2015-03-19 12:29:28 2EEC42B4831B9CECB5AE14D63DAA6704 926184 ----a-w- C:\Windows\System32\winresume.exe 2015-03-19 12:29:28 2EEC42B4831B9CECB5AE14D63DAA6704 926184 ----a-w- C:\Windows\System32\Boot\winresume.exe 2015-03-19 12:29:27 F8D8BB3F6173FFF00128612F33D3197A 117248 ----a-w- C:\Windows\System32\wbem\WMIADAP.exe 2015-03-19 12:29:27 9495FCC01D7AB7B60E5B8BA7AEFE9E3D 247296 ----a-w- C:\Windows\System32\wbem\WmiPrvSE.exe 2015-03-19 12:29:27 898E7C06A350D4A1A64A9EA264D55452 314368 ----a-w- C:\Windows\System32\winlogon.exe 2015-03-19 12:29:27 43BE3875207DCB62A85C8C49970B66CC 137728 ----a-w- C:\Windows\System32\wbem\WmiApSrv.exe 2015-03-19 12:29:27 074DF633D8C15656560F0388AA7F6237 986600 ----a-w- C:\Windows\System32\winload.exe 2015-03-19 12:29:27 074DF633D8C15656560F0388AA7F6237 986600 ----a-w- C:\Windows\System32\Boot\winload.exe 2015-03-19 12:29:25 E82FE16FD3F4569EF5D5381901D02EC0 361984 ----a-w- C:\Windows\System32\SLUI.exe 2015-03-19 12:29:25 9E35FF7F943AE0FB89192BFE058B7FD4 1233920 ----a-w- C:\Program Files\Windows Sidebar\sidebar.exe 2015-03-19 12:29:25 98AF15A94CD6AC37248E72E5FE789B35 64000 ----a-w- C:\Windows\System32\smss.exe 2015-03-19 12:29:25 967D0C026913D6A628C4BE8F4EFF2AC6 185856 ----a-w- C:\Windows\System32\SLLUA.exe 2015-03-19 12:29:25 862BB4CBC05D80C5B45BE430E5EF872F 3408896 ----a-w- C:\Windows\System32\SLsvc.exe 2015-03-19 12:29:24 E953D69576A1BF077E709A0231E4714C 289792 ----a-w- C:\Windows\System32\spinstall.exe 2015-03-19 12:29:24 96DD35AB1C1420E0CD70EF9ECD32B825 197632 ----a-w- C:\Windows\System32\SndVol.exe 2015-03-19 12:29:24 73157FFB9EF9E9C61740A5F9CA5C7B17 112640 ----a-w- C:\Windows\System32\spreview.exe 2015-03-19 12:29:24 401A203AB058DEC44BD44AA81BF2CB64 735232 ----a-w- C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe 2015-03-19 12:29:24 07302F014858D038CB93CC349505D0E6 732160 ----a-w- C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe 2015-03-19 12:29:23 7EE55302291DD7AA5C2237B0CC7D49E1 35680 ----a-w- C:\Windows\System32\TsWpfWrp.exe 2015-03-19 12:29:23 1904DBA08C2D63CE2025CAD78F5DF2BB 38400 ----a-w- C:\Windows\System32\TSTheme.exe 2015-03-19 12:29:22 8274C87726D4561EE8750D883764ACC1 37888 ----a-w- C:\Windows\System32\wbem\unsecapp.exe 2015-03-19 12:29:19 97D9D6A04E3AD9B6C626B9931DB78DBA 39424 ----a-w- C:\Windows\servicing\TrustedInstaller.exe 2015-03-19 12:15:18 4A7FD28D0D3012D7C1B6A3785B54D152 498580680 ----a-w- C:\Users\annick\Downloads\Windows6.0-KB948465-X86.exe 2015-03-18 19:24:35 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\annick.exe 2015-03-18 19:24:24 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\annick\Downloads\RSIT (5).exe 2015-03-18 19:12:21 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\annick\Downloads\RSIT (4).exe 2015-03-18 19:12:21 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\annick\Downloads\RSIT (3).exe 2015-03-18 19:10:17 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\annick\Downloads\RSIT (2).exe 2015-03-18 19:09:00 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\annick\Downloads\RSIT (1).exe 2015-03-18 19:08:25 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\annick\Downloads\RSITx64.exe 2015-03-18 19:08:02 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\annick\Downloads\RSIT.exe 2015-03-17 07:16:40 74557BFD04530E512DBB9C151C4DA110 499384 ----a-w- C:\Users\annick\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe 2015-03-15 22:03:15 A539A23174E6EDEAE2FC39EEFEFF3029 196444992 ----a-w- C:\Users\annick\Downloads\kts15.0.2.361en_7342 (1).exe 2015-03-15 21:46:11 4B8C3B1208B4BF9ABD767254F08607B1 14916896 ----a-w- C:\Users\annick\Downloads\aso3setup_25520_25520_25520.exe 2015-03-13 23:20:34 D5F4AB6063B3B3795B1C0F0CF30C7DFB 359656 ----a-w- C:\Users\annick\Downloads\msicuu2.exe 2015-03-13 10:39:47 7DF547F2E361A6ADC8DFAF9544C6A283 10033232 ----a-w- C:\Program Files\Google\Update\Install\{0E97E2DC-F9AA-4D65-A513-921028A61496}\41.0.2272.89_40.0.2214.115_chrome_updater.exe 2015-03-13 10:39:47 7DF547F2E361A6ADC8DFAF9544C6A283 10033232 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.89\41.0.2272.89_40.0.2214.115_chrome_updater.exe === C: other files == 2015-03-19 13:40:27 0C3E207DDDC5C465E790417E58EBD932 84 ---ha-w- C:\Program Files\Common Files\X10\Common\x10prod.sys 2015-03-19 12:30:14 EEC7EE5675294B03E88AA868540007C1 113664 ----a-w- C:\Windows\System32\drivers\rmcast.sys 2015-03-19 12:30:14 8F36B54688C31EED4580129040C6A3D3 89088 ----a-w- C:\Windows\System32\DriverStore\FileRepository\sdbus.inf_cbadf2d2\sdbus.sys 2015-03-19 12:30:13 E098C8F476C41E94C7665658EF8C61A5 33280 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_e5fc9df6\rndismpx.sys 2015-03-19 12:30:13 E098C8F476C41E94C7665658EF8C61A5 33280 ----a-w- C:\Windows\System32\drivers\rndismpx.sys 2015-03-19 12:30:13 D9225D107E40D0FA5C5069446759C8E9 33280 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys 2015-03-19 12:30:13 37CA203F8CCF732CD272A27E55B268C4 82408 ----a-w- C:\Windows\System32\DriverStore\FileRepository\sbp2.inf_dd2a3429\sbp2port.sys 2015-03-19 12:30:09 99514FAA8DF93D34B5589187DB3AA0BA 72192 ----a-w- C:\Windows\System32\drivers\pacer.sys 2015-03-19 12:30:09 941DC1D19E7E8620F40BBC206981EFDB 149480 ----a-w- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\pci.sys 2015-03-19 12:30:09 941DC1D19E7E8620F40BBC206981EFDB 149480 ----a-w- C:\Windows\System32\drivers\pci.sys 2015-03-19 12:30:09 6429D10C5D149AC9EB2D95052A390CFF 43496 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\pciidex.sys 2015-03-19 12:30:09 6429D10C5D149AC9EB2D95052A390CFF 43496 ----a-w- C:\Windows\System32\drivers\pciidex.sys 2015-03-19 12:30:09 57389FA59A36D96B3EB09D0CB91E9CDC 54248 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2015-03-19 12:30:09 3BB2244F343B610C29C98035504C9B75 177640 ----a-w- C:\Windows\System32\DriverStore\FileRepository\pcmcia.inf_5be8d19f\pcmcia.sys 2015-03-19 12:30:09 1636D43F10416AEB483BC6001097B26C 14312 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\pciide.sys 2015-03-19 12:30:08 218286724EC530FF252648369E05B090 167936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_84db3286\portcls.sys 2015-03-19 12:30:08 218286724EC530FF252648369E05B090 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys 2015-03-19 12:30:07 D36F239D7CCE1931598E8FB90A0DBC26 35328 ----a-w- C:\Windows\System32\drivers\npfs.sys 2015-03-19 12:30:07 6A4A98CEE84CF9E99564510DDA4BAA47 1083880 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2015-03-19 12:30:06 85C44FDFF9CF7E72A40DCB7EC06A4416 148480 ----a-w- C:\Windows\System32\drivers\nwifi.sys 2015-03-19 12:30:06 6F310E890D46E246E0E261A63D9B36B4 62208 ----a-w- C:\Windows\System32\DriverStore\FileRepository\1394.inf_5e025c7c\ohci1394.sys 2015-03-19 12:30:05 B14C9D5B9ADD2F84F70570BBBFAA7935 225280 ----a-w- C:\Windows\System32\drivers\rdbss.sys 2015-03-19 12:30:05 943B18305EAE3935598A9B4A3D560B4C 248320 ----a-w- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\rdpdr.sys 2015-03-19 12:30:05 6482707F9F4DA0ECBAB43B2E0398A101 148992 ----a-w- C:\Windows\System32\DriverStore\FileRepository\tdibth.inf_16daba33\rfcomm.sys 2015-03-19 12:30:05 6482707F9F4DA0ECBAB43B2E0398A101 148992 ----a-w- C:\Windows\System32\drivers\rfcomm.sys 2015-03-19 12:30:05 509A98DD18AF4375E1FC40BC175F1DEF 41472 ----a-w- C:\Windows\System32\drivers\raspppoe.sys 2015-03-19 12:30:05 30BFBDFB7F95559EDE971F9DDB9A00BA 180736 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2015-03-19 12:30:05 2005F4A1E05FA09389AC85840F0A9E4D 69120 ----a-w- C:\Windows\System32\drivers\rassstp.sys 2015-03-19 12:30:03 E5EAFE85815BD89095FEF3144A09AB68 12288 ----a-w- C:\Windows\System32\DriverStore\FileRepository\sffdisk.inf_f081f8b7\sffp_mmc.sys 2015-03-19 12:30:03 9F66A46C55D6F1CCABC79BB7AFCCC545 11776 ----a-w- C:\Windows\System32\DriverStore\FileRepository\sffdisk.inf_f081f8b7\sffp_sd.sys 2015-03-19 12:30:02 7F64EA048DCFAC7ACF8B4D7B4E6FE371 141288 ----a-w- C:\Windows\System32\drivers\ecache.sys 2015-03-19 12:30:01 FB85F7F69E9B109820409243F578CC4D 626176 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2015-03-19 12:30:01 C8D5369BFE193B5FB53337DCE77CE314 76288 ----a-w- C:\Windows\System32\drivers\dxg.sys 2015-03-19 12:30:01 C67EBF9C05531C406E1E079FF669A2E6 27624 ----a-w- C:\Windows\System32\drivers\Dumpata.sys 2015-03-19 12:30:01 22B408651F9123527BCEE54B4F6C5CAE 136704 ----a-w- C:\Windows\System32\drivers\exfat.sys 2015-03-19 12:30:00 A81AB23EDDB4693612014D87367D014C 6656 ----a-w- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_62085e44\errdev.sys 2015-03-19 12:30:00 5D4AEFC3386920236A548271F8F1AF6A 53736 ----a-w- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys 2015-03-19 12:30:00 5D4AEFC3386920236A548271F8F1AF6A 53736 ----a-w- C:\Windows\System32\drivers\disk.sys 2015-03-19 12:30:00 494075282E23D838F43A4C9FB7143959 19456 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2015-03-19 12:29:59 FCB3F4BE408F72C1BD81BCABA87FC22F 30720 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hidbth.inf_e1bc61a9\hidbth.sys 2015-03-19 12:29:59 CCA4B519B17E23A00B826C55716809CC 12800 ----a-w- C:\Windows\System32\DriverStore\FileRepository\input.inf_45f308e6\hidusb.sys 2015-03-19 12:29:59 CCA4B519B17E23A00B826C55716809CC 12800 ----a-w- C:\Windows\System32\drivers\hidusb.sys 2015-03-19 12:29:59 7EBEC5EB56B90ED65A8BBD91464E5CFB 69096 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hpcisss.inf_3d49a363\HpCISSs.sys 2015-03-19 12:29:59 5961CADB7CAD938368D2028725EF771D 39424 ----a-w- C:\Windows\System32\DriverStore\FileRepository\input.inf_45f308e6\hidclass.sys 2015-03-19 12:29:59 5961CADB7CAD938368D2028725EF771D 39424 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2015-03-19 12:29:59 3F90E001369A07243763BD5A523D8722 236544 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdaudio.inf_6740f89c\HdAudio.sys 2015-03-19 12:29:59 1E9B9A70D332103C52995E957DC09EF8 142848 ----a-w- C:\Windows\System32\drivers\fastfat.sys 2015-03-19 12:29:59 062452B7FFD68C8C042A6261FE8DFF4A 561152 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdaudbus.inf_9689af2f\hdaudbus.sys 2015-03-19 12:29:59 062452B7FFD68C8C042A6261FE8DFF4A 561152 ----a-w- C:\Windows\System32\drivers\hdaudbus.sys 2015-03-19 12:29:59 01334F9EA68E6877C4EF05D3EA8ABB05 190424 ----a-w- C:\Windows\System32\drivers\fltMgr.sys 2015-03-19 12:29:58 73594DBC99E22958150192EE99BC48CE 99816 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2015-03-19 12:29:58 64B0052340B8EC28FA8A56B708AE71CC 109032 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\ataport.sys 2015-03-19 12:29:58 64B0052340B8EC28FA8A56B708AE71CC 109032 ----a-w- C:\Windows\System32\drivers\ataport.sys 2015-03-19 12:29:58 1F05B78AB91C9075565A9D8A4B880BC4 19944 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys 2015-03-19 12:29:58 1F05B78AB91C9075565A9D8A4B880BC4 19944 ----a-w- C:\Windows\System32\drivers\atapi.sys 2015-03-19 12:29:57 B1564976D98E91FC764D5DC28A0297DA 93696 ----a-w- C:\Windows\System32\drivers\bridge.sys 2015-03-19 12:29:57 82B296AE1892FE3DBEE00C9CF92F8AC7 265688 ----a-w- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_62085e44\acpi.sys 2015-03-19 12:29:57 82B296AE1892FE3DBEE00C9CF92F8AC7 265688 ----a-w- C:\Windows\System32\drivers\acpi.sys 2015-03-19 12:29:57 6D39C954799B63BA866910234CF7D726 22528 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bth.inf_00899617\bthenum.sys 2015-03-19 12:29:57 6D39C954799B63BA866910234CF7D726 22528 ----a-w- C:\Windows\System32\drivers\bthenum.sys 2015-03-19 12:29:57 36975327EF03949CC378AB01E316B574 35304 ----a-w- C:\Windows\System32\drivers\crashdmp.sys 2015-03-19 12:29:56 78533A10D91C7EA6D5BA6A0CEA07CD62 26112 ----a-w- C:\Windows\System32\DriverStore\FileRepository\clusdisk.inf_1f8551c9\ClusDisk.sys 2015-03-19 12:29:54 6B4BFFB9BECD728097024276430DB314 67072 ----a-w- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys 2015-03-19 12:29:54 6B4BFFB9BECD728097024276430DB314 67072 ----a-w- C:\Windows\System32\drivers\cdrom.sys 2015-03-19 12:29:53 D72BAF07A11DE1DD32855BB897518D53 29696 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bthprint.inf_fa0c9014\BTHPRINT.SYS 2015-03-19 12:29:53 9A966A8E86D1771911AE34A20D11BFF3 41472 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mdmbtmdm.inf_ab57df1e\bthmodem.sys 2015-03-19 12:29:53 94E2941280E3756A5E0BCB467865C43A 29696 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bth.inf_00899617\BTHUSB.SYS 2015-03-19 12:29:53 94E2941280E3756A5E0BCB467865C43A 29696 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS 2015-03-19 12:29:52 5A3ABAA2F8EECE7AEFB942773766E3DB 507904 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bth.inf_00899617\bthport.sys 2015-03-19 12:29:52 5A3ABAA2F8EECE7AEFB942773766E3DB 507904 ----a-w- C:\Windows\System32\drivers\bthport.sys 2015-03-19 12:29:51 D7659D3B5B92C31E84E53C1431F35132 245736 ----a-w- C:\Windows\System32\clfs.sys 2015-03-19 12:29:51 0767B09C74D935A590B4879D14463B64 125928 ----a-w- C:\Windows\System32\drivers\Classpnp.sys 2015-03-19 12:29:46 2C563AEF15B8D0014C36C5F27742AC7B 93160 ----a-w- C:\Windows\System32\DriverStore\FileRepository\msdsm.inf_2952f7e7\msdsm.sys 2015-03-19 12:29:43 5DA347912FD3AF24D7BFB3DE519D4BD0 107496 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mpio.inf_f6a6d96f\mpio.sys 2015-03-19 12:29:42 82CEA0395524AACFEB58BA1448E8325C 114688 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2015-03-19 12:29:42 5457DCFA7C0DA43522F4D9D4049C1472 27112 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\msahci.sys 2015-03-19 12:29:41 ECD64230A59CBD93C85F1CD1CAB9F3F6 185856 ----a-w- C:\Windows\System32\drivers\netbt.sys 2015-03-19 12:29:41 818F648618AE34F729FDB47EC68345C3 121344 ----a-w- C:\Windows\System32\drivers\ndiswan.sys 2015-03-19 12:29:41 6A57B5733D4CB702C8EA4542E836B96C 48104 ----a-w- C:\Windows\System32\drivers\mup.sys 2015-03-19 12:29:41 1357274D1883F68300AEADD15D7BBB42 527848 ----a-w- C:\Windows\System32\drivers\ndis.sys 2015-03-19 12:29:41 063EE4D3CB88A14EAB9901875CEE98B1 223208 ----a-w- C:\Windows\System32\drivers\netio.sys 2015-03-19 12:29:40 B49456D70555DE905C311BCDA6EC6ADB 161752 ----a-w- C:\Windows\System32\drivers\msrpc.sys 2015-03-19 12:29:40 232FA340531D940AAC623B121A595034 180712 ----a-w- C:\Windows\System32\DriverStore\FileRepository\iscsi.inf_7cf731e4\msiscsi.sys 2015-03-19 12:29:40 232FA340531D940AAC623B121A595034 180712 ----a-w- C:\Windows\System32\drivers\msiscsi.sys 2015-03-19 12:29:38 4B9C0F4D4A3ACC535F9771039ECD6365 64512 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ipmidrv.inf_a46ca46a\IPMIDrv.sys 2015-03-19 12:29:35 EF73C1E29FBE7B0FD0274BF4394E346A 149504 ----a-w- C:\Windows\System32\drivers\ks.sys 2015-03-19 12:29:35 EDE59EC70E25C24581ADD1FBEC7325F7 17408 ----a-w- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_f55d5e51\kbdhid.sys 2015-03-19 12:29:35 EDE59EC70E25C24581ADD1FBEC7325F7 17408 ----a-w- C:\Windows\System32\drivers\kbdhid.sys 2015-03-19 12:29:32 BE3DA31C191BC222D9AD503C5224F2AD 65536 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_72a6a3e5\USBSTOR.SYS 2015-03-19 12:29:32 BE3DA31C191BC222D9AD503C5224F2AD 65536 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2015-03-19 12:29:31 D575246188F63DE0ACCF6EAC5FB59E6A 27648 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mdmcpq.inf_a4839249\usbser.sys 2015-03-19 12:29:31 CE697FEE0D479290D89BEC80DFE793B7 19456 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2c537348\usbohci.sys 2015-03-19 12:29:31 A1C100A87D981AD0774FBC0B4B82E913 226304 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2c537348\usbport.sys 2015-03-19 12:29:31 A1C100A87D981AD0774FBC0B4B82E913 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys 2015-03-19 12:29:31 4A5C31E2C1646034E6A60EBA4C747FF6 33280 ----a-w- C:\Windows\System32\drivers\watchdog.sys 2015-03-19 12:29:30 23E41B834759917BFD6B9A0D625D0C28 292840 ----a-w- C:\Windows\System32\drivers\volmgrx.sys 2015-03-19 12:29:30 147281C01FCB1DF9252DE2A10D5E7093 226280 ----a-w- C:\Windows\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys 2015-03-19 12:29:30 147281C01FCB1DF9252DE2A10D5E7093 226280 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2015-03-19 12:29:28 676F4B665BDD8053EAA53AC1695B8074 31616 ----a-w- C:\Windows\System32\DriverStore\FileRepository\winusb.inf_c07c5ec4\winusb.sys 2015-03-19 12:29:28 65D1FF8AAFF4A7D8F787A290E5087816 19968 ----a-w- C:\Windows\System32\DriverStore\FileRepository\sti.inf_0bb72b9f\WSDScan.sys 2015-03-19 12:29:27 676F4B665BDD8053EAA53AC1695B8074 31616 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wceusbsh.inf_2fb04100\winusb.sys 2015-03-19 12:29:27 676F4B665BDD8053EAA53AC1695B8074 31616 ----a-w- C:\Windows\System32\DriverStore\FileRepository\transfercable.inf_9c53df5f\x86\winusb.sys 2015-03-19 12:29:26 70A92E46A2F459CDEDE3CA558CB26B6A 52992 ----a-w- C:\Windows\System32\drivers\stream.sys 2015-03-19 12:29:26 47E55AFE1ED1D5AFF09690DB226F4A7A 122344 ----a-w- C:\Windows\System32\drivers\Storport.sys 2015-03-19 12:29:25 BCDBB5CEA1E8AEA0FA353691EB003728 92918 ----a-w- C:\Windows\System32\slmgr.vbs 2015-03-19 12:29:25 7B75299A4D201D6A6533603D6914AB04 66560 ----a-w- C:\Windows\System32\drivers\smb.sys 2015-03-19 12:29:24 A7F8BAD9590ADDC425B4003E94780DFA 684032 ----a-w- C:\Windows\System32\drivers\spsys.sys 2015-03-19 12:29:23 D9728AF68C4C7693CB100B8441CBDEC6 226816 ----a-w- C:\Windows\System32\drivers\udfs.sys 2015-03-19 12:29:22 EAE017D3AA298374A1967B96C379C5AB 25856 ----a-w- C:\Windows\System32\drivers\USBCAMD2.sys 2015-03-19 12:29:22 D06F193F3E9CC3B356DF97F6A43C054A 25856 ----a-w- C:\Windows\System32\drivers\USBCAMD.sys 2015-03-19 12:29:22 830D5D8456B822C1247C1E59B4C464FA 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2015-03-19 12:29:22 79E96C23A97CE7B8F14D310DA2DB0C9B 39936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2c537348\usbehci.sys 2015-03-19 12:29:22 79E96C23A97CE7B8F14D310DA2DB0C9B 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2015-03-19 12:29:22 4673BBCB006AF60E7ABDDBE7A130BA42 196096 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2c537348\usbhub.sys 2015-03-19 12:29:22 4673BBCB006AF60E7ABDDBE7A130BA42 196096 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_e9aaaa78\usbhub.sys 2015-03-19 12:29:22 4673BBCB006AF60E7ABDDBE7A130BA42 196096 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2015-03-19 12:29:22 35C9095FA7076466AFBFC5B9EC4B779E 15872 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_e5fc9df6\usb8023x.sys 2015-03-19 12:29:22 35C9095FA7076466AFBFC5B9EC4B779E 15872 ----a-w- C:\Windows\System32\drivers\usb8023x.sys 2015-03-19 12:29:22 32DB9517628FF0D070682AAB61E688F0 73216 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdma_usb.inf_dc7189cc\USBAUDIO.sys 2015-03-19 12:29:22 32DB9517628FF0D070682AAB61E688F0 73216 ----a-w- C:\Windows\System32\drivers\USBAUDIO.sys 2015-03-19 12:29:22 32C068EAF37C92D7194EEE1FAA1E7853 30208 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbccid.inf_54511730\usbccid.sys 2015-03-19 12:29:18 76B06EB8A01FC8624D699E7045303E54 72192 ----a-w- C:\Windows\System32\drivers\tdx.sys 2015-03-19 12:29:18 3CAD38910468EAB9A6479E2F01DB43C7 53224 ----a-w- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\termdd.sys 2015-03-19 12:29:18 3CAD38910468EAB9A6479E2F01DB43C7 53224 ----a-w- C:\Windows\System32\drivers\termdd.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-643662380-161925641-3501711182-1000\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "SmpcSys"="C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe" "Facebook Update"="C:\Users\annick\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "Spotify Web Helper"="C:\Users\annick\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Twoo"="C:\Users\annick\AppData\Roaming\Massive Media\Twoo.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "Spotify"="C:\Users\annick\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "RtHDVCpl"="RtHDVCpl.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "CarboniteSetupLite"="C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe /preinstalled" "PCMAgent"="C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe" "CLMLServer"="C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe" "PlayMovie"="C:\Program Files\CyberLink\PlayMovie\PMVService.exe" "toolbar_eula_launcher"="C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" "AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY" "HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Skytel"="Skytel.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" "Windows Mobile-based device management"="%windir%\WindowsMobile\wmdSync.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "SmpcSys"="C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe" "Facebook Update"="C:\Users\annick\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "Spotify Web Helper"="C:\Users\annick\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Twoo"="C:\Users\annick\AppData\Roaming\Massive Media\Twoo.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "Spotify"="C:\Users\annick\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" ==== Startup Folders ====================== 2014-08-05 14:56:32 1797 ----a-w- C:\Users\annick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Deskjet 3070 B611 series.lnk 2013-05-17 11:20:02 1118 ----a-w- C:\Users\annick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2014-03-16 04:53:46 851 ----a-w- C:\Users\annick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [04/02/2015 20:49] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-643662380-161925641-3501711182-1000Core.job --a------ C:\Users\annick\AppData\Local\Facebook\Update\FacebookUpdate.exe [26/04/2013 12:41] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-643662380-161925641-3501711182-1000UA.job --a------ C:\Users\annick\AppData\Local\Facebook\Update\FacebookUpdate.exe [26/04/2013 12:41] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [11/09/2014 03:15] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [11/09/2014 03:15] C:\Windows\tasks\Recovery DVD Creator-annick.job --a------ C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe [04/02/2008 10:13] C:\Windows\tasks\Uitgebreide garantie-annick.job --a------ C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe [04/02/2008 10:13] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-643662380-161925641-3501711182-1000Core" [C:\Users\annick\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-643662380-161925641-3501711182-1000UA" [C:\Users\annick\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\HPCustParticipation HP Deskjet 3070 B611 series" ["C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe"] "C:\Windows\system32\tasks\Recovery DVD Creator-annick" [C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe] "C:\Windows\system32\tasks\Run RoboForm TaskBar Icon" [C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe] "C:\Windows\system32\tasks\Uitgebreide garantie-annick" [C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default user_pref("browser.search.defaultenginename", "AVG Secure Search"); user_pref("browser.search.selectedEngine", "AVG Secure Search"); user_pref("keyword.URL", "http://badoo.com/startpage/?source=bsb&q="); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [07/08/2014 16:21] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{B64D9B05-48E1-4CEB-BF58-E0643994E900}"="C:\Program Files\Common Files\DVDVideoSoft\plugins\ff" [22/04/2014 19:43] ==== Firefox Extensions ====================== ProfilePath: C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default - Belgium eID - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be - Undetermined - %ProfilePath%\extensions\trash - Yahoo Toolbar - %ProfilePath%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi - Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi ProfilePath: C:\Users\annick\AppData\Roaming\Thunderbird\Profiles\8bdce2e0.default - Test Pilot for Thunderbird - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default 98137411B9C632095F919E2CE70B288A - C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash BBF0479C2D30519A2E746D12CAE54B43 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U71 1ED046D972B98E0ADEC4D4D61BF37695 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.710.14 CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\annick\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin A850CDD9B02AD865A18FAE00A95B9D63 - C:\Users\annick\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 3CD19649B2C3023D65E67C056457A2BC - C:\Users\annick\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin CBFE3156904AB2D1A097F5E74A6C62F3 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat ==== Deleted Firefox Extensions ====================== C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\m66qcm8p.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} deleted ==== Chromium Look ====================== Google Chrome Version: 41.0.2272.89 (Up to date, latest Stable version: 41.0.2272.89) Google Slides - annick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - annick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - annick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - annick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo AVG Web TuneUp - annick\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn Google Search - annick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Tampermonkey - annick\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo Google Sheets - annick\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap AdBlock - annick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Google Wallet - annick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - annick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Docs - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\annick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully C:\Users\annick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully C:\Users\annick\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn deleted successfully C:\Users\annick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage deleted successfully C:\Users\annick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://mysearch.avg.com/?cid={88914AA8-140E-498F-A3D9-2ACCB51EB12E}&mid=e8468e90d50247d398aed16acdedc412-d8ed8e5173c28cbc299bfcedff6a950ecdeb6875&lang=nl&ds=AVG&coid=avgtbavg&cmpid=1214tb&pr=fr&d=2014-11-08 19:39:16&v=4.1.0.411&pid=wtu&sg=&sap=hp" "Default_Page_URL"="http://go.packardbell.com/?id=9503" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Search Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-643662380-161925641-3501711182-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-643662380-161925641-3501711182-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-643662380-161925641-3501711182-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-643662380-161925641-3501711182-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinThruster_is1 deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe" /preinstalled O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\CyberLink\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [Facebook Update] "C:\Users\annick\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\annick\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Twoo] "C:\Users\annick\AppData\Roaming\Massive Media\Twoo.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Spotify] "C:\Users\annick\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Inktwaarschuwingen controleren - HP Deskjet 3070 B611 series.lnk = ? O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: ZooskMessenger.lnk = C:\Program Files\ZooskMessenger\ZooskMessenger.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: PokerStars.be - {878AC5FC-BE78-4bae-896C-7F75B790A71E} - C:\Program Files\PokerStars.BE\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe ==== Empty IE Cache ====================== C:\Users\annick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\annick\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\annick\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\annick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\annick\AppData\Local\Mozilla\Firefox\Profiles\m66qcm8p.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\annick\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=834 folders=207 403239423 bytes) ==== Empty Temp Folders ====================== C:\Users\annick\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\TEMP\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\annick\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\annick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted ==== EOF on do 19/03/2015 at 15:48:09,39 ======================