Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by rwest on ma 18-01-2016 at 16:13:48,88. Microsoft Windows 10 Home 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\rwest\Downloads\zoek (6).exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-01-16-154525.log 110963 bytes C:\zoek-results2016-01-17-110205.log 109672 bytes ==== Empty Folders Check ====================== C:\Users\rwest\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update CCleaner Cyberlink PhotoDirector CyberLink Power Media Player 14 CyberLink PowerDirector 12 Energy Star Evernote v. 5.8.6 FrostWire 6.1.2 Google Chrome Google Photos Backup Google Update Helper herdProtect Anti-Malware Scanner HP Customer Experience Enhancements HP Deskjet 2540 series Basissoftware van het apparaat HP Deskjet 2540 series Help HP Documentation HP ePrint Windows Driver HP ESU for Microsoft Windows 10 HP PC Hardware Diagnostics UEFI HP Recovery Manager HP Registration Service HP Support Assistant HP Support Information HP Support Solutions Framework HP Update HP Welcome Intel(R) Chipset Device Software Intel(R) Management Engine Components Intel(R) ME UninstallLegacy Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Intel© Security Assist Intel© Trusted Connect Service Client IObit Uninstaller iTunes Malwarebytes Anti-Malware versie 2.2.0.1024 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Mozilla Maintenance Service Mozilla Thunderbird 38.4.0 (x86 nl) Mozilla Thunderbird 38.5.1 (x86 nl) OpenOffice 4.1.2 Panda Devices Agent Panda Free Antivirus Panda Security Toolbar Picasa 3 Productverbeteringsonderzoek voor HP Deskjet 2540 series Realtek Card Reader Realtek Ethernet Controller Driver Realtek High Definition Audio Driver REALTEK Wireless LAN Driver Secunia PSI (3.0.0.11003) Software voor Intel© Chipset-apparaten ==== Running Processes ====================== C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Secunia\PSI\PSIA.exe C:\Program Files (x86)\Secunia\PSI\sua.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Users\rwest\Downloads\zoek (6).exe C:\windows\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-1120304455-756585421-3900323258-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 9"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 9"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~3\ProductData deleted "C:\windows\tasks\ASC9_SkipUac_rwest.job" deleted "C:\windows\SysNative\tasks\ASC9_SkipUac_rwest" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\CPUIDInterface.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\datastate.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\HomepageSvc.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\madbasic_.bpl" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\maddisAsm_.bpl" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\madexcept_.bpl" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\rtl120.bpl" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\sqlite3.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\taskmgr.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\vcl120.bpl" deleted "C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe" deleted "C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare" not deleted "C:\Program Files (x86)\IObit\LiveUpdate" not deleted "C:\found.000" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8119 MB CPU Info: Intel(R) Core(TM) i5-4460S CPU @ 2.90GHz CPU Speed: 2933,6 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller | Microsoft Wi-Fi Direct Virtual Adapter | Realtek RTL8188EE 802.11 bgn Wi-Fi Adapter CD / DVD Drives: 1x (E: | ) E: hp DVDRAM GUB0N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 918,9GB | D: 11,3GB Hard Disks - Free: C: 846,9GB | D: 1,5GB Manufacturer *: AMI BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: HP 2B2C Country: Nederland Language: NLD ==== System Specs (Software) ====================== Internet Explorer Version: 11.0.10240.16644 Google Chrome version: 47.0.2526.111 ==== Files Recently Created / Modified ====================== ====== C:\windows ==== 2016-01-13 19:27:58 986BC1A9E29A9E35C1D10D874616ACBB 215040 ----a-w- C:\windows\notepad.exe 2016-01-13 19:27:42 D2EAEC106F183572317AF7D68E381063 4532304 ----a-w- C:\windows\explorer.exe 2016-01-06 19:16:49 B9911ED0107A8CD40CB1DAD2AF1B3B9B 888714829 ----a-w- C:\windows\MEMORY.DMP ====== C:\Users\rwest\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\windows\SysWOW64 ===== 2016-01-18 12:25:26 BF99EBCE70D6BFB6D4A2443FBB477E8D 826872 ----a-w- C:\windows\SysWOW64\FlashPlayerApp.exe 2016-01-18 12:25:26 291C2573A59D78D5C277A422F863CC1C 176632 ----a-w- C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-01-13 19:36:02 EDD400CC92C6D43F98D3D3AFC97C2559 451072 ----a-w- C:\windows\SysWOW64\ISSRemoveSP.exe 2016-01-13 19:28:53 F2A08BAE593A8270767ABA6BAADC634E 100712 ----a-w- C:\windows\SysWOW64\MP3DMOD.DLL 2016-01-13 19:28:53 DAF8197B2944323EFDF15ED32A055D72 2445128 ----a-w- C:\windows\SysWOW64\msmpeg2vdec.dll 2016-01-13 19:28:53 BE152AA70B19D10253946DBC3A75547C 882208 ----a-w- C:\windows\SysWOW64\msmpeg2adec.dll 2016-01-13 19:28:52 EE04BA6667EC970382AEB544F1D89283 1918976 ----a-w- C:\windows\SysWOW64\MFMediaEngine.dll 2016-01-13 19:28:52 BBF8ACF14694C6E2DA08CA22E7C544A4 961376 ----a-w- C:\windows\SysWOW64\LicenseManager.dll 2016-01-13 19:28:52 9C9A14B66C06930A4FA8B654D5A1B2AE 1233920 ----a-w- C:\windows\SysWOW64\Windows.Globalization.dll 2016-01-13 19:28:52 7E2330319E458B0406F16BF47D0F5FCA 373760 ----a-w- C:\windows\SysWOW64\schannel.dll 2016-01-13 19:28:50 5C3D6ECECE28FA7883E44C8D89ED1933 37376 ----a-w- C:\windows\SysWOW64\atmlib.dll 2016-01-13 19:28:45 C1B5BE074E1D85D4C1267B9678F9669D 139776 ----a-w- C:\windows\SysWOW64\shacct.dll 2016-01-13 19:28:44 D6BF254925FD35955C99F402F8DF4773 20858360 ----a-w- C:\windows\SysWOW64\shell32.dll 2016-01-13 19:28:43 C9471462610302402FF9BB0B09DB9177 650240 ----a-w- C:\windows\SysWOW64\jscript.dll 2016-01-13 19:28:43 84F33EA9B82044505ACFCAE15C762628 5454848 ----a-w- C:\windows\SysWOW64\Chakra.dll 2016-01-13 19:28:43 4832BCF076EC1B88B0F3D47DEDB5C20F 3580416 ----a-w- C:\windows\SysWOW64\jscript9.dll 2016-01-13 19:28:43 0B3FBB0539891F7177C3B98D6A141214 503296 ----a-w- C:\windows\SysWOW64\vbscript.dll 2016-01-13 19:28:42 77BFF88DF139AEB20BE0F5AB7737A981 13027840 ----a-w- C:\windows\SysWOW64\Windows.UI.Xaml.dll 2016-01-13 19:28:42 091F53D3D8FEDA2AB02018A18795B337 19324928 ----a-w- C:\windows\SysWOW64\mshtml.dll 2016-01-13 19:28:41 86F1A25E25A85F1809DAD3FC7880ACDF 18802176 ----a-w- C:\windows\SysWOW64\edgehtml.dll 2016-01-13 19:28:41 35E89DA499A3A12E5ACB4A195BF289EC 6878256 ----a-w- C:\windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-01-13 19:28:40 55863B7FF7119A11BD802DE7A82485A2 11263488 ----a-w- C:\windows\SysWOW64\ieframe.dll 2016-01-13 19:28:33 16271541E6C89AC46316DC276DF33C76 2639872 ----a-w- C:\windows\SysWOW64\esent.dll 2016-01-13 19:28:31 F4E25F21AC509AEE3617E9DBA086318E 434376 ----a-w- C:\windows\SysWOW64\MFCaptureEngine.dll 2016-01-13 19:28:31 E856065895D1133F5457BCDB4452A8D3 74880 ----a-w- C:\windows\SysWOW64\remoteaudioendpoint.dll 2016-01-13 19:28:31 A99EE78ACD9BE40C2A4D3097E382643C 82096 ----a-w- C:\windows\SysWOW64\devenum.dll 2016-01-13 19:28:31 6A59054B30BBBEF05521921E895D16A4 188032 ----a-w- C:\windows\SysWOW64\COLORCNV.DLL 2016-01-13 19:28:31 66014F80D37AFEF646DA614D68407AB2 305776 ----a-w- C:\windows\SysWOW64\WMVSDECD.DLL 2016-01-13 19:28:30 B0409CEF7BBF488D3F07FBC36DAE34FF 2459096 ----a-w- C:\windows\SysWOW64\WMVDECOD.DLL 2016-01-13 19:28:30 75D499303F9334780DDC00EEB15AFA99 368776 ----a-w- C:\windows\SysWOW64\MP4SDECD.DLL 2016-01-13 19:28:30 5BDB3DD749FD6EE9B51FA452AD896545 695752 ----a-w- C:\windows\SysWOW64\WMADMOD.DLL 2016-01-13 19:28:29 DC7C56F01B96CA5FDB99D241D4E067FC 311808 ----a-w- C:\windows\SysWOW64\AppXDeploymentClient.dll 2016-01-13 19:28:29 C637D94084069A10759E53F79D5DC4C5 899584 ----a-w- C:\windows\SysWOW64\RemoteNaturalLanguage.dll 2016-01-13 19:28:27 A1B94C8C5C9DD2780B83C7435EE18BED 1997336 ----a-w- C:\windows\SysWOW64\msxml6.dll 2016-01-13 19:28:27 6A8F5939B9C3170BEB4FF010F5054ED0 2879024 ----a-w- C:\windows\SysWOW64\iertutil.dll 2016-01-13 19:28:26 FB3B46B0FFCEDEED7BB5E74D82895118 1171456 ----a-w- C:\windows\SysWOW64\netcenter.dll 2016-01-13 19:28:26 EB010C82D907969FC3A396EE16DB1A44 2152744 ----a-w- C:\windows\SysWOW64\mfcore.dll 2016-01-13 19:28:26 CC3CDF714B78257E6CF2ED45A1EA1CD9 208688 ----a-w- C:\windows\SysWOW64\mftranscode.dll 2016-01-13 19:28:26 4B7EC905DF02BBBFDDD725EE98D6535C 658528 ----a-w- C:\windows\SysWOW64\mfds.dll 2016-01-13 19:28:26 3277E503E6EA72D19CDC16501FD151BA 5120056 ----a-w- C:\windows\SysWOW64\windows.storage.dll 2016-01-13 19:28:25 C662282B95220AD700D9B93A39702A25 409088 ----a-w- C:\windows\SysWOW64\WMVSENCD.DLL 2016-01-13 19:28:25 98CC3506DFADE0A3C9353E953F0891BD 747008 ----a-w- C:\windows\SysWOW64\WMVXENCD.DLL 2016-01-13 19:28:25 6C74B225F2EC7A49DD6F78B7072A5C42 1532984 ----a-w- C:\windows\SysWOW64\ntdll.dll 2016-01-13 19:28:24 7A471C2688C5D864A049C4F2074413E7 107952 ----a-w- C:\windows\SysWOW64\VIDRESZR.DLL 2016-01-13 19:28:24 2813D33FD11FF4E6666A394011D83B3B 2162064 ----a-w- C:\windows\SysWOW64\WMVENCOD.DLL 2016-01-13 19:28:24 1B9D79C58A2087A7C855559AAAF4BAEF 72808 ----a-w- C:\windows\SysWOW64\mfvdsp.dll 2016-01-13 19:28:19 E2EFED5C9E4BF8EC6F35CF63CA5B589F 1594368 ----a-w- C:\windows\SysWOW64\msxml3.dll 2016-01-13 19:28:19 C15E2900919126DCE4C2A927D3D45158 464896 ----a-w- C:\windows\SysWOW64\Windows.UI.dll 2016-01-13 19:28:19 BCCB55B18CE7054BA288FFEB27BA6F54 1766952 ----a-w- C:\windows\SysWOW64\CoreUIComponents.dll 2016-01-13 19:28:19 8D59581B205692ABC762603D7770E7E4 1541632 ----a-w- C:\windows\SysWOW64\quartz.dll 2016-01-13 19:28:19 356C54031E21C4790E6C81CDA26F9E0A 1467392 ----a-w- C:\windows\SysWOW64\GdiPlus.dll 2016-01-13 19:28:19 2AB0D2CB00F9F088705F492F7683907D 563200 ----a-w- C:\windows\SysWOW64\qdvd.dll 2016-01-13 19:28:19 2986B2B617DD50857FC614B64E9BE1F9 2647040 ----a-w- C:\windows\SysWOW64\Windows.Media.dll 2016-01-13 19:28:18 8AFE3CEAF287F9204FC1363A8F2A9B95 1328128 ----a-w- C:\windows\SysWOW64\comsvcs.dll 2016-01-13 19:28:18 820C0126D90810B78F5417767DA4F487 1593344 ----a-w- C:\windows\SysWOW64\dwmcore.dll 2016-01-13 19:28:18 5C74B92851352C5DCDD66C59BBE392F6 1442816 ----a-w- C:\windows\SysWOW64\SRHInproc.dll 2016-01-13 19:28:18 2DA15A53E965A27A3D5CF99E3CCC430A 6101504 ----a-w- C:\windows\SysWOW64\mos.dll 2016-01-13 19:28:18 08D6065A1D6D007C77A688271D915B00 5079552 ----a-w- C:\windows\SysWOW64\BingMaps.dll 2016-01-13 19:28:16 99CEBD54809E76C9CD1839B0492CCF5E 1895568 ----a-w- C:\windows\SysWOW64\hevcdecoder.dll 2016-01-13 19:28:16 776339B81E632F579AB1EC6EE503A9C0 58368 ----a-w- C:\windows\SysWOW64\usoapi.dll 2016-01-13 19:28:16 14B2B40AF5DAE0AD8057341F54FEF9EC 81920 ----a-w- C:\windows\SysWOW64\VEDataLayerHelpers.dll 2016-01-13 19:28:16 037908D9C8C689490978BFF72532A361 195072 ----a-w- C:\windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2016-01-13 19:28:15 F2BCE0CF75943E18852148B2875F632B 41472 ----a-w- C:\windows\SysWOW64\Windows.Speech.Pal.dll 2016-01-13 19:28:15 EE8FDC90138DD93AA6B1ECA831D9D3CE 1162240 ----a-w- C:\windows\SysWOW64\Windows.Media.Speech.dll 2016-01-13 19:28:15 DFAE92F5EF58FF29E81D951B2BDF45B8 1104384 ----a-w- C:\windows\SysWOW64\UIAutomationCore.dll 2016-01-13 19:28:15 8E853D8DDA2BBD4F3A8B7096085E765B 1070080 ----a-w- C:\windows\SysWOW64\WMSPDMOE.DLL 2016-01-13 19:28:15 74C8E141400F3B4CE12EE0E657FD91C9 1310880 ----a-w- C:\windows\SysWOW64\user32.dll 2016-01-13 19:28:15 3504A001D694E685EB2579164C514FB4 2153984 ----a-w- C:\windows\SysWOW64\authui.dll 2016-01-13 19:28:15 1B102F53BD7209D712BBE96E9FAA32CA 313856 ----a-w- C:\windows\SysWOW64\LockAppBroker.dll 2016-01-13 19:28:15 13FA2626268E7F522B9750CDCB7039D2 696192 ----a-w- C:\windows\SysWOW64\WMADMOE.DLL 2016-01-13 19:28:13 71C33FA1180F55803CC312BE73835AEE 1106872 ----a-w- C:\windows\SysWOW64\mfnetsrc.dll 2016-01-13 19:28:13 4595DE3C22C4B313A21AFB2C0E21688E 714808 ----a-w- C:\windows\SysWOW64\mfnetcore.dll 2016-01-13 19:28:12 10BD43B952C7A59D31EA976566B624E6 767488 ----a-w- C:\windows\SysWOW64\kerberos.dll 2016-01-13 19:28:11 FD47D5526827398C371D100284664078 2049536 ----a-w- C:\windows\SysWOW64\Windows.StateRepository.dll 2016-01-13 19:28:11 4BAFAEEFDF9577A1B37EB6F14898F702 890880 ----a-w- C:\windows\SysWOW64\WMSPDMOD.DLL 2016-01-13 19:28:10 9738D0610EAAD6CE104DFB81AFEDAFDE 786432 ----a-w- C:\windows\SysWOW64\Magnify.exe 2016-01-13 19:28:10 20311DEFD7B8A7D2AB5D5DDAFF505754 774656 ----a-w- C:\windows\SysWOW64\SRH.dll 2016-01-13 19:28:09 ACA6C8CC89A43F3BABF276662716023D 2748416 ----a-w- C:\windows\SysWOW64\tquery.dll 2016-01-13 19:28:09 A818674D5F9B67BA4BA9B67434AAAF3B 635312 ----a-w- C:\windows\SysWOW64\evr.dll 2016-01-13 19:28:09 3CABA2E1C6B0F3906F03C97A42359896 645144 ----a-w- C:\windows\SysWOW64\mfsvr.dll 2016-01-13 19:28:08 CD08AC88BF5133AB5376A519C1F14643 871936 ----a-w- C:\windows\SysWOW64\MSMPEG2ENC.DLL 2016-01-13 19:28:07 72262CB79DA833B4DCBFBCDD7C752B1A 1964544 ----a-w- C:\windows\SysWOW64\mssrch.dll 2016-01-13 19:28:06 6EF1F91D387CF337E347722738AA6894 497896 ----a-w- C:\windows\SysWOW64\advapi32.dll 2016-01-13 19:28:06 4F5230393F48421846F1EEC44F98148B 539728 ----a-w- C:\windows\SysWOW64\fontdrvhost.exe 2016-01-13 19:28:06 2FA6AE2352567748CD332B2529756EC6 303104 ----a-w- C:\windows\SysWOW64\atmfd.dll 2016-01-13 19:28:05 DB5CA5EDC2BE901451DD7C240F69721B 404992 ----a-w- C:\windows\SysWOW64\MFWMAAEC.DLL 2016-01-13 19:28:05 683BACDA104CABCCB8852CA24A03A964 573440 ----a-w- C:\windows\SysWOW64\qedit.dll 2016-01-13 19:28:04 E0F11A1D1C7482BBD76448E6FD3AA327 454512 ----a-w- C:\windows\SysWOW64\directmanipulation.dll 2016-01-13 19:28:04 99F56FA8CC016E026C38D4CC338B0A15 762888 ----a-w- C:\windows\SysWOW64\twinapi.appcore.dll 2016-01-13 19:28:04 73FC0143E518D8DB7AFE9675F4AF8063 2207232 ----a-w- C:\windows\SysWOW64\wininet.dll 2016-01-13 19:28:04 63900F897A025DDFE83737A260C250A5 371712 ----a-w- C:\windows\SysWOW64\OneDriveSettingSyncProvider.dll 2016-01-13 19:28:04 258A4F9A2C91C6C6E36775CDCCB4AFE1 441168 ----a-w- C:\windows\SysWOW64\SettingSyncHost.exe 2016-01-13 19:28:03 F65307E09D4807EDE95D1016CAF42DAD 587264 ----a-w- C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll 2016-01-13 19:28:03 A5E98AB07AE94407058A4224F2A9504A 1226752 ----a-w- C:\windows\SysWOW64\wcnwiz.dll 2016-01-13 19:28:03 7EFF73E0CF886F43B0ABF9921189857E 95744 ----a-w- C:\windows\SysWOW64\fdWCN.dll 2016-01-13 19:28:03 471921FC25E6EC0AA5755C78DD9F7C4E 613376 ----a-w- C:\windows\SysWOW64\TokenBroker.dll 2016-01-13 19:28:03 2A28095B1C625D3DE3C25E6696AC4504 100352 ----a-w- C:\windows\SysWOW64\WcnApi.dll 2016-01-13 19:28:02 EBD8D48F8EF7E7BDCEEB176CAB1033E3 37376 ----a-w- C:\windows\SysWOW64\wfdprov.dll 2016-01-13 19:28:02 B9573AE51518377CC31D9F3C92839298 441344 ----a-w- C:\windows\SysWOW64\dlnashext.dll 2016-01-13 19:28:02 B4308481535382A5B61340A2214E91AD 474624 ----a-w- C:\windows\SysWOW64\ieui.dll 2016-01-13 19:28:02 9E604C522EC89CA6D7DD22BE94985359 415744 ----a-w- C:\windows\SysWOW64\catsrvut.dll 2016-01-13 19:28:02 7E4A5580F1A7EEB3F235429D857100DD 296960 ----a-w- C:\windows\SysWOW64\ninput.dll 2016-01-13 19:28:02 5DAAAF8A272B9C8975C444298B5D41EF 480768 ----a-w- C:\windows\SysWOW64\duser.dll 2016-01-13 19:28:01 5DEB6066C1F5D2F07002BF59BA57E2A0 556032 ----a-w- C:\windows\SysWOW64\mfh264enc.dll 2016-01-13 19:28:01 223F4A196FEDDC45F431D79B833521E6 484352 ----a-w- C:\windows\SysWOW64\SettingSync.dll 2016-01-13 19:27:59 E8192A23618BCEDE02446F491CB70BDB 42496 ----a-w- C:\windows\SysWOW64\tetheringclient.dll 2016-01-13 19:27:59 8228A523B9FF392936554EE5F223F05B 1823232 ----a-w- C:\windows\SysWOW64\InputService.dll 2016-01-13 19:27:59 62C4E525EE16D6224D746A8488CD657E 752640 ----a-w- C:\windows\SysWOW64\msctfuimanager.dll 2016-01-13 19:27:59 50A3C0D8655F5ACFE4320FB207A098F1 1985024 ----a-w- C:\windows\SysWOW64\DWrite.dll 2016-01-13 19:27:59 404A006C387E4F19B4DAB664144B8520 671232 ----a-w- C:\windows\SysWOW64\MbaeApiPublic.dll 2016-01-13 19:27:59 3C9FDBB0963B18C9D60B54F8AF81DF11 268800 ----a-w- C:\windows\SysWOW64\ncryptprov.dll 2016-01-13 19:27:59 248521A186986B67107808EB4F3E01E7 232896 ----a-w- C:\windows\SysWOW64\RESAMPLEDMO.DLL 2016-01-13 19:27:59 00682184457B97EDA4C0C157331A7495 454656 ----a-w- C:\windows\SysWOW64\MbaeApi.dll 2016-01-13 19:27:58 9E590FA5A1BF50F2E7B7005244F8D31D 574464 ----a-w- C:\windows\SysWOW64\Chakradiag.dll 2016-01-13 19:27:58 9AA440F8F580C573D0F2732DA6ECB87A 207872 ----a-w- C:\windows\SysWOW64\notepad.exe 2016-01-13 19:27:57 80D2AE15F53154CEE71C9E3C131FBB9B 407608 ----a-w- C:\windows\SysWOW64\AudioSes.dll 2016-01-13 19:27:57 78FBC37D02A39402B685B7E95A83EFE8 428128 ----a-w- C:\windows\SysWOW64\WWanAPI.dll 2016-01-13 19:27:56 9157489ABA83D6FEAAAEC8E3F79714E8 928256 ----a-w- C:\windows\SysWOW64\Unistore.dll 2016-01-13 19:27:55 FABFF0AA6B503B960BBCBCC7CF00350B 195584 ----a-w- C:\windows\SysWOW64\PackageStateRoaming.dll 2016-01-13 19:27:55 A429ED80A03D29F43E99A08CA76E3CFD 1612288 ----a-w- C:\windows\SysWOW64\Windows.UI.Immersive.dll 2016-01-13 19:27:55 7CDC13C04C1038D6143B64CD2321B1F0 274432 ----a-w- C:\windows\SysWOW64\NetSetupShim.dll 2016-01-13 19:27:55 7763184B73CB778EE9601555A7C42901 235008 ----a-w- C:\windows\SysWOW64\ksproxy.ax 2016-01-13 19:27:55 6740B4C8B8B3474F086B8AEBDE4861D8 217088 ----a-w- C:\windows\SysWOW64\VEEventDispatcher.dll 2016-01-13 19:27:55 5036F8014556AAAA662A672F3D58F04C 261632 ----a-w- C:\windows\SysWOW64\ActionCenter.dll 2016-01-13 19:27:55 40258BC35D16DFCDC0D7B7E04C75EDFD 278424 ----a-w- C:\windows\SysWOW64\MP43DECD.DLL 2016-01-13 19:27:55 0C5FE5EB83BD4C4F3ACF7A08821FC0D5 277400 ----a-w- C:\windows\SysWOW64\MPG4DECD.DLL 2016-01-13 19:27:54 F69835A120E9627327ECE984D2AC87EA 828928 ----a-w- C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll 2016-01-13 19:27:54 DF3F02FA4AEB7064FAC76D2E31BE4DC4 311296 ----a-w- C:\windows\SysWOW64\Windows.Devices.Usb.dll 2016-01-13 19:27:54 C5FBD8DDCD35F7F1242F3587681A2654 193024 ----a-w- C:\windows\SysWOW64\Windows.Internal.Management.dll 2016-01-13 19:27:54 7AF34E43DE496A316DD096AEBDE2492A 268800 ----a-w- C:\windows\SysWOW64\NotificationObjFactory.dll 2016-01-13 19:27:54 0607E8B28F78AD418D6C0D74203FFA79 749568 ----a-w- C:\windows\SysWOW64\comdlg32.dll 2016-01-13 19:27:53 EFCBA793DF8E9E96528CC8586F7A885C 33280 ----a-w- C:\windows\SysWOW64\usermgrcli.dll 2016-01-13 19:27:53 BE91839AB726C995AFF389AA298F9332 494592 ----a-w- C:\windows\SysWOW64\LogonController.dll 2016-01-13 19:27:53 B81FC272B92CE1A7542EECF1416D17B9 579584 ----a-w- C:\windows\SysWOW64\AppointmentApis.dll 2016-01-13 19:27:53 807178C85CF6375FAB2FE42395FE94D7 677888 ----a-w- C:\windows\SysWOW64\MapControlCore.dll 2016-01-13 19:27:53 685105400BCA64E0D19534A516F36454 625152 ----a-w- C:\windows\SysWOW64\ContactApis.dll 2016-01-13 19:27:53 4B5286A021D8CA64BABB07D7B9739AF4 512000 ----a-w- C:\windows\SysWOW64\CoreMessaging.dll 2016-01-13 19:27:53 2612D8C0CC6919E29D9239C7D1E96B30 159744 ----a-w- C:\windows\SysWOW64\UserMgrProxy.dll 2016-01-13 19:27:52 F38B52333E0C93A1C55323719103783B 1357888 ----a-w- C:\windows\SysWOW64\winmde.dll 2016-01-13 19:27:52 54DB5459A808BB03FDEA98325530B946 145920 ----a-w- C:\windows\SysWOW64\mdmregistration.dll 2016-01-13 19:27:52 29975419D8EE4827301777ECE10AF30F 1380864 ----a-w- C:\windows\SysWOW64\urlmon.dll 2016-01-13 19:27:51 60242DBD3FCFA6D4163B6C29D76295B7 336384 ----a-w- C:\windows\SysWOW64\CredProvDataModel.dll 2016-01-13 19:27:51 5F7ADEE18B15B9D629F9875C9604A696 557568 ----a-w- C:\windows\SysWOW64\ChatApis.dll 2016-01-13 19:27:50 D124F89BBDCFC24A04F159D913852DDC 701952 ----a-w- C:\windows\SysWOW64\JpMapControl.dll 2016-01-13 19:27:50 0C6AA21007BE1389A4D5C3772D7E262D 525312 ----a-w- C:\windows\SysWOW64\EmailApis.dll 2016-01-13 19:27:49 9944FF1EDD2D36AEC0DACCC85930A152 1365576 ----a-w- C:\windows\SysWOW64\gdi32.dll 2016-01-13 19:27:49 917C7C09612AD81BCF0C49007740DB4E 775312 ----a-w- C:\windows\SysWOW64\locale.nls 2016-01-13 19:27:48 E4A4BC49568745BDA44F293E3D29A910 466432 ----a-w- C:\windows\SysWOW64\MessagingDataModel2.dll 2016-01-13 19:27:48 53FC0EFBE44591CA16BE1A4309F689DC 253440 ----a-w- C:\windows\SysWOW64\SensorsApi.dll 2016-01-13 19:27:48 51DDB23BEB935F57C49166DCFEE10206 243800 ----a-w- C:\windows\SysWOW64\LockAppHost.exe 2016-01-13 19:27:48 39518661140BE931D676EF657E877048 131072 ----a-w- C:\windows\SysWOW64\CallHistoryClient.dll 2016-01-13 19:27:46 F8EC9D17DB30C1D8B3B7CBFF31161452 918320 ----a-w- C:\windows\SysWOW64\mfplat.dll 2016-01-13 19:27:46 981229E718319A9A01F7E740A8D855FD 700256 ----a-w- C:\windows\SysWOW64\WWAHost.exe 2016-01-13 19:27:46 1253135EC3029F79601EDCFF55ADC9FC 508248 ----a-w- C:\windows\SysWOW64\mf.dll 2016-01-13 19:27:44 CA4303787A36890CE6EE34DC1C993F3E 195584 ----a-w- C:\windows\SysWOW64\UserDataAccountApis.dll 2016-01-13 19:27:44 C09CA709007AB00D97A764422E9DB981 92992 ----a-w- C:\windows\SysWOW64\userenv.dll 2016-01-13 19:27:43 D055C7AC2514A999D8C636B39457B98B 172032 ----a-w- C:\windows\SysWOW64\PhoneCallHistoryApis.dll 2016-01-13 19:27:43 951D71B5D602745997A6DCBA33FC5358 280576 ----a-w- C:\windows\SysWOW64\SearchProtocolHost.exe 2016-01-13 19:27:43 45C650F31088C2820304CFA4A3D4F5FA 845664 ----a-w- C:\windows\SysWOW64\ReAgent.dll 2016-01-13 19:27:43 202A005B44B0E420D02E280F1AADFE71 116728 ----a-w- C:\windows\SysWOW64\mfps.dll 2016-01-13 19:27:42 E77F8B3D5750F4527A07E45AB6D44588 7168 ----a-w- C:\windows\SysWOW64\KBDAZE.DLL 2016-01-13 19:27:42 D0A5D8270FF8606D2B445C4359A8FCEB 328704 ----a-w- C:\windows\SysWOW64\MapConfiguration.dll 2016-01-13 19:27:42 95A776B86DC5268EB06679351B5D2F7D 131584 ----a-w- C:\windows\SysWOW64\Windows.UI.Core.TextInput.dll 2016-01-13 19:27:42 6BC30FC482A74A92CDDD59E882F18E63 7168 ----a-w- C:\windows\SysWOW64\kbdgeoqw.dll 2016-01-13 19:27:42 638747E5050BEB4F5DF9DDE8AC418296 473088 ----a-w- C:\windows\SysWOW64\wpnapps.dll 2016-01-13 19:27:42 4F74D237260EF8F19DB5AAAB2C3D19D2 53248 ----a-w- C:\windows\SysWOW64\profext.dll 2016-01-13 19:27:42 4EEB94F7E1ABAB5503EEFEA7F2394370 4047288 ----a-w- C:\windows\SysWOW64\explorer.exe 2016-01-13 19:27:42 45D3CA83474A46D74632700FACF17C90 7168 ----a-w- C:\windows\SysWOW64\KBDAZEL.DLL 2016-01-13 19:27:42 06A41A2D550BBF58552D3C02D0D20825 7168 ----a-w- C:\windows\SysWOW64\KBDAZST.DLL 2016-01-13 19:27:42 011A8CA5E2B3399EB0D893587B830C6B 420352 ----a-w- C:\windows\SysWOW64\GamePanel.exe 2016-01-13 19:27:41 435EE3E7A2EB0274E5C976A0B3773CA7 162304 ----a-w- C:\windows\SysWOW64\ReInfo.dll ====== C:\windows\SysWOW64\drivers ===== 2015-12-22 19:50:42 E5805896A55D4166C20F216249F40FA3 26528 ----a-w- C:\windows\SysWOW64\drivers\HWiNFO64A.SYS ====== C:\windows\Sysnative ===== 2016-01-18 15:09:17 84BB403A69D877CD9D61664B2865B442 16148 ----a-w- C:\windows\Sysnative\DESKTOP-F4AGI8L_rwest_HistoryPrediction.bin 2016-01-18 12:30:45 5C5A797761421CF9B72087F3BC8A5259 180 ----a-w- C:\windows\Sysnative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-01-13 19:37:29 4DE599F49C7862C9691EE7843E216F4C 143671360 ----a-w- C:\windows\Sysnative\MRT.exe 2016-01-13 19:36:15 EFEEF71514FA0414382A1647A5E3BE53 1146072 ----a-w- C:\windows\Sysnative\Rtlihvs.dll 2016-01-13 19:28:53 CF2D0CD826F0BBC8F1150122720D2A9C 119800 ----a-w- C:\windows\Sysnative\MP3DMOD.DLL 2016-01-13 19:28:53 9F2AB116293D0799BA44E27A810C26F0 1063504 ----a-w- C:\windows\Sysnative\msmpeg2adec.dll 2016-01-13 19:28:53 7128D19C04882CEEABB5F48ACD05B159 2824248 ----a-w- C:\windows\Sysnative\msmpeg2vdec.dll 2016-01-13 19:28:52 C7503A49364DB2AF7A7DE177B233081F 1844736 ----a-w- C:\windows\Sysnative\workfolderssvc.dll 2016-01-13 19:28:52 C66E058599A44E0EEA95B3E0547345D2 30208 ----a-w- C:\windows\Sysnative\syncmlhook.dll 2016-01-13 19:28:52 98986780B8D494326D28DCAB6D601450 154624 ----a-w- C:\windows\Sysnative\dmcertinst.exe 2016-01-13 19:28:52 901350B41D1262A95B5D907BD95A4145 642560 ----a-w- C:\windows\Sysnative\rdbui.dll 2016-01-13 19:28:52 88E6A429944544346EC3AE1FD7D24BCC 149504 ----a-w- C:\windows\Sysnative\tetheringservice.dll 2016-01-13 19:28:52 7DDB731AD3E9F9F91D62E991BD52814F 79872 ----a-w- C:\windows\Sysnative\HttpsDataSource.dll 2016-01-13 19:28:52 78FEDDED673167515E77B9BD35B13B3D 137216 ----a-w- C:\windows\Sysnative\LocationPermissions.dll 2016-01-13 19:28:52 7143FF944C20AB5C6D4485A0469F2797 115712 ----a-w- C:\windows\Sysnative\MbaeParserTask.exe 2016-01-13 19:28:52 59BD4C7EC035B59B77A7D9CE71F1B9AE 1276416 ----a-w- C:\windows\Sysnative\wifinetworkmanager.dll 2016-01-13 19:28:52 562078FF6ED0C2B1C09078343437D03E 168960 ----a-w- C:\windows\Sysnative\mdmmigrator.dll 2016-01-13 19:28:52 513A8EF909DFCDD872E60A0EA03FEAAB 52224 ----a-w- C:\windows\Sysnative\tetheringclient.dll 2016-01-13 19:28:52 4A54273338073939384A14BF0D7AFC14 88064 ----a-w- C:\windows\Sysnative\ngckeyenum.dll 2016-01-13 19:28:52 321A2022926841273CD8D6B9BFE68D05 1383424 ----a-w- C:\windows\Sysnative\win32kbase.sys 2016-01-13 19:28:51 D5B31B2F14848015C211F1D674A82F3A 1106432 ----a-w- C:\windows\Sysnative\sysmain.dll 2016-01-13 19:28:51 9E5E7D977A316EE3BBD4F44903EC954B 4792320 ----a-w- C:\windows\Sysnative\jscript9.dll 2016-01-13 19:28:51 754BC3E56FF301B9EE8A764932D02124 513536 ----a-w- C:\windows\Sysnative\ngcsvc.dll 2016-01-13 19:28:51 0968D575D9108497A6DC37749D4A6C4F 2093056 ----a-w- C:\windows\Sysnative\wlidsvc.dll 2016-01-13 19:28:50 8C7CCD8D67C1E4A3E5A5EEED3320AC08 32768 ----a-w- C:\windows\Sysnative\wuautoappupdate.dll 2016-01-13 19:28:50 6300722E8527EC54D426FD00EE5196B2 1068032 ----a-w- C:\windows\Sysnative\audiosrv.dll 2016-01-13 19:28:50 4D3F2E7C2F83DFAF19F8060E1FD6C5A8 3588096 ----a-w- C:\windows\Sysnative\win32kfull.sys 2016-01-13 19:28:50 3A4A543F135DE9A06ABA9DF982D79DD7 526336 ----a-w- C:\windows\Sysnative\bisrv.dll 2016-01-13 19:28:50 19C4F8570B675E940CFFA9DB25CBDA05 2418688 ----a-w- C:\windows\Sysnative\MFMediaEngine.dll 2016-01-13 19:28:50 19C0D0D0960E242E1FE052C3F2CA7EC1 455168 ----a-w- C:\windows\Sysnative\schannel.dll 2016-01-13 19:28:49 ECA28C8F0FF34A2BD8311CBA2D35B143 121856 ----a-w- C:\windows\Sysnative\dmcsps.dll 2016-01-13 19:28:49 E2AE190B76C27430E4E8258D0C44C79B 317440 ----a-w- C:\windows\Sysnative\configmanager2.dll 2016-01-13 19:28:49 DAFEABE69E915A2374E13C6B24EF331F 690688 ----a-w- C:\windows\Sysnative\CellularAPI.dll 2016-01-13 19:28:49 D23F211E1AA0787EFEC373D172D4A1C2 1181696 ----a-w- C:\windows\Sysnative\wwansvc.dll 2016-01-13 19:28:49 A5B7CAFA0327BCBC2FC6F1C9F95191CA 342016 ----a-w- C:\windows\Sysnative\LocationGeofences.dll 2016-01-13 19:28:49 63CCD4D03566A23A26E00A85452B7816 1392480 ----a-w- C:\windows\Sysnative\LicenseManager.dll 2016-01-13 19:28:49 14503C58C1528D83FB2328840784EC78 621056 ----a-w- C:\windows\Sysnative\enterprisecsps.dll 2016-01-13 19:28:48 F2F08F34BC90048420D51D6574F29492 7523840 ----a-w- C:\windows\Sysnative\Chakra.dll 2016-01-13 19:28:48 F04659446D46718E38B3586371720218 1569280 ----a-w- C:\windows\Sysnative\Windows.Globalization.dll 2016-01-13 19:28:47 C9B6A1DF4767507904C65654725372ED 45568 ----a-w- C:\windows\Sysnative\atmlib.dll 2016-01-13 19:28:47 B70FF53144AC4B3C7D98BFB7D7C239BD 2236416 ----a-w- C:\windows\Sysnative\wuaueng.dll 2016-01-13 19:28:47 6187FA436627F9F694AFE1B805B21F5C 21873152 ----a-w- C:\windows\Sysnative\edgehtml.dll 2016-01-13 19:28:47 551C41C9508BF7117A56FC429D5B6534 8022368 ----a-w- C:\windows\Sysnative\ntoskrnl.exe 2016-01-13 19:28:47 0A2D0D9A0329B9C46F5D793DB51A15C7 1234944 ----a-w- C:\windows\Sysnative\aitstatic.exe 2016-01-13 19:28:46 BD962F6BBE51AD778F77260B8036C804 24592896 ----a-w- C:\windows\Sysnative\mshtml.dll 2016-01-13 19:28:46 212E5C2C279835CBFEBF935EB0E7EC5D 16708608 ----a-w- C:\windows\Sysnative\Windows.UI.Xaml.dll 2016-01-13 19:28:45 CF2B0ADDBA61B3B9FA339118FC742032 1812480 ----a-w- C:\windows\Sysnative\pnidui.dll 2016-01-13 19:28:45 B1622CB61E1C2166C0DEADBCDA611378 541024 ----a-w- C:\windows\Sysnative\mcupdate_GenuineIntel.dll 2016-01-13 19:28:45 2481E9E8858AD0A223FA3110916EF0C1 6572032 ----a-w- C:\windows\Sysnative\wwanmm.dll 2016-01-13 19:28:45 1E4B6E4DB127F1964166B458060C4223 184320 ----a-w- C:\windows\Sysnative\shacct.dll 2016-01-13 19:28:44 DA32F9BFA7851AD4247353EA03755DE6 578560 ----a-w- C:\windows\Sysnative\winlogon.exe 2016-01-13 19:28:44 C397F52BD6B482E6E33B065267680A87 8613200 ----a-w- C:\windows\Sysnative\Windows.Media.Protection.PlayReady.dll 2016-01-13 19:28:44 547D2BC05916E97FC8F48CB22DD1CFA1 22322624 ----a-w- C:\windows\Sysnative\shell32.dll 2016-01-13 19:28:40 EBBD7066B59D8D0C22E6F59DD22AB486 76800 ----a-w- C:\windows\Sysnative\browserbroker.dll 2016-01-13 19:28:40 90F26A12A7F188B48021A4CA8A615026 12504576 ----a-w- C:\windows\Sysnative\ieframe.dll 2016-01-13 19:28:33 5D1F633C10EC9E00211E6C3D429AC1FB 2987520 ----a-w- C:\windows\Sysnative\esent.dll 2016-01-13 19:28:33 02077F66F8CF2F1FD58403D371482B01 106496 ----a-w- C:\windows\Sysnative\KeywordDetectorMsftSidAdapter.dll 2016-01-13 19:28:32 ED4208A2A5BE50383153463F7ED08ED4 146944 ----a-w- C:\windows\Sysnative\EthernetMediaManager.dll 2016-01-13 19:28:32 E866643717FF953DAC104E9E806F3E27 498688 ----a-w- C:\windows\Sysnative\WlanMediaManager.dll 2016-01-13 19:28:32 E68D380E86FBBF7F4466A0DD6CEA0B5B 467456 ----a-w- C:\windows\Sysnative\MBMediaManager.dll 2016-01-13 19:28:32 D7B28BF9E08128C5A8B89FFD5BEB6B88 465920 ----a-w- C:\windows\Sysnative\wwanconn.dll 2016-01-13 19:28:32 9D4A09AB97C2F0EC6BFA6B54AA2BA239 3781120 ----a-w- C:\windows\Sysnative\SettingsHandlers_nt.dll 2016-01-13 19:28:32 6C9DDD0611379864596D2A8DE7B1870C 504320 ----a-w- C:\windows\Sysnative\DataSenseHandlers.dll 2016-01-13 19:28:32 68AA410BBF3DA69B9F3834EED1BF52EA 270336 ----a-w- C:\windows\Sysnative\RasMediaManager.dll 2016-01-13 19:28:32 6210B227A7834FFFCA08FBB42F6FF476 126464 ----a-w- C:\windows\Sysnative\DAMediaManager.dll 2016-01-13 19:28:32 1A8D80F2EA3133AD8DAF64DA25B4B17B 168288 ----a-w- C:\windows\Sysnative\NetworkUXBroker.exe 2016-01-13 19:28:32 0ACF831DD03989CA9787621C04D73CFD 45568 ----a-w- C:\windows\Sysnative\wfdprov.dll 2016-01-13 19:28:32 031080A610C302B0279A267411EDB7E3 2226688 ----a-w- C:\windows\Sysnative\NetworkMobileSettings.dll 2016-01-13 19:28:31 CCC25D8DC3177759B541752D3C163460 233992 ----a-w- C:\windows\Sysnative\mftranscode.dll 2016-01-13 19:28:31 86C0DEE6940878A1496CBBA856FF4E5B 584656 ----a-w- C:\windows\Sysnative\mf.dll 2016-01-13 19:28:31 65656FF781BDC10127AB223CDC0AC69F 2463704 ----a-w- C:\windows\Sysnative\mfcore.dll 2016-01-13 19:28:31 628100F7F1F717D6C115051A389CE37E 90912 ----a-w- C:\windows\Sysnative\devenum.dll 2016-01-13 19:28:31 5E010B486F7FB28D9B79AAC471FE484F 476760 ----a-w- C:\windows\Sysnative\MFCaptureEngine.dll 2016-01-13 19:28:31 50410D6D47B1C0A9BC4A4B1EE4E0027F 83704 ----a-w- C:\windows\Sysnative\mfvdsp.dll 2016-01-13 19:28:30 FF12AE856ADD9B0AC9F1A5DF323E9130 787720 ----a-w- C:\windows\Sysnative\WMADMOD.DLL 2016-01-13 19:28:30 F7FC6CB37CBF7C3547B2F8D8D3A1ACCD 377592 ----a-w- C:\windows\Sysnative\MP4SDECD.DLL 2016-01-13 19:28:30 846FF503D852A7B15FC02A46098EB31D 205072 ----a-w- C:\windows\Sysnative\COLORCNV.DLL 2016-01-13 19:28:30 32EFE0A14B4323786ACE4E8950210367 2641928 ----a-w- C:\windows\Sysnative\WMVDECOD.DLL 2016-01-13 19:28:30 0DE4840EB6125C69E46EB9CA908B6D29 345080 ----a-w- C:\windows\Sysnative\WMVSDECD.DLL 2016-01-13 19:28:29 CA7800F03BF0281D4D38E1006618E82E 627712 ----a-w- C:\windows\Sysnative\Windows.UI.dll 2016-01-13 19:28:29 736BB47B4D0F66039E0AB9A7B885D0F0 3248128 ----a-w- C:\windows\Sysnative\Windows.Media.dll 2016-01-13 19:28:29 49B00A59043431804A5BCB5E48F735B3 414208 ----a-w- C:\windows\Sysnative\AppXDeploymentClient.dll 2016-01-13 19:28:28 52C3440B5098BFB99D91E869A26ECB30 1213440 ----a-w- C:\windows\Sysnative\RemoteNaturalLanguage.dll 2016-01-13 19:28:28 162AD130D6F3C5C877F0AD121C1F485E 3622272 ----a-w- C:\windows\Sysnative\iertutil.dll 2016-01-13 19:28:27 D4D17FB8E003050BA38B85F335B71222 322048 ----a-w- C:\windows\Sysnative\vaultsvc.dll 2016-01-13 19:28:27 A40484AC27EE08DBE7F8DA5E1F6651ED 591360 ----a-w- C:\windows\Sysnative\wcmsvc.dll 2016-01-13 19:28:27 95EC1A9A6926F5091957F6CA52A34F21 162304 ----a-w- C:\windows\Sysnative\SubscriptionMgr.dll 2016-01-13 19:28:27 73AF2D8038FCEF4C4EB4B3106B41967A 2573768 ----a-w- C:\windows\Sysnative\msxml6.dll 2016-01-13 19:28:26 959695FD137FF0DEFC6152AAB03AA3D6 1216512 ----a-w- C:\windows\Sysnative\netcenter.dll 2016-01-13 19:28:26 544F4E3C4EEBAC2541C6D1D865FA2963 1717248 ----a-w- C:\windows\Sysnative\GdiPlus.dll 2016-01-13 19:28:26 3C096082A9232B7CEE4653B9C9031769 2228736 ----a-w- C:\windows\Sysnative\wlansvc.dll 2016-01-13 19:28:26 20E8B4BD322195D30C781BED86FA81C8 185344 ----a-w- C:\windows\Sysnative\psmsrv.dll 2016-01-13 19:28:25 F70197C9E902336B223A8F43AB627BD7 115704 ----a-w- C:\windows\Sysnative\VIDRESZR.DLL 2016-01-13 19:28:25 B3E7A635C248EBF3A9C630917BDD5FA0 1822280 ----a-w- C:\windows\Sysnative\ntdll.dll 2016-01-13 19:28:25 9FE8EF9A4FAE92B1296D4D1AD8A2C6E6 447488 ----a-w- C:\windows\Sysnative\WMVSENCD.DLL 2016-01-13 19:28:25 903FC05DFE2EA0432113E251DE3A3E51 634368 ----a-w- C:\windows\Sysnative\WMVXENCD.DLL 2016-01-13 19:28:24 DD5339D7A02E27CC108897AF56F1BA95 1991120 ----a-w- C:\windows\Sysnative\WMVENCOD.DLL 2016-01-13 19:28:24 7ED8EF17B3A6C69DA6A0EC90CFBB4ABB 7055872 ----a-w- C:\windows\Sysnative\BingMaps.dll 2016-01-13 19:28:23 C158F23E5D8581CB50B33D83AC721E93 1795584 ----a-w- C:\windows\Sysnative\AppXDeploymentExtensions.dll 2016-01-13 19:28:22 DE82BD1C35547D04241DB1DB3D4808E0 6487248 ----a-w- C:\windows\Sysnative\windows.storage.dll 2016-01-13 19:28:22 D6D96E20079D902243690DCBB007F997 2180608 ----a-w- C:\windows\Sysnative\AppXDeploymentServer.dll 2016-01-13 19:28:21 B7B20B07E6BDB3DCD78668E4F7BFABA9 1888768 ----a-w- C:\windows\Sysnative\dwmcore.dll 2016-01-13 19:28:19 F9042F366B9695FD564E9485112453E2 1871360 ----a-w- C:\windows\Sysnative\msxml3.dll 2016-01-13 19:28:19 C974AFD04F02EADDE7C1928B3B42AA91 1672192 ----a-w- C:\windows\Sysnative\quartz.dll 2016-01-13 19:28:19 6FA4BB1AA0C18F5CFB96F228376BD249 2494712 ----a-w- C:\windows\Sysnative\CoreUIComponents.dll 2016-01-13 19:28:18 8675E8DC436CFD340C2BEACD29315226 1710592 ----a-w- C:\windows\Sysnative\SRHInproc.dll 2016-01-13 19:28:18 6C291578AD85D4527E83B5E9465BDB6C 1649152 ----a-w- C:\windows\Sysnative\comsvcs.dll 2016-01-13 19:28:18 537826436B921256BA9055F65A97ED91 7569408 ----a-w- C:\windows\Sysnative\mos.dll 2016-01-13 19:28:18 3478670E8646CC536E1EF21F077F4DD6 2156400 ----a-w- C:\windows\Sysnative\hevcdecoder.dll 2016-01-13 19:28:16 429E7B01BBEB38EA55464918811D3373 515072 ----a-w- C:\windows\Sysnative\internetmail.dll 2016-01-13 19:28:15 FA78CF03CB18E8EAB07D1B9470508AA7 1270104 ----a-w- C:\windows\Sysnative\mfnetsrc.dll 2016-01-13 19:28:15 EA8B28FFF774F7C7862C8746E1FDECF6 273920 ----a-w- C:\windows\Sysnative\Windows.ApplicationModel.LockScreen.dll 2016-01-13 19:28:15 E42DE587D8453E20796A149303DE4691 1255936 ----a-w- C:\windows\Sysnative\WMSPDMOE.DLL 2016-01-13 19:28:15 E280D20B0AD017F78290C39CB27006AB 187904 ----a-w- C:\windows\Sysnative\Windows.UI.PicturePassword.dll 2016-01-13 19:28:15 D920A8B070A9BA5C9DEFC3BA7C3883B5 145408 ----a-w- C:\windows\Sysnative\dssvc.dll 2016-01-13 19:28:15 C62218BAE56459EE10145625762CEF1C 751992 ----a-w- C:\windows\Sysnative\WMADMOE.DLL 2016-01-13 19:28:15 85AC4CA67BECC08CBC655A8D8919B23B 1331200 ----a-w- C:\windows\Sysnative\UIAutomationCore.dll 2016-01-13 19:28:15 7F380DC90B8A045A3F4835D196C35EEB 1366680 ----a-w- C:\windows\Sysnative\user32.dll 2016-01-13 19:28:15 7505ACFD9362DA74FEB623F21FE3B391 1601536 ----a-w- C:\windows\Sysnative\Windows.Media.Speech.dll 2016-01-13 19:28:15 3A04CB24453E831CF75C209933DED057 862056 ----a-w- C:\windows\Sysnative\mfnetcore.dll 2016-01-13 19:28:15 35D3A05A1FE037E866E17E84CEE9CF48 2350592 ----a-w- C:\windows\Sysnative\authui.dll 2016-01-13 19:28:14 D5AAA188C70146977CFEE8D128599F3F 378368 ----a-w- C:\windows\Sysnative\SystemEventsBrokerServer.dll 2016-01-13 19:28:14 9ED18AA0A7F4DEC9779CE9059FE6D057 3527168 ----a-w- C:\windows\Sysnative\tquery.dll 2016-01-13 19:28:14 92C15AC3119BD5A270D4721D94962E87 205312 ----a-w- C:\windows\Sysnative\aepic.dll 2016-01-13 19:28:14 085303A3E653D0F1CB7F54A45FB25FAE 1150816 ----a-w- C:\windows\Sysnative\aeinv.dll 2016-01-13 19:28:12 C56E82DA13F1433C7E8AC8E31529E41E 949760 ----a-w- C:\windows\Sysnative\kerberos.dll 2016-01-13 19:28:12 390EAAB81E5C1DB0FD4920796C74AB48 1290240 ----a-w- C:\windows\Sysnative\Windows.UI.Shell.dll 2016-01-13 19:28:11 AEE285AC6117625361E6D5F06A58A830 723648 ----a-w- C:\windows\Sysnative\generaltel.dll 2016-01-13 19:28:11 78760751FBCB900F6F68CA1700DAE2DC 2675200 ----a-w- C:\windows\Sysnative\Windows.StateRepository.dll 2016-01-13 19:28:11 4717521A872CAE4B6DBC40BA5FE2238A 1083072 ----a-w- C:\windows\Sysnative\appraiser.dll 2016-01-13 19:28:11 1BFAC03B6422E878EFCDA934BF4C4823 1008640 ----a-w- C:\windows\Sysnative\schedsvc.dll 2016-01-13 19:28:10 DDCBE4B09287CF224B63015F9C6BD31F 1295712 ----a-w- C:\windows\Sysnative\wpx.dll 2016-01-13 19:28:10 A51AC21B1F31FD7F4EC2811E33572AFC 859136 ----a-w- C:\windows\Sysnative\modernexecserver.dll 2016-01-13 19:28:10 A25B124EF04FE23BE96561C1107B9272 781976 ----a-w- C:\windows\Sysnative\mfds.dll 2016-01-13 19:28:10 705DC0E4337CFDC6CCC035B2C5F9AF94 1009664 ----a-w- C:\windows\Sysnative\WMSPDMOD.DLL 2016-01-13 19:28:10 65BCE1DC85A1023021D363E0CE4AB14C 845824 ----a-w- C:\windows\Sysnative\Magnify.exe 2016-01-13 19:28:10 5E6F27976D0A53CE834D94F55378B9EE 929792 ----a-w- C:\windows\Sysnative\SRH.dll 2016-01-13 19:28:10 5AB935E396A83A303DEA1FD480A19159 572928 ----a-w- C:\windows\Sysnative\vbscript.dll 2016-01-13 19:28:10 3CCF1EDBF6EC23174F4700E6DB3FFBDF 966416 ----a-w- C:\windows\Sysnative\twinapi.appcore.dll 2016-01-13 19:28:10 0AAA44C103BB9D3BE03398BEF93C52A4 826880 ----a-w- C:\windows\Sysnative\jscript.dll 2016-01-13 19:28:09 B6E5858C57014B0FA4A94F154BBDCC52 784136 ----a-w- C:\windows\Sysnative\mfsvr.dll 2016-01-13 19:28:09 870F1D282F0F8E7D9A56533A87D0551E 779928 ----a-w- C:\windows\Sysnative\evr.dll 2016-01-13 19:28:08 DF84555A734BA2BDA55BCCCC47095ADD 1015808 ----a-w- C:\windows\Sysnative\RDXService.dll 2016-01-13 19:28:08 52ABEA8D9AF917CDFF22931595BDC64F 122880 ----a-w- C:\windows\Sysnative\VEDataLayerHelpers.dll 2016-01-13 19:28:08 311F4D131C28DA12595132A35124E955 910848 ----a-w- C:\windows\Sysnative\SharedStartModel.dll 2016-01-13 19:28:08 09247D43F19CAFEEFEBF6A32F3A1225F 118272 ----a-w- C:\windows\Sysnative\KnobsCsp.dll 2016-01-13 19:28:08 02786761624CE45D67A480D992C459AC 931328 ----a-w- C:\windows\Sysnative\MSMPEG2ENC.DLL 2016-01-13 19:28:07 E5D86250453B33900666D92ED1A92ABE 2740224 ----a-w- C:\windows\Sysnative\wininet.dll 2016-01-13 19:28:07 D1650F6BDDF820399421C2952675731A 2558976 ----a-w- C:\windows\Sysnative\mssrch.dll 2016-01-13 19:28:07 ACA9EAA9CC52E8DA0784FE3B06E06265 609592 ----a-w- C:\windows\Sysnative\ci.dll 2016-01-13 19:28:07 5A863500AB522EFA6270019D613F15F9 757760 ----a-w- C:\windows\Sysnative\fveapi.dll 2016-01-13 19:28:06 EE329CCF9C1E1CF6096E3935943CB3A5 667856 ----a-w- C:\windows\Sysnative\advapi32.dll 2016-01-13 19:28:06 17159DF4093B2F33B95AB9F703EA8391 796160 ----a-w- C:\windows\Sysnative\TokenBroker.dll 2016-01-13 19:28:05 F90129379A9D912CCF4EADC50F546C8B 463872 ----a-w- C:\windows\Sysnative\MFWMAAEC.DLL 2016-01-13 19:28:05 B539D98D907A8F94DC3B7BB37B014008 678912 ----a-w- C:\windows\Sysnative\qedit.dll 2016-01-13 19:28:05 58395E37ED838B93A56F1D089C2F53CF 1643872 ----a-w- C:\windows\Sysnative\diagtrack.dll 2016-01-13 19:28:04 D4E92C0C0F9C5054B03D67A3C0B41961 555768 ----a-w- C:\windows\Sysnative\directmanipulation.dll 2016-01-13 19:28:04 8F52D8477ED3EF446EC72D087FF6B1F5 355328 ----a-w- C:\windows\Sysnative\ninput.dll 2016-01-13 19:28:04 69B076C9D3B75647EE1807E168F20F78 2415104 ----a-w- C:\windows\Sysnative\DWrite.dll 2016-01-13 19:28:04 65A0B3477231CE37B09A719DBBB9FCF1 671232 ----a-w- C:\windows\Sysnative\WUDFx02000.dll 2016-01-13 19:28:04 506F9F526D42BB4C0A579CB78F923A48 483328 ----a-w- C:\windows\Sysnative\OneDriveSettingSyncProvider.dll 2016-01-13 19:28:04 4D9B59BCD7FA373D52E5CD9A285C332C 587776 ----a-w- C:\windows\Sysnative\ieui.dll 2016-01-13 19:28:04 37B5ECB8C390D9FD5A5BB2FFB7294B9E 553808 ----a-w- C:\windows\Sysnative\SettingSyncHost.exe 2016-01-13 19:28:04 0BC61871B9B1446C0B28CB5526DC171C 893440 ----a-w- C:\windows\Sysnative\MbaeApiPublic.dll 2016-01-13 19:28:04 0367B8FA0C41969DD92F489DA5FE664F 603648 ----a-w- C:\windows\Sysnative\duser.dll 2016-01-13 19:28:03 D2F7EF42F82CEA2545A7A8D103B57DF5 596480 ----a-w- C:\windows\Sysnative\SettingSync.dll 2016-01-13 19:28:03 BF746516D6DCDF242976A6893D65A778 771072 ----a-w- C:\windows\Sysnative\Chakradiag.dll 2016-01-13 19:28:03 A108F6D878F2B95EAA00A088EDE0E598 1294336 ----a-w- C:\windows\Sysnative\wcnwiz.dll 2016-01-13 19:28:03 913E47FCD3B43EC27215F90884915CAF 780288 ----a-w- C:\windows\Sysnative\Windows.ApplicationModel.Store.dll 2016-01-13 19:28:03 74C965E6A46F070196BDBC1CBD7DB8F8 607408 ----a-w- C:\windows\Sysnative\fontdrvhost.exe 2016-01-13 19:28:03 5CE3C624FABA3154504DF9A2BD029A5E 50176 ----a-w- C:\windows\Sysnative\WcnNetsh.dll 2016-01-13 19:28:03 4AC4CB97674AB132ACB8309C0615452B 772448 ----a-w- C:\windows\Sysnative\invagent.dll 2016-01-13 19:28:03 0291A553B39D1CE0D108CF2388006B33 42496 ----a-w- C:\windows\Sysnative\usermgrcli.dll 2016-01-13 19:28:02 A70A997B88EAEE0E898DA5773045AFF1 2446336 ----a-w- C:\windows\Sysnative\InputService.dll 2016-01-13 19:28:02 A2FD4588F579F8671E4AB1064633CB46 712704 ----a-w- C:\windows\Sysnative\usermgr.dll 2016-01-13 19:28:02 8F643B386A381879A90946ACB6E7F30D 502272 ----a-w- C:\windows\Sysnative\dlnashext.dll 2016-01-13 19:28:02 72C37168B3A428F33D566130382D3D85 523776 ----a-w- C:\windows\Sysnative\catsrvut.dll 2016-01-13 19:28:02 2E4FA4D0461BB78EC23E12404BED604E 179712 ----a-w- C:\windows\Sysnative\coredpus.dll 2016-01-13 19:28:01 BF77FC08A7D4DC37A659561B29FA23EC 163840 ----a-w- C:\windows\Sysnative\CallHistoryClient.dll 2016-01-13 19:28:01 AF32A0D3E5A07AA50F4012C419E63757 539136 ----a-w- C:\windows\Sysnative\mfh264enc.dll 2016-01-13 19:28:01 8D23F0819A00C547814409B734DD3747 503808 ----a-w- C:\windows\Sysnative\tileobjserver.dll 2016-01-13 19:28:01 839BD56425530973FF3F6F7C0057CD22 288256 ----a-w- C:\windows\Sysnative\PimIndexMaintenance.dll 2016-01-13 19:28:01 68DE1997977CD3A86D5F8D0FD23056EA 1563392 ----a-w- C:\windows\Sysnative\winmde.dll 2016-01-13 19:28:01 684F1E1B5D07451B600EA3C3D728A534 281600 ----a-w- C:\windows\Sysnative\VEEventDispatcher.dll 2016-01-13 19:28:01 4CF70EA2E9B2DF1F942B357DCC0E33E8 365568 ----a-w- C:\windows\Sysnative\atmfd.dll 2016-01-13 19:28:01 32212C0FE0556915E763C29DEB6D267E 1423872 ----a-w- C:\windows\Sysnative\UserDataService.dll 2016-01-13 19:27:59 E22030052530D1A6825C47B997EC0DD3 814080 ----a-w- C:\windows\Sysnative\msctfuimanager.dll 2016-01-13 19:27:59 DBA8FE1EAA344106C334E193D3D57B66 73728 ----a-w- C:\windows\Sysnative\wwancfg.dll 2016-01-13 19:27:59 C8C5DFF028EA28D7846E95D8E5461794 570880 ----a-w- C:\windows\Sysnative\MbaeApi.dll 2016-01-13 19:27:59 C197284A9D565A38497733AF2BDFA111 1679360 ----a-w- C:\windows\Sysnative\FntCache.dll 2016-01-13 19:27:59 9C0547B502CFB4F750B883EC4425B30C 441696 ----a-w- C:\windows\Sysnative\devinv.dll 2016-01-13 19:27:59 69AC1B59A11F3FDBDBEB5B9B09D7E05B 379392 ----a-w- C:\windows\Sysnative\qdvd.dll 2016-01-13 19:27:59 38F08B82ADEEA1003B4A5177BB5366B3 347136 ----a-w- C:\windows\Sysnative\ncryptprov.dll 2016-01-13 19:27:59 363F3F99863C2BB8612C9133E45BF3E6 387584 ----a-w- C:\windows\Sysnative\LockAppBroker.dll 2016-01-13 19:27:58 F9BD360A4799BB54A01692940C46CA2B 537080 ----a-w- C:\windows\Sysnative\WWanAPI.dll 2016-01-13 19:27:58 986BC1A9E29A9E35C1D10D874616ACBB 215040 ----a-w- C:\windows\Sysnative\notepad.exe 2016-01-13 19:27:58 0D5C9E27E93AAEA3E30A1E59A7AC3DFF 1205248 ----a-w- C:\windows\Sysnative\Unistore.dll 2016-01-13 19:27:57 F57FE0BD8BD7E1F8088FE18D0FD7BEE9 501008 ----a-w- C:\windows\Sysnative\AudioEng.dll 2016-01-13 19:27:57 EF3BBA8739757B470D0E49C8619A31C0 53760 ----a-w- C:\windows\Sysnative\Windows.Speech.Pal.dll 2016-01-13 19:27:57 BA77A5B7C3602D0A8DC96CC5ED4AD665 249464 ----a-w- C:\windows\Sysnative\RESAMPLEDMO.DLL 2016-01-13 19:27:57 B89FE628B72CEA4674787D13A87CEE9A 387584 ----a-w- C:\windows\Sysnative\NetSetupShim.dll 2016-01-13 19:27:57 AF34122A1B595218036B4049D802B470 1203712 ----a-w- C:\windows\Sysnative\Windows.Devices.Bluetooth.dll 2016-01-13 19:27:57 8AFDD74F2DC5BAD9B2215FB19DB65240 809352 ----a-w- C:\windows\Sysnative\CoreMessaging.dll 2016-01-13 19:27:57 8A216BBE091DA0585F6A5E8B65980961 324096 ----a-w- C:\windows\Sysnative\profsvc.dll 2016-01-13 19:27:57 43A1B8B43CA4E213E0FD920F2FD6BCBA 267776 ----a-w- C:\windows\Sysnative\Windows.Internal.Management.dll 2016-01-13 19:27:57 334206DD8DA94B0AEBC46A3196888031 83968 ----a-w- C:\windows\Sysnative\DeviceEnroller.exe 2016-01-13 19:27:57 157B1CABAF5201237EECA4FB0F34D822 403456 ----a-w- C:\windows\Sysnative\dmenrollengine.dll 2016-01-13 19:27:57 103CBAC0689FA88081E421E8203BA2F0 305664 ----a-w- C:\windows\Sysnative\ksproxy.ax 2016-01-13 19:27:56 D33C8E7B495A668F4F9740CC93AF6496 453120 ----a-w- C:\windows\Sysnative\Windows.Devices.Usb.dll 2016-01-13 19:27:56 C92EBECB1E30E7E6006C0D8B4040C3F6 274944 ----a-w- C:\windows\Sysnative\syncutil.dll 2016-01-13 19:27:56 90211F7475F525E7F9858C0CE3BBBBE7 1774592 ----a-w- C:\windows\Sysnative\Windows.UI.Immersive.dll 2016-01-13 19:27:55 E4FEBAC5221A92C25734A9769B66A97D 310784 ----a-w- C:\windows\Sysnative\ActionCenter.dll 2016-01-13 19:27:55 E19B29DCA6AF0D29E180769FEDD408DD 250520 ----a-w- C:\windows\Sysnative\MPG4DECD.DLL 2016-01-13 19:27:55 76432D2E5504D33B4D2B1F837A057ED4 251544 ----a-w- C:\windows\Sysnative\MP43DECD.DLL 2016-01-13 19:27:55 6FBC6166E73518A8FEF03DCEB5BC4F34 246272 ----a-w- C:\windows\Sysnative\PackageStateRoaming.dll 2016-01-13 19:27:55 3DB6BAA19408895C9E0BB55084DD94F3 595456 ----a-w- C:\windows\Sysnative\LogonController.dll 2016-01-13 19:27:54 C6BA8ADCD2F2A626E01B20D740C5A9AF 1602560 ----a-w- C:\windows\Sysnative\urlmon.dll 2016-01-13 19:27:54 B7927A1D40BD17BC963E9353DBB36CD7 869376 ----a-w- C:\windows\Sysnative\MapControlCore.dll 2016-01-13 19:27:54 A92AFC8FB13ADC1CB59719B3E519C843 1294352 ----a-w- C:\windows\Sysnative\winload.efi 2016-01-13 19:27:54 7E8811597D2752736B776F15A1C8FAA6 856576 ----a-w- C:\windows\Sysnative\ContactApis.dll 2016-01-13 19:27:54 35EC6A4E7384E233CBB5EEFD3BC2204D 247296 ----a-w- C:\windows\Sysnative\facecredentialprovider.dll 2016-01-13 19:27:54 327DA4A4DE4E9BECF2C16967366C74E2 186880 ----a-w- C:\windows\Sysnative\cloudAP.dll 2016-01-13 19:27:54 2C144777278ECD6DFF4B5A90F742C1AA 346112 ----a-w- C:\windows\Sysnative\ngccredprov.dll 2016-01-13 19:27:54 2B4D03A121996467E53AF02F028FD017 235008 ----a-w- C:\windows\Sysnative\UserMgrProxy.dll 2016-01-13 19:27:54 20436EF4CDBBC0B87464EE42D9D31C99 306688 ----a-w- C:\windows\Sysnative\NotificationObjFactory.dll 2016-01-13 19:27:54 11648E08564ECFC6CB435990261F1A34 1123400 ----a-w- C:\windows\Sysnative\winload.exe 2016-01-13 19:27:54 02954F6B3389EF56088EF1C99B6105BA 202240 ----a-w- C:\windows\Sysnative\accountaccessor.dll 2016-01-13 19:27:53 B32BD244B13DEC1DD050146B5F5466D7 1061888 ----a-w- C:\windows\Sysnative\reseteng.dll 2016-01-13 19:27:53 9C2B0E3A21CECD14E20A848F0DE94B24 517632 ----a-w- C:\windows\Sysnative\NotificationController.dll 2016-01-13 19:27:53 71107775BE0E612150F032CE21DD9C7C 88384 ----a-w- C:\windows\Sysnative\remoteaudioendpoint.dll 2016-01-13 19:27:53 5D046D71B18BEFB2E4D164C3DEEDD672 187392 ----a-w- C:\windows\Sysnative\NetSetupSvc.dll 2016-01-13 19:27:53 2C82D9E55432915A68A609008BDEF41A 1563472 ----a-w- C:\windows\Sysnative\wmpmde.dll 2016-01-13 19:27:52 E407B70B9D21CA3967485D464A01BAE5 140288 ----a-w- C:\windows\Sysnative\WcnApi.dll 2016-01-13 19:27:52 BBA571F40F08F967531573109F7FA95E 169984 ----a-w- C:\windows\Sysnative\mdmregistration.dll 2016-01-13 19:27:52 B3CD8B2CBC6E48B194116B28F72CDA67 408064 ----a-w- C:\windows\Sysnative\CredProvDataModel.dll 2016-01-13 19:27:52 3DB512EC071AB5656EECA3611E24C797 752640 ----a-w- C:\windows\Sysnative\ChatApis.dll 2016-01-13 19:27:52 3C6F2EF4541A9CD98EFED7B8CE9D061F 112640 ----a-w- C:\windows\Sysnative\fdWCN.dll 2016-01-13 19:27:52 3B397ED55AE652520503CCE0996B0D25 160256 ----a-w- C:\windows\Sysnative\enrollmentapi.dll 2016-01-13 19:27:52 01F1D71F291A64266E3B0DF60E6B6CE7 117760 ----a-w- C:\windows\Sysnative\dafWCN.dll 2016-01-13 19:27:51 F1A6A22A63F380DFF28C55B11D688B0C 102304 ----a-w- C:\windows\Sysnative\omadmapi.dll 2016-01-13 19:27:51 D348983828D21D3D05711812A2811DCF 243248 ----a-w- C:\windows\Sysnative\mfps.dll 2016-01-13 19:27:51 C18ED3B56B91A835F019634180349E8A 849408 ----a-w- C:\windows\Sysnative\comdlg32.dll 2016-01-13 19:27:51 B02EA3A2E6BEDAB9C954AAC6BD887874 292856 ----a-w- C:\windows\Sysnative\LockAppHost.exe 2016-01-13 19:27:51 97EB90D57B84797D01D59E862B1FF9E8 1591848 ----a-w- C:\windows\Sysnative\gdi32.dll 2016-01-13 19:27:51 863E39BB1F8779B8A6CEEC4BA93401C2 1018568 ----a-w- C:\windows\Sysnative\winresume.efi 2016-01-13 19:27:51 62CFDB1741D700E2292242B50F1EC1A9 168960 ----a-w- C:\windows\Sysnative\InstallAgent.exe 2016-01-13 19:27:50 E283DE7B5BB438BE4CCD393DA582A5D2 404480 ----a-w- C:\windows\Sysnative\diagtrack_wininternal.dll 2016-01-13 19:27:50 C5890CAD6482B12ECA19E680B779560F 858408 ----a-w- C:\windows\Sysnative\winresume.exe 2016-01-13 19:27:50 64D7B91B7D667A70782D9C76D6292C3C 980832 ----a-w- C:\windows\Sysnative\SecConfig.efi 2016-01-13 19:27:49 F3994884BE4F1019B4EC34F85A3397E7 171520 ----a-w- C:\windows\Sysnative\WinBioDataModel.dll 2016-01-13 19:27:49 D4D08AB39F842C640B7F8B1296BDC38C 121344 ----a-w- C:\windows\Sysnative\DAMM.dll 2016-01-13 19:27:49 919663D05E791FBC7A5766E150435279 120832 ----a-w- C:\windows\Sysnative\NetworkStatus.dll 2016-01-13 19:27:49 917C7C09612AD81BCF0C49007740DB4E 775312 ----a-w- C:\windows\Sysnative\locale.nls 2016-01-13 19:27:49 7E90F66669509E7BD2B250BC271D94E2 171008 ----a-w- C:\windows\Sysnative\dot3mm.dll 2016-01-13 19:27:49 2C7B2FD825A8AF0A1338D86B5AFA4343 413184 ----a-w- C:\windows\Sysnative\diagtrack_win.dll 2016-01-13 19:27:49 0F7067F069D502954F4E9E3D3378585B 79872 ----a-w- C:\windows\Sysnative\BthRadioMedia.dll 2016-01-13 19:27:48 E650DD63BF9C8F4369C547B72DC81888 333312 ----a-w- C:\windows\Sysnative\MusUpdateHandlers.dll 2016-01-13 19:27:48 D907DFF972354542D5B0B4414B308B75 312832 ----a-w- C:\windows\Sysnative\SensorsApi.dll 2016-01-13 19:27:48 B9FC9E9B55C74557FEC004BF8B1184F4 359936 ----a-w- C:\windows\Sysnative\ncsi.dll 2016-01-13 19:27:48 B8401703E619E7BD7B5A659306A9BFE6 84480 ----a-w- C:\windows\Sysnative\MDMAppInstaller.exe 2016-01-13 19:27:48 A1EFFF8EA50BE57AC38264541F1B88FD 801632 ----a-w- C:\windows\Sysnative\WWAHost.exe 2016-01-13 19:27:48 62821B34C9D94E7E58FD2D71F426F5C0 78848 ----a-w- C:\windows\Sysnative\VPNv2CSP.dll 2016-01-13 19:27:48 509FF13E5C4FD63846FCA01A5ED912DB 521728 ----a-w- C:\windows\Sysnative\PsmServiceExtHost.dll 2016-01-13 19:27:48 49213BF8E7EEE157F128C58D75043B09 68096 ----a-w- C:\windows\Sysnative\EnterpriseDesktopAppMgmtCSP.dll 2016-01-13 19:27:48 38A519B37BAD270D0C65AE3AF7A083F2 1817064 ----a-w- C:\windows\Sysnative\WMALFXGFXDSP.dll 2016-01-13 19:27:48 184EA31BE714F3B33A5E96CBE103561C 78528 ----a-w- C:\windows\Sysnative\acmigration.dll 2016-01-13 19:27:46 F777FE6BA9C62A4D90BC7017C8FED35F 336384 ----a-w- C:\windows\Sysnative\SearchProtocolHost.exe 2016-01-13 19:27:46 D1AA97B30A9ED6F89DC3848C8BF53513 224256 ----a-w- C:\windows\Sysnative\KnobsCore.dll 2016-01-13 19:27:46 B31569B0E7A467D4050FA49CFCBFCEFA 204800 ----a-w- C:\windows\Sysnative\wcmcsp.dll 2016-01-13 19:27:46 9045120B390CDA9C0C7DB93745B92554 720896 ----a-w- C:\windows\Sysnative\EmailApis.dll 2016-01-13 19:27:46 7910232E31799A576F2509DA92CB8813 928256 ----a-w- C:\windows\Sysnative\JpMapControl.dll 2016-01-13 19:27:46 41C0EC5B11375F9CA045AFEF1EB75D5F 366592 ----a-w- C:\windows\Sysnative\wuuhext.dll 2016-01-13 19:27:46 194239DA484C7DB62E6773ABB5DD4463 269312 ----a-w- C:\windows\Sysnative\provengine.dll 2016-01-13 19:27:46 0E585006B82E0566AE521641D827F852 235520 ----a-w- C:\windows\Sysnative\SettingsHandlers_Notifications.dll 2016-01-13 19:27:45 0D75CBD29B38A8D9361033A6884848AF 25280 ----a-w- C:\windows\Sysnative\CompatTelRunner.exe 2016-01-13 19:27:44 FBFC4EAC38BEC9515BBAC57D1F2288E6 573440 ----a-w- C:\windows\Sysnative\Windows.Cortana.Desktop.dll 2016-01-13 19:27:44 F548C34A6FF655F0A716316133B4DD5D 590336 ----a-w- C:\windows\Sysnative\MessagingDataModel2.dll 2016-01-13 19:27:44 E4257DF7C5517E3996047F7ADDB208F5 8847 ----a-w- C:\windows\Sysnative\ResPriHMImageList 2016-01-13 19:27:44 D61C3ED7C5F0D1B5BD9B351FEC381D57 120832 ----a-w- C:\windows\Sysnative\omadmclient.exe 2016-01-13 19:27:44 D37063C5B492B7B4F26D24C62167C8BE 137728 ----a-w- C:\windows\Sysnative\VEStoreEventHandlers.dll 2016-01-13 19:27:44 B171608F20705895726DE86B34D1FBAC 95744 ----a-w- C:\windows\Sysnative\LocationWiFiAdapter.dll 2016-01-13 19:27:44 9C71FA3F776218AD2394833B8DE79031 685568 ----a-w- C:\windows\Sysnative\AppointmentApis.dll 2016-01-13 19:27:44 98EAC529E0F9A1566E9E19D4667854EC 181760 ----a-w- C:\windows\Sysnative\shutdownux.dll 2016-01-13 19:27:44 85146ABCB1EF298D1FF6EE4D5541788C 832512 ----a-w- C:\windows\Sysnative\MapsStore.dll 2016-01-13 19:27:44 65F1F4DBB4A6FA971BF9F00129F452A0 494592 ----a-w- C:\windows\Sysnative\StoreAgent.dll 2016-01-13 19:27:44 5E8D09216315B063FD4AEAB9508F0776 1087296 ----a-w- C:\windows\Sysnative\mfplat.dll 2016-01-13 19:27:44 01074D7E7370E7A7CAFF0DC442C89794 113184 ----a-w- C:\windows\Sysnative\userenv.dll 2016-01-13 19:27:43 F5839DD5FD73019B046ED7FD87AE6C71 123392 ----a-w- C:\windows\Sysnative\mssprxy.dll 2016-01-13 19:27:43 EBD5F0FDD3EBB6EE6F6EE524206AD0AE 26624 ----a-w- C:\windows\Sysnative\LicenseManagerShellext.exe 2016-01-13 19:27:43 D88952BD78157D66A0921B63F5DD0EC5 439296 ----a-w- C:\windows\Sysnative\LocationWebproxy.dll 2016-01-13 19:27:43 CFFE537A11AE6C825F36240B96689886 993104 ----a-w- C:\windows\Sysnative\ReAgent.dll 2016-01-13 19:27:43 AC180D981BD23443793F7AA71BBE344A 599552 ----a-w- C:\windows\Sysnative\wpnapps.dll 2016-01-13 19:27:43 77C8CD0AACC1D059EDF6E91920D11550 421888 ----a-w- C:\windows\Sysnative\Windows.Internal.Bluetooth.dll 2016-01-13 19:27:43 02707CF32272B726BB410E6717BBB7E8 446976 ----a-w- C:\windows\Sysnative\MapConfiguration.dll 2016-01-13 19:27:42 EA1C2DAB8A63712B94897A58557B086C 371712 ----a-w- C:\windows\Sysnative\nlasvc.dll 2016-01-13 19:27:42 E6B7193FF6E1FBFD644E0D5545A6E779 7168 ----a-w- C:\windows\Sysnative\KBDAZST.DLL 2016-01-13 19:27:42 E6337423BD19DD12EB6777934B57E0F4 176640 ----a-w- C:\windows\Sysnative\LocationPeIP.dll 2016-01-13 19:27:42 AE15D9860C287112D57062E24FCD6EB9 7168 ----a-w- C:\windows\Sysnative\KBDAZE.DLL 2016-01-13 19:27:42 A0DBB9386BEA8DA1A159C2A2E07081A3 856576 ----a-w- C:\windows\Sysnative\MPSSVC.dll 2016-01-13 19:27:42 75051FAAA293FA5414105A2BDA6BAC05 223232 ----a-w- C:\windows\Sysnative\PhoneCallHistoryApis.dll 2016-01-13 19:27:42 69B49DECE9996743DB231D06F49701B2 7168 ----a-w- C:\windows\Sysnative\KBDAZEL.DLL 2016-01-13 19:27:42 63D8A023148D8436D6CBA65E2B9ED56A 143360 ----a-w- C:\windows\Sysnative\provops.dll 2016-01-13 19:27:42 5793FBBB1F120D1815A8348434ED236C 221184 ----a-w- C:\windows\Sysnative\LocationPeWiFi.dll 2016-01-13 19:27:42 50B2D1C6E83407093678C0B0791F4B74 7168 ----a-w- C:\windows\Sysnative\kbdgeoqw.dll 2016-01-13 19:27:42 26E5D4CA29A7B33EAD6E4C07D7DD3FBF 193024 ----a-w- C:\windows\Sysnative\EnterpriseModernAppMgmtCSP.dll 2016-01-13 19:27:42 230C8AEE3C7F4723ABEA09C93DF47AF3 257024 ----a-w- C:\windows\Sysnative\UserDataAccountApis.dll 2016-01-13 19:27:42 17A344D0A065883ABE6A9239093E7CA9 594472 ----a-w- C:\windows\Sysnative\Windows.Internal.Shell.Broker.dll 2016-01-13 19:27:42 141ABE24124CB1E25954E9D52FF1B999 67072 ----a-w- C:\windows\Sysnative\profext.dll 2016-01-13 19:27:42 124DC4FC14EEA95B8E05F139A57D5B91 553472 ----a-w- C:\windows\Sysnative\GamePanel.exe 2016-01-13 19:27:42 07B5710393558DD734647D5F2F020647 215552 ----a-w- C:\windows\Sysnative\LocationCrowdsource.dll 2016-01-13 19:27:41 F0B43C550BD519423FB79A58A860CE0B 204288 ----a-w- C:\windows\Sysnative\LocationPeCell.dll 2016-01-13 19:27:41 F01743062DA74A24A0E7836289E33731 187904 ----a-w- C:\windows\Sysnative\provisioningcsp.dll 2016-01-13 19:27:41 BABB3A14002CE205616C9A10373AE040 253952 ----a-w- C:\windows\Sysnative\SettingsHandlers_UserAccount.dll 2016-01-13 19:27:41 54D78B8A26900F3E08191ABF0AD499A2 193536 ----a-w- C:\windows\Sysnative\SharedStartModelShim.dll 2016-01-12 14:29:48 6FB144600FAE112D455DC5792091B42A 301728 ------w- C:\windows\Sysnative\MpSigStub.exe ====== C:\windows\Sysnative\drivers ===== 2016-01-18 12:30:32 F803473CD0E5D36D02EB58109F1294CD 62080 ----a-w- C:\windows\Sysnative\drivers\PSKMAD.sys 2016-01-14 18:04:33 AA0BA747EC0431EB104BB2FF6440DD66 173488 ----a-w- C:\windows\Sysnative\drivers\PSINAflt.sys 2016-01-14 18:04:33 65A7D90A0C1E8B972CB0C99A4C8DB6B1 146352 ----a-w- C:\windows\Sysnative\drivers\PSINProt.sys 2016-01-14 18:04:32 868F4F576974830118E1DDBF129511E2 117168 ----a-w- C:\windows\Sysnative\drivers\PSINReg.sys 2016-01-14 18:04:26 D8B1D430406F95B761D67C4AD1914D8F 133552 ----a-w- C:\windows\Sysnative\drivers\PSINProc.sys 2016-01-14 18:04:25 EA50EC24E63CB1011AB6D47A80804478 129456 ----a-w- C:\windows\Sysnative\drivers\PSINFile.sys 2016-01-14 18:04:25 C62E122E2D40C403CA1C7D2382319C1E 207280 ----a-w- C:\windows\Sysnative\drivers\PSINKNC.sys 2016-01-13 19:58:57 1909713BDAD7D5BF868FDF2F8283FFD3 33960 ----a-w- C:\windows\Sysnative\drivers\Smb_driver_Intel.sys 2016-01-13 19:36:15 EC6CED4AC409376319E06DDEC8D0D260 4620504 ----a-w- C:\windows\Sysnative\drivers\rtwlane.sys 2016-01-13 19:28:53 9B2039C5673EEBF1D4E34ABC0AFB88C7 685568 ----a-w- C:\windows\Sysnative\drivers\WdiWiFi.sys 2016-01-13 19:28:52 C67A03F54A1EA683F4880A481EE5FF6C 373072 ----a-w- C:\windows\Sysnative\drivers\USBXHCI.SYS 2016-01-13 19:28:52 7BF844D362EB746BC7A6DC3F57FA3E32 8192 ----a-w- C:\windows\Sysnative\drivers\gpuenergydrv.sys 2016-01-13 19:28:52 70469C8AC4AD367295E70CFDD81B754C 99664 ----a-w- C:\windows\Sysnative\drivers\pdc.sys 2016-01-13 19:28:51 D42AC03ACF9CA67693D1D9BB4D2A0BC8 116064 ----a-w- C:\windows\Sysnative\drivers\tdx.sys 2016-01-13 19:28:51 AE7B7E1E95BFB9340B1956C98CA52C81 80720 ----a-w- C:\windows\Sysnative\drivers\stornvme.sys 2016-01-13 19:28:51 A3D96563BF46FC8A0E5756B796127D14 577888 ----a-w- C:\windows\Sysnative\drivers\afd.sys 2016-01-13 19:28:51 91756EE69E63D66F77E3B791D33F7078 459104 ----a-w- C:\windows\Sysnative\drivers\netio.sys 2016-01-13 19:28:51 89C9C3745F270EF93988DA57BC6AA62B 1983824 ----a-w- C:\windows\Sysnative\drivers\dxgkrnl.sys 2016-01-13 19:28:51 7C3DDCB6F927AFC5569A8CC584F5B5F3 147968 ----a-w- C:\windows\Sysnative\drivers\rmcast.sys 2016-01-13 19:28:51 7680537006A420D7488E5057A8149F86 442208 ----a-w- C:\windows\Sysnative\drivers\storport.sys 2016-01-13 19:28:51 1434CA8A224655AD096D57DB24D3AA85 406864 ----a-w- C:\windows\Sysnative\drivers\FWPKCLNT.SYS 2016-01-13 19:28:50 FA5C94FB36625787063D04CF2F24E890 320000 ----a-w- C:\windows\Sysnative\drivers\portcls.sys 2016-01-13 19:28:50 DAF957B25A35757E9D814611FAE8FE3B 237392 ----a-w- C:\windows\Sysnative\drivers\rdyboost.sys 2016-01-13 19:28:50 27E248CD861AFED4DF0C48F4C853E7F0 80896 ----a-w- C:\windows\Sysnative\drivers\hdaudbus.sys 2016-01-13 19:28:50 1BDA1FD02783566F0B20EB0E2517F85C 516448 ----a-w- C:\windows\Sysnative\drivers\USBHUB3.SYS 2016-01-13 19:28:48 854AF190F55E6D70EC65A85798F896E2 36352 ----a-w- C:\windows\Sysnative\drivers\buttonconverter.sys 2016-01-13 19:28:48 7EBD20284AC9BF9F0A020B86769BB074 2432336 ----a-w- C:\windows\Sysnative\drivers\tcpip.sys 2016-01-13 19:28:10 927AD29D7F91B9A0C5294932374DA15E 894256 ----a-w- C:\windows\Sysnative\drivers\Wdf01000.sys 2016-01-13 19:28:04 FDB239DBE2A14B572D21ABCEDC7BB5D0 505696 ----a-w- C:\windows\Sysnative\drivers\dxgmms2.sys 2016-01-13 19:28:04 B6A33DCEBE437F909615E89BA5FB1385 395088 ----a-w- C:\windows\Sysnative\drivers\dxgmms1.sys 2016-01-13 19:27:59 BA8DC96D1DD7785EB0589CB1777208B7 2115936 ----a-w- C:\windows\Sysnative\drivers\ntfs.sys 2016-01-13 19:27:59 5A1C6AFFF6946C5C21A27AE05084C0D1 332624 ----a-w- C:\windows\Sysnative\drivers\fastfat.sys 2016-01-13 19:27:57 004C66464D8FE76D5DA78BE6777D61AF 278352 ----a-w- C:\windows\Sysnative\drivers\sdbus.sys 2016-01-13 19:27:55 78CA1FF6FE37EEFAFF99DD1C956AF60A 200528 ----a-w- C:\windows\Sysnative\drivers\wof.sys 2016-01-13 19:27:51 0A368247A900656CC0678117DFC3A87C 498016 ----a-w- C:\windows\Sysnative\drivers\usbhub.sys 2016-01-13 19:27:50 D5EC9413527B286CFEEB0294C53ABB95 102752 ----a-w- C:\windows\Sysnative\drivers\mountmgr.sys 2016-01-13 19:27:48 388F2A3C771B8BEE76FD1AAF9614D08E 52264 ----a-w- C:\windows\Sysnative\drivers\wpcfltr.sys 2016-01-13 19:27:46 988588C16A53C2581488C15FF18934BF 46432 ----a-w- C:\windows\Sysnative\drivers\msgpiowin32.sys 2016-01-13 19:27:44 CFCCF9F67EECBA6BFE4E880D9BE70CBB 22528 ----a-w- C:\windows\Sysnative\drivers\usb8023.sys 2016-01-13 19:27:43 616F40B897DA651221F86A1741E9609B 1168736 ----a-w- C:\windows\Sysnative\drivers\ndis.sys 2015-12-27 12:12:37 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\windows\Sysnative\drivers\MBAMSwissArmy.sys 2015-12-27 12:12:23 CFBC6C6D8A492697CABD1D353EE64933 25816 ----a-w- C:\windows\Sysnative\drivers\mbam.sys 2015-12-27 12:12:23 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849 109272 ----a-w- C:\windows\Sysnative\drivers\mbamchameleon.sys 2015-12-27 12:12:23 08DECFCB9BA97786165A69AB1015BC30 64216 ----a-w- C:\windows\Sysnative\drivers\mwac.sys 2015-12-23 18:48:43 E77CB3736A702D46A6FB15FB4A9894E3 21184 ----a-w- C:\windows\Sysnative\drivers\SmartDefragDriver.sys 2015-12-22 20:00:56 25B2CCB6B9CF909367B1FD6D2D93D139 3741396 ----a-w- C:\windows\Sysnative\drivers\RTAIODAT.DAT 2015-12-22 19:59:58 B1679D907958C3F62EFDAA8BF1093209 475384 ----a-w- C:\windows\Sysnative\drivers\IntcDAud.sys 2015-12-22 19:59:39 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\windows\Sysnative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf ====== C:\windows\Tasks ====== 2016-01-16 15:20:05 A728C078376AB60A7B10539DD61CFE84 310 ----a-w- C:\windows\Tasks\Uninstaller_SkipUac_rwest.job 2016-01-16 15:20:05 693C0D8973759F4DF0C1EF2C2456A443 2496 ----a-w- C:\windows\Sysnative\Tasks\Uninstaller_SkipUac_rwest 2015-12-30 18:08:44 AF978437B26093FD3D1C9A1BDBDEF887 3256 ----a-w- C:\windows\Sysnative\Tasks\HPCeeScheduleForrwest 2015-12-30 18:08:44 A5939A16003FC5006EAFE562C8751B82 364 ----a-w- C:\windows\Tasks\HPCeeScheduleForrwest.job 2015-12-23 18:48:53 EFB6879D0E230EDC1670F71C3CDE61AD 3316 ----a-w- C:\windows\Sysnative\Tasks\SmartDefrag4_Startup 2015-12-23 18:48:53 93F6DC3DD3EE19B7C9B86B879DD03940 3312 ----a-w- C:\windows\Sysnative\Tasks\SmartDefrag4_Update 2015-12-22 19:50:42 217E724F5878066377E8CCB3D8CB3B18 3074 ----a-w- C:\windows\Sysnative\Tasks\Driver Booster SkipUAC (rwest) 2015-12-22 19:50:42 1DA319FEF105662394B3050F120A555F 3426 ----a-w- C:\windows\Sysnative\Tasks\Driver Booster Scheduler ====== C:\windows\Temp ====== ======= C:\Program Files ===== 2016-01-15 17:29:21 -------- d-----w- C:\Program Files\Reason 2016-01-15 15:30:52 -------- d-----w- C:\Program Files\trend micro 2015-12-22 19:59:39 -------- d-----w- C:\Program Files\Synaptics ======= C:\PROGRA~2 ===== 2016-01-14 10:06:10 -------- d-----w- C:\PROGRA~2\Secunia 2016-01-13 19:34:08 -------- d-----w- C:\PROGRA~2\COMMON~1\PostureAgent 2016-01-13 19:32:31 -------- d-----w- C:\PROGRA~2\COMMON~1\Intel Corporation 2016-01-13 19:30:53 -------- d-----w- C:\PROGRA~2\Mozilla Thunderbird 2015-12-30 15:13:15 -------- d-----w- C:\PROGRA~2\FrostWire 6 2015-12-23 18:49:39 -------- d-----w- C:\PROGRA~2\COMMON~1\IObit 2015-12-22 19:50:39 -------- d-----w- C:\PROGRA~2\IObit ======= C: ===== 2016-01-18 12:12:12 80426F17A7AE98A301AB65E5691E8FE7 13040 ------w- C:\bootsqm.dat ====== C:\Users\rwest\AppData\Roaming ====== 2016-01-18 12:29:53 3E29273787452B749ED9D4F3172FEF82 1092552 ----a-w- C:\windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2016-01-17 10:55:43 -------- d-----w- C:\Users\rwest\AppData\Local\Temp 2016-01-13 19:53:14 407AAB8C27CF7081EECE071C90A65B83 17 ----a-w- C:\Users\rwest\AppData\Local\resmon.resmoncfg 2016-01-12 14:28:36 -------- d-s---w- C:\windows\serviceprofiles\networkservice\AppData\LocalLow 2016-01-10 13:49:05 -------- d-----w- C:\Users\rwest\AppData\Local\ElevatedDiagnostics 2015-12-30 15:13:22 -------- d-----w- C:\Users\rwest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6 2015-12-24 18:44:20 -------- d-----w- C:\Users\rwest\AppData\Local\Avira 2015-12-24 18:38:41 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Local\AviraSpeedup 2015-12-24 18:23:20 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Local\Programs ====== C:\Users\rwest ====== 2016-01-16 15:06:14 -------- d-----w- C:\windows\serviceprofiles\Localservice\winhttp 2016-01-15 17:29:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect 2016-01-15 17:29:05 172ED33198484DF87FA015B695EAAD80 2873112 ----a-w- C:\Users\rwest\Downloads\herdProtectScan_Setup.exe 2016-01-15 15:32:48 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (5).exe 2016-01-15 15:30:05 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (4).exe 2016-01-15 15:25:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (3).exe 2016-01-15 15:25:27 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (2).exe 2016-01-15 15:22:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (1).exe 2016-01-15 15:22:44 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64.exe 2016-01-14 18:04:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus 2016-01-14 18:02:34 0702B10B7CBA017EC375ECF61C62FC57 66586256 ----a-w- C:\Users\rwest\Downloads\FREEAV.exe 2016-01-14 10:05:40 74E9B5DEE99CF751FEE42D5B053FBD54 4010016 ----a-w- C:\Users\rwest\Downloads\PSISetup.exe 2016-01-13 19:32:17 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2016-01-06 18:06:21 4F4C89A4CB916B888DCDD38A07C1FF5E 908025 ----a-w- C:\Users\rwest\FlvPlayerSetup.zip 2015-12-30 18:03:05 -------- d-----w- C:\ProgramData\mquadr.at 2015-12-30 15:13:25 -------- d-----w- C:\Users\rwest\.frostwire5 2015-12-27 10:37:26 -------- d-----w- C:\Users\rwest\.swt 2015-12-27 10:36:00 -------- d-----w- C:\Users\rwest\.oracle_jre_usage 2015-12-24 18:19:03 -------- d-----w- C:\ProgramData\Avira 2015-12-23 18:49:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2015-12-23 18:49:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 2015-12-23 18:48:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4 2015-12-22 19:50:42 -------- d-----w- C:\ProgramData\IObit 2015-12-22 19:50:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 ====== C: exe-files == 2016-01-18 12:25:45 1BFB6914B4C94F025671CFAA3C70146B 173760 ----a-w- C:\$WINDOWS.~BT\Sources\setupplatform.exe 2016-01-18 12:25:43 1BFB6914B4C94F025671CFAA3C70146B 173760 ----a-w- C:\$WINDOWS.~BT\DUDownload\Setup\setupplatform.exe 2016-01-18 12:25:26 BF99EBCE70D6BFB6D4A2443FBB477E8D 826872 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-01-16 16:19:59 A2992CFFEFE05E5B1C9BA47E7B44C3E2 2420736 ----a-w- C:\Users\rwest\AppData\Local\Packages\Microsoft.WindowsFeedback_cw5n1h2txyewy\AC\Microsoft\CLR_v4.0\NativeImages\FeedbackApp.Windows\95697477f9faa9fa9339c23fbb99b6b3\FeedbackApp.Windows.ni.exe 2016-01-15 17:29:24 B1E24567B8DDA073CFA1D28397C3ECBE 176452 ----a-w- C:\Program Files\Reason\herdProtect\Scanner\Uninstall.exe 2016-01-15 17:29:05 172ED33198484DF87FA015B695EAAD80 2873112 ----a-w- C:\Users\rwest\Downloads\herdProtectScan_Setup.exe 2016-01-15 15:32:48 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (5).exe 2016-01-15 15:30:52 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\rwest.exe 2016-01-15 15:30:05 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (4).exe 2016-01-15 15:25:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (3).exe 2016-01-15 15:25:27 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (2).exe 2016-01-15 15:22:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (1).exe 2016-01-15 15:22:44 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64.exe 2016-01-15 13:26:00 72697B93E08FC7F425611F2D38F340CF 2776656 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\47.0.2526.111\47.0.2526.111_47.0.2526.106_chrome_updater_3stage.exe 2016-01-14 18:02:34 0702B10B7CBA017EC375ECF61C62FC57 66586256 ----a-w- C:\Users\rwest\Downloads\FREEAV.exe 2016-01-14 10:06:11 07F32A101C2481DD249E5987748EBD49 534635 ----a-w- C:\Program Files (x86)\Secunia\PSI\Uninstall.exe 2016-01-14 10:05:40 74E9B5DEE99CF751FEE42D5B053FBD54 4010016 ----a-w- C:\Users\rwest\Downloads\PSISetup.exe 2016-01-13 19:37:29 4DE599F49C7862C9691EE7843E216F4C 143671360 ----a-w- C:\Windows\System32\MRT.exe 2016-01-13 19:36:37 A1BA6442DD696A243B75DD3163DF0319 858840 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{A5107464-AA9B-4177-8129-5FF2F42DD322}\_SETUP.EXE 2016-01-13 19:36:37 451E548B8B98D123F709D805A45E1B1C 35432 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{A5107464-AA9B-4177-8129-5FF2F42DD322}\Install.exe 2016-01-13 19:36:03 F5F53991CD2F3159BD72682BE2077B1E 81920 ----a-w- C:\Program Files (x86)\Realtek\PCIE Wireless LAN\Driver\devcon.exe 2016-01-13 19:36:03 EC9F6EAC8F703ED441567CD0D0973069 22744 ----a-w- C:\Program Files (x86)\Realtek\PCIE Wireless LAN\Driver\DIFxCmdx64.exe 2016-01-13 19:36:03 A778034CB8A20574F693AB5E192F81EF 97496 ----a-w- C:\Program Files (x86)\Realtek\PCIE Wireless LAN\Driver\InstallDriver.exe 2016-01-13 19:36:03 610DC683E9C9E77E074800582E00667C 84480 ----a-w- C:\Program Files (x86)\Realtek\PCIE Wireless LAN\Driver\SetDrv64.exe 2016-01-13 19:36:03 0F8E4F63C47BBD92E52DA0F5C3177A02 91136 ----a-w- C:\Program Files (x86)\Realtek\PCIE Wireless LAN\Driver\SetVistaDrv64.exe 2016-01-13 19:36:02 EDD400CC92C6D43F98D3D3AFC97C2559 451072 ----a-w- C:\Windows\SysWOW64\ISSRemoveSP.exe 2016-01-13 19:36:02 A1BA6442DD696A243B75DD3163DF0319 858840 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{A5107464-AA9B-4177-8129-5FF2F42DD322}\setup.exe 2016-01-13 19:34:25 A1BA6442DD696A243B75DD3163DF0319 858840 ----a-w- C:\SWSETUP\sp74139\Setup.exe 2016-01-13 19:34:24 959BD375733314B94EE209509CF6D2B0 121344 ----a-w- C:\SWSETUP\sp74139\Install.exe 2016-01-13 19:33:59 C0CB877A4AB9288378DB97B1E6108319 4866048 ----a-w- C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe 2016-01-13 19:33:47 0B10F0B622395F7ADA34EE1A7BA6EC01 66578720 ----a-w- C:\SWSETUP\sp74353\SetupME.exe 2016-01-13 19:32:22 0081B7218730845719F0AB920A33559D 1224192 ----a-w- C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe 2016-01-13 19:32:10 B02DBB994920FF3CC41605DE90789DBC 13952616 ----a-w- C:\SWSETUP\sp74347\SetupRST.exe 2016-01-13 19:30:59 D6741A1460B29110238F46A00575E0A7 22984 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\WSEnable.exe 2016-01-13 19:30:59 1C9C6AE812F6130FE752F2531813BBB6 288200 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\crashreporter.exe 2016-01-13 19:30:58 D2757353D0B370FCC49D4CEA5E9D0740 146888 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice.exe 2016-01-13 19:30:58 5E82082349104C5ABBAF9DA24C384D2B 170368 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice_installer.exe 2016-01-13 19:30:56 FE4B4BE949269D324975A003CFB43551 955584 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe 2016-01-13 19:30:56 DB67271F2F0CF35A8F70AF28DC25E874 304072 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\updater.exe 2016-01-13 19:30:56 AB66522A7C069CD609CD12E0B63D6CDF 276936 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\plugin-container.exe 2016-01-13 19:30:56 59A082F20B26C3BBF81EDACC1E7A0F81 490952 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe 2016-01-13 19:28:52 98986780B8D494326D28DCAB6D601450 154624 ----a-w- C:\Windows\System32\dmcertinst.exe 2016-01-13 19:28:52 7143FF944C20AB5C6D4485A0469F2797 115712 ----a-w- C:\Windows\System32\MbaeParserTask.exe 2016-01-13 19:28:47 551C41C9508BF7117A56FC429D5B6534 8022368 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-01-13 19:28:47 0A2D0D9A0329B9C46F5D793DB51A15C7 1234944 ----a-w- C:\Windows\System32\aitstatic.exe 2016-01-13 19:28:44 DA32F9BFA7851AD4247353EA03755DE6 578560 ----a-w- C:\Windows\System32\winlogon.exe 2016-01-13 19:28:35 068EF19C06EB3050FA121DED6655B745 7454048 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 2016-01-13 19:28:34 83BE96BDA80FE46452E8DAC8A7BEDBA0 6264688 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 2016-01-13 19:28:32 1A8D80F2EA3133AD8DAF64DA25B4B17B 168288 ----a-w- C:\Windows\System32\NetworkUXBroker.exe 2016-01-13 19:28:22 948BD4AC1C7C572312048A284D6C9A7F 562688 ----a-w- C:\Windows\System32\Speech\SpeechUX\SpeechUXWiz.exe 2016-01-13 19:28:15 5275394FE00E85B13DC535C67961DFEB 1907536 ----a-w- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe 2016-01-13 19:28:10 9738D0610EAAD6CE104DFB81AFEDAFDE 786432 ----a-w- C:\Windows\SysWOW64\Magnify.exe 2016-01-13 19:28:10 65BCE1DC85A1023021D363E0CE4AB14C 845824 ----a-w- C:\Windows\System32\Magnify.exe 2016-01-13 19:28:07 E19833B3E69A5B829AB97D5CBD3BF356 1876832 ----a-w- C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe 2016-01-13 19:28:06 4F5230393F48421846F1EEC44F98148B 539728 ----a-w- C:\Windows\SysWOW64\fontdrvhost.exe 2016-01-13 19:28:04 37B5ECB8C390D9FD5A5BB2FFB7294B9E 553808 ----a-w- C:\Windows\System32\SettingSyncHost.exe 2016-01-13 19:28:04 258A4F9A2C91C6C6E36775CDCCB4AFE1 441168 ----a-w- C:\Windows\SysWOW64\SettingSyncHost.exe 2016-01-13 19:28:03 74C965E6A46F070196BDBC1CBD7DB8F8 607408 ----a-w- C:\Windows\System32\fontdrvhost.exe 2016-01-13 19:27:58 9AA440F8F580C573D0F2732DA6ECB87A 207872 ----a-w- C:\Windows\SysWOW64\notepad.exe 2016-01-13 19:27:58 986BC1A9E29A9E35C1D10D874616ACBB 215040 ----a-w- C:\Windows\System32\notepad.exe 2016-01-13 19:27:58 986BC1A9E29A9E35C1D10D874616ACBB 215040 ----a-w- C:\Windows\notepad.exe 2016-01-13 19:27:58 9853C2A9EF7FBC341C65EF89908CA052 482816 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe 2016-01-13 19:27:57 334206DD8DA94B0AEBC46A3196888031 83968 ----a-w- C:\Windows\System32\DeviceEnroller.exe 2016-01-13 19:27:54 B1FBE5BF56C400AEDE037A2FCE3186B5 220160 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe 2016-01-13 19:27:54 55C29E89E33C6B7B5F0A22D46130C10C 624480 ----a-w- C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe 2016-01-13 19:27:54 11648E08564ECFC6CB435990261F1A34 1123400 ----a-w- C:\Windows\System32\winload.exe 2016-01-13 19:27:54 11648E08564ECFC6CB435990261F1A34 1123400 ----a-w- C:\Windows\System32\Boot\winload.exe 2016-01-13 19:27:53 90B9FDEB80471212F08D996A1C4FFBD6 143360 ----a-w- C:\Windows\System32\oobe\windeploy.exe 2016-01-13 19:27:51 E1DB432B3147F70BF684846439ADE38B 136192 ----a-w- C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe 2016-01-13 19:27:51 B02EA3A2E6BEDAB9C954AAC6BD887874 292856 ----a-w- C:\Windows\System32\LockAppHost.exe 2016-01-13 19:27:51 62CFDB1741D700E2292242B50F1EC1A9 168960 ----a-w- C:\Windows\System32\InstallAgent.exe 2016-01-13 19:27:50 C5890CAD6482B12ECA19E680B779560F 858408 ----a-w- C:\Windows\System32\winresume.exe 2016-01-13 19:27:50 C5890CAD6482B12ECA19E680B779560F 858408 ----a-w- C:\Windows\System32\Boot\winresume.exe 2016-01-13 19:27:48 B8401703E619E7BD7B5A659306A9BFE6 84480 ----a-w- C:\Windows\System32\MDMAppInstaller.exe 2016-01-13 19:27:48 AC9DBC3DCA6F57839B8056D6B6835CB3 780640 ----a-w- C:\Windows\Boot\PCAT\memtest.exe 2016-01-13 19:27:48 A1EFFF8EA50BE57AC38264541F1B88FD 801632 ----a-w- C:\Windows\System32\WWAHost.exe 2016-01-13 19:27:48 51DDB23BEB935F57C49166DCFEE10206 243800 ----a-w- C:\Windows\SysWOW64\LockAppHost.exe 2016-01-13 19:27:48 227EDE423D40B3BC2B1A0FC99225DF76 67072 ----a-w- C:\Windows\System32\oobe\oobeldr.exe 2016-01-13 19:27:46 F777FE6BA9C62A4D90BC7017C8FED35F 336384 ----a-w- C:\Windows\System32\SearchProtocolHost.exe 2016-01-13 19:27:46 981229E718319A9A01F7E740A8D855FD 700256 ----a-w- C:\Windows\SysWOW64\WWAHost.exe 2016-01-13 19:27:45 0D75CBD29B38A8D9361033A6884848AF 25280 ----a-w- C:\Windows\System32\CompatTelRunner.exe 2016-01-13 19:27:44 D61C3ED7C5F0D1B5BD9B351FEC381D57 120832 ----a-w- C:\Windows\System32\omadmclient.exe 2016-01-13 19:27:44 7A271F804E4A779646E972BEF9A16CFE 384280 ----a-w- C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe 2016-01-13 19:27:43 EBD5F0FDD3EBB6EE6F6EE524206AD0AE 26624 ----a-w- C:\Windows\System32\LicenseManagerShellext.exe 2016-01-13 19:27:43 B048B365333B4DA075512D67A88AE393 815808 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2016-01-13 19:27:43 96520EEF483B102EFD98B6B246B0EE1D 818880 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2016-01-13 19:27:43 951D71B5D602745997A6DCBA33FC5358 280576 ----a-w- C:\Windows\SysWOW64\SearchProtocolHost.exe 2016-01-13 19:27:43 15ADC9E2333D852C4AADC9388E3E5A40 298864 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe 2016-01-13 19:27:42 D2EAEC106F183572317AF7D68E381063 4532304 ----a-w- C:\Windows\explorer.exe 2016-01-13 19:27:42 4EEB94F7E1ABAB5503EEFEA7F2394370 4047288 ----a-w- C:\Windows\SysWOW64\explorer.exe 2016-01-13 19:27:42 235F302C638D2460B005FD103BCA26E8 101376 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe 2016-01-13 19:27:42 124DC4FC14EEA95B8E05F139A57D5B91 553472 ----a-w- C:\Windows\System32\GamePanel.exe 2016-01-13 19:27:42 116A528112CDE77F28D4C8C9CE210C52 21216 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe 2016-01-13 19:27:42 011A8CA5E2B3399EB0D893587B830C6B 420352 ----a-w- C:\Windows\SysWOW64\GamePanel.exe 2016-01-13 19:27:41 3C10245633B2D8AF20A25AF517E8CD06 170496 ----a-w- C:\Windows\System32\oobe\msoobe.exe 2016-01-12 14:29:48 6FB144600FAE112D455DC5792091B42A 301728 ------w- C:\Windows\System32\MpSigStub.exe === C: other files == 2016-01-18 12:30:45 5C5A797761421CF9B72087F3BC8A5259 180 ----a-w- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-01-18 12:30:32 F803473CD0E5D36D02EB58109F1294CD 62080 ----a-w- C:\Windows\System32\drivers\PSKMAD.sys 2016-01-18 11:35:05 2755616FF1057342FCA260E15B8DE42C 2031 ----a-w- C:\Users\rwest\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\1UXB9NMS\manifest[1].zip 2016-01-17 10:59:51 2755616FF1057342FCA260E15B8DE42C 2031 ----a-w- C:\Users\rwest\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\RB88Z9H2\manifest[1].zip 2016-01-14 18:05:07 E4D444FAE0175BE2786B5A178F5A6CC0 181 ----a-w- C:\ProgramData\panda_url_filtering\white.zip 2016-01-14 18:04:33 AA0BA747EC0431EB104BB2FF6440DD66 173488 -c--a-w- C:\Windows\System32\DRVSTORE\PSINAflt_E7E640259B97C5B460233DB11F626733FFD123AA\PSINAflt.sys 2016-01-14 18:04:33 AA0BA747EC0431EB104BB2FF6440DD66 173488 ----a-w- C:\Windows\System32\drivers\PSINAflt.sys 2016-01-14 18:04:33 65A7D90A0C1E8B972CB0C99A4C8DB6B1 146352 -c--a-w- C:\Windows\System32\DRVSTORE\PSINProt_93806A536B2BE2612121BE3E72C44D4A682A12FA\PSINProt.sys 2016-01-14 18:04:33 65A7D90A0C1E8B972CB0C99A4C8DB6B1 146352 ----a-w- C:\Windows\System32\drivers\PSINProt.sys 2016-01-14 18:04:32 868F4F576974830118E1DDBF129511E2 117168 -c--a-w- C:\Windows\System32\DRVSTORE\PSINReg_C8D45695AEFE7D1A3DBD003F3F3CCAA1C1D92E46\PSINReg.sys 2016-01-14 18:04:32 868F4F576974830118E1DDBF129511E2 117168 ----a-w- C:\Windows\System32\drivers\PSINReg.sys 2016-01-14 18:04:26 D8B1D430406F95B761D67C4AD1914D8F 133552 -c--a-w- C:\Windows\System32\DRVSTORE\PSINProc_89D4BCB26E728A39985C5773D2D4652877A2DC68\PSINProc.sys 2016-01-14 18:04:26 D8B1D430406F95B761D67C4AD1914D8F 133552 ----a-w- C:\Windows\System32\drivers\PSINProc.sys 2016-01-14 18:04:25 EA50EC24E63CB1011AB6D47A80804478 129456 -c--a-w- C:\Windows\System32\DRVSTORE\PSINFile_9099732A843E678E5E00379731AC8036CB1FE545\PSINFile.sys 2016-01-14 18:04:25 EA50EC24E63CB1011AB6D47A80804478 129456 ----a-w- C:\Windows\System32\drivers\PSINFile.sys 2016-01-14 18:04:25 C62E122E2D40C403CA1C7D2382319C1E 207280 -c--a-w- C:\Windows\System32\DRVSTORE\PSINKnc_4D8021F88C4479C8D198FAB698274C07099AE947\PSINKNC.sys 2016-01-14 18:04:25 C62E122E2D40C403CA1C7D2382319C1E 207280 ----a-w- C:\Windows\System32\drivers\PSINKNC.sys 2016-01-14 10:38:56 A68FA98D372371C9B0329C425F9789ED 1891 ----a-w- C:\Users\rwest\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\JOSVPSID\manifest[1].zip 2016-01-13 19:58:57 1909713BDAD7D5BF868FDF2F8283FFD3 33960 ----a-w- C:\Windows\System32\drivers\Smb_driver_Intel.sys 2016-01-13 19:36:15 EC6CED4AC409376319E06DDEC8D0D260 4620504 ----a-w- C:\Windows\System32\drivers\rtwlane.sys 2016-01-13 19:36:15 EC6CED4AC409376319E06DDEC8D0D260 4620504 ----a-w- C:\Program Files (x86)\Realtek\PCIE Wireless LAN\Driver\rtwlane.sys 2016-01-13 19:34:25 EC6CED4AC409376319E06DDEC8D0D260 4620504 ----a-w- C:\SWSETUP\sp74139\RTWLANE_Driver\Win10X64\rtwlane.sys 2016-01-13 19:34:25 E4A1BB5E0E3B7886B529F920223470CF 3825880 ----a-w- C:\SWSETUP\sp74139\RTWLANE_Driver\Win10X86\rtwlane.sys 2016-01-13 19:34:25 D8A6E29D7A86FCE146DD35717536E4F3 3725528 ----a-w- C:\SWSETUP\sp74139\RTWLANE_Driver\Wind7X86\rtwlane.sys 2016-01-13 19:34:25 98266DB3A690CF104935C5485CB40901 4471000 ----a-w- C:\SWSETUP\sp74139\RTWLANE_Driver\Win81X64\rtwlane.sys 2016-01-13 19:34:25 62BB04AB0A9A5A658E5F99AA80D0FBAC 3708120 ----a-w- C:\SWSETUP\sp74139\RTWLANE_Driver\Win81X86\rtwlane.sys 2016-01-13 19:34:25 3D6C59523A502DAB9DD0AE11EA0E46B4 4471000 ----a-w- C:\SWSETUP\sp74139\RTWLANE_Driver\Wind7X64\rtwlane.sys 2016-01-13 19:33:47 FB4FD57CB9A6424C91D041844ADA059E 185600 ----a-w- C:\SWSETUP\sp74353\inf\x64\TEEDriverW8x64.sys 2016-01-13 19:33:47 E371FC5C4E76CE5313E68398F7950FB8 64512 ----a-w- C:\SWSETUP\sp74353\inf\x64\HECIx64.sys 2016-01-13 19:33:47 D82D6EA098C4448A964ACB14B3728786 180480 ----a-w- C:\SWSETUP\sp74353\inf\x64\TEEDriverx64.sys 2016-01-13 19:33:47 CDEF8FBD288A57CFB93F2D883C1454DD 156416 ----a-w- C:\SWSETUP\sp74353\inf\x86\TEEDriver.sys 2016-01-13 19:33:47 C029F510E471CDA98932DCA38673B957 163072 ----a-w- C:\SWSETUP\sp74353\inf\x86\TEEDriverW8.sys 2016-01-13 19:33:47 6FAB8EE0457E9795D93B91405766E674 56320 ----a-w- C:\SWSETUP\sp74353\inf\x86\HECI.sys 2016-01-13 19:28:53 9B2039C5673EEBF1D4E34ABC0AFB88C7 685568 ----a-w- C:\Windows\System32\drivers\WdiWiFi.sys 2016-01-13 19:28:52 C67A03F54A1EA683F4880A481EE5FF6C 373072 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS 2016-01-13 19:28:52 7BF844D362EB746BC7A6DC3F57FA3E32 8192 ----a-w- C:\Windows\System32\drivers\gpuenergydrv.sys 2016-01-13 19:28:52 70469C8AC4AD367295E70CFDD81B754C 99664 ----a-w- C:\Windows\System32\drivers\pdc.sys 2016-01-13 19:28:52 321A2022926841273CD8D6B9BFE68D05 1383424 ----a-w- C:\Windows\System32\win32kbase.sys 2016-01-13 19:28:51 D42AC03ACF9CA67693D1D9BB4D2A0BC8 116064 ----a-w- C:\Windows\System32\drivers\tdx.sys 2016-01-13 19:28:51 AE7B7E1E95BFB9340B1956C98CA52C81 80720 ----a-w- C:\Windows\System32\drivers\stornvme.sys 2016-01-13 19:28:51 A3D96563BF46FC8A0E5756B796127D14 577888 ----a-w- C:\Windows\System32\drivers\afd.sys 2016-01-13 19:28:51 91756EE69E63D66F77E3B791D33F7078 459104 ----a-w- C:\Windows\System32\drivers\netio.sys 2016-01-13 19:28:51 89C9C3745F270EF93988DA57BC6AA62B 1983824 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2016-01-13 19:28:51 7C3DDCB6F927AFC5569A8CC584F5B5F3 147968 ----a-w- C:\Windows\System32\drivers\rmcast.sys 2016-01-13 19:28:51 7680537006A420D7488E5057A8149F86 442208 ----a-w- C:\Windows\System32\drivers\storport.sys 2016-01-13 19:28:51 1434CA8A224655AD096D57DB24D3AA85 406864 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2016-01-13 19:28:50 FA5C94FB36625787063D04CF2F24E890 320000 ----a-w- C:\Windows\System32\drivers\portcls.sys 2016-01-13 19:28:50 DAF957B25A35757E9D814611FAE8FE3B 237392 ----a-w- C:\Windows\System32\drivers\rdyboost.sys 2016-01-13 19:28:50 4D3F2E7C2F83DFAF19F8060E1FD6C5A8 3588096 ----a-w- C:\Windows\System32\win32kfull.sys 2016-01-13 19:28:50 27E248CD861AFED4DF0C48F4C853E7F0 80896 ----a-w- C:\Windows\System32\drivers\hdaudbus.sys 2016-01-13 19:28:50 1BDA1FD02783566F0B20EB0E2517F85C 516448 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS 2016-01-13 19:28:48 854AF190F55E6D70EC65A85798F896E2 36352 ----a-w- C:\Windows\System32\drivers\buttonconverter.sys 2016-01-13 19:28:48 7EBD20284AC9BF9F0A020B86769BB074 2432336 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2016-01-13 19:28:10 927AD29D7F91B9A0C5294932374DA15E 894256 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2016-01-13 19:28:04 FDB239DBE2A14B572D21ABCEDC7BB5D0 505696 ----a-w- C:\Windows\System32\drivers\dxgmms2.sys 2016-01-13 19:28:04 B6A33DCEBE437F909615E89BA5FB1385 395088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2016-01-13 19:27:59 BA8DC96D1DD7785EB0589CB1777208B7 2115936 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2016-01-13 19:27:59 5A1C6AFFF6946C5C21A27AE05084C0D1 332624 ----a-w- C:\Windows\System32\drivers\fastfat.sys 2016-01-13 19:27:57 004C66464D8FE76D5DA78BE6777D61AF 278352 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2016-01-13 19:27:55 78CA1FF6FE37EEFAFF99DD1C956AF60A 200528 ----a-w- C:\Windows\System32\drivers\wof.sys 2016-01-13 19:27:51 0A368247A900656CC0678117DFC3A87C 498016 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2016-01-13 19:27:50 D5EC9413527B286CFEEB0294C53ABB95 102752 ----a-w- C:\Windows\System32\drivers\mountmgr.sys 2016-01-13 19:27:48 388F2A3C771B8BEE76FD1AAF9614D08E 52264 ----a-w- C:\Windows\System32\drivers\wpcfltr.sys 2016-01-13 19:27:46 988588C16A53C2581488C15FF18934BF 46432 ----a-w- C:\Windows\System32\drivers\msgpiowin32.sys 2016-01-13 19:27:44 CFCCF9F67EECBA6BFE4E880D9BE70CBB 22528 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2016-01-13 19:27:43 616F40B897DA651221F86A1741E9609B 1168736 ----a-w- C:\Windows\System32\drivers\ndis.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-1120304455-756585421-3900323258-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\rwest\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Google Update"="C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe /c" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "PSUAMain"="C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\rwest\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Google Update"="C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe /c" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" ==== Task Scheduler Jobs ====================== C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15-12-2015 16:18] C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15-12-2015 16:18] C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1120304455-756585421-3900323258-1001Core.job --a-------- C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe [16-12-2015 16:34] C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1120304455-756585421-3900323258-1001UA.job --a-------- C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe [16-12-2015 16:34] C:\windows\tasks\HPCeeScheduleForrwest.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [16-06-2015 17:51] C:\windows\tasks\Uninstaller_SkipUac_rwest.job --a-------- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [23-11-2015 17:21] ==== Other Scheduled Tasks ====================== "C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\windows\SysNative\tasks\Driver Booster Scheduler" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe] "C:\windows\SysNative\tasks\Driver Booster SkipUAC (rwest)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1120304455-756585421-3900323258-1001Core" [C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1120304455-756585421-3900323258-1001UA" [C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\HPCeeScheduleForrwest" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\windows\SysNative\tasks\HPCustParticipation HP Deskjet 2540 series" ["C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe"] "C:\windows\SysNative\tasks\HPGenoobeReminder" ["C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe"] "C:\windows\SysNative\tasks\SmartDefrag4_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe] "C:\windows\SysNative\tasks\SmartDefrag4_Update" [C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe] "C:\windows\SysNative\tasks\Uninstaller_SkipUac_rwest" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\windows\SysNative\tasks\User_Feed_Synchronization-{7334E546-62F4-46A6-B6BC-0E45082C2EF4}" [C:\windows\system32\msfeedssync.exe] "C:\windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" ["C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe"] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\First Boot" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\rwest\AppData\Roaming\Thunderbird\Profiles\hkn9ij3i.default - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions flliilndjeohchalpbbcdekjklbdgfkk - No path found[] ipmkfpcnmccejididiaagpgchgjfajgp - No path found[] Avira Browser Safety - rwest\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk Chrome Web Store Payments - rwest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\rwest\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully C:\Users\rwest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_flliilndjeohchalpbbcdekjklbdgfkk_0.localstorage deleted successfully C:\Users\rwest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_flliilndjeohchalpbbcdekjklbdgfkk_0.localstorage-journal deleted successfully C:\Users\rwest\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://startpagina.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://startpagina.nl/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray O4 - HKCU\..\Run: [OneDrive] "C:\Users\rwest\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - Unknown owner - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - Unknown owner - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\windows\System32\SensorDataService.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\rwest\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\rwest\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\rwest\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\rwest\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\rwest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1489 folders=232 232967635 bytes) ==== Empty Temp Folders ====================== C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\rwest\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\IObit\Advanced SystemCare" not found "C:\Program Files (x86)\IObit\LiveUpdate" not found ==== EOF on ma 18-01-2016 at 16:28:11,22 ======================