Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by rwest on di 19-01-2016 at 11:47:34,09. Microsoft Windows 10 Home 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\rwest\Downloads\zoek (7).exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-01-16-154525.log 110963 bytes C:\zoek-results2016-01-17-110205.log 109672 bytes C:\zoek-results2016-01-18-152811.log 111432 bytes ==== Empty Folders Check ====================== C:\Users\rwest\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Secunia\PSI\PSIA.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Secunia\PSI\sua.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\rwest\Downloads\zoek (7).exe C:\windows\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\IObit\Advanced SystemCare not found C:\Program Files (x86)\IObit\LiveUpdate not found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare deleted C:\PROGRA~3\ProductData deleted ==== Folders Found ====================== 2015-12-24 18:19:03 2016-01-14 17:35:52 -------- d-----w- C:\ProgramData\Avira 2015-12-24 18:19:03 2016-01-14 17:35:52 -------- d-----w- C:\Users\All Users\Avira 2015-12-24 18:44:20 2015-12-24 18:44:20 -------- d-----w- C:\Users\rwest\AppData\Local\Avira 2015-12-24 18:38:41 2015-12-24 18:38:41 -------- d-----w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\AviraSpeedup 2016-01-16 15:39:59 2016-01-16 15:40:00 -------- d---a-w- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_abs@avira.com 2016-01-16 15:40:00 2016-01-16 15:40:01 -------- d---a-w- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_safesearchplus2@avira.com ==== Files Found ====================== --- C:\ProgramData\Avira\SystemSpeedup\Logs\Avira.SystemSpeedup.UI.Systray.00.log --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 954 Created time: 2015-12-24 18:43:40 Modified time: 2015-12-24 18:50:58 MD5: A38F056ADE9DB7497464D93C00AA04B0 SHA1: 4382C12B419FFF3F2AE4DEE9B5DAEB87FCB2B0EB --- C:\ProgramData\Avira\SystemSpeedup\Logs\Avira.SystemSpeedup.UI.Systray.02.log --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 417 Created time: 2015-12-24 18:23:58 Modified time: 2015-12-24 18:24:10 MD5: 9EBCB81BAB9C876874AC160B4562F2B5 SHA1: 957169B4C914B74251BE0E24056DA3CAF44C98DA --- C:\ProgramData\Avira\SystemSpeedup\Logs\Avira_System_Speedup.00.log --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 530 Created time: 2015-12-24 18:50:20 Modified time: 2015-12-24 18:50:29 MD5: FF8C593DE43BE3165417989C63B0DBB3 SHA1: 5980DB255504D976D9CA2CDC86CAE9424432DF31 --- C:\ProgramData\Avira\SystemSpeedup\Logs\Avira_System_Speedup.01.log --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 529 Created time: 2015-12-24 18:45:40 Modified time: 2015-12-24 18:49:57 MD5: 44CE2885CE55B359F5DB6ACB1DD7DC81 SHA1: 3FB3D53EA656F51429A6B447B5A3685AF8F4A5BA --- C:\Users\All Users\Avira\SystemSpeedup\Logs\Avira.SystemSpeedup.UI.Systray.00.log --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 954 Created time: 2015-12-24 18:43:40 Modified time: 2015-12-24 18:50:58 MD5: A38F056ADE9DB7497464D93C00AA04B0 SHA1: 4382C12B419FFF3F2AE4DEE9B5DAEB87FCB2B0EB --- C:\Users\All Users\Avira\SystemSpeedup\Logs\Avira.SystemSpeedup.UI.Systray.02.log --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 417 Created time: 2015-12-24 18:23:58 Modified time: 2015-12-24 18:24:10 MD5: 9EBCB81BAB9C876874AC160B4562F2B5 SHA1: 957169B4C914B74251BE0E24056DA3CAF44C98DA --- C:\Users\All Users\Avira\SystemSpeedup\Logs\Avira_System_Speedup.00.log --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 530 Created time: 2015-12-24 18:50:20 Modified time: 2015-12-24 18:50:29 MD5: FF8C593DE43BE3165417989C63B0DBB3 SHA1: 5980DB255504D976D9CA2CDC86CAE9424432DF31 --- C:\Users\All Users\Avira\SystemSpeedup\Logs\Avira_System_Speedup.01.log --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 529 Created time: 2015-12-24 18:45:40 Modified time: 2015-12-24 18:49:57 MD5: 44CE2885CE55B359F5DB6ACB1DD7DC81 SHA1: 3FB3D53EA656F51429A6B447B5A3685AF8F4A5BA --- C:\Users\rwest\AppData\Roaming\IObit\IObit Uninstaller\Log\Avira Antivirus.history --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 624 Created time: 2016-01-14 17:35:55 Modified time: 2016-01-14 17:35:55 MD5: 77D117AA454198B38DD40A7DF5957649 SHA1: E3830425A0A88EF5B3026952D9E7ACA5D2143E91 --- C:\Users\rwest\AppData\Roaming\IObit\IObit Uninstaller\Log\Avira Launcher.history --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 622 Created time: 2015-12-26 10:33:07 Modified time: 2015-12-26 10:33:07 MD5: ED8BE493DFEEADD794F734A4CF41A3DC SHA1: 415B36A8A8A6C7F9FF265D267331F53307FC003E --- C:\Users\rwest\AppData\Roaming\IObit\IObit Uninstaller\Log\Avira System Speedup.history --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1036 Created time: 2015-12-24 18:51:15 Modified time: 2015-12-24 18:51:15 MD5: 7E784ACCC098D0527A059F77845A6250 SHA1: CD3F91FB3486FF73E384A555DD3DBDF014EFE4BC --- C:\Users\rwest\Downloads\avira_nl_av_567c3700d566d__ws.exe --- Company: Avira Operations GmbH & Co. KG File Description: Avira Launcher File Version: 1.1.53.13962 Product Name: Avira Launcher Copyright: Copyright © 2015 Avira Operations GmbH & Co. KG and its Licensors Original Filename: Avira.OE.Setup.Bundle.exe File type: ----a-w- File size: 4638208 Created time: 2015-12-24 18:18:42 Modified time: 2015-12-24 18:18:57 MD5: FE865E3A80D88D34AA9997C8AEC31B1E SHA1: 532891954EBF10BAE7142CA4C2F40DD30761CBC5 --- C:\Windows\Prefetch\AVIRA.OE.SETUP.BUNDLE.EXE-10259A3B.pf --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 14466 Created time: 2015-12-26 10:32:48 Modified time: 2015-12-26 10:32:48 MD5: 2F679B4F4C8A3614D418F2520B16BE83 SHA1: E1B8DD0576AA1FBDD9C3913AF20FDFF98A905385 --- C:\zoek_backup\C_Users_rwest_AppData_Local_Google_Chrome_User Data_Default_Extensions_flliilndjeohchalpbbcdekjklbdgfkk\1.7.5_0\img\abs_avira_umbrella_white.svg --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1757 Created time: 2016-01-18 15:25:23 Modified time: 2016-01-14 12:51:22 MD5: D1A2DF87A809DEA421F2FA1F0B11BB73 SHA1: 3BE4D661C033394722FC0C7332D3C1E4B66E1503 --- C:\zoek_backup\C_Users_rwest_AppData_Local_Google_Chrome_User Data_Default_Extensions_flliilndjeohchalpbbcdekjklbdgfkk\1.7.5_0\img\avira_icon128.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 4674 Created time: 2016-01-18 15:25:23 Modified time: 2016-01-18 11:07:04 MD5: 6C538EEFB528F8CC41F7711B715552F5 SHA1: A1B8F0399D4A65DAE426BBCB628F978C1C203585 --- C:\zoek_backup\C_Users_rwest_AppData_Local_Google_Chrome_User Data_Default_Extensions_flliilndjeohchalpbbcdekjklbdgfkk\1.7.5_0\img\avira_icon16.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 545 Created time: 2016-01-18 15:25:23 Modified time: 2016-01-18 11:07:04 MD5: 7A9DD8AB450C0F37918CC8BAC16082C0 SHA1: 7E4D07ED70F32A0A4B1DC3465E171238D9B12D2D --- C:\zoek_backup\C_Users_rwest_AppData_Local_Google_Chrome_User Data_Default_Extensions_flliilndjeohchalpbbcdekjklbdgfkk\1.7.5_0\img\avira_icon24.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 857 Created time: 2016-01-18 15:25:23 Modified time: 2016-01-14 12:51:22 MD5: 3BB83ADF4CCD38A7762B341C08802686 SHA1: 2EECFFB05A27460668C86F12E5490BA0DC09B767 --- C:\zoek_backup\C_Users_rwest_AppData_Local_Google_Chrome_User Data_Default_Extensions_flliilndjeohchalpbbcdekjklbdgfkk\1.7.5_0\img\avira_icon32.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1922 Created time: 2016-01-18 15:25:23 Modified time: 2016-01-14 12:51:22 MD5: 0493D466B17ECF18FBA2976478B62E5A SHA1: 8568B236C193F8460919D37AD6CD3FF9D251BD55 --- C:\zoek_backup\C_Users_rwest_AppData_Local_Google_Chrome_User Data_Default_Extensions_flliilndjeohchalpbbcdekjklbdgfkk\1.7.5_0\img\avira_icon48.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1701 Created time: 2016-01-18 15:25:23 Modified time: 2016-01-18 11:07:04 MD5: 41823BDD58799097CC27CFE69ED10D2F SHA1: 043B700113C4F8376DF1FA7A3A9EDF5178A516C1 --- C:\zoek_backup\C_Users_rwest_AppData_Local_Google_Chrome_User Data_Default_Extensions_flliilndjeohchalpbbcdekjklbdgfkk\1.7.5_0\img\avira_logo.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1404 Created time: 2016-01-18 15:25:23 Modified time: 2016-01-18 11:07:04 MD5: 1EB740D0FE9DA113498D71A41737AD52 SHA1: 670B2967A0C2B83F09DA14F34C2D559857145848 --- C:\zoek_backup\C_Users_rwest_AppData_Local_Google_Chrome_User Data_Default_Extensions_flliilndjeohchalpbbcdekjklbdgfkk\1.7.5_0\img\avira_logo.svg --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1014 Created time: 2016-01-18 15:25:23 Modified time: 2016-01-14 12:51:22 MD5: C9238133E73B7C42EA5C05BB502B2B4C SHA1: AA8BD6526B8F895302F801DD037610B0DF94B043 --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_abs@avira.com\img\abs_avira_umbrella_white.svg --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1757 Created time: 2016-01-16 15:40:00 Modified time: 2015-12-14 14:36:34 MD5: D1A2DF87A809DEA421F2FA1F0B11BB73 SHA1: 3BE4D661C033394722FC0C7332D3C1E4B66E1503 --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_abs@avira.com\img\avira_icon128.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 4442 Created time: 2016-01-16 15:40:00 Modified time: 2015-12-14 14:36:36 MD5: A1A1F1921BECC79B74508A64654AD6C5 SHA1: C421DF83B2B30E010A63B4CCFDC9321A24297A07 --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_abs@avira.com\img\avira_icon16.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 601 Created time: 2016-01-16 15:40:00 Modified time: 2015-12-14 14:36:38 MD5: 865D261767EB0251D5C9F2B2F997A365 SHA1: 095229FD75FDE7B78799420C66BB45BAD8743AF4 --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_abs@avira.com\img\avira_icon24.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 857 Created time: 2016-01-16 15:40:00 Modified time: 2015-12-14 14:36:42 MD5: 3BB83ADF4CCD38A7762B341C08802686 SHA1: 2EECFFB05A27460668C86F12E5490BA0DC09B767 --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_abs@avira.com\img\avira_icon32.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1922 Created time: 2016-01-16 15:40:00 Modified time: 2015-12-14 14:36:42 MD5: 0493D466B17ECF18FBA2976478B62E5A SHA1: 8568B236C193F8460919D37AD6CD3FF9D251BD55 --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_abs@avira.com\img\avira_icon48.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1659 Created time: 2016-01-16 15:40:00 Modified time: 2015-12-14 14:36:42 MD5: 2911CA095E91B581E5BEA58233A65363 SHA1: 47CCD1FCA9736E52BF87235BE6E1C85B006D4925 --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_abs@avira.com\img\avira_logo.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1423 Created time: 2016-01-16 15:40:00 Modified time: 2015-12-14 14:36:42 MD5: ADAF25D72D2468FC83CA9FFE5D55819C SHA1: E3072919DD6159D8325AA4CB0F6DE5556B54D332 --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_abs@avira.com\img\avira_logo.svg --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1014 Created time: 2016-01-16 15:40:00 Modified time: 2015-12-14 14:36:42 MD5: C9238133E73B7C42EA5C05BB502B2B4C SHA1: AA8BD6526B8F895302F801DD037610B0DF94B043 --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_abs@avira.com\img\avira_logo32.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1280 Created time: 2016-01-16 15:40:00 Modified time: 2015-12-14 14:36:56 MD5: 69EE6C2D132E5A64C22CE1AE0ED77DDB SHA1: ADCE58F648AE99BE008ECDCA04C06A65499F7363 --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_safesearchplus2@avira.com\data\img\avira_biglogo.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 2735 Created time: 2016-01-16 15:40:01 Modified time: 2015-12-18 09:52:44 MD5: 1C28FBC0DA7A825BB50A282C07D76635 SHA1: 1C7B8581C6349140089FD4DEE023804B1A025C70 --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_safesearchplus2@avira.com\data\img\avira_search_icon128.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 4627 Created time: 2016-01-16 15:40:01 Modified time: 2015-12-18 09:52:44 MD5: FF7C66585F1E72CC076C7F3D52C5540E SHA1: 6FC69E0EFC29E949FFE7DCAACC7BE344B7F8A7B1 --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_safesearchplus2@avira.com\data\img\avira_search_icon16.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 663 Created time: 2016-01-16 15:40:01 Modified time: 2015-12-18 09:52:44 MD5: 30765DAC5728425CE6E7A5A498331153 SHA1: 4A86B45BD228F44DA860AB6EE61FA91907EA9CA4 --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_safesearchplus2@avira.com\data\img\avira_search_icon24.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1005 Created time: 2016-01-16 15:40:01 Modified time: 2015-12-18 09:52:44 MD5: 5EF3F9849A5B51CC2D249B3E284DC694 SHA1: 1CB585C8243AD35B990F43C53A8308426C7DEAF0 --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_safesearchplus2@avira.com\data\img\avira_search_icon32.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1290 Created time: 2016-01-16 15:40:01 Modified time: 2015-12-18 09:52:44 MD5: 357385F39162F844D96F3E51CE9B4244 SHA1: 89FD87A97451230D0F203F8238D0B14C6DE8033C --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_safesearchplus2@avira.com\data\img\avira_search_icon48.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1874 Created time: 2016-01-16 15:40:01 Modified time: 2015-12-18 09:52:44 MD5: 292A3561B71C9AFAA737E6483AA9FE23 SHA1: A29BFB5747CDB2CD7ACBC5F13F8D6FDFC1EF2160 --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_safesearchplus2@avira.com\data\img\avira_search_logo.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1538 Created time: 2016-01-16 15:40:01 Modified time: 2015-12-18 09:52:44 MD5: 759A2EA6BAA4849595CDE8F5EBE8613C SHA1: 0AC2062537A81B058ACFA63A7EEB555F8950799D --- C:\zoek_backup\C_Users_rwest_AppData_Roaming_Mozilla_Firefox_Profiles_TGm3pELa.default_extensions_safesearchplus2@avira.com\data\img\avira_search_logo.svg --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1636 Created time: 2016-01-16 15:40:01 Modified time: 2015-12-18 09:52:44 MD5: A4701409363A326D81A0BC8FBE00A466 SHA1: 22891BAA7857725058A680F176E4603C4A7B17E3 ==== Registry Search Results for "avira" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Avira] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\BootOptimizer] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\General] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\JunkCleaner] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\Power Profiles] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\Power Profiles\BatteryBoostMode] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\Power Profiles\TurboBoostMode] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\PrivacyCleaner] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\RegistryCleaner] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\Scanner] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\Avira Service Host] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\AviraSpeedupService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\Avira Service Host] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\AviraSpeedupService] [HKEY_USERS\.DEFAULT\Software\AviraSpeedup] [HKEY_USERS\.DEFAULT\Software\AviraSpeedup\AviraSpeedup] [HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "Avira.Systray.exe"=dword:00002af9 [HKEY_USERS\S-1-5-21-1120304455-756585421-3900323258-1001\SOFTWARE\AviraSpeedup] [HKEY_USERS\S-1-5-21-1120304455-756585421-3900323258-1001\SOFTWARE\AviraSpeedup\AviraSpeedup] [HKEY_USERS\S-1-5-21-1120304455-756585421-3900323258-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "Avira.Systray.exe"=dword:00002af9 [HKEY_USERS\S-1-5-21-1120304455-756585421-3900323258-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windifesavirale.com] [HKEY_USERS\S-1-5-18\Software\AviraSpeedup] [HKEY_USERS\S-1-5-18\Software\AviraSpeedup\AviraSpeedup] [HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "Avira.Systray.exe"=dword:00002af9 ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8119 MB CPU Info: Intel(R) Core(TM) i5-4460S CPU @ 2.90GHz CPU Speed: 2942,8 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller | Microsoft Wi-Fi Direct Virtual Adapter | Realtek RTL8188EE 802.11 bgn Wi-Fi Adapter CD / DVD Drives: 1x (E: | ) E: hp DVDRAM GUB0N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 918,9GB | D: 11,3GB Hard Disks - Free: C: 861,1GB | D: 1,5GB Manufacturer *: AMI BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: HP 2B2C Country: Nederland Language: NLD ==== System Specs (Software) ====================== Internet Explorer Version: 11.0.10240.16644 Google Chrome version: 47.0.2526.111 ==== Files Recently Created / Modified ====================== ====== C:\windows ==== 2016-01-13 19:27:58 986BC1A9E29A9E35C1D10D874616ACBB 215040 ----a-w- C:\windows\notepad.exe 2016-01-13 19:27:42 D2EAEC106F183572317AF7D68E381063 4532304 ----a-w- C:\windows\explorer.exe ====== C:\Users\rwest\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\windows\SysWOW64 ===== 2016-01-18 12:25:26 BF99EBCE70D6BFB6D4A2443FBB477E8D 826872 ----a-w- C:\windows\SysWOW64\FlashPlayerApp.exe 2016-01-18 12:25:26 291C2573A59D78D5C277A422F863CC1C 176632 ----a-w- C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-01-13 19:36:02 EDD400CC92C6D43F98D3D3AFC97C2559 451072 ----a-w- C:\windows\SysWOW64\ISSRemoveSP.exe 2016-01-13 19:28:53 F2A08BAE593A8270767ABA6BAADC634E 100712 ----a-w- C:\windows\SysWOW64\MP3DMOD.DLL 2016-01-13 19:28:53 DAF8197B2944323EFDF15ED32A055D72 2445128 ----a-w- C:\windows\SysWOW64\msmpeg2vdec.dll 2016-01-13 19:28:53 BE152AA70B19D10253946DBC3A75547C 882208 ----a-w- C:\windows\SysWOW64\msmpeg2adec.dll 2016-01-13 19:28:52 EE04BA6667EC970382AEB544F1D89283 1918976 ----a-w- C:\windows\SysWOW64\MFMediaEngine.dll 2016-01-13 19:28:52 BBF8ACF14694C6E2DA08CA22E7C544A4 961376 ----a-w- C:\windows\SysWOW64\LicenseManager.dll 2016-01-13 19:28:52 9C9A14B66C06930A4FA8B654D5A1B2AE 1233920 ----a-w- C:\windows\SysWOW64\Windows.Globalization.dll 2016-01-13 19:28:52 7E2330319E458B0406F16BF47D0F5FCA 373760 ----a-w- C:\windows\SysWOW64\schannel.dll 2016-01-13 19:28:50 5C3D6ECECE28FA7883E44C8D89ED1933 37376 ----a-w- C:\windows\SysWOW64\atmlib.dll 2016-01-13 19:28:45 C1B5BE074E1D85D4C1267B9678F9669D 139776 ----a-w- C:\windows\SysWOW64\shacct.dll 2016-01-13 19:28:44 D6BF254925FD35955C99F402F8DF4773 20858360 ----a-w- C:\windows\SysWOW64\shell32.dll 2016-01-13 19:28:43 C9471462610302402FF9BB0B09DB9177 650240 ----a-w- C:\windows\SysWOW64\jscript.dll 2016-01-13 19:28:43 84F33EA9B82044505ACFCAE15C762628 5454848 ----a-w- C:\windows\SysWOW64\Chakra.dll 2016-01-13 19:28:43 4832BCF076EC1B88B0F3D47DEDB5C20F 3580416 ----a-w- C:\windows\SysWOW64\jscript9.dll 2016-01-13 19:28:43 0B3FBB0539891F7177C3B98D6A141214 503296 ----a-w- C:\windows\SysWOW64\vbscript.dll 2016-01-13 19:28:42 77BFF88DF139AEB20BE0F5AB7737A981 13027840 ----a-w- C:\windows\SysWOW64\Windows.UI.Xaml.dll 2016-01-13 19:28:42 091F53D3D8FEDA2AB02018A18795B337 19324928 ----a-w- C:\windows\SysWOW64\mshtml.dll 2016-01-13 19:28:41 86F1A25E25A85F1809DAD3FC7880ACDF 18802176 ----a-w- C:\windows\SysWOW64\edgehtml.dll 2016-01-13 19:28:41 35E89DA499A3A12E5ACB4A195BF289EC 6878256 ----a-w- C:\windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-01-13 19:28:40 55863B7FF7119A11BD802DE7A82485A2 11263488 ----a-w- C:\windows\SysWOW64\ieframe.dll 2016-01-13 19:28:33 16271541E6C89AC46316DC276DF33C76 2639872 ----a-w- C:\windows\SysWOW64\esent.dll 2016-01-13 19:28:31 F4E25F21AC509AEE3617E9DBA086318E 434376 ----a-w- C:\windows\SysWOW64\MFCaptureEngine.dll 2016-01-13 19:28:31 E856065895D1133F5457BCDB4452A8D3 74880 ----a-w- C:\windows\SysWOW64\remoteaudioendpoint.dll 2016-01-13 19:28:31 A99EE78ACD9BE40C2A4D3097E382643C 82096 ----a-w- C:\windows\SysWOW64\devenum.dll 2016-01-13 19:28:31 6A59054B30BBBEF05521921E895D16A4 188032 ----a-w- C:\windows\SysWOW64\COLORCNV.DLL 2016-01-13 19:28:31 66014F80D37AFEF646DA614D68407AB2 305776 ----a-w- C:\windows\SysWOW64\WMVSDECD.DLL 2016-01-13 19:28:30 B0409CEF7BBF488D3F07FBC36DAE34FF 2459096 ----a-w- C:\windows\SysWOW64\WMVDECOD.DLL 2016-01-13 19:28:30 75D499303F9334780DDC00EEB15AFA99 368776 ----a-w- C:\windows\SysWOW64\MP4SDECD.DLL 2016-01-13 19:28:30 5BDB3DD749FD6EE9B51FA452AD896545 695752 ----a-w- C:\windows\SysWOW64\WMADMOD.DLL 2016-01-13 19:28:29 DC7C56F01B96CA5FDB99D241D4E067FC 311808 ----a-w- C:\windows\SysWOW64\AppXDeploymentClient.dll 2016-01-13 19:28:29 C637D94084069A10759E53F79D5DC4C5 899584 ----a-w- C:\windows\SysWOW64\RemoteNaturalLanguage.dll 2016-01-13 19:28:27 A1B94C8C5C9DD2780B83C7435EE18BED 1997336 ----a-w- C:\windows\SysWOW64\msxml6.dll 2016-01-13 19:28:27 6A8F5939B9C3170BEB4FF010F5054ED0 2879024 ----a-w- C:\windows\SysWOW64\iertutil.dll 2016-01-13 19:28:26 FB3B46B0FFCEDEED7BB5E74D82895118 1171456 ----a-w- C:\windows\SysWOW64\netcenter.dll 2016-01-13 19:28:26 EB010C82D907969FC3A396EE16DB1A44 2152744 ----a-w- C:\windows\SysWOW64\mfcore.dll 2016-01-13 19:28:26 CC3CDF714B78257E6CF2ED45A1EA1CD9 208688 ----a-w- C:\windows\SysWOW64\mftranscode.dll 2016-01-13 19:28:26 4B7EC905DF02BBBFDDD725EE98D6535C 658528 ----a-w- C:\windows\SysWOW64\mfds.dll 2016-01-13 19:28:26 3277E503E6EA72D19CDC16501FD151BA 5120056 ----a-w- C:\windows\SysWOW64\windows.storage.dll 2016-01-13 19:28:25 C662282B95220AD700D9B93A39702A25 409088 ----a-w- C:\windows\SysWOW64\WMVSENCD.DLL 2016-01-13 19:28:25 98CC3506DFADE0A3C9353E953F0891BD 747008 ----a-w- C:\windows\SysWOW64\WMVXENCD.DLL 2016-01-13 19:28:25 6C74B225F2EC7A49DD6F78B7072A5C42 1532984 ----a-w- C:\windows\SysWOW64\ntdll.dll 2016-01-13 19:28:24 7A471C2688C5D864A049C4F2074413E7 107952 ----a-w- C:\windows\SysWOW64\VIDRESZR.DLL 2016-01-13 19:28:24 2813D33FD11FF4E6666A394011D83B3B 2162064 ----a-w- C:\windows\SysWOW64\WMVENCOD.DLL 2016-01-13 19:28:24 1B9D79C58A2087A7C855559AAAF4BAEF 72808 ----a-w- C:\windows\SysWOW64\mfvdsp.dll 2016-01-13 19:28:19 E2EFED5C9E4BF8EC6F35CF63CA5B589F 1594368 ----a-w- C:\windows\SysWOW64\msxml3.dll 2016-01-13 19:28:19 C15E2900919126DCE4C2A927D3D45158 464896 ----a-w- C:\windows\SysWOW64\Windows.UI.dll 2016-01-13 19:28:19 BCCB55B18CE7054BA288FFEB27BA6F54 1766952 ----a-w- C:\windows\SysWOW64\CoreUIComponents.dll 2016-01-13 19:28:19 8D59581B205692ABC762603D7770E7E4 1541632 ----a-w- C:\windows\SysWOW64\quartz.dll 2016-01-13 19:28:19 356C54031E21C4790E6C81CDA26F9E0A 1467392 ----a-w- C:\windows\SysWOW64\GdiPlus.dll 2016-01-13 19:28:19 2AB0D2CB00F9F088705F492F7683907D 563200 ----a-w- C:\windows\SysWOW64\qdvd.dll 2016-01-13 19:28:19 2986B2B617DD50857FC614B64E9BE1F9 2647040 ----a-w- C:\windows\SysWOW64\Windows.Media.dll 2016-01-13 19:28:18 8AFE3CEAF287F9204FC1363A8F2A9B95 1328128 ----a-w- C:\windows\SysWOW64\comsvcs.dll 2016-01-13 19:28:18 820C0126D90810B78F5417767DA4F487 1593344 ----a-w- C:\windows\SysWOW64\dwmcore.dll 2016-01-13 19:28:18 5C74B92851352C5DCDD66C59BBE392F6 1442816 ----a-w- C:\windows\SysWOW64\SRHInproc.dll 2016-01-13 19:28:18 2DA15A53E965A27A3D5CF99E3CCC430A 6101504 ----a-w- C:\windows\SysWOW64\mos.dll 2016-01-13 19:28:18 08D6065A1D6D007C77A688271D915B00 5079552 ----a-w- C:\windows\SysWOW64\BingMaps.dll 2016-01-13 19:28:16 99CEBD54809E76C9CD1839B0492CCF5E 1895568 ----a-w- C:\windows\SysWOW64\hevcdecoder.dll 2016-01-13 19:28:16 776339B81E632F579AB1EC6EE503A9C0 58368 ----a-w- C:\windows\SysWOW64\usoapi.dll 2016-01-13 19:28:16 14B2B40AF5DAE0AD8057341F54FEF9EC 81920 ----a-w- C:\windows\SysWOW64\VEDataLayerHelpers.dll 2016-01-13 19:28:16 037908D9C8C689490978BFF72532A361 195072 ----a-w- C:\windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2016-01-13 19:28:15 F2BCE0CF75943E18852148B2875F632B 41472 ----a-w- C:\windows\SysWOW64\Windows.Speech.Pal.dll 2016-01-13 19:28:15 EE8FDC90138DD93AA6B1ECA831D9D3CE 1162240 ----a-w- C:\windows\SysWOW64\Windows.Media.Speech.dll 2016-01-13 19:28:15 DFAE92F5EF58FF29E81D951B2BDF45B8 1104384 ----a-w- C:\windows\SysWOW64\UIAutomationCore.dll 2016-01-13 19:28:15 8E853D8DDA2BBD4F3A8B7096085E765B 1070080 ----a-w- C:\windows\SysWOW64\WMSPDMOE.DLL 2016-01-13 19:28:15 74C8E141400F3B4CE12EE0E657FD91C9 1310880 ----a-w- C:\windows\SysWOW64\user32.dll 2016-01-13 19:28:15 3504A001D694E685EB2579164C514FB4 2153984 ----a-w- C:\windows\SysWOW64\authui.dll 2016-01-13 19:28:15 1B102F53BD7209D712BBE96E9FAA32CA 313856 ----a-w- C:\windows\SysWOW64\LockAppBroker.dll 2016-01-13 19:28:15 13FA2626268E7F522B9750CDCB7039D2 696192 ----a-w- C:\windows\SysWOW64\WMADMOE.DLL 2016-01-13 19:28:13 71C33FA1180F55803CC312BE73835AEE 1106872 ----a-w- C:\windows\SysWOW64\mfnetsrc.dll 2016-01-13 19:28:13 4595DE3C22C4B313A21AFB2C0E21688E 714808 ----a-w- C:\windows\SysWOW64\mfnetcore.dll 2016-01-13 19:28:12 10BD43B952C7A59D31EA976566B624E6 767488 ----a-w- C:\windows\SysWOW64\kerberos.dll 2016-01-13 19:28:11 FD47D5526827398C371D100284664078 2049536 ----a-w- C:\windows\SysWOW64\Windows.StateRepository.dll 2016-01-13 19:28:11 4BAFAEEFDF9577A1B37EB6F14898F702 890880 ----a-w- C:\windows\SysWOW64\WMSPDMOD.DLL 2016-01-13 19:28:10 9738D0610EAAD6CE104DFB81AFEDAFDE 786432 ----a-w- C:\windows\SysWOW64\Magnify.exe 2016-01-13 19:28:10 20311DEFD7B8A7D2AB5D5DDAFF505754 774656 ----a-w- C:\windows\SysWOW64\SRH.dll 2016-01-13 19:28:09 ACA6C8CC89A43F3BABF276662716023D 2748416 ----a-w- C:\windows\SysWOW64\tquery.dll 2016-01-13 19:28:09 A818674D5F9B67BA4BA9B67434AAAF3B 635312 ----a-w- C:\windows\SysWOW64\evr.dll 2016-01-13 19:28:09 3CABA2E1C6B0F3906F03C97A42359896 645144 ----a-w- C:\windows\SysWOW64\mfsvr.dll 2016-01-13 19:28:08 CD08AC88BF5133AB5376A519C1F14643 871936 ----a-w- C:\windows\SysWOW64\MSMPEG2ENC.DLL 2016-01-13 19:28:07 72262CB79DA833B4DCBFBCDD7C752B1A 1964544 ----a-w- C:\windows\SysWOW64\mssrch.dll 2016-01-13 19:28:06 6EF1F91D387CF337E347722738AA6894 497896 ----a-w- C:\windows\SysWOW64\advapi32.dll 2016-01-13 19:28:06 4F5230393F48421846F1EEC44F98148B 539728 ----a-w- C:\windows\SysWOW64\fontdrvhost.exe 2016-01-13 19:28:06 2FA6AE2352567748CD332B2529756EC6 303104 ----a-w- C:\windows\SysWOW64\atmfd.dll 2016-01-13 19:28:05 DB5CA5EDC2BE901451DD7C240F69721B 404992 ----a-w- C:\windows\SysWOW64\MFWMAAEC.DLL 2016-01-13 19:28:05 683BACDA104CABCCB8852CA24A03A964 573440 ----a-w- C:\windows\SysWOW64\qedit.dll 2016-01-13 19:28:04 E0F11A1D1C7482BBD76448E6FD3AA327 454512 ----a-w- C:\windows\SysWOW64\directmanipulation.dll 2016-01-13 19:28:04 99F56FA8CC016E026C38D4CC338B0A15 762888 ----a-w- C:\windows\SysWOW64\twinapi.appcore.dll 2016-01-13 19:28:04 73FC0143E518D8DB7AFE9675F4AF8063 2207232 ----a-w- C:\windows\SysWOW64\wininet.dll 2016-01-13 19:28:04 63900F897A025DDFE83737A260C250A5 371712 ----a-w- C:\windows\SysWOW64\OneDriveSettingSyncProvider.dll 2016-01-13 19:28:04 258A4F9A2C91C6C6E36775CDCCB4AFE1 441168 ----a-w- C:\windows\SysWOW64\SettingSyncHost.exe 2016-01-13 19:28:03 F65307E09D4807EDE95D1016CAF42DAD 587264 ----a-w- C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll 2016-01-13 19:28:03 A5E98AB07AE94407058A4224F2A9504A 1226752 ----a-w- C:\windows\SysWOW64\wcnwiz.dll 2016-01-13 19:28:03 7EFF73E0CF886F43B0ABF9921189857E 95744 ----a-w- C:\windows\SysWOW64\fdWCN.dll 2016-01-13 19:28:03 471921FC25E6EC0AA5755C78DD9F7C4E 613376 ----a-w- C:\windows\SysWOW64\TokenBroker.dll 2016-01-13 19:28:03 2A28095B1C625D3DE3C25E6696AC4504 100352 ----a-w- C:\windows\SysWOW64\WcnApi.dll 2016-01-13 19:28:02 EBD8D48F8EF7E7BDCEEB176CAB1033E3 37376 ----a-w- C:\windows\SysWOW64\wfdprov.dll 2016-01-13 19:28:02 B9573AE51518377CC31D9F3C92839298 441344 ----a-w- C:\windows\SysWOW64\dlnashext.dll 2016-01-13 19:28:02 B4308481535382A5B61340A2214E91AD 474624 ----a-w- C:\windows\SysWOW64\ieui.dll 2016-01-13 19:28:02 9E604C522EC89CA6D7DD22BE94985359 415744 ----a-w- C:\windows\SysWOW64\catsrvut.dll 2016-01-13 19:28:02 7E4A5580F1A7EEB3F235429D857100DD 296960 ----a-w- C:\windows\SysWOW64\ninput.dll 2016-01-13 19:28:02 5DAAAF8A272B9C8975C444298B5D41EF 480768 ----a-w- C:\windows\SysWOW64\duser.dll 2016-01-13 19:28:01 5DEB6066C1F5D2F07002BF59BA57E2A0 556032 ----a-w- C:\windows\SysWOW64\mfh264enc.dll 2016-01-13 19:28:01 223F4A196FEDDC45F431D79B833521E6 484352 ----a-w- C:\windows\SysWOW64\SettingSync.dll 2016-01-13 19:27:59 E8192A23618BCEDE02446F491CB70BDB 42496 ----a-w- C:\windows\SysWOW64\tetheringclient.dll 2016-01-13 19:27:59 8228A523B9FF392936554EE5F223F05B 1823232 ----a-w- C:\windows\SysWOW64\InputService.dll 2016-01-13 19:27:59 62C4E525EE16D6224D746A8488CD657E 752640 ----a-w- C:\windows\SysWOW64\msctfuimanager.dll 2016-01-13 19:27:59 50A3C0D8655F5ACFE4320FB207A098F1 1985024 ----a-w- C:\windows\SysWOW64\DWrite.dll 2016-01-13 19:27:59 404A006C387E4F19B4DAB664144B8520 671232 ----a-w- C:\windows\SysWOW64\MbaeApiPublic.dll 2016-01-13 19:27:59 3C9FDBB0963B18C9D60B54F8AF81DF11 268800 ----a-w- C:\windows\SysWOW64\ncryptprov.dll 2016-01-13 19:27:59 248521A186986B67107808EB4F3E01E7 232896 ----a-w- C:\windows\SysWOW64\RESAMPLEDMO.DLL 2016-01-13 19:27:59 00682184457B97EDA4C0C157331A7495 454656 ----a-w- C:\windows\SysWOW64\MbaeApi.dll 2016-01-13 19:27:58 9E590FA5A1BF50F2E7B7005244F8D31D 574464 ----a-w- C:\windows\SysWOW64\Chakradiag.dll 2016-01-13 19:27:58 9AA440F8F580C573D0F2732DA6ECB87A 207872 ----a-w- C:\windows\SysWOW64\notepad.exe 2016-01-13 19:27:57 80D2AE15F53154CEE71C9E3C131FBB9B 407608 ----a-w- C:\windows\SysWOW64\AudioSes.dll 2016-01-13 19:27:57 78FBC37D02A39402B685B7E95A83EFE8 428128 ----a-w- C:\windows\SysWOW64\WWanAPI.dll 2016-01-13 19:27:56 9157489ABA83D6FEAAAEC8E3F79714E8 928256 ----a-w- C:\windows\SysWOW64\Unistore.dll 2016-01-13 19:27:55 FABFF0AA6B503B960BBCBCC7CF00350B 195584 ----a-w- C:\windows\SysWOW64\PackageStateRoaming.dll 2016-01-13 19:27:55 A429ED80A03D29F43E99A08CA76E3CFD 1612288 ----a-w- C:\windows\SysWOW64\Windows.UI.Immersive.dll 2016-01-13 19:27:55 7CDC13C04C1038D6143B64CD2321B1F0 274432 ----a-w- C:\windows\SysWOW64\NetSetupShim.dll 2016-01-13 19:27:55 7763184B73CB778EE9601555A7C42901 235008 ----a-w- C:\windows\SysWOW64\ksproxy.ax 2016-01-13 19:27:55 6740B4C8B8B3474F086B8AEBDE4861D8 217088 ----a-w- C:\windows\SysWOW64\VEEventDispatcher.dll 2016-01-13 19:27:55 5036F8014556AAAA662A672F3D58F04C 261632 ----a-w- C:\windows\SysWOW64\ActionCenter.dll 2016-01-13 19:27:55 40258BC35D16DFCDC0D7B7E04C75EDFD 278424 ----a-w- C:\windows\SysWOW64\MP43DECD.DLL 2016-01-13 19:27:55 0C5FE5EB83BD4C4F3ACF7A08821FC0D5 277400 ----a-w- C:\windows\SysWOW64\MPG4DECD.DLL 2016-01-13 19:27:54 F69835A120E9627327ECE984D2AC87EA 828928 ----a-w- C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll 2016-01-13 19:27:54 DF3F02FA4AEB7064FAC76D2E31BE4DC4 311296 ----a-w- C:\windows\SysWOW64\Windows.Devices.Usb.dll 2016-01-13 19:27:54 C5FBD8DDCD35F7F1242F3587681A2654 193024 ----a-w- C:\windows\SysWOW64\Windows.Internal.Management.dll 2016-01-13 19:27:54 7AF34E43DE496A316DD096AEBDE2492A 268800 ----a-w- C:\windows\SysWOW64\NotificationObjFactory.dll 2016-01-13 19:27:54 0607E8B28F78AD418D6C0D74203FFA79 749568 ----a-w- C:\windows\SysWOW64\comdlg32.dll 2016-01-13 19:27:53 EFCBA793DF8E9E96528CC8586F7A885C 33280 ----a-w- C:\windows\SysWOW64\usermgrcli.dll 2016-01-13 19:27:53 BE91839AB726C995AFF389AA298F9332 494592 ----a-w- C:\windows\SysWOW64\LogonController.dll 2016-01-13 19:27:53 B81FC272B92CE1A7542EECF1416D17B9 579584 ----a-w- C:\windows\SysWOW64\AppointmentApis.dll 2016-01-13 19:27:53 807178C85CF6375FAB2FE42395FE94D7 677888 ----a-w- C:\windows\SysWOW64\MapControlCore.dll 2016-01-13 19:27:53 685105400BCA64E0D19534A516F36454 625152 ----a-w- C:\windows\SysWOW64\ContactApis.dll 2016-01-13 19:27:53 4B5286A021D8CA64BABB07D7B9739AF4 512000 ----a-w- C:\windows\SysWOW64\CoreMessaging.dll 2016-01-13 19:27:53 2612D8C0CC6919E29D9239C7D1E96B30 159744 ----a-w- C:\windows\SysWOW64\UserMgrProxy.dll 2016-01-13 19:27:52 F38B52333E0C93A1C55323719103783B 1357888 ----a-w- C:\windows\SysWOW64\winmde.dll 2016-01-13 19:27:52 54DB5459A808BB03FDEA98325530B946 145920 ----a-w- C:\windows\SysWOW64\mdmregistration.dll 2016-01-13 19:27:52 29975419D8EE4827301777ECE10AF30F 1380864 ----a-w- C:\windows\SysWOW64\urlmon.dll 2016-01-13 19:27:51 60242DBD3FCFA6D4163B6C29D76295B7 336384 ----a-w- C:\windows\SysWOW64\CredProvDataModel.dll 2016-01-13 19:27:51 5F7ADEE18B15B9D629F9875C9604A696 557568 ----a-w- C:\windows\SysWOW64\ChatApis.dll 2016-01-13 19:27:50 D124F89BBDCFC24A04F159D913852DDC 701952 ----a-w- C:\windows\SysWOW64\JpMapControl.dll 2016-01-13 19:27:50 0C6AA21007BE1389A4D5C3772D7E262D 525312 ----a-w- C:\windows\SysWOW64\EmailApis.dll 2016-01-13 19:27:49 9944FF1EDD2D36AEC0DACCC85930A152 1365576 ----a-w- C:\windows\SysWOW64\gdi32.dll 2016-01-13 19:27:49 917C7C09612AD81BCF0C49007740DB4E 775312 ----a-w- C:\windows\SysWOW64\locale.nls 2016-01-13 19:27:48 E4A4BC49568745BDA44F293E3D29A910 466432 ----a-w- C:\windows\SysWOW64\MessagingDataModel2.dll 2016-01-13 19:27:48 53FC0EFBE44591CA16BE1A4309F689DC 253440 ----a-w- C:\windows\SysWOW64\SensorsApi.dll 2016-01-13 19:27:48 51DDB23BEB935F57C49166DCFEE10206 243800 ----a-w- C:\windows\SysWOW64\LockAppHost.exe 2016-01-13 19:27:48 39518661140BE931D676EF657E877048 131072 ----a-w- C:\windows\SysWOW64\CallHistoryClient.dll 2016-01-13 19:27:46 F8EC9D17DB30C1D8B3B7CBFF31161452 918320 ----a-w- C:\windows\SysWOW64\mfplat.dll 2016-01-13 19:27:46 981229E718319A9A01F7E740A8D855FD 700256 ----a-w- C:\windows\SysWOW64\WWAHost.exe 2016-01-13 19:27:46 1253135EC3029F79601EDCFF55ADC9FC 508248 ----a-w- C:\windows\SysWOW64\mf.dll 2016-01-13 19:27:44 CA4303787A36890CE6EE34DC1C993F3E 195584 ----a-w- C:\windows\SysWOW64\UserDataAccountApis.dll 2016-01-13 19:27:44 C09CA709007AB00D97A764422E9DB981 92992 ----a-w- C:\windows\SysWOW64\userenv.dll 2016-01-13 19:27:43 D055C7AC2514A999D8C636B39457B98B 172032 ----a-w- C:\windows\SysWOW64\PhoneCallHistoryApis.dll 2016-01-13 19:27:43 951D71B5D602745997A6DCBA33FC5358 280576 ----a-w- C:\windows\SysWOW64\SearchProtocolHost.exe 2016-01-13 19:27:43 45C650F31088C2820304CFA4A3D4F5FA 845664 ----a-w- C:\windows\SysWOW64\ReAgent.dll 2016-01-13 19:27:43 202A005B44B0E420D02E280F1AADFE71 116728 ----a-w- C:\windows\SysWOW64\mfps.dll 2016-01-13 19:27:42 E77F8B3D5750F4527A07E45AB6D44588 7168 ----a-w- C:\windows\SysWOW64\KBDAZE.DLL 2016-01-13 19:27:42 D0A5D8270FF8606D2B445C4359A8FCEB 328704 ----a-w- C:\windows\SysWOW64\MapConfiguration.dll 2016-01-13 19:27:42 95A776B86DC5268EB06679351B5D2F7D 131584 ----a-w- C:\windows\SysWOW64\Windows.UI.Core.TextInput.dll 2016-01-13 19:27:42 6BC30FC482A74A92CDDD59E882F18E63 7168 ----a-w- C:\windows\SysWOW64\kbdgeoqw.dll 2016-01-13 19:27:42 638747E5050BEB4F5DF9DDE8AC418296 473088 ----a-w- C:\windows\SysWOW64\wpnapps.dll 2016-01-13 19:27:42 4F74D237260EF8F19DB5AAAB2C3D19D2 53248 ----a-w- C:\windows\SysWOW64\profext.dll 2016-01-13 19:27:42 4EEB94F7E1ABAB5503EEFEA7F2394370 4047288 ----a-w- C:\windows\SysWOW64\explorer.exe 2016-01-13 19:27:42 45D3CA83474A46D74632700FACF17C90 7168 ----a-w- C:\windows\SysWOW64\KBDAZEL.DLL 2016-01-13 19:27:42 06A41A2D550BBF58552D3C02D0D20825 7168 ----a-w- C:\windows\SysWOW64\KBDAZST.DLL 2016-01-13 19:27:42 011A8CA5E2B3399EB0D893587B830C6B 420352 ----a-w- C:\windows\SysWOW64\GamePanel.exe 2016-01-13 19:27:41 435EE3E7A2EB0274E5C976A0B3773CA7 162304 ----a-w- C:\windows\SysWOW64\ReInfo.dll ====== C:\windows\SysWOW64\drivers ===== 2015-12-22 19:50:42 E5805896A55D4166C20F216249F40FA3 26528 ----a-w- C:\windows\SysWOW64\drivers\HWiNFO64A.SYS ====== C:\windows\Sysnative ===== 2016-01-19 10:41:15 5C5A797761421CF9B72087F3BC8A5259 180 ----a-w- C:\windows\Sysnative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-01-19 10:41:14 75084B9701FD6485188FC6E437C3D71E 16148 ----a-w- C:\windows\Sysnative\DESKTOP-F4AGI8L_rwest_HistoryPrediction.bin 2016-01-13 19:37:29 4DE599F49C7862C9691EE7843E216F4C 143671360 ----a-w- C:\windows\Sysnative\MRT.exe 2016-01-13 19:36:15 EFEEF71514FA0414382A1647A5E3BE53 1146072 ----a-w- C:\windows\Sysnative\Rtlihvs.dll 2016-01-13 19:28:53 CF2D0CD826F0BBC8F1150122720D2A9C 119800 ----a-w- C:\windows\Sysnative\MP3DMOD.DLL 2016-01-13 19:28:53 9F2AB116293D0799BA44E27A810C26F0 1063504 ----a-w- C:\windows\Sysnative\msmpeg2adec.dll 2016-01-13 19:28:53 7128D19C04882CEEABB5F48ACD05B159 2824248 ----a-w- C:\windows\Sysnative\msmpeg2vdec.dll 2016-01-13 19:28:52 C7503A49364DB2AF7A7DE177B233081F 1844736 ----a-w- C:\windows\Sysnative\workfolderssvc.dll 2016-01-13 19:28:52 C66E058599A44E0EEA95B3E0547345D2 30208 ----a-w- C:\windows\Sysnative\syncmlhook.dll 2016-01-13 19:28:52 98986780B8D494326D28DCAB6D601450 154624 ----a-w- C:\windows\Sysnative\dmcertinst.exe 2016-01-13 19:28:52 901350B41D1262A95B5D907BD95A4145 642560 ----a-w- C:\windows\Sysnative\rdbui.dll 2016-01-13 19:28:52 88E6A429944544346EC3AE1FD7D24BCC 149504 ----a-w- C:\windows\Sysnative\tetheringservice.dll 2016-01-13 19:28:52 7DDB731AD3E9F9F91D62E991BD52814F 79872 ----a-w- C:\windows\Sysnative\HttpsDataSource.dll 2016-01-13 19:28:52 78FEDDED673167515E77B9BD35B13B3D 137216 ----a-w- C:\windows\Sysnative\LocationPermissions.dll 2016-01-13 19:28:52 7143FF944C20AB5C6D4485A0469F2797 115712 ----a-w- C:\windows\Sysnative\MbaeParserTask.exe 2016-01-13 19:28:52 59BD4C7EC035B59B77A7D9CE71F1B9AE 1276416 ----a-w- C:\windows\Sysnative\wifinetworkmanager.dll 2016-01-13 19:28:52 562078FF6ED0C2B1C09078343437D03E 168960 ----a-w- C:\windows\Sysnative\mdmmigrator.dll 2016-01-13 19:28:52 513A8EF909DFCDD872E60A0EA03FEAAB 52224 ----a-w- C:\windows\Sysnative\tetheringclient.dll 2016-01-13 19:28:52 4A54273338073939384A14BF0D7AFC14 88064 ----a-w- C:\windows\Sysnative\ngckeyenum.dll 2016-01-13 19:28:52 321A2022926841273CD8D6B9BFE68D05 1383424 ----a-w- C:\windows\Sysnative\win32kbase.sys 2016-01-13 19:28:51 D5B31B2F14848015C211F1D674A82F3A 1106432 ----a-w- C:\windows\Sysnative\sysmain.dll 2016-01-13 19:28:51 9E5E7D977A316EE3BBD4F44903EC954B 4792320 ----a-w- C:\windows\Sysnative\jscript9.dll 2016-01-13 19:28:51 754BC3E56FF301B9EE8A764932D02124 513536 ----a-w- C:\windows\Sysnative\ngcsvc.dll 2016-01-13 19:28:51 0968D575D9108497A6DC37749D4A6C4F 2093056 ----a-w- C:\windows\Sysnative\wlidsvc.dll 2016-01-13 19:28:50 8C7CCD8D67C1E4A3E5A5EEED3320AC08 32768 ----a-w- C:\windows\Sysnative\wuautoappupdate.dll 2016-01-13 19:28:50 6300722E8527EC54D426FD00EE5196B2 1068032 ----a-w- C:\windows\Sysnative\audiosrv.dll 2016-01-13 19:28:50 4D3F2E7C2F83DFAF19F8060E1FD6C5A8 3588096 ----a-w- C:\windows\Sysnative\win32kfull.sys 2016-01-13 19:28:50 3A4A543F135DE9A06ABA9DF982D79DD7 526336 ----a-w- C:\windows\Sysnative\bisrv.dll 2016-01-13 19:28:50 19C4F8570B675E940CFFA9DB25CBDA05 2418688 ----a-w- C:\windows\Sysnative\MFMediaEngine.dll 2016-01-13 19:28:50 19C0D0D0960E242E1FE052C3F2CA7EC1 455168 ----a-w- C:\windows\Sysnative\schannel.dll 2016-01-13 19:28:49 ECA28C8F0FF34A2BD8311CBA2D35B143 121856 ----a-w- C:\windows\Sysnative\dmcsps.dll 2016-01-13 19:28:49 E2AE190B76C27430E4E8258D0C44C79B 317440 ----a-w- C:\windows\Sysnative\configmanager2.dll 2016-01-13 19:28:49 DAFEABE69E915A2374E13C6B24EF331F 690688 ----a-w- C:\windows\Sysnative\CellularAPI.dll 2016-01-13 19:28:49 D23F211E1AA0787EFEC373D172D4A1C2 1181696 ----a-w- C:\windows\Sysnative\wwansvc.dll 2016-01-13 19:28:49 A5B7CAFA0327BCBC2FC6F1C9F95191CA 342016 ----a-w- C:\windows\Sysnative\LocationGeofences.dll 2016-01-13 19:28:49 63CCD4D03566A23A26E00A85452B7816 1392480 ----a-w- C:\windows\Sysnative\LicenseManager.dll 2016-01-13 19:28:49 14503C58C1528D83FB2328840784EC78 621056 ----a-w- C:\windows\Sysnative\enterprisecsps.dll 2016-01-13 19:28:48 F2F08F34BC90048420D51D6574F29492 7523840 ----a-w- C:\windows\Sysnative\Chakra.dll 2016-01-13 19:28:48 F04659446D46718E38B3586371720218 1569280 ----a-w- C:\windows\Sysnative\Windows.Globalization.dll 2016-01-13 19:28:47 C9B6A1DF4767507904C65654725372ED 45568 ----a-w- C:\windows\Sysnative\atmlib.dll 2016-01-13 19:28:47 B70FF53144AC4B3C7D98BFB7D7C239BD 2236416 ----a-w- C:\windows\Sysnative\wuaueng.dll 2016-01-13 19:28:47 6187FA436627F9F694AFE1B805B21F5C 21873152 ----a-w- C:\windows\Sysnative\edgehtml.dll 2016-01-13 19:28:47 551C41C9508BF7117A56FC429D5B6534 8022368 ----a-w- C:\windows\Sysnative\ntoskrnl.exe 2016-01-13 19:28:47 0A2D0D9A0329B9C46F5D793DB51A15C7 1234944 ----a-w- C:\windows\Sysnative\aitstatic.exe 2016-01-13 19:28:46 BD962F6BBE51AD778F77260B8036C804 24592896 ----a-w- C:\windows\Sysnative\mshtml.dll 2016-01-13 19:28:46 212E5C2C279835CBFEBF935EB0E7EC5D 16708608 ----a-w- C:\windows\Sysnative\Windows.UI.Xaml.dll 2016-01-13 19:28:45 CF2B0ADDBA61B3B9FA339118FC742032 1812480 ----a-w- C:\windows\Sysnative\pnidui.dll 2016-01-13 19:28:45 B1622CB61E1C2166C0DEADBCDA611378 541024 ----a-w- C:\windows\Sysnative\mcupdate_GenuineIntel.dll 2016-01-13 19:28:45 2481E9E8858AD0A223FA3110916EF0C1 6572032 ----a-w- C:\windows\Sysnative\wwanmm.dll 2016-01-13 19:28:45 1E4B6E4DB127F1964166B458060C4223 184320 ----a-w- C:\windows\Sysnative\shacct.dll 2016-01-13 19:28:44 DA32F9BFA7851AD4247353EA03755DE6 578560 ----a-w- C:\windows\Sysnative\winlogon.exe 2016-01-13 19:28:44 C397F52BD6B482E6E33B065267680A87 8613200 ----a-w- C:\windows\Sysnative\Windows.Media.Protection.PlayReady.dll 2016-01-13 19:28:44 547D2BC05916E97FC8F48CB22DD1CFA1 22322624 ----a-w- C:\windows\Sysnative\shell32.dll 2016-01-13 19:28:40 EBBD7066B59D8D0C22E6F59DD22AB486 76800 ----a-w- C:\windows\Sysnative\browserbroker.dll 2016-01-13 19:28:40 90F26A12A7F188B48021A4CA8A615026 12504576 ----a-w- C:\windows\Sysnative\ieframe.dll 2016-01-13 19:28:33 5D1F633C10EC9E00211E6C3D429AC1FB 2987520 ----a-w- C:\windows\Sysnative\esent.dll 2016-01-13 19:28:33 02077F66F8CF2F1FD58403D371482B01 106496 ----a-w- C:\windows\Sysnative\KeywordDetectorMsftSidAdapter.dll 2016-01-13 19:28:32 ED4208A2A5BE50383153463F7ED08ED4 146944 ----a-w- C:\windows\Sysnative\EthernetMediaManager.dll 2016-01-13 19:28:32 E866643717FF953DAC104E9E806F3E27 498688 ----a-w- C:\windows\Sysnative\WlanMediaManager.dll 2016-01-13 19:28:32 E68D380E86FBBF7F4466A0DD6CEA0B5B 467456 ----a-w- C:\windows\Sysnative\MBMediaManager.dll 2016-01-13 19:28:32 D7B28BF9E08128C5A8B89FFD5BEB6B88 465920 ----a-w- C:\windows\Sysnative\wwanconn.dll 2016-01-13 19:28:32 9D4A09AB97C2F0EC6BFA6B54AA2BA239 3781120 ----a-w- C:\windows\Sysnative\SettingsHandlers_nt.dll 2016-01-13 19:28:32 6C9DDD0611379864596D2A8DE7B1870C 504320 ----a-w- C:\windows\Sysnative\DataSenseHandlers.dll 2016-01-13 19:28:32 68AA410BBF3DA69B9F3834EED1BF52EA 270336 ----a-w- C:\windows\Sysnative\RasMediaManager.dll 2016-01-13 19:28:32 6210B227A7834FFFCA08FBB42F6FF476 126464 ----a-w- C:\windows\Sysnative\DAMediaManager.dll 2016-01-13 19:28:32 1A8D80F2EA3133AD8DAF64DA25B4B17B 168288 ----a-w- C:\windows\Sysnative\NetworkUXBroker.exe 2016-01-13 19:28:32 0ACF831DD03989CA9787621C04D73CFD 45568 ----a-w- C:\windows\Sysnative\wfdprov.dll 2016-01-13 19:28:32 031080A610C302B0279A267411EDB7E3 2226688 ----a-w- C:\windows\Sysnative\NetworkMobileSettings.dll 2016-01-13 19:28:31 CCC25D8DC3177759B541752D3C163460 233992 ----a-w- C:\windows\Sysnative\mftranscode.dll 2016-01-13 19:28:31 86C0DEE6940878A1496CBBA856FF4E5B 584656 ----a-w- C:\windows\Sysnative\mf.dll 2016-01-13 19:28:31 65656FF781BDC10127AB223CDC0AC69F 2463704 ----a-w- C:\windows\Sysnative\mfcore.dll 2016-01-13 19:28:31 628100F7F1F717D6C115051A389CE37E 90912 ----a-w- C:\windows\Sysnative\devenum.dll 2016-01-13 19:28:31 5E010B486F7FB28D9B79AAC471FE484F 476760 ----a-w- C:\windows\Sysnative\MFCaptureEngine.dll 2016-01-13 19:28:31 50410D6D47B1C0A9BC4A4B1EE4E0027F 83704 ----a-w- C:\windows\Sysnative\mfvdsp.dll 2016-01-13 19:28:30 FF12AE856ADD9B0AC9F1A5DF323E9130 787720 ----a-w- C:\windows\Sysnative\WMADMOD.DLL 2016-01-13 19:28:30 F7FC6CB37CBF7C3547B2F8D8D3A1ACCD 377592 ----a-w- C:\windows\Sysnative\MP4SDECD.DLL 2016-01-13 19:28:30 846FF503D852A7B15FC02A46098EB31D 205072 ----a-w- C:\windows\Sysnative\COLORCNV.DLL 2016-01-13 19:28:30 32EFE0A14B4323786ACE4E8950210367 2641928 ----a-w- C:\windows\Sysnative\WMVDECOD.DLL 2016-01-13 19:28:30 0DE4840EB6125C69E46EB9CA908B6D29 345080 ----a-w- C:\windows\Sysnative\WMVSDECD.DLL 2016-01-13 19:28:29 CA7800F03BF0281D4D38E1006618E82E 627712 ----a-w- C:\windows\Sysnative\Windows.UI.dll 2016-01-13 19:28:29 736BB47B4D0F66039E0AB9A7B885D0F0 3248128 ----a-w- C:\windows\Sysnative\Windows.Media.dll 2016-01-13 19:28:29 49B00A59043431804A5BCB5E48F735B3 414208 ----a-w- C:\windows\Sysnative\AppXDeploymentClient.dll 2016-01-13 19:28:28 52C3440B5098BFB99D91E869A26ECB30 1213440 ----a-w- C:\windows\Sysnative\RemoteNaturalLanguage.dll 2016-01-13 19:28:28 162AD130D6F3C5C877F0AD121C1F485E 3622272 ----a-w- C:\windows\Sysnative\iertutil.dll 2016-01-13 19:28:27 D4D17FB8E003050BA38B85F335B71222 322048 ----a-w- C:\windows\Sysnative\vaultsvc.dll 2016-01-13 19:28:27 A40484AC27EE08DBE7F8DA5E1F6651ED 591360 ----a-w- C:\windows\Sysnative\wcmsvc.dll 2016-01-13 19:28:27 95EC1A9A6926F5091957F6CA52A34F21 162304 ----a-w- C:\windows\Sysnative\SubscriptionMgr.dll 2016-01-13 19:28:27 73AF2D8038FCEF4C4EB4B3106B41967A 2573768 ----a-w- C:\windows\Sysnative\msxml6.dll 2016-01-13 19:28:26 959695FD137FF0DEFC6152AAB03AA3D6 1216512 ----a-w- C:\windows\Sysnative\netcenter.dll 2016-01-13 19:28:26 544F4E3C4EEBAC2541C6D1D865FA2963 1717248 ----a-w- C:\windows\Sysnative\GdiPlus.dll 2016-01-13 19:28:26 3C096082A9232B7CEE4653B9C9031769 2228736 ----a-w- C:\windows\Sysnative\wlansvc.dll 2016-01-13 19:28:26 20E8B4BD322195D30C781BED86FA81C8 185344 ----a-w- C:\windows\Sysnative\psmsrv.dll 2016-01-13 19:28:25 F70197C9E902336B223A8F43AB627BD7 115704 ----a-w- C:\windows\Sysnative\VIDRESZR.DLL 2016-01-13 19:28:25 B3E7A635C248EBF3A9C630917BDD5FA0 1822280 ----a-w- C:\windows\Sysnative\ntdll.dll 2016-01-13 19:28:25 9FE8EF9A4FAE92B1296D4D1AD8A2C6E6 447488 ----a-w- C:\windows\Sysnative\WMVSENCD.DLL 2016-01-13 19:28:25 903FC05DFE2EA0432113E251DE3A3E51 634368 ----a-w- C:\windows\Sysnative\WMVXENCD.DLL 2016-01-13 19:28:24 DD5339D7A02E27CC108897AF56F1BA95 1991120 ----a-w- C:\windows\Sysnative\WMVENCOD.DLL 2016-01-13 19:28:24 7ED8EF17B3A6C69DA6A0EC90CFBB4ABB 7055872 ----a-w- C:\windows\Sysnative\BingMaps.dll 2016-01-13 19:28:23 C158F23E5D8581CB50B33D83AC721E93 1795584 ----a-w- C:\windows\Sysnative\AppXDeploymentExtensions.dll 2016-01-13 19:28:22 DE82BD1C35547D04241DB1DB3D4808E0 6487248 ----a-w- C:\windows\Sysnative\windows.storage.dll 2016-01-13 19:28:22 D6D96E20079D902243690DCBB007F997 2180608 ----a-w- C:\windows\Sysnative\AppXDeploymentServer.dll 2016-01-13 19:28:21 B7B20B07E6BDB3DCD78668E4F7BFABA9 1888768 ----a-w- C:\windows\Sysnative\dwmcore.dll 2016-01-13 19:28:19 F9042F366B9695FD564E9485112453E2 1871360 ----a-w- C:\windows\Sysnative\msxml3.dll 2016-01-13 19:28:19 C974AFD04F02EADDE7C1928B3B42AA91 1672192 ----a-w- C:\windows\Sysnative\quartz.dll 2016-01-13 19:28:19 6FA4BB1AA0C18F5CFB96F228376BD249 2494712 ----a-w- C:\windows\Sysnative\CoreUIComponents.dll 2016-01-13 19:28:18 8675E8DC436CFD340C2BEACD29315226 1710592 ----a-w- C:\windows\Sysnative\SRHInproc.dll 2016-01-13 19:28:18 6C291578AD85D4527E83B5E9465BDB6C 1649152 ----a-w- C:\windows\Sysnative\comsvcs.dll 2016-01-13 19:28:18 537826436B921256BA9055F65A97ED91 7569408 ----a-w- C:\windows\Sysnative\mos.dll 2016-01-13 19:28:18 3478670E8646CC536E1EF21F077F4DD6 2156400 ----a-w- C:\windows\Sysnative\hevcdecoder.dll 2016-01-13 19:28:16 429E7B01BBEB38EA55464918811D3373 515072 ----a-w- C:\windows\Sysnative\internetmail.dll 2016-01-13 19:28:15 FA78CF03CB18E8EAB07D1B9470508AA7 1270104 ----a-w- C:\windows\Sysnative\mfnetsrc.dll 2016-01-13 19:28:15 EA8B28FFF774F7C7862C8746E1FDECF6 273920 ----a-w- C:\windows\Sysnative\Windows.ApplicationModel.LockScreen.dll 2016-01-13 19:28:15 E42DE587D8453E20796A149303DE4691 1255936 ----a-w- C:\windows\Sysnative\WMSPDMOE.DLL 2016-01-13 19:28:15 E280D20B0AD017F78290C39CB27006AB 187904 ----a-w- C:\windows\Sysnative\Windows.UI.PicturePassword.dll 2016-01-13 19:28:15 D920A8B070A9BA5C9DEFC3BA7C3883B5 145408 ----a-w- C:\windows\Sysnative\dssvc.dll 2016-01-13 19:28:15 C62218BAE56459EE10145625762CEF1C 751992 ----a-w- C:\windows\Sysnative\WMADMOE.DLL 2016-01-13 19:28:15 85AC4CA67BECC08CBC655A8D8919B23B 1331200 ----a-w- C:\windows\Sysnative\UIAutomationCore.dll 2016-01-13 19:28:15 7F380DC90B8A045A3F4835D196C35EEB 1366680 ----a-w- C:\windows\Sysnative\user32.dll 2016-01-13 19:28:15 7505ACFD9362DA74FEB623F21FE3B391 1601536 ----a-w- C:\windows\Sysnative\Windows.Media.Speech.dll 2016-01-13 19:28:15 3A04CB24453E831CF75C209933DED057 862056 ----a-w- C:\windows\Sysnative\mfnetcore.dll 2016-01-13 19:28:15 35D3A05A1FE037E866E17E84CEE9CF48 2350592 ----a-w- C:\windows\Sysnative\authui.dll 2016-01-13 19:28:14 D5AAA188C70146977CFEE8D128599F3F 378368 ----a-w- C:\windows\Sysnative\SystemEventsBrokerServer.dll 2016-01-13 19:28:14 9ED18AA0A7F4DEC9779CE9059FE6D057 3527168 ----a-w- C:\windows\Sysnative\tquery.dll 2016-01-13 19:28:14 92C15AC3119BD5A270D4721D94962E87 205312 ----a-w- C:\windows\Sysnative\aepic.dll 2016-01-13 19:28:14 085303A3E653D0F1CB7F54A45FB25FAE 1150816 ----a-w- C:\windows\Sysnative\aeinv.dll 2016-01-13 19:28:12 C56E82DA13F1433C7E8AC8E31529E41E 949760 ----a-w- C:\windows\Sysnative\kerberos.dll 2016-01-13 19:28:12 390EAAB81E5C1DB0FD4920796C74AB48 1290240 ----a-w- C:\windows\Sysnative\Windows.UI.Shell.dll 2016-01-13 19:28:11 AEE285AC6117625361E6D5F06A58A830 723648 ----a-w- C:\windows\Sysnative\generaltel.dll 2016-01-13 19:28:11 78760751FBCB900F6F68CA1700DAE2DC 2675200 ----a-w- C:\windows\Sysnative\Windows.StateRepository.dll 2016-01-13 19:28:11 4717521A872CAE4B6DBC40BA5FE2238A 1083072 ----a-w- C:\windows\Sysnative\appraiser.dll 2016-01-13 19:28:11 1BFAC03B6422E878EFCDA934BF4C4823 1008640 ----a-w- C:\windows\Sysnative\schedsvc.dll 2016-01-13 19:28:10 DDCBE4B09287CF224B63015F9C6BD31F 1295712 ----a-w- C:\windows\Sysnative\wpx.dll 2016-01-13 19:28:10 A51AC21B1F31FD7F4EC2811E33572AFC 859136 ----a-w- C:\windows\Sysnative\modernexecserver.dll 2016-01-13 19:28:10 A25B124EF04FE23BE96561C1107B9272 781976 ----a-w- C:\windows\Sysnative\mfds.dll 2016-01-13 19:28:10 705DC0E4337CFDC6CCC035B2C5F9AF94 1009664 ----a-w- C:\windows\Sysnative\WMSPDMOD.DLL 2016-01-13 19:28:10 65BCE1DC85A1023021D363E0CE4AB14C 845824 ----a-w- C:\windows\Sysnative\Magnify.exe 2016-01-13 19:28:10 5E6F27976D0A53CE834D94F55378B9EE 929792 ----a-w- C:\windows\Sysnative\SRH.dll 2016-01-13 19:28:10 5AB935E396A83A303DEA1FD480A19159 572928 ----a-w- C:\windows\Sysnative\vbscript.dll 2016-01-13 19:28:10 3CCF1EDBF6EC23174F4700E6DB3FFBDF 966416 ----a-w- C:\windows\Sysnative\twinapi.appcore.dll 2016-01-13 19:28:10 0AAA44C103BB9D3BE03398BEF93C52A4 826880 ----a-w- C:\windows\Sysnative\jscript.dll 2016-01-13 19:28:09 B6E5858C57014B0FA4A94F154BBDCC52 784136 ----a-w- C:\windows\Sysnative\mfsvr.dll 2016-01-13 19:28:09 870F1D282F0F8E7D9A56533A87D0551E 779928 ----a-w- C:\windows\Sysnative\evr.dll 2016-01-13 19:28:08 DF84555A734BA2BDA55BCCCC47095ADD 1015808 ----a-w- C:\windows\Sysnative\RDXService.dll 2016-01-13 19:28:08 52ABEA8D9AF917CDFF22931595BDC64F 122880 ----a-w- C:\windows\Sysnative\VEDataLayerHelpers.dll 2016-01-13 19:28:08 311F4D131C28DA12595132A35124E955 910848 ----a-w- C:\windows\Sysnative\SharedStartModel.dll 2016-01-13 19:28:08 09247D43F19CAFEEFEBF6A32F3A1225F 118272 ----a-w- C:\windows\Sysnative\KnobsCsp.dll 2016-01-13 19:28:08 02786761624CE45D67A480D992C459AC 931328 ----a-w- C:\windows\Sysnative\MSMPEG2ENC.DLL 2016-01-13 19:28:07 E5D86250453B33900666D92ED1A92ABE 2740224 ----a-w- C:\windows\Sysnative\wininet.dll 2016-01-13 19:28:07 D1650F6BDDF820399421C2952675731A 2558976 ----a-w- C:\windows\Sysnative\mssrch.dll 2016-01-13 19:28:07 ACA9EAA9CC52E8DA0784FE3B06E06265 609592 ----a-w- C:\windows\Sysnative\ci.dll 2016-01-13 19:28:07 5A863500AB522EFA6270019D613F15F9 757760 ----a-w- C:\windows\Sysnative\fveapi.dll 2016-01-13 19:28:06 EE329CCF9C1E1CF6096E3935943CB3A5 667856 ----a-w- C:\windows\Sysnative\advapi32.dll 2016-01-13 19:28:06 17159DF4093B2F33B95AB9F703EA8391 796160 ----a-w- C:\windows\Sysnative\TokenBroker.dll 2016-01-13 19:28:05 F90129379A9D912CCF4EADC50F546C8B 463872 ----a-w- C:\windows\Sysnative\MFWMAAEC.DLL 2016-01-13 19:28:05 B539D98D907A8F94DC3B7BB37B014008 678912 ----a-w- C:\windows\Sysnative\qedit.dll 2016-01-13 19:28:05 58395E37ED838B93A56F1D089C2F53CF 1643872 ----a-w- C:\windows\Sysnative\diagtrack.dll 2016-01-13 19:28:04 D4E92C0C0F9C5054B03D67A3C0B41961 555768 ----a-w- C:\windows\Sysnative\directmanipulation.dll 2016-01-13 19:28:04 8F52D8477ED3EF446EC72D087FF6B1F5 355328 ----a-w- C:\windows\Sysnative\ninput.dll 2016-01-13 19:28:04 69B076C9D3B75647EE1807E168F20F78 2415104 ----a-w- C:\windows\Sysnative\DWrite.dll 2016-01-13 19:28:04 65A0B3477231CE37B09A719DBBB9FCF1 671232 ----a-w- C:\windows\Sysnative\WUDFx02000.dll 2016-01-13 19:28:04 506F9F526D42BB4C0A579CB78F923A48 483328 ----a-w- C:\windows\Sysnative\OneDriveSettingSyncProvider.dll 2016-01-13 19:28:04 4D9B59BCD7FA373D52E5CD9A285C332C 587776 ----a-w- C:\windows\Sysnative\ieui.dll 2016-01-13 19:28:04 37B5ECB8C390D9FD5A5BB2FFB7294B9E 553808 ----a-w- C:\windows\Sysnative\SettingSyncHost.exe 2016-01-13 19:28:04 0BC61871B9B1446C0B28CB5526DC171C 893440 ----a-w- C:\windows\Sysnative\MbaeApiPublic.dll 2016-01-13 19:28:04 0367B8FA0C41969DD92F489DA5FE664F 603648 ----a-w- C:\windows\Sysnative\duser.dll 2016-01-13 19:28:03 D2F7EF42F82CEA2545A7A8D103B57DF5 596480 ----a-w- C:\windows\Sysnative\SettingSync.dll 2016-01-13 19:28:03 BF746516D6DCDF242976A6893D65A778 771072 ----a-w- C:\windows\Sysnative\Chakradiag.dll 2016-01-13 19:28:03 A108F6D878F2B95EAA00A088EDE0E598 1294336 ----a-w- C:\windows\Sysnative\wcnwiz.dll 2016-01-13 19:28:03 913E47FCD3B43EC27215F90884915CAF 780288 ----a-w- C:\windows\Sysnative\Windows.ApplicationModel.Store.dll 2016-01-13 19:28:03 74C965E6A46F070196BDBC1CBD7DB8F8 607408 ----a-w- C:\windows\Sysnative\fontdrvhost.exe 2016-01-13 19:28:03 5CE3C624FABA3154504DF9A2BD029A5E 50176 ----a-w- C:\windows\Sysnative\WcnNetsh.dll 2016-01-13 19:28:03 4AC4CB97674AB132ACB8309C0615452B 772448 ----a-w- C:\windows\Sysnative\invagent.dll 2016-01-13 19:28:03 0291A553B39D1CE0D108CF2388006B33 42496 ----a-w- C:\windows\Sysnative\usermgrcli.dll 2016-01-13 19:28:02 A70A997B88EAEE0E898DA5773045AFF1 2446336 ----a-w- C:\windows\Sysnative\InputService.dll 2016-01-13 19:28:02 A2FD4588F579F8671E4AB1064633CB46 712704 ----a-w- C:\windows\Sysnative\usermgr.dll 2016-01-13 19:28:02 8F643B386A381879A90946ACB6E7F30D 502272 ----a-w- C:\windows\Sysnative\dlnashext.dll 2016-01-13 19:28:02 72C37168B3A428F33D566130382D3D85 523776 ----a-w- C:\windows\Sysnative\catsrvut.dll 2016-01-13 19:28:02 2E4FA4D0461BB78EC23E12404BED604E 179712 ----a-w- C:\windows\Sysnative\coredpus.dll 2016-01-13 19:28:01 BF77FC08A7D4DC37A659561B29FA23EC 163840 ----a-w- C:\windows\Sysnative\CallHistoryClient.dll 2016-01-13 19:28:01 AF32A0D3E5A07AA50F4012C419E63757 539136 ----a-w- C:\windows\Sysnative\mfh264enc.dll 2016-01-13 19:28:01 8D23F0819A00C547814409B734DD3747 503808 ----a-w- C:\windows\Sysnative\tileobjserver.dll 2016-01-13 19:28:01 839BD56425530973FF3F6F7C0057CD22 288256 ----a-w- C:\windows\Sysnative\PimIndexMaintenance.dll 2016-01-13 19:28:01 68DE1997977CD3A86D5F8D0FD23056EA 1563392 ----a-w- C:\windows\Sysnative\winmde.dll 2016-01-13 19:28:01 684F1E1B5D07451B600EA3C3D728A534 281600 ----a-w- C:\windows\Sysnative\VEEventDispatcher.dll 2016-01-13 19:28:01 4CF70EA2E9B2DF1F942B357DCC0E33E8 365568 ----a-w- C:\windows\Sysnative\atmfd.dll 2016-01-13 19:28:01 32212C0FE0556915E763C29DEB6D267E 1423872 ----a-w- C:\windows\Sysnative\UserDataService.dll 2016-01-13 19:27:59 E22030052530D1A6825C47B997EC0DD3 814080 ----a-w- C:\windows\Sysnative\msctfuimanager.dll 2016-01-13 19:27:59 DBA8FE1EAA344106C334E193D3D57B66 73728 ----a-w- C:\windows\Sysnative\wwancfg.dll 2016-01-13 19:27:59 C8C5DFF028EA28D7846E95D8E5461794 570880 ----a-w- C:\windows\Sysnative\MbaeApi.dll 2016-01-13 19:27:59 C197284A9D565A38497733AF2BDFA111 1679360 ----a-w- C:\windows\Sysnative\FntCache.dll 2016-01-13 19:27:59 9C0547B502CFB4F750B883EC4425B30C 441696 ----a-w- C:\windows\Sysnative\devinv.dll 2016-01-13 19:27:59 69AC1B59A11F3FDBDBEB5B9B09D7E05B 379392 ----a-w- C:\windows\Sysnative\qdvd.dll 2016-01-13 19:27:59 38F08B82ADEEA1003B4A5177BB5366B3 347136 ----a-w- C:\windows\Sysnative\ncryptprov.dll 2016-01-13 19:27:59 363F3F99863C2BB8612C9133E45BF3E6 387584 ----a-w- C:\windows\Sysnative\LockAppBroker.dll 2016-01-13 19:27:58 F9BD360A4799BB54A01692940C46CA2B 537080 ----a-w- C:\windows\Sysnative\WWanAPI.dll 2016-01-13 19:27:58 986BC1A9E29A9E35C1D10D874616ACBB 215040 ----a-w- C:\windows\Sysnative\notepad.exe 2016-01-13 19:27:58 0D5C9E27E93AAEA3E30A1E59A7AC3DFF 1205248 ----a-w- C:\windows\Sysnative\Unistore.dll 2016-01-13 19:27:57 F57FE0BD8BD7E1F8088FE18D0FD7BEE9 501008 ----a-w- C:\windows\Sysnative\AudioEng.dll 2016-01-13 19:27:57 EF3BBA8739757B470D0E49C8619A31C0 53760 ----a-w- C:\windows\Sysnative\Windows.Speech.Pal.dll 2016-01-13 19:27:57 BA77A5B7C3602D0A8DC96CC5ED4AD665 249464 ----a-w- C:\windows\Sysnative\RESAMPLEDMO.DLL 2016-01-13 19:27:57 B89FE628B72CEA4674787D13A87CEE9A 387584 ----a-w- C:\windows\Sysnative\NetSetupShim.dll 2016-01-13 19:27:57 AF34122A1B595218036B4049D802B470 1203712 ----a-w- C:\windows\Sysnative\Windows.Devices.Bluetooth.dll 2016-01-13 19:27:57 8AFDD74F2DC5BAD9B2215FB19DB65240 809352 ----a-w- C:\windows\Sysnative\CoreMessaging.dll 2016-01-13 19:27:57 8A216BBE091DA0585F6A5E8B65980961 324096 ----a-w- C:\windows\Sysnative\profsvc.dll 2016-01-13 19:27:57 43A1B8B43CA4E213E0FD920F2FD6BCBA 267776 ----a-w- C:\windows\Sysnative\Windows.Internal.Management.dll 2016-01-13 19:27:57 334206DD8DA94B0AEBC46A3196888031 83968 ----a-w- C:\windows\Sysnative\DeviceEnroller.exe 2016-01-13 19:27:57 157B1CABAF5201237EECA4FB0F34D822 403456 ----a-w- C:\windows\Sysnative\dmenrollengine.dll 2016-01-13 19:27:57 103CBAC0689FA88081E421E8203BA2F0 305664 ----a-w- C:\windows\Sysnative\ksproxy.ax 2016-01-13 19:27:56 D33C8E7B495A668F4F9740CC93AF6496 453120 ----a-w- C:\windows\Sysnative\Windows.Devices.Usb.dll 2016-01-13 19:27:56 C92EBECB1E30E7E6006C0D8B4040C3F6 274944 ----a-w- C:\windows\Sysnative\syncutil.dll 2016-01-13 19:27:56 90211F7475F525E7F9858C0CE3BBBBE7 1774592 ----a-w- C:\windows\Sysnative\Windows.UI.Immersive.dll 2016-01-13 19:27:55 E4FEBAC5221A92C25734A9769B66A97D 310784 ----a-w- C:\windows\Sysnative\ActionCenter.dll 2016-01-13 19:27:55 E19B29DCA6AF0D29E180769FEDD408DD 250520 ----a-w- C:\windows\Sysnative\MPG4DECD.DLL 2016-01-13 19:27:55 76432D2E5504D33B4D2B1F837A057ED4 251544 ----a-w- C:\windows\Sysnative\MP43DECD.DLL 2016-01-13 19:27:55 6FBC6166E73518A8FEF03DCEB5BC4F34 246272 ----a-w- C:\windows\Sysnative\PackageStateRoaming.dll 2016-01-13 19:27:55 3DB6BAA19408895C9E0BB55084DD94F3 595456 ----a-w- C:\windows\Sysnative\LogonController.dll 2016-01-13 19:27:54 C6BA8ADCD2F2A626E01B20D740C5A9AF 1602560 ----a-w- C:\windows\Sysnative\urlmon.dll 2016-01-13 19:27:54 B7927A1D40BD17BC963E9353DBB36CD7 869376 ----a-w- C:\windows\Sysnative\MapControlCore.dll 2016-01-13 19:27:54 A92AFC8FB13ADC1CB59719B3E519C843 1294352 ----a-w- C:\windows\Sysnative\winload.efi 2016-01-13 19:27:54 7E8811597D2752736B776F15A1C8FAA6 856576 ----a-w- C:\windows\Sysnative\ContactApis.dll 2016-01-13 19:27:54 35EC6A4E7384E233CBB5EEFD3BC2204D 247296 ----a-w- C:\windows\Sysnative\facecredentialprovider.dll 2016-01-13 19:27:54 327DA4A4DE4E9BECF2C16967366C74E2 186880 ----a-w- C:\windows\Sysnative\cloudAP.dll 2016-01-13 19:27:54 2C144777278ECD6DFF4B5A90F742C1AA 346112 ----a-w- C:\windows\Sysnative\ngccredprov.dll 2016-01-13 19:27:54 2B4D03A121996467E53AF02F028FD017 235008 ----a-w- C:\windows\Sysnative\UserMgrProxy.dll 2016-01-13 19:27:54 20436EF4CDBBC0B87464EE42D9D31C99 306688 ----a-w- C:\windows\Sysnative\NotificationObjFactory.dll 2016-01-13 19:27:54 11648E08564ECFC6CB435990261F1A34 1123400 ----a-w- C:\windows\Sysnative\winload.exe 2016-01-13 19:27:54 02954F6B3389EF56088EF1C99B6105BA 202240 ----a-w- C:\windows\Sysnative\accountaccessor.dll 2016-01-13 19:27:53 B32BD244B13DEC1DD050146B5F5466D7 1061888 ----a-w- C:\windows\Sysnative\reseteng.dll 2016-01-13 19:27:53 9C2B0E3A21CECD14E20A848F0DE94B24 517632 ----a-w- C:\windows\Sysnative\NotificationController.dll 2016-01-13 19:27:53 71107775BE0E612150F032CE21DD9C7C 88384 ----a-w- C:\windows\Sysnative\remoteaudioendpoint.dll 2016-01-13 19:27:53 5D046D71B18BEFB2E4D164C3DEEDD672 187392 ----a-w- C:\windows\Sysnative\NetSetupSvc.dll 2016-01-13 19:27:53 2C82D9E55432915A68A609008BDEF41A 1563472 ----a-w- C:\windows\Sysnative\wmpmde.dll 2016-01-13 19:27:52 E407B70B9D21CA3967485D464A01BAE5 140288 ----a-w- C:\windows\Sysnative\WcnApi.dll 2016-01-13 19:27:52 BBA571F40F08F967531573109F7FA95E 169984 ----a-w- C:\windows\Sysnative\mdmregistration.dll 2016-01-13 19:27:52 B3CD8B2CBC6E48B194116B28F72CDA67 408064 ----a-w- C:\windows\Sysnative\CredProvDataModel.dll 2016-01-13 19:27:52 3DB512EC071AB5656EECA3611E24C797 752640 ----a-w- C:\windows\Sysnative\ChatApis.dll 2016-01-13 19:27:52 3C6F2EF4541A9CD98EFED7B8CE9D061F 112640 ----a-w- C:\windows\Sysnative\fdWCN.dll 2016-01-13 19:27:52 3B397ED55AE652520503CCE0996B0D25 160256 ----a-w- C:\windows\Sysnative\enrollmentapi.dll 2016-01-13 19:27:52 01F1D71F291A64266E3B0DF60E6B6CE7 117760 ----a-w- C:\windows\Sysnative\dafWCN.dll 2016-01-13 19:27:51 F1A6A22A63F380DFF28C55B11D688B0C 102304 ----a-w- C:\windows\Sysnative\omadmapi.dll 2016-01-13 19:27:51 D348983828D21D3D05711812A2811DCF 243248 ----a-w- C:\windows\Sysnative\mfps.dll 2016-01-13 19:27:51 C18ED3B56B91A835F019634180349E8A 849408 ----a-w- C:\windows\Sysnative\comdlg32.dll 2016-01-13 19:27:51 B02EA3A2E6BEDAB9C954AAC6BD887874 292856 ----a-w- C:\windows\Sysnative\LockAppHost.exe 2016-01-13 19:27:51 97EB90D57B84797D01D59E862B1FF9E8 1591848 ----a-w- C:\windows\Sysnative\gdi32.dll 2016-01-13 19:27:51 863E39BB1F8779B8A6CEEC4BA93401C2 1018568 ----a-w- C:\windows\Sysnative\winresume.efi 2016-01-13 19:27:51 62CFDB1741D700E2292242B50F1EC1A9 168960 ----a-w- C:\windows\Sysnative\InstallAgent.exe 2016-01-13 19:27:50 E283DE7B5BB438BE4CCD393DA582A5D2 404480 ----a-w- C:\windows\Sysnative\diagtrack_wininternal.dll 2016-01-13 19:27:50 C5890CAD6482B12ECA19E680B779560F 858408 ----a-w- C:\windows\Sysnative\winresume.exe 2016-01-13 19:27:50 64D7B91B7D667A70782D9C76D6292C3C 980832 ----a-w- C:\windows\Sysnative\SecConfig.efi 2016-01-13 19:27:49 F3994884BE4F1019B4EC34F85A3397E7 171520 ----a-w- C:\windows\Sysnative\WinBioDataModel.dll 2016-01-13 19:27:49 D4D08AB39F842C640B7F8B1296BDC38C 121344 ----a-w- C:\windows\Sysnative\DAMM.dll 2016-01-13 19:27:49 919663D05E791FBC7A5766E150435279 120832 ----a-w- C:\windows\Sysnative\NetworkStatus.dll 2016-01-13 19:27:49 917C7C09612AD81BCF0C49007740DB4E 775312 ----a-w- C:\windows\Sysnative\locale.nls 2016-01-13 19:27:49 7E90F66669509E7BD2B250BC271D94E2 171008 ----a-w- C:\windows\Sysnative\dot3mm.dll 2016-01-13 19:27:49 2C7B2FD825A8AF0A1338D86B5AFA4343 413184 ----a-w- C:\windows\Sysnative\diagtrack_win.dll 2016-01-13 19:27:49 0F7067F069D502954F4E9E3D3378585B 79872 ----a-w- C:\windows\Sysnative\BthRadioMedia.dll 2016-01-13 19:27:48 E650DD63BF9C8F4369C547B72DC81888 333312 ----a-w- C:\windows\Sysnative\MusUpdateHandlers.dll 2016-01-13 19:27:48 D907DFF972354542D5B0B4414B308B75 312832 ----a-w- C:\windows\Sysnative\SensorsApi.dll 2016-01-13 19:27:48 B9FC9E9B55C74557FEC004BF8B1184F4 359936 ----a-w- C:\windows\Sysnative\ncsi.dll 2016-01-13 19:27:48 B8401703E619E7BD7B5A659306A9BFE6 84480 ----a-w- C:\windows\Sysnative\MDMAppInstaller.exe 2016-01-13 19:27:48 A1EFFF8EA50BE57AC38264541F1B88FD 801632 ----a-w- C:\windows\Sysnative\WWAHost.exe 2016-01-13 19:27:48 62821B34C9D94E7E58FD2D71F426F5C0 78848 ----a-w- C:\windows\Sysnative\VPNv2CSP.dll 2016-01-13 19:27:48 509FF13E5C4FD63846FCA01A5ED912DB 521728 ----a-w- C:\windows\Sysnative\PsmServiceExtHost.dll 2016-01-13 19:27:48 49213BF8E7EEE157F128C58D75043B09 68096 ----a-w- C:\windows\Sysnative\EnterpriseDesktopAppMgmtCSP.dll 2016-01-13 19:27:48 38A519B37BAD270D0C65AE3AF7A083F2 1817064 ----a-w- C:\windows\Sysnative\WMALFXGFXDSP.dll 2016-01-13 19:27:48 184EA31BE714F3B33A5E96CBE103561C 78528 ----a-w- C:\windows\Sysnative\acmigration.dll 2016-01-13 19:27:46 F777FE6BA9C62A4D90BC7017C8FED35F 336384 ----a-w- C:\windows\Sysnative\SearchProtocolHost.exe 2016-01-13 19:27:46 D1AA97B30A9ED6F89DC3848C8BF53513 224256 ----a-w- C:\windows\Sysnative\KnobsCore.dll 2016-01-13 19:27:46 B31569B0E7A467D4050FA49CFCBFCEFA 204800 ----a-w- C:\windows\Sysnative\wcmcsp.dll 2016-01-13 19:27:46 9045120B390CDA9C0C7DB93745B92554 720896 ----a-w- C:\windows\Sysnative\EmailApis.dll 2016-01-13 19:27:46 7910232E31799A576F2509DA92CB8813 928256 ----a-w- C:\windows\Sysnative\JpMapControl.dll 2016-01-13 19:27:46 41C0EC5B11375F9CA045AFEF1EB75D5F 366592 ----a-w- C:\windows\Sysnative\wuuhext.dll 2016-01-13 19:27:46 194239DA484C7DB62E6773ABB5DD4463 269312 ----a-w- C:\windows\Sysnative\provengine.dll 2016-01-13 19:27:46 0E585006B82E0566AE521641D827F852 235520 ----a-w- C:\windows\Sysnative\SettingsHandlers_Notifications.dll 2016-01-13 19:27:45 0D75CBD29B38A8D9361033A6884848AF 25280 ----a-w- C:\windows\Sysnative\CompatTelRunner.exe 2016-01-13 19:27:44 FBFC4EAC38BEC9515BBAC57D1F2288E6 573440 ----a-w- C:\windows\Sysnative\Windows.Cortana.Desktop.dll 2016-01-13 19:27:44 F548C34A6FF655F0A716316133B4DD5D 590336 ----a-w- C:\windows\Sysnative\MessagingDataModel2.dll 2016-01-13 19:27:44 E4257DF7C5517E3996047F7ADDB208F5 8847 ----a-w- C:\windows\Sysnative\ResPriHMImageList 2016-01-13 19:27:44 D61C3ED7C5F0D1B5BD9B351FEC381D57 120832 ----a-w- C:\windows\Sysnative\omadmclient.exe 2016-01-13 19:27:44 D37063C5B492B7B4F26D24C62167C8BE 137728 ----a-w- C:\windows\Sysnative\VEStoreEventHandlers.dll 2016-01-13 19:27:44 B171608F20705895726DE86B34D1FBAC 95744 ----a-w- C:\windows\Sysnative\LocationWiFiAdapter.dll 2016-01-13 19:27:44 9C71FA3F776218AD2394833B8DE79031 685568 ----a-w- C:\windows\Sysnative\AppointmentApis.dll 2016-01-13 19:27:44 98EAC529E0F9A1566E9E19D4667854EC 181760 ----a-w- C:\windows\Sysnative\shutdownux.dll 2016-01-13 19:27:44 85146ABCB1EF298D1FF6EE4D5541788C 832512 ----a-w- C:\windows\Sysnative\MapsStore.dll 2016-01-13 19:27:44 65F1F4DBB4A6FA971BF9F00129F452A0 494592 ----a-w- C:\windows\Sysnative\StoreAgent.dll 2016-01-13 19:27:44 5E8D09216315B063FD4AEAB9508F0776 1087296 ----a-w- C:\windows\Sysnative\mfplat.dll 2016-01-13 19:27:44 01074D7E7370E7A7CAFF0DC442C89794 113184 ----a-w- C:\windows\Sysnative\userenv.dll 2016-01-13 19:27:43 F5839DD5FD73019B046ED7FD87AE6C71 123392 ----a-w- C:\windows\Sysnative\mssprxy.dll 2016-01-13 19:27:43 EBD5F0FDD3EBB6EE6F6EE524206AD0AE 26624 ----a-w- C:\windows\Sysnative\LicenseManagerShellext.exe 2016-01-13 19:27:43 D88952BD78157D66A0921B63F5DD0EC5 439296 ----a-w- C:\windows\Sysnative\LocationWebproxy.dll 2016-01-13 19:27:43 CFFE537A11AE6C825F36240B96689886 993104 ----a-w- C:\windows\Sysnative\ReAgent.dll 2016-01-13 19:27:43 AC180D981BD23443793F7AA71BBE344A 599552 ----a-w- C:\windows\Sysnative\wpnapps.dll 2016-01-13 19:27:43 77C8CD0AACC1D059EDF6E91920D11550 421888 ----a-w- C:\windows\Sysnative\Windows.Internal.Bluetooth.dll 2016-01-13 19:27:43 02707CF32272B726BB410E6717BBB7E8 446976 ----a-w- C:\windows\Sysnative\MapConfiguration.dll 2016-01-13 19:27:42 EA1C2DAB8A63712B94897A58557B086C 371712 ----a-w- C:\windows\Sysnative\nlasvc.dll 2016-01-13 19:27:42 E6B7193FF6E1FBFD644E0D5545A6E779 7168 ----a-w- C:\windows\Sysnative\KBDAZST.DLL 2016-01-13 19:27:42 E6337423BD19DD12EB6777934B57E0F4 176640 ----a-w- C:\windows\Sysnative\LocationPeIP.dll 2016-01-13 19:27:42 AE15D9860C287112D57062E24FCD6EB9 7168 ----a-w- C:\windows\Sysnative\KBDAZE.DLL 2016-01-13 19:27:42 A0DBB9386BEA8DA1A159C2A2E07081A3 856576 ----a-w- C:\windows\Sysnative\MPSSVC.dll 2016-01-13 19:27:42 75051FAAA293FA5414105A2BDA6BAC05 223232 ----a-w- C:\windows\Sysnative\PhoneCallHistoryApis.dll 2016-01-13 19:27:42 69B49DECE9996743DB231D06F49701B2 7168 ----a-w- C:\windows\Sysnative\KBDAZEL.DLL 2016-01-13 19:27:42 63D8A023148D8436D6CBA65E2B9ED56A 143360 ----a-w- C:\windows\Sysnative\provops.dll 2016-01-13 19:27:42 5793FBBB1F120D1815A8348434ED236C 221184 ----a-w- C:\windows\Sysnative\LocationPeWiFi.dll 2016-01-13 19:27:42 50B2D1C6E83407093678C0B0791F4B74 7168 ----a-w- C:\windows\Sysnative\kbdgeoqw.dll 2016-01-13 19:27:42 26E5D4CA29A7B33EAD6E4C07D7DD3FBF 193024 ----a-w- C:\windows\Sysnative\EnterpriseModernAppMgmtCSP.dll 2016-01-13 19:27:42 230C8AEE3C7F4723ABEA09C93DF47AF3 257024 ----a-w- C:\windows\Sysnative\UserDataAccountApis.dll 2016-01-13 19:27:42 17A344D0A065883ABE6A9239093E7CA9 594472 ----a-w- C:\windows\Sysnative\Windows.Internal.Shell.Broker.dll 2016-01-13 19:27:42 141ABE24124CB1E25954E9D52FF1B999 67072 ----a-w- C:\windows\Sysnative\profext.dll 2016-01-13 19:27:42 124DC4FC14EEA95B8E05F139A57D5B91 553472 ----a-w- C:\windows\Sysnative\GamePanel.exe 2016-01-13 19:27:42 07B5710393558DD734647D5F2F020647 215552 ----a-w- C:\windows\Sysnative\LocationCrowdsource.dll 2016-01-13 19:27:41 F0B43C550BD519423FB79A58A860CE0B 204288 ----a-w- C:\windows\Sysnative\LocationPeCell.dll 2016-01-13 19:27:41 F01743062DA74A24A0E7836289E33731 187904 ----a-w- C:\windows\Sysnative\provisioningcsp.dll 2016-01-13 19:27:41 BABB3A14002CE205616C9A10373AE040 253952 ----a-w- C:\windows\Sysnative\SettingsHandlers_UserAccount.dll 2016-01-13 19:27:41 54D78B8A26900F3E08191ABF0AD499A2 193536 ----a-w- C:\windows\Sysnative\SharedStartModelShim.dll 2016-01-12 14:29:48 6FB144600FAE112D455DC5792091B42A 301728 ------w- C:\windows\Sysnative\MpSigStub.exe ====== C:\windows\Sysnative\drivers ===== 2016-01-19 10:40:57 F803473CD0E5D36D02EB58109F1294CD 62080 ----a-w- C:\windows\Sysnative\drivers\PSKMAD.sys 2016-01-14 18:04:33 AA0BA747EC0431EB104BB2FF6440DD66 173488 ----a-w- C:\windows\Sysnative\drivers\PSINAflt.sys 2016-01-14 18:04:33 65A7D90A0C1E8B972CB0C99A4C8DB6B1 146352 ----a-w- C:\windows\Sysnative\drivers\PSINProt.sys 2016-01-14 18:04:32 868F4F576974830118E1DDBF129511E2 117168 ----a-w- C:\windows\Sysnative\drivers\PSINReg.sys 2016-01-14 18:04:26 D8B1D430406F95B761D67C4AD1914D8F 133552 ----a-w- C:\windows\Sysnative\drivers\PSINProc.sys 2016-01-14 18:04:25 EA50EC24E63CB1011AB6D47A80804478 129456 ----a-w- C:\windows\Sysnative\drivers\PSINFile.sys 2016-01-14 18:04:25 C62E122E2D40C403CA1C7D2382319C1E 207280 ----a-w- C:\windows\Sysnative\drivers\PSINKNC.sys 2016-01-13 19:58:57 1909713BDAD7D5BF868FDF2F8283FFD3 33960 ----a-w- C:\windows\Sysnative\drivers\Smb_driver_Intel.sys 2016-01-13 19:36:15 EC6CED4AC409376319E06DDEC8D0D260 4620504 ----a-w- C:\windows\Sysnative\drivers\rtwlane.sys 2016-01-13 19:28:53 9B2039C5673EEBF1D4E34ABC0AFB88C7 685568 ----a-w- C:\windows\Sysnative\drivers\WdiWiFi.sys 2016-01-13 19:28:52 C67A03F54A1EA683F4880A481EE5FF6C 373072 ----a-w- C:\windows\Sysnative\drivers\USBXHCI.SYS 2016-01-13 19:28:52 7BF844D362EB746BC7A6DC3F57FA3E32 8192 ----a-w- C:\windows\Sysnative\drivers\gpuenergydrv.sys 2016-01-13 19:28:52 70469C8AC4AD367295E70CFDD81B754C 99664 ----a-w- C:\windows\Sysnative\drivers\pdc.sys 2016-01-13 19:28:51 D42AC03ACF9CA67693D1D9BB4D2A0BC8 116064 ----a-w- C:\windows\Sysnative\drivers\tdx.sys 2016-01-13 19:28:51 AE7B7E1E95BFB9340B1956C98CA52C81 80720 ----a-w- C:\windows\Sysnative\drivers\stornvme.sys 2016-01-13 19:28:51 A3D96563BF46FC8A0E5756B796127D14 577888 ----a-w- C:\windows\Sysnative\drivers\afd.sys 2016-01-13 19:28:51 91756EE69E63D66F77E3B791D33F7078 459104 ----a-w- C:\windows\Sysnative\drivers\netio.sys 2016-01-13 19:28:51 89C9C3745F270EF93988DA57BC6AA62B 1983824 ----a-w- C:\windows\Sysnative\drivers\dxgkrnl.sys 2016-01-13 19:28:51 7C3DDCB6F927AFC5569A8CC584F5B5F3 147968 ----a-w- C:\windows\Sysnative\drivers\rmcast.sys 2016-01-13 19:28:51 7680537006A420D7488E5057A8149F86 442208 ----a-w- C:\windows\Sysnative\drivers\storport.sys 2016-01-13 19:28:51 1434CA8A224655AD096D57DB24D3AA85 406864 ----a-w- C:\windows\Sysnative\drivers\FWPKCLNT.SYS 2016-01-13 19:28:50 FA5C94FB36625787063D04CF2F24E890 320000 ----a-w- C:\windows\Sysnative\drivers\portcls.sys 2016-01-13 19:28:50 DAF957B25A35757E9D814611FAE8FE3B 237392 ----a-w- C:\windows\Sysnative\drivers\rdyboost.sys 2016-01-13 19:28:50 27E248CD861AFED4DF0C48F4C853E7F0 80896 ----a-w- C:\windows\Sysnative\drivers\hdaudbus.sys 2016-01-13 19:28:50 1BDA1FD02783566F0B20EB0E2517F85C 516448 ----a-w- C:\windows\Sysnative\drivers\USBHUB3.SYS 2016-01-13 19:28:48 854AF190F55E6D70EC65A85798F896E2 36352 ----a-w- C:\windows\Sysnative\drivers\buttonconverter.sys 2016-01-13 19:28:48 7EBD20284AC9BF9F0A020B86769BB074 2432336 ----a-w- C:\windows\Sysnative\drivers\tcpip.sys 2016-01-13 19:28:10 927AD29D7F91B9A0C5294932374DA15E 894256 ----a-w- C:\windows\Sysnative\drivers\Wdf01000.sys 2016-01-13 19:28:04 FDB239DBE2A14B572D21ABCEDC7BB5D0 505696 ----a-w- C:\windows\Sysnative\drivers\dxgmms2.sys 2016-01-13 19:28:04 B6A33DCEBE437F909615E89BA5FB1385 395088 ----a-w- C:\windows\Sysnative\drivers\dxgmms1.sys 2016-01-13 19:27:59 BA8DC96D1DD7785EB0589CB1777208B7 2115936 ----a-w- C:\windows\Sysnative\drivers\ntfs.sys 2016-01-13 19:27:59 5A1C6AFFF6946C5C21A27AE05084C0D1 332624 ----a-w- C:\windows\Sysnative\drivers\fastfat.sys 2016-01-13 19:27:57 004C66464D8FE76D5DA78BE6777D61AF 278352 ----a-w- C:\windows\Sysnative\drivers\sdbus.sys 2016-01-13 19:27:55 78CA1FF6FE37EEFAFF99DD1C956AF60A 200528 ----a-w- C:\windows\Sysnative\drivers\wof.sys 2016-01-13 19:27:51 0A368247A900656CC0678117DFC3A87C 498016 ----a-w- C:\windows\Sysnative\drivers\usbhub.sys 2016-01-13 19:27:50 D5EC9413527B286CFEEB0294C53ABB95 102752 ----a-w- C:\windows\Sysnative\drivers\mountmgr.sys 2016-01-13 19:27:48 388F2A3C771B8BEE76FD1AAF9614D08E 52264 ----a-w- C:\windows\Sysnative\drivers\wpcfltr.sys 2016-01-13 19:27:46 988588C16A53C2581488C15FF18934BF 46432 ----a-w- C:\windows\Sysnative\drivers\msgpiowin32.sys 2016-01-13 19:27:44 CFCCF9F67EECBA6BFE4E880D9BE70CBB 22528 ----a-w- C:\windows\Sysnative\drivers\usb8023.sys 2016-01-13 19:27:43 616F40B897DA651221F86A1741E9609B 1168736 ----a-w- C:\windows\Sysnative\drivers\ndis.sys 2015-12-27 12:12:37 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\windows\Sysnative\drivers\MBAMSwissArmy.sys 2015-12-27 12:12:23 CFBC6C6D8A492697CABD1D353EE64933 25816 ----a-w- C:\windows\Sysnative\drivers\mbam.sys 2015-12-27 12:12:23 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849 109272 ----a-w- C:\windows\Sysnative\drivers\mbamchameleon.sys 2015-12-27 12:12:23 08DECFCB9BA97786165A69AB1015BC30 64216 ----a-w- C:\windows\Sysnative\drivers\mwac.sys 2015-12-23 18:48:43 E77CB3736A702D46A6FB15FB4A9894E3 21184 ----a-w- C:\windows\Sysnative\drivers\SmartDefragDriver.sys 2015-12-22 20:00:56 25B2CCB6B9CF909367B1FD6D2D93D139 3741396 ----a-w- C:\windows\Sysnative\drivers\RTAIODAT.DAT 2015-12-22 19:59:58 B1679D907958C3F62EFDAA8BF1093209 475384 ----a-w- C:\windows\Sysnative\drivers\IntcDAud.sys 2015-12-22 19:59:39 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\windows\Sysnative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf ====== C:\windows\Tasks ====== 2016-01-16 15:20:05 A728C078376AB60A7B10539DD61CFE84 310 ----a-w- C:\windows\Tasks\Uninstaller_SkipUac_rwest.job 2016-01-16 15:20:05 693C0D8973759F4DF0C1EF2C2456A443 2496 ----a-w- C:\windows\Sysnative\Tasks\Uninstaller_SkipUac_rwest 2015-12-30 18:08:44 AF978437B26093FD3D1C9A1BDBDEF887 3256 ----a-w- C:\windows\Sysnative\Tasks\HPCeeScheduleForrwest 2015-12-30 18:08:44 A52032B9C60233BF92B6BD576328B09B 364 ----a-w- C:\windows\Tasks\HPCeeScheduleForrwest.job 2015-12-23 18:48:53 EFB6879D0E230EDC1670F71C3CDE61AD 3316 ----a-w- C:\windows\Sysnative\Tasks\SmartDefrag4_Startup 2015-12-23 18:48:53 93F6DC3DD3EE19B7C9B86B879DD03940 3312 ----a-w- C:\windows\Sysnative\Tasks\SmartDefrag4_Update 2015-12-22 19:50:42 217E724F5878066377E8CCB3D8CB3B18 3074 ----a-w- C:\windows\Sysnative\Tasks\Driver Booster SkipUAC (rwest) 2015-12-22 19:50:42 1DA319FEF105662394B3050F120A555F 3426 ----a-w- C:\windows\Sysnative\Tasks\Driver Booster Scheduler ====== C:\windows\Temp ====== ======= C:\Program Files ===== 2016-01-15 17:29:21 -------- d-----w- C:\Program Files\Reason 2016-01-15 15:30:52 -------- d-----w- C:\Program Files\trend micro 2015-12-22 19:59:39 -------- d-----w- C:\Program Files\Synaptics ======= C:\PROGRA~2 ===== 2016-01-14 10:06:10 -------- d-----w- C:\PROGRA~2\Secunia 2016-01-13 19:34:08 -------- d-----w- C:\PROGRA~2\COMMON~1\PostureAgent 2016-01-13 19:32:31 -------- d-----w- C:\PROGRA~2\COMMON~1\Intel Corporation 2016-01-13 19:30:53 -------- d-----w- C:\PROGRA~2\Mozilla Thunderbird 2015-12-30 15:13:15 -------- d-----w- C:\PROGRA~2\FrostWire 6 2015-12-23 18:49:39 -------- d-----w- C:\PROGRA~2\COMMON~1\IObit 2015-12-22 19:50:39 -------- d-----w- C:\PROGRA~2\IObit ======= C: ===== ====== C:\Users\rwest\AppData\Roaming ====== 2016-01-19 10:40:20 3E29273787452B749ED9D4F3172FEF82 1092552 ----a-w- C:\windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2016-01-18 15:26:21 -------- d-----w- C:\Users\rwest\AppData\Local\Temp 2016-01-13 19:53:14 407AAB8C27CF7081EECE071C90A65B83 17 ----a-w- C:\Users\rwest\AppData\Local\resmon.resmoncfg 2016-01-12 14:28:36 -------- d-s---w- C:\windows\serviceprofiles\networkservice\AppData\LocalLow 2016-01-10 13:49:05 -------- d-----w- C:\Users\rwest\AppData\Local\ElevatedDiagnostics 2015-12-30 15:13:22 -------- d-----w- C:\Users\rwest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6 2015-12-24 18:44:20 -------- d-----w- C:\Users\rwest\AppData\Local\Avira 2015-12-24 18:38:41 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Local\AviraSpeedup 2015-12-24 18:23:20 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Local\Programs ====== C:\Users\rwest ====== 2016-01-16 15:06:14 -------- d-----w- C:\windows\serviceprofiles\Localservice\winhttp 2016-01-15 17:29:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect 2016-01-15 17:29:05 172ED33198484DF87FA015B695EAAD80 2873112 ----a-w- C:\Users\rwest\Downloads\herdProtectScan_Setup.exe 2016-01-15 15:32:48 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (5).exe 2016-01-15 15:30:05 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (4).exe 2016-01-15 15:25:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (3).exe 2016-01-15 15:25:27 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (2).exe 2016-01-15 15:22:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (1).exe 2016-01-15 15:22:44 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64.exe 2016-01-14 18:04:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus 2016-01-14 18:02:34 0702B10B7CBA017EC375ECF61C62FC57 66586256 ----a-w- C:\Users\rwest\Downloads\FREEAV.exe 2016-01-14 10:05:40 74E9B5DEE99CF751FEE42D5B053FBD54 4010016 ----a-w- C:\Users\rwest\Downloads\PSISetup.exe 2016-01-13 19:32:17 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2016-01-06 18:06:21 4F4C89A4CB916B888DCDD38A07C1FF5E 908025 ----a-w- C:\Users\rwest\FlvPlayerSetup.zip 2015-12-30 18:03:05 -------- d-----w- C:\ProgramData\mquadr.at 2015-12-30 15:13:25 -------- d-----w- C:\Users\rwest\.frostwire5 2015-12-27 10:37:26 -------- d-----w- C:\Users\rwest\.swt 2015-12-27 10:36:00 -------- d-----w- C:\Users\rwest\.oracle_jre_usage 2015-12-24 18:19:03 -------- d-----w- C:\ProgramData\Avira 2015-12-23 18:49:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2015-12-23 18:48:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4 2015-12-22 19:50:42 -------- d-----w- C:\ProgramData\IObit 2015-12-22 19:50:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 ====== C: exe-files == 2016-01-18 12:25:45 1BFB6914B4C94F025671CFAA3C70146B 173760 ----a-w- C:\$WINDOWS.~BT\Sources\setupplatform.exe 2016-01-18 12:25:43 1BFB6914B4C94F025671CFAA3C70146B 173760 ----a-w- C:\$WINDOWS.~BT\DUDownload\Setup\setupplatform.exe 2016-01-18 12:25:26 BF99EBCE70D6BFB6D4A2443FBB477E8D 826872 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-01-16 16:19:59 A2992CFFEFE05E5B1C9BA47E7B44C3E2 2420736 ----a-w- C:\Users\rwest\AppData\Local\Packages\Microsoft.WindowsFeedback_cw5n1h2txyewy\AC\Microsoft\CLR_v4.0\NativeImages\FeedbackApp.Windows\95697477f9faa9fa9339c23fbb99b6b3\FeedbackApp.Windows.ni.exe 2016-01-15 17:29:24 B1E24567B8DDA073CFA1D28397C3ECBE 176452 ----a-w- C:\Program Files\Reason\herdProtect\Scanner\Uninstall.exe 2016-01-15 17:29:05 172ED33198484DF87FA015B695EAAD80 2873112 ----a-w- C:\Users\rwest\Downloads\herdProtectScan_Setup.exe 2016-01-15 15:32:48 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (5).exe 2016-01-15 15:30:52 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\rwest.exe 2016-01-15 15:30:05 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (4).exe 2016-01-15 15:25:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (3).exe 2016-01-15 15:25:27 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (2).exe 2016-01-15 15:22:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64 (1).exe 2016-01-15 15:22:44 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\rwest\Downloads\RSITx64.exe 2016-01-15 13:26:00 72697B93E08FC7F425611F2D38F340CF 2776656 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\47.0.2526.111\47.0.2526.111_47.0.2526.106_chrome_updater_3stage.exe 2016-01-14 18:02:34 0702B10B7CBA017EC375ECF61C62FC57 66586256 ----a-w- C:\Users\rwest\Downloads\FREEAV.exe 2016-01-14 10:06:11 07F32A101C2481DD249E5987748EBD49 534635 ----a-w- C:\Program Files (x86)\Secunia\PSI\Uninstall.exe 2016-01-14 10:05:40 74E9B5DEE99CF751FEE42D5B053FBD54 4010016 ----a-w- C:\Users\rwest\Downloads\PSISetup.exe 2016-01-13 19:37:29 4DE599F49C7862C9691EE7843E216F4C 143671360 ----a-w- C:\Windows\System32\MRT.exe 2016-01-13 19:36:37 A1BA6442DD696A243B75DD3163DF0319 858840 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{A5107464-AA9B-4177-8129-5FF2F42DD322}\_SETUP.EXE 2016-01-13 19:36:37 451E548B8B98D123F709D805A45E1B1C 35432 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{A5107464-AA9B-4177-8129-5FF2F42DD322}\Install.exe 2016-01-13 19:36:03 F5F53991CD2F3159BD72682BE2077B1E 81920 ----a-w- C:\Program Files (x86)\Realtek\PCIE Wireless LAN\Driver\devcon.exe 2016-01-13 19:36:03 EC9F6EAC8F703ED441567CD0D0973069 22744 ----a-w- C:\Program Files (x86)\Realtek\PCIE Wireless LAN\Driver\DIFxCmdx64.exe 2016-01-13 19:36:03 A778034CB8A20574F693AB5E192F81EF 97496 ----a-w- C:\Program Files (x86)\Realtek\PCIE Wireless LAN\Driver\InstallDriver.exe 2016-01-13 19:36:03 610DC683E9C9E77E074800582E00667C 84480 ----a-w- C:\Program Files (x86)\Realtek\PCIE Wireless LAN\Driver\SetDrv64.exe 2016-01-13 19:36:03 0F8E4F63C47BBD92E52DA0F5C3177A02 91136 ----a-w- C:\Program Files (x86)\Realtek\PCIE Wireless LAN\Driver\SetVistaDrv64.exe 2016-01-13 19:36:02 EDD400CC92C6D43F98D3D3AFC97C2559 451072 ----a-w- C:\Windows\SysWOW64\ISSRemoveSP.exe 2016-01-13 19:36:02 A1BA6442DD696A243B75DD3163DF0319 858840 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{A5107464-AA9B-4177-8129-5FF2F42DD322}\setup.exe 2016-01-13 19:34:25 A1BA6442DD696A243B75DD3163DF0319 858840 ----a-w- C:\SWSETUP\sp74139\Setup.exe 2016-01-13 19:34:24 959BD375733314B94EE209509CF6D2B0 121344 ----a-w- C:\SWSETUP\sp74139\Install.exe 2016-01-13 19:33:59 C0CB877A4AB9288378DB97B1E6108319 4866048 ----a-w- C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe 2016-01-13 19:33:47 0B10F0B622395F7ADA34EE1A7BA6EC01 66578720 ----a-w- C:\SWSETUP\sp74353\SetupME.exe 2016-01-13 19:32:22 0081B7218730845719F0AB920A33559D 1224192 ----a-w- C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe 2016-01-13 19:32:10 B02DBB994920FF3CC41605DE90789DBC 13952616 ----a-w- C:\SWSETUP\sp74347\SetupRST.exe 2016-01-13 19:30:59 D6741A1460B29110238F46A00575E0A7 22984 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\WSEnable.exe 2016-01-13 19:30:59 1C9C6AE812F6130FE752F2531813BBB6 288200 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\crashreporter.exe 2016-01-13 19:30:58 D2757353D0B370FCC49D4CEA5E9D0740 146888 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice.exe 2016-01-13 19:30:58 5E82082349104C5ABBAF9DA24C384D2B 170368 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice_installer.exe 2016-01-13 19:30:56 FE4B4BE949269D324975A003CFB43551 955584 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe 2016-01-13 19:30:56 DB67271F2F0CF35A8F70AF28DC25E874 304072 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\updater.exe 2016-01-13 19:30:56 AB66522A7C069CD609CD12E0B63D6CDF 276936 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\plugin-container.exe 2016-01-13 19:30:56 59A082F20B26C3BBF81EDACC1E7A0F81 490952 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe 2016-01-13 19:28:52 98986780B8D494326D28DCAB6D601450 154624 ----a-w- C:\Windows\System32\dmcertinst.exe 2016-01-13 19:28:52 7143FF944C20AB5C6D4485A0469F2797 115712 ----a-w- C:\Windows\System32\MbaeParserTask.exe 2016-01-13 19:28:47 551C41C9508BF7117A56FC429D5B6534 8022368 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-01-13 19:28:47 0A2D0D9A0329B9C46F5D793DB51A15C7 1234944 ----a-w- C:\Windows\System32\aitstatic.exe 2016-01-13 19:28:44 DA32F9BFA7851AD4247353EA03755DE6 578560 ----a-w- C:\Windows\System32\winlogon.exe 2016-01-13 19:28:35 068EF19C06EB3050FA121DED6655B745 7454048 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 2016-01-13 19:28:34 83BE96BDA80FE46452E8DAC8A7BEDBA0 6264688 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 2016-01-13 19:28:32 1A8D80F2EA3133AD8DAF64DA25B4B17B 168288 ----a-w- C:\Windows\System32\NetworkUXBroker.exe 2016-01-13 19:28:22 948BD4AC1C7C572312048A284D6C9A7F 562688 ----a-w- C:\Windows\System32\Speech\SpeechUX\SpeechUXWiz.exe 2016-01-13 19:28:15 5275394FE00E85B13DC535C67961DFEB 1907536 ----a-w- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe 2016-01-13 19:28:10 9738D0610EAAD6CE104DFB81AFEDAFDE 786432 ----a-w- C:\Windows\SysWOW64\Magnify.exe 2016-01-13 19:28:10 65BCE1DC85A1023021D363E0CE4AB14C 845824 ----a-w- C:\Windows\System32\Magnify.exe 2016-01-13 19:28:07 E19833B3E69A5B829AB97D5CBD3BF356 1876832 ----a-w- C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe 2016-01-13 19:28:06 4F5230393F48421846F1EEC44F98148B 539728 ----a-w- C:\Windows\SysWOW64\fontdrvhost.exe 2016-01-13 19:28:04 37B5ECB8C390D9FD5A5BB2FFB7294B9E 553808 ----a-w- C:\Windows\System32\SettingSyncHost.exe 2016-01-13 19:28:04 258A4F9A2C91C6C6E36775CDCCB4AFE1 441168 ----a-w- C:\Windows\SysWOW64\SettingSyncHost.exe 2016-01-13 19:28:03 74C965E6A46F070196BDBC1CBD7DB8F8 607408 ----a-w- C:\Windows\System32\fontdrvhost.exe 2016-01-13 19:27:58 9AA440F8F580C573D0F2732DA6ECB87A 207872 ----a-w- C:\Windows\SysWOW64\notepad.exe 2016-01-13 19:27:58 986BC1A9E29A9E35C1D10D874616ACBB 215040 ----a-w- C:\Windows\System32\notepad.exe 2016-01-13 19:27:58 986BC1A9E29A9E35C1D10D874616ACBB 215040 ----a-w- C:\Windows\notepad.exe 2016-01-13 19:27:58 9853C2A9EF7FBC341C65EF89908CA052 482816 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe 2016-01-13 19:27:57 334206DD8DA94B0AEBC46A3196888031 83968 ----a-w- C:\Windows\System32\DeviceEnroller.exe 2016-01-13 19:27:54 B1FBE5BF56C400AEDE037A2FCE3186B5 220160 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe 2016-01-13 19:27:54 55C29E89E33C6B7B5F0A22D46130C10C 624480 ----a-w- C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe 2016-01-13 19:27:54 11648E08564ECFC6CB435990261F1A34 1123400 ----a-w- C:\Windows\System32\winload.exe 2016-01-13 19:27:54 11648E08564ECFC6CB435990261F1A34 1123400 ----a-w- C:\Windows\System32\Boot\winload.exe 2016-01-13 19:27:53 90B9FDEB80471212F08D996A1C4FFBD6 143360 ----a-w- C:\Windows\System32\oobe\windeploy.exe 2016-01-13 19:27:51 E1DB432B3147F70BF684846439ADE38B 136192 ----a-w- C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe 2016-01-13 19:27:51 B02EA3A2E6BEDAB9C954AAC6BD887874 292856 ----a-w- C:\Windows\System32\LockAppHost.exe 2016-01-13 19:27:51 62CFDB1741D700E2292242B50F1EC1A9 168960 ----a-w- C:\Windows\System32\InstallAgent.exe 2016-01-13 19:27:50 C5890CAD6482B12ECA19E680B779560F 858408 ----a-w- C:\Windows\System32\winresume.exe 2016-01-13 19:27:50 C5890CAD6482B12ECA19E680B779560F 858408 ----a-w- C:\Windows\System32\Boot\winresume.exe 2016-01-13 19:27:48 B8401703E619E7BD7B5A659306A9BFE6 84480 ----a-w- C:\Windows\System32\MDMAppInstaller.exe 2016-01-13 19:27:48 AC9DBC3DCA6F57839B8056D6B6835CB3 780640 ----a-w- C:\Windows\Boot\PCAT\memtest.exe 2016-01-13 19:27:48 A1EFFF8EA50BE57AC38264541F1B88FD 801632 ----a-w- C:\Windows\System32\WWAHost.exe 2016-01-13 19:27:48 51DDB23BEB935F57C49166DCFEE10206 243800 ----a-w- C:\Windows\SysWOW64\LockAppHost.exe 2016-01-13 19:27:48 227EDE423D40B3BC2B1A0FC99225DF76 67072 ----a-w- C:\Windows\System32\oobe\oobeldr.exe 2016-01-13 19:27:46 F777FE6BA9C62A4D90BC7017C8FED35F 336384 ----a-w- C:\Windows\System32\SearchProtocolHost.exe 2016-01-13 19:27:46 981229E718319A9A01F7E740A8D855FD 700256 ----a-w- C:\Windows\SysWOW64\WWAHost.exe 2016-01-13 19:27:45 0D75CBD29B38A8D9361033A6884848AF 25280 ----a-w- C:\Windows\System32\CompatTelRunner.exe 2016-01-13 19:27:44 D61C3ED7C5F0D1B5BD9B351FEC381D57 120832 ----a-w- C:\Windows\System32\omadmclient.exe 2016-01-13 19:27:44 7A271F804E4A779646E972BEF9A16CFE 384280 ----a-w- C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe 2016-01-13 19:27:43 EBD5F0FDD3EBB6EE6F6EE524206AD0AE 26624 ----a-w- C:\Windows\System32\LicenseManagerShellext.exe 2016-01-13 19:27:43 B048B365333B4DA075512D67A88AE393 815808 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2016-01-13 19:27:43 96520EEF483B102EFD98B6B246B0EE1D 818880 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2016-01-13 19:27:43 951D71B5D602745997A6DCBA33FC5358 280576 ----a-w- C:\Windows\SysWOW64\SearchProtocolHost.exe 2016-01-13 19:27:43 15ADC9E2333D852C4AADC9388E3E5A40 298864 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe 2016-01-13 19:27:42 D2EAEC106F183572317AF7D68E381063 4532304 ----a-w- C:\Windows\explorer.exe 2016-01-13 19:27:42 4EEB94F7E1ABAB5503EEFEA7F2394370 4047288 ----a-w- C:\Windows\SysWOW64\explorer.exe 2016-01-13 19:27:42 235F302C638D2460B005FD103BCA26E8 101376 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe 2016-01-13 19:27:42 124DC4FC14EEA95B8E05F139A57D5B91 553472 ----a-w- C:\Windows\System32\GamePanel.exe 2016-01-13 19:27:42 116A528112CDE77F28D4C8C9CE210C52 21216 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe 2016-01-13 19:27:42 011A8CA5E2B3399EB0D893587B830C6B 420352 ----a-w- C:\Windows\SysWOW64\GamePanel.exe 2016-01-13 19:27:41 3C10245633B2D8AF20A25AF517E8CD06 170496 ----a-w- C:\Windows\System32\oobe\msoobe.exe 2016-01-12 14:29:48 6FB144600FAE112D455DC5792091B42A 301728 ------w- C:\Windows\System32\MpSigStub.exe === C: other files == 2016-01-19 10:41:15 5C5A797761421CF9B72087F3BC8A5259 180 ----a-w- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-01-19 10:40:57 F803473CD0E5D36D02EB58109F1294CD 62080 ----a-w- C:\Windows\System32\drivers\PSKMAD.sys 2016-01-18 11:35:05 2755616FF1057342FCA260E15B8DE42C 2031 ----a-w- C:\Users\rwest\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\1UXB9NMS\manifest[1].zip 2016-01-17 10:59:51 2755616FF1057342FCA260E15B8DE42C 2031 ----a-w- C:\Users\rwest\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\RB88Z9H2\manifest[1].zip 2016-01-14 18:05:07 E4D444FAE0175BE2786B5A178F5A6CC0 181 ----a-w- C:\ProgramData\panda_url_filtering\white.zip 2016-01-14 18:04:33 AA0BA747EC0431EB104BB2FF6440DD66 173488 -c--a-w- C:\Windows\System32\DRVSTORE\PSINAflt_E7E640259B97C5B460233DB11F626733FFD123AA\PSINAflt.sys 2016-01-14 18:04:33 AA0BA747EC0431EB104BB2FF6440DD66 173488 ----a-w- C:\Windows\System32\drivers\PSINAflt.sys 2016-01-14 18:04:33 65A7D90A0C1E8B972CB0C99A4C8DB6B1 146352 -c--a-w- C:\Windows\System32\DRVSTORE\PSINProt_93806A536B2BE2612121BE3E72C44D4A682A12FA\PSINProt.sys 2016-01-14 18:04:33 65A7D90A0C1E8B972CB0C99A4C8DB6B1 146352 ----a-w- C:\Windows\System32\drivers\PSINProt.sys 2016-01-14 18:04:32 868F4F576974830118E1DDBF129511E2 117168 -c--a-w- C:\Windows\System32\DRVSTORE\PSINReg_C8D45695AEFE7D1A3DBD003F3F3CCAA1C1D92E46\PSINReg.sys 2016-01-14 18:04:32 868F4F576974830118E1DDBF129511E2 117168 ----a-w- C:\Windows\System32\drivers\PSINReg.sys 2016-01-14 18:04:26 D8B1D430406F95B761D67C4AD1914D8F 133552 -c--a-w- C:\Windows\System32\DRVSTORE\PSINProc_89D4BCB26E728A39985C5773D2D4652877A2DC68\PSINProc.sys 2016-01-14 18:04:26 D8B1D430406F95B761D67C4AD1914D8F 133552 ----a-w- C:\Windows\System32\drivers\PSINProc.sys 2016-01-14 18:04:25 EA50EC24E63CB1011AB6D47A80804478 129456 -c--a-w- C:\Windows\System32\DRVSTORE\PSINFile_9099732A843E678E5E00379731AC8036CB1FE545\PSINFile.sys 2016-01-14 18:04:25 EA50EC24E63CB1011AB6D47A80804478 129456 ----a-w- C:\Windows\System32\drivers\PSINFile.sys 2016-01-14 18:04:25 C62E122E2D40C403CA1C7D2382319C1E 207280 -c--a-w- C:\Windows\System32\DRVSTORE\PSINKnc_4D8021F88C4479C8D198FAB698274C07099AE947\PSINKNC.sys 2016-01-14 18:04:25 C62E122E2D40C403CA1C7D2382319C1E 207280 ----a-w- C:\Windows\System32\drivers\PSINKNC.sys 2016-01-14 10:38:56 A68FA98D372371C9B0329C425F9789ED 1891 ----a-w- C:\Users\rwest\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\JOSVPSID\manifest[1].zip 2016-01-13 19:58:57 1909713BDAD7D5BF868FDF2F8283FFD3 33960 ----a-w- C:\Windows\System32\drivers\Smb_driver_Intel.sys 2016-01-13 19:36:15 EC6CED4AC409376319E06DDEC8D0D260 4620504 ----a-w- C:\Windows\System32\drivers\rtwlane.sys 2016-01-13 19:36:15 EC6CED4AC409376319E06DDEC8D0D260 4620504 ----a-w- C:\Program Files (x86)\Realtek\PCIE Wireless LAN\Driver\rtwlane.sys 2016-01-13 19:34:25 EC6CED4AC409376319E06DDEC8D0D260 4620504 ----a-w- C:\SWSETUP\sp74139\RTWLANE_Driver\Win10X64\rtwlane.sys 2016-01-13 19:34:25 E4A1BB5E0E3B7886B529F920223470CF 3825880 ----a-w- C:\SWSETUP\sp74139\RTWLANE_Driver\Win10X86\rtwlane.sys 2016-01-13 19:34:25 D8A6E29D7A86FCE146DD35717536E4F3 3725528 ----a-w- C:\SWSETUP\sp74139\RTWLANE_Driver\Wind7X86\rtwlane.sys 2016-01-13 19:34:25 98266DB3A690CF104935C5485CB40901 4471000 ----a-w- C:\SWSETUP\sp74139\RTWLANE_Driver\Win81X64\rtwlane.sys 2016-01-13 19:34:25 62BB04AB0A9A5A658E5F99AA80D0FBAC 3708120 ----a-w- C:\SWSETUP\sp74139\RTWLANE_Driver\Win81X86\rtwlane.sys 2016-01-13 19:34:25 3D6C59523A502DAB9DD0AE11EA0E46B4 4471000 ----a-w- C:\SWSETUP\sp74139\RTWLANE_Driver\Wind7X64\rtwlane.sys 2016-01-13 19:33:47 FB4FD57CB9A6424C91D041844ADA059E 185600 ----a-w- C:\SWSETUP\sp74353\inf\x64\TEEDriverW8x64.sys 2016-01-13 19:33:47 E371FC5C4E76CE5313E68398F7950FB8 64512 ----a-w- C:\SWSETUP\sp74353\inf\x64\HECIx64.sys 2016-01-13 19:33:47 D82D6EA098C4448A964ACB14B3728786 180480 ----a-w- C:\SWSETUP\sp74353\inf\x64\TEEDriverx64.sys 2016-01-13 19:33:47 CDEF8FBD288A57CFB93F2D883C1454DD 156416 ----a-w- C:\SWSETUP\sp74353\inf\x86\TEEDriver.sys 2016-01-13 19:33:47 C029F510E471CDA98932DCA38673B957 163072 ----a-w- C:\SWSETUP\sp74353\inf\x86\TEEDriverW8.sys 2016-01-13 19:33:47 6FAB8EE0457E9795D93B91405766E674 56320 ----a-w- C:\SWSETUP\sp74353\inf\x86\HECI.sys 2016-01-13 19:28:53 9B2039C5673EEBF1D4E34ABC0AFB88C7 685568 ----a-w- C:\Windows\System32\drivers\WdiWiFi.sys 2016-01-13 19:28:52 C67A03F54A1EA683F4880A481EE5FF6C 373072 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS 2016-01-13 19:28:52 7BF844D362EB746BC7A6DC3F57FA3E32 8192 ----a-w- C:\Windows\System32\drivers\gpuenergydrv.sys 2016-01-13 19:28:52 70469C8AC4AD367295E70CFDD81B754C 99664 ----a-w- C:\Windows\System32\drivers\pdc.sys 2016-01-13 19:28:52 321A2022926841273CD8D6B9BFE68D05 1383424 ----a-w- C:\Windows\System32\win32kbase.sys 2016-01-13 19:28:51 D42AC03ACF9CA67693D1D9BB4D2A0BC8 116064 ----a-w- C:\Windows\System32\drivers\tdx.sys 2016-01-13 19:28:51 AE7B7E1E95BFB9340B1956C98CA52C81 80720 ----a-w- C:\Windows\System32\drivers\stornvme.sys 2016-01-13 19:28:51 A3D96563BF46FC8A0E5756B796127D14 577888 ----a-w- C:\Windows\System32\drivers\afd.sys 2016-01-13 19:28:51 91756EE69E63D66F77E3B791D33F7078 459104 ----a-w- C:\Windows\System32\drivers\netio.sys 2016-01-13 19:28:51 89C9C3745F270EF93988DA57BC6AA62B 1983824 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2016-01-13 19:28:51 7C3DDCB6F927AFC5569A8CC584F5B5F3 147968 ----a-w- C:\Windows\System32\drivers\rmcast.sys 2016-01-13 19:28:51 7680537006A420D7488E5057A8149F86 442208 ----a-w- C:\Windows\System32\drivers\storport.sys 2016-01-13 19:28:51 1434CA8A224655AD096D57DB24D3AA85 406864 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2016-01-13 19:28:50 FA5C94FB36625787063D04CF2F24E890 320000 ----a-w- C:\Windows\System32\drivers\portcls.sys 2016-01-13 19:28:50 DAF957B25A35757E9D814611FAE8FE3B 237392 ----a-w- C:\Windows\System32\drivers\rdyboost.sys 2016-01-13 19:28:50 4D3F2E7C2F83DFAF19F8060E1FD6C5A8 3588096 ----a-w- C:\Windows\System32\win32kfull.sys 2016-01-13 19:28:50 27E248CD861AFED4DF0C48F4C853E7F0 80896 ----a-w- C:\Windows\System32\drivers\hdaudbus.sys 2016-01-13 19:28:50 1BDA1FD02783566F0B20EB0E2517F85C 516448 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS 2016-01-13 19:28:48 854AF190F55E6D70EC65A85798F896E2 36352 ----a-w- C:\Windows\System32\drivers\buttonconverter.sys 2016-01-13 19:28:48 7EBD20284AC9BF9F0A020B86769BB074 2432336 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2016-01-13 19:28:10 927AD29D7F91B9A0C5294932374DA15E 894256 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2016-01-13 19:28:04 FDB239DBE2A14B572D21ABCEDC7BB5D0 505696 ----a-w- C:\Windows\System32\drivers\dxgmms2.sys 2016-01-13 19:28:04 B6A33DCEBE437F909615E89BA5FB1385 395088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2016-01-13 19:27:59 BA8DC96D1DD7785EB0589CB1777208B7 2115936 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2016-01-13 19:27:59 5A1C6AFFF6946C5C21A27AE05084C0D1 332624 ----a-w- C:\Windows\System32\drivers\fastfat.sys 2016-01-13 19:27:57 004C66464D8FE76D5DA78BE6777D61AF 278352 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2016-01-13 19:27:55 78CA1FF6FE37EEFAFF99DD1C956AF60A 200528 ----a-w- C:\Windows\System32\drivers\wof.sys 2016-01-13 19:27:51 0A368247A900656CC0678117DFC3A87C 498016 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2016-01-13 19:27:50 D5EC9413527B286CFEEB0294C53ABB95 102752 ----a-w- C:\Windows\System32\drivers\mountmgr.sys 2016-01-13 19:27:48 388F2A3C771B8BEE76FD1AAF9614D08E 52264 ----a-w- C:\Windows\System32\drivers\wpcfltr.sys 2016-01-13 19:27:46 988588C16A53C2581488C15FF18934BF 46432 ----a-w- C:\Windows\System32\drivers\msgpiowin32.sys 2016-01-13 19:27:44 CFCCF9F67EECBA6BFE4E880D9BE70CBB 22528 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2016-01-13 19:27:43 616F40B897DA651221F86A1741E9609B 1168736 ----a-w- C:\Windows\System32\drivers\ndis.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-1120304455-756585421-3900323258-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\rwest\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Google Update"="C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe /c" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "PSUAMain"="C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\rwest\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Google Update"="C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe /c" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" ==== Task Scheduler Jobs ====================== C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15-12-2015 16:18] C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15-12-2015 16:18] C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1120304455-756585421-3900323258-1001Core.job --a-------- C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe [16-12-2015 16:34] C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1120304455-756585421-3900323258-1001UA.job --a-------- C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe [16-12-2015 16:34] C:\windows\tasks\HPCeeScheduleForrwest.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [16-06-2015 17:51] C:\windows\tasks\Uninstaller_SkipUac_rwest.job --a-------- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [23-11-2015 17:21] ==== Other Scheduled Tasks ====================== "C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\windows\SysNative\tasks\Driver Booster Scheduler" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe] "C:\windows\SysNative\tasks\Driver Booster SkipUAC (rwest)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1120304455-756585421-3900323258-1001Core" [C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1120304455-756585421-3900323258-1001UA" [C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\HPCeeScheduleForrwest" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\windows\SysNative\tasks\HPCustParticipation HP Deskjet 2540 series" ["C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe"] "C:\windows\SysNative\tasks\HPGenoobeReminder" ["C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe"] "C:\windows\SysNative\tasks\SmartDefrag4_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe] "C:\windows\SysNative\tasks\SmartDefrag4_Update" [C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe] "C:\windows\SysNative\tasks\Uninstaller_SkipUac_rwest" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\windows\SysNative\tasks\User_Feed_Synchronization-{7334E546-62F4-46A6-B6BC-0E45082C2EF4}" [C:\windows\system32\msfeedssync.exe] "C:\windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" ["C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe"] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\First Boot" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\rwest\AppData\Roaming\Thunderbird\Profiles\hkn9ij3i.default - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} ==== Firefox Plugins ====================== ==== Chromium Look ====================== Chrome Web Store Payments - rwest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\rwest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\rwest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://startpagina.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://startpagina.nl/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray O4 - HKCU\..\Run: [OneDrive] "C:\Users\rwest\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - Unknown owner - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\windows\System32\SensorDataService.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\rwest\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\rwest\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\rwest\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\rwest\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\rwest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1496 folders=233 233051754 bytes) ==== Empty Temp Folders ====================== C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\rwest\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 19-01-2016 at 12:01:00,31 ======================