Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Michael on ma 14/03/2016 at 14:16:50,53. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: D:\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2016-03-13-153220.log 116135 bytes C:\zoek-results2016-03-14-111916.log 5622 bytes C:\zoek-results2016-03-14-130819.log 751 bytes ==== Empty Folders Check ====================== C:\Users\Michael\AppData\Local\ActiveSync deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Avast Free Antivirus CCleaner COMODO Firewall CyberLink Home Cinema 10 CyberLink LabelPrint 2.5 CyberLink PhotoDirector 5 CyberLink Power2Go 8 CyberLink PowerDirector 12 CyberLink PowerDVD 12 CyberLink PowerDVD Copy 1.5 CyberLink PowerRecover CyberLink YouCam 6 Dolby Audio X2 Windows API SDK Dolby Audio X2 Windows APP ELAN Touchpad 15.19.7.1_X64_WHQL Intel(R) Chipset Device Software Intel(R) Management Engine Components Intel(R) ME UninstallLegacy Intel(R) PRO/Wireless Driver Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Intel(R) Serial IO Intel(R) Wireless Bluetooth(R) Intel© PROSet/Wireless Software Intel© PROSet/Wireless WiFi Software Microsoft Office Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 NVIDIA 3D Vision Driver 358.91 NVIDIA Control Panel 358.91 NVIDIA GeForce Experience 2.10.2.40 NVIDIA GeForce Experience Service NVIDIA Graphics Driver 358.91 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Network Service NVIDIA Optimus Update 2.10.2.40 NVIDIA PhysX System Software 9.15.0428 NVIDIA ShadowPlay 2.10.2.40 NVIDIA Stereoscopic 3D Driver NVIDIA Update 2.10.2.40 NVIDIA Update Core NVIDIA Virtual Audio 1.2.34 PHotkey Realtek Card Reader Realtek Ethernet Controller Driver Realtek High Definition Audio Driver SHIELD Streaming SHIELD Wireless Controller Driver ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\SysWow64\IntelCpHeciSvc.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\PHotkey\PHotkey.exe C:\Program Files (x86)\PHotkey\MsgTranAgt.exe C:\Program Files (x86)\PHotkey\Dolbyosd.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\PHotkey\GPMTray.exe C:\Program Files (x86)\PHotkey\Keyboardmonitortool.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Users\Michael\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe D:\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Folders Found ====================== 2016-03-14 11:18:56 2016-03-11 11:03:55 -------- d---a-w- C:\zoek_backup\C_windows_SysNative_Tasks_McAfee ==== Files Found ====================== --- C:\Users\Michael\AppData\Local\Microsoft\Windows\INetCache\Low\IE\FN68VGIH\62504-mcafee-verwijderen[1].htm --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 137096 Created time: 2016-03-14 13:15:17 Modified time: 2016-03-14 13:15:17 MD5: DBFA34893493BA487C688FC4E2577C1C SHA1: A08103A24767B06D3075C20C4A831ADF357195DE ==== Registry Search Results for "mcafee" ====================== [HKEY_USERS\S-1-5-21-1567209026-1636312064-3747786047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts] "Applications\\iexplore.exe_.be/topic/62504-mcafee-verwijderen/"=dword:00000000 [HKEY_USERS\S-1-5-21-1567209026-1636312064-3747786047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.be/topic/62504-mcafee-verwijderen/] [HKEY_USERS\S-1-5-21-1567209026-1636312064-3747786047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.be/topic/62504-mcafee-verwijderen/\OpenWithList] ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 4009 MB CPU Info: Intel(R) Core(TM) i3-6100U CPU @ 2.30GHz CPU Speed: 2309,3 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics 520 | Intel(R) HD Graphics 520 | Intel(R) HD Graphics 520 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1536 X 864 - 32 bit Network: Network Present Network Adapters: Intel(R) Dual Band Wireless-AC 3165 #2 | Microsoft Wi-Fi Direct Virtual Adapter | Realtek PCIe GBE Family Controller | Bluetooth Device (Personal Area Network) CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GUB0N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 244,9GB | D: 625,0GB | Z: 60,0GB Hard Disks - Free: C: 196,6GB | D: 582,7GB | Z: 34,0GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | MEDION - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Medion D15SFN Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Internet Explorer Version: 11.162.10586.0 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2016-03-11 11:27:47 9A4721C52C4746019879D9F8033DCA00 52184 ----a-w- C:\Windows\avastSS.scr 2016-03-08 18:57:16 95D730526EF81792CD6848D8D10FAA1C 4502352 ----a-w- C:\Windows\explorer.exe ====== C:\Users\Michael\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-03-08 18:57:45 5D676C1C350EA4976B888804444932CE 2061312 ----a-w- C:\Windows\SysWOW64\MFMediaEngine.dll 2016-03-08 18:57:44 D641F5B6C115C334FD990827979028F3 18677760 ----a-w- C:\Windows\SysWOW64\edgehtml.dll 2016-03-08 18:57:43 8FA6855FCD9F683BC6761B97F7F48408 13018624 ----a-w- C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2016-03-08 18:57:43 00CE414BA74B576960B559C8C2674106 19339776 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2016-03-08 18:57:42 7BB6C35792323E4761AC6624E2D42397 12125696 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2016-03-08 18:57:41 2BECAD7E55AB723F361254477270ED2F 1707520 ----a-w- C:\Windows\SysWOW64\ActiveSyncProvider.dll 2016-03-08 18:57:39 C23A52581FEA6CD49A49160BFA794BF7 6952088 ----a-w- C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-03-08 18:57:32 A8EF9AEDACF24908E12E910BF3977DC9 703840 ----a-w- C:\Windows\SysWOW64\WWAHost.exe 2016-03-08 18:57:27 0C60922D59461C8D1B0A2AA3CF493438 21124344 ----a-w- C:\Windows\SysWOW64\shell32.dll 2016-03-08 18:57:26 76B9CA3DF18D9E116051652EB4CD2FF2 9919488 ----a-w- C:\Windows\SysWOW64\twinui.dll 2016-03-08 18:57:25 162CB5DE3BAB5A029E658180A2E0673A 2919320 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2016-03-08 18:57:24 C97B5BEADC79FFC5DAF1C9011CAE796B 5242496 ----a-w- C:\Windows\SysWOW64\windows.storage.dll 2016-03-08 18:57:23 780795062541AF34415CCCE4072FBBB8 12586496 ----a-w- C:\Windows\SysWOW64\wmp.dll 2016-03-08 18:57:22 AA20E6BCDC5A617F4333EE5EEE3CC79E 5661696 ----a-w- C:\Windows\SysWOW64\Chakra.dll 2016-03-08 18:57:22 7F0A9630C78E3783680CC9620C4E09C0 6740992 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2016-03-08 18:57:22 05B81C404A34101E1DC17C0D9A67EA32 5321728 ----a-w- C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2016-03-08 18:57:21 A1EB9EF86954DF012BD3A48803DB36C8 6297088 ----a-w- C:\Windows\SysWOW64\mos.dll 2016-03-08 18:57:18 22269B90E92BECDEB3D67EBE1DDB378E 3666432 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2016-03-08 18:57:17 44F1D7984F8B7739EF7EF50DEC6B41B9 2229760 ----a-w- C:\Windows\SysWOW64\wininet.dll 2016-03-08 18:57:17 0C39C1CC2ABC5D88D586EA0D86E79EEE 2793472 ----a-w- C:\Windows\SysWOW64\Windows.Media.dll 2016-03-08 18:57:16 FAE7DA27029FDDA27375722B4DC387D7 138240 ----a-w- C:\Windows\SysWOW64\ETWCoreUIComponentsResources.dll 2016-03-08 18:57:16 B65549A1CDB2C827AD022A3F35994FCF 2180136 ----a-w- C:\Windows\SysWOW64\mfcore.dll 2016-03-08 18:57:15 6E7BF3FB027D46B7DEFCFFBEF8C4511D 2026736 ----a-w- C:\Windows\SysWOW64\msxml6.dll 2016-03-08 18:57:14 C9B1E5A2FE0C7BF75B8B751311331EB4 2604032 ----a-w- C:\Windows\SysWOW64\CertEnroll.dll 2016-03-08 18:57:14 192B579E14C116D2B742FEBE85A4D3C1 2756096 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2016-03-08 18:57:13 FCBCED2A237DCD7EF86CED551B731742 4064320 ----a-w- C:\Windows\SysWOW64\explorer.exe 2016-03-08 18:57:13 CE9B87CDE4D7BCEA229D676720E28C6B 1859960 ----a-w- C:\Windows\SysWOW64\CoreUIComponents.dll 2016-03-08 18:57:13 6DFDAD2B0EA3385069276DF547F4CAC8 2186864 ----a-w- C:\Windows\SysWOW64\d3d11.dll 2016-03-08 18:57:13 1C22BFBABCF389F2A985A32C01819467 5202944 ----a-w- C:\Windows\SysWOW64\BingMaps.dll 2016-03-08 18:57:12 A820BD54E6B4A68C6E4490EA23FA5650 1860096 ----a-w- C:\Windows\SysWOW64\cdp.dll 2016-03-08 18:57:12 104ED5E318C5EED6178BE9F4B4E1E5A2 4759040 ----a-w- C:\Windows\SysWOW64\d2d1.dll 2016-03-08 18:57:11 CBE2DFB96C188DC8913B0CCBFA50C2FF 1824264 ----a-w- C:\Windows\SysWOW64\combase.dll 2016-03-08 18:57:11 1ECA3CCBC61038D780FC179C9CB5F0CA 1944576 ----a-w- C:\Windows\SysWOW64\InputService.dll 2016-03-08 18:57:10 674333934AEF201C56419742CD86782B 973664 ----a-w- C:\Windows\SysWOW64\LicenseManager.dll 2016-03-08 18:57:10 5A98CF000F5202776E4A58438AB2E070 4412928 ----a-w- C:\Windows\SysWOW64\ExplorerFrame.dll 2016-03-08 18:57:09 847B31F89A3009D5D851479224B7579A 2680320 ----a-w- C:\Windows\SysWOW64\msftedit.dll 2016-03-08 18:57:07 CF342DCC0B8053DCABA7C5D30BE4B5C3 1500672 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2016-03-08 18:57:07 52838DDB3B20C7330A30D89509A93B55 1268736 ----a-w- C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll 2016-03-08 18:57:07 49CF99392314B7CAD65DE8A05ABFE30D 882720 ----a-w- C:\Windows\SysWOW64\mfmp4srcsnk.dll 2016-03-08 18:57:06 C117F577BB0CC6545EA181FBB3FACE99 980352 ----a-w- C:\Windows\SysWOW64\mfasfsrcsnk.dll 2016-03-08 18:57:06 594B272EA8C34067CD74AAE90EFFBE88 1626624 ----a-w- C:\Windows\SysWOW64\dwmcore.dll 2016-03-08 18:57:06 2D0C2AB110A51895D9D1E875201013DE 1557768 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2016-03-08 18:57:06 1F7C4CBC0C5788E3E91C08A3D32F7BB9 1118208 ----a-w- C:\Windows\SysWOW64\mfnetsrc.dll 2016-03-08 18:57:05 AF209F751EB761084CEFE2CF10E1CE8D 895080 ----a-w- C:\Windows\SysWOW64\mfsrcsnk.dll 2016-03-08 18:57:05 5B64BFE61393D22D908BB5E2A17B6147 1328128 ----a-w- C:\Windows\SysWOW64\comsvcs.dll 2016-03-08 18:57:04 888D41F5EFD6995491326C0DEEA2124A 713824 ----a-w- C:\Windows\SysWOW64\mfmpeg2srcsnk.dll 2016-03-08 18:57:04 4B9DE8EAA2E16C34E018749F325BAEFF 949248 ----a-w- C:\Windows\SysWOW64\Unistore.dll 2016-03-08 18:57:04 00ECC00ED8713D7FDE30323237C5CAEF 792064 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2016-03-08 18:57:03 FC90756CB632C0E4AC0D6A60AF2DF9AD 585216 ----a-w- C:\Windows\SysWOW64\Windows.AccountsControl.dll 2016-03-08 18:57:03 E83DA16178E4E97B572900803183419D 1542816 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2016-03-08 18:57:03 76B00BE575C4D8CF3D7334240C8DAF90 683008 ----a-w- C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2016-03-08 18:57:03 53F74B2F4AEA9C6A7BB9DABDCC3C7431 613888 ----a-w- C:\Windows\SysWOW64\winhttp.dll 2016-03-08 18:57:03 2003BE1653553FBC9D809BA40AEE4D68 1542656 ----a-w- C:\Windows\SysWOW64\quartz.dll 2016-03-08 18:57:03 110A45F765495043CB8ED918FEFD8D90 572928 ----a-w- C:\Windows\SysWOW64\WpcWebFilter.dll 2016-03-08 18:57:02 C8F351BE29CEA63BC5EE5A175576B7F3 1105920 ----a-w- C:\Windows\SysWOW64\Windows.Media.Audio.dll 2016-03-08 18:57:02 A680339559FBC02BC0854D73DDE85C7B 1174008 ----a-w- C:\Windows\SysWOW64\msctf.dll 2016-03-08 18:57:02 8BD7A79F9A8FF011B89A61C8AC796988 502112 ----a-w- C:\Windows\SysWOW64\NetSetupEngine.dll 2016-03-08 18:57:02 532AC1D121972B17BE523A9988A3A0E5 2155008 ----a-w- C:\Windows\SysWOW64\authui.dll 2016-03-08 18:57:01 C012CE3AB0120D01C75EDBB869AC463E 523752 ----a-w- C:\Windows\SysWOW64\dxgi.dll 2016-03-08 18:57:01 B073C14F8B76DF8652415488C22F10A1 670928 ----a-w- C:\Windows\SysWOW64\mfds.dll 2016-03-08 18:57:01 A43688711B5DA91ED9FC159BB8F8AF14 646656 ----a-w- C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2016-03-08 18:57:01 6D151B11358362786C45F1A4A21576FA 925064 ----a-w- C:\Windows\SysWOW64\mfplat.dll 2016-03-08 18:57:01 302A0BE9FA2874A3E99C0E25C992E7C7 1467392 ----a-w- C:\Windows\SysWOW64\GdiPlus.dll 2016-03-08 18:57:01 2EECE39CDFFF244B2489FD8ACDC14D7A 517632 ----a-w- C:\Windows\SysWOW64\PlayToManager.dll 2016-03-08 18:57:00 EB5DBA11B7C79B28A759AF12F03A17BB 769536 ----a-w- C:\Windows\SysWOW64\ContactApis.dll 2016-03-08 18:57:00 E43400F37F8F0FA9281FEB64E3D7F72B 754176 ----a-w- C:\Windows\SysWOW64\SettingSyncCore.dll 2016-03-08 18:57:00 DB6C9645A16676FDE0D730CB05D8F6E1 1443328 ----a-w- C:\Windows\SysWOW64\SRHInproc.dll 2016-03-08 18:57:00 B44BC5CC78CF476028D1939A7712BD93 652312 ----a-w- C:\Windows\SysWOW64\evr.dll 2016-03-08 18:57:00 B014F98BEE810D5BF9F8C1C75F0EAD92 489984 ----a-w- C:\Windows\SysWOW64\Windows.UI.dll 2016-03-08 18:56:59 EDD93EDB3758471A4862D3CF70FE9007 503296 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2016-03-08 18:56:59 AD1B282BDE4A19D7CE2D405409DBB8D0 1497088 ----a-w- C:\Windows\SysWOW64\WMPDMC.exe 2016-03-08 18:56:59 952D6065F133D9525B399E6274CFE027 793600 ----a-w- C:\Windows\SysWOW64\SRH.dll 2016-03-08 18:56:59 86128937B83E51BF543CBCB854AE4FFC 405568 ----a-w- C:\Windows\SysWOW64\AudioSes.dll 2016-03-08 18:56:58 E3C2853C8F2EED113646F07D62D08C9E 503296 ----a-w- C:\Windows\SysWOW64\SettingSync.dll 2016-03-08 18:56:58 CA57FE09C1255009C9AC1462B7D7264D 957608 ----a-w- C:\Windows\SysWOW64\ole32.dll 2016-03-08 18:56:58 620737C11CD32E03299E0B60BC896230 552960 ----a-w- C:\Windows\SysWOW64\AppointmentApis.dll 2016-03-08 18:56:58 3249EA75874EE3DD3FCBA141656DF210 713728 ----a-w- C:\Windows\SysWOW64\netlogon.dll 2016-03-08 18:56:57 C85501FE7EFD33E06A877B8786F396B6 462760 ----a-w- C:\Windows\SysWOW64\mfreadwrite.dll 2016-03-08 18:56:57 8C2E49ACD2A820A3FA7C598B811F3803 450912 ----a-w- C:\Windows\SysWOW64\MFCaptureEngine.dll 2016-03-08 18:56:57 588E4109C8A78BC211AC1D5756652A67 1139200 ----a-w- C:\Windows\SysWOW64\UIAutomationCore.dll 2016-03-08 18:56:57 2B6C84CF3AE5E1CEE5C763115DAF5FB4 389120 ----a-w- C:\Windows\SysWOW64\schannel.dll 2016-03-08 18:56:56 F40196C743D54C56C7C2CCDD6FDE262E 572272 ----a-w- C:\Windows\SysWOW64\taskschd.dll 2016-03-08 18:56:56 7CDF1630DCF7C9167E551874D18C3CE0 709120 ----a-w- C:\Windows\SysWOW64\BingOnlineServices.dll 2016-03-08 18:56:56 0A8409C137B580A3EEB80E33649044F3 701384 ----a-w- C:\Windows\SysWOW64\mfnetcore.dll 2016-03-08 18:56:55 FABAF2C5E74BA9ADC07D28BB03F5C32A 349696 ----a-w- C:\Windows\SysWOW64\NetSetupShim.dll 2016-03-08 18:56:55 F32770E19F1CB817274BC85824730E48 470528 ----a-w- C:\Windows\SysWOW64\MbaeApi.dll 2016-03-08 18:56:55 C406A5FDC8A1ECF2A9632F302B7D0EC3 294752 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2016-03-08 18:56:55 A19A2DDCC69FF16B5FB68AD4F02B564A 480256 ----a-w- C:\Windows\SysWOW64\MCRecvSrc.dll 2016-03-08 18:56:55 6EB3A9117D1849AE452110A2C66CC411 820704 ----a-w- C:\Windows\SysWOW64\WinTypes.dll 2016-03-08 18:56:54 9B60985A87BA2FED9F57DA30F191098E 315904 ----a-w- C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll 2016-03-08 18:56:54 5814754D92DBD471D5AB7437B20EE3F0 687616 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2016-03-08 18:56:54 463DA1563BB9C1849527967BA80C1810 287712 ----a-w- C:\Windows\SysWOW64\Windows.Media.MediaControl.dll 2016-03-08 18:56:54 0B7C5790893F3650162BED4BEA35D9A6 695752 ----a-w- C:\Windows\SysWOW64\WMADMOD.DLL 2016-03-08 18:56:54 039AD4C3FDCF13CE3196C0258C24D0C7 1371792 ----a-w- C:\Windows\SysWOW64\gdi32.dll 2016-03-08 18:56:53 EC21FC40C74206DAB19F1A8F9132EFAB 890368 ----a-w- C:\Windows\SysWOW64\AppxPackaging.dll 2016-03-08 18:56:53 DDC479FA1A36285BFC1EF25B547403C3 273408 ----a-w- C:\Windows\SysWOW64\SensorsApi.dll 2016-03-08 18:56:53 B8C4EFAA6AAED98E6B5AB57CAFA489B9 1337240 ----a-w- C:\Windows\SysWOW64\user32.dll 2016-03-08 18:56:53 9ACCC0C1786391EF1FD1FAF12AE22801 340480 ----a-w- C:\Windows\SysWOW64\PlayToDevice.dll 2016-03-08 18:56:53 964DE3052B6A869EFBC86930DD51E8BD 379392 ----a-w- C:\Windows\SysWOW64\mfmkvsrcsnk.dll 2016-03-08 18:56:53 44CBF47585584D74C3D0C2320031E539 569856 ----a-w- C:\Windows\SysWOW64\qdvd.dll 2016-03-08 18:56:53 38EE252AD45EB7D6834F718B9487D3F9 538736 ----a-w- C:\Windows\SysWOW64\wer.dll 2016-03-08 18:56:53 0FA8D61A4D4F56063113F9DA4E18848B 289248 ----a-w- C:\Windows\SysWOW64\MFPlay.dll 2016-03-08 18:56:53 0B8C82099C16CC3AF45ABBE9BADC0B0C 498176 ----a-w- C:\Windows\SysWOW64\MessagingDataModel2.dll 2016-03-08 18:56:52 8A26A15B852AF385469AD62865CCAE7F 2050048 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2016-03-08 18:56:52 856AD15FD2D187EA8435564A135C85C0 228352 ----a-w- C:\Windows\SysWOW64\deviceaccess.dll 2016-03-08 18:56:52 627DC6C1A8D38FFC64BF884C2DE90410 573440 ----a-w- C:\Windows\SysWOW64\qedit.dll 2016-03-08 18:56:51 D213E29D66D7182AF58CB525EFC2F409 421888 ----a-w- C:\Windows\SysWOW64\LogonController.dll 2016-03-08 18:56:51 A7583A49B0F4A91E5B2E154C3582DF82 420928 ----a-w- C:\Windows\SysWOW64\msvproc.dll 2016-03-08 18:56:51 7BA4B67BDA4222B55FA700E31B63F32D 208176 ----a-w- C:\Windows\SysWOW64\mftranscode.dll 2016-03-08 18:56:51 6F1EEEF679AFA703C7C328BD87C5AB68 558592 ----a-w- C:\Windows\SysWOW64\uReFS.dll 2016-03-08 18:56:51 65D0043F608A12AF75ED37A65AFB906B 342528 ----a-w- C:\Windows\SysWOW64\AppXDeploymentClient.dll 2016-03-08 18:56:51 4A49EC3B4063CC569134D2BA64FA5022 350720 ----a-w- C:\Windows\SysWOW64\CredProvDataModel.dll 2016-03-08 18:56:51 42248856CC8A2AE6642B5D1B170EAB35 450560 ----a-w- C:\Windows\SysWOW64\SyncController.dll 2016-03-08 18:56:51 3F8B09A6D234877025A5EBECF9151F58 162816 ----a-w- C:\Windows\SysWOW64\MTF.dll 2016-03-08 18:56:51 3A280280AEA583EAB0375C330F7A6CE9 335872 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2016-03-08 18:56:50 FAA5A3DE34FD44C220691C4527E88453 157696 ----a-w- C:\Windows\SysWOW64\SimCfg.dll 2016-03-08 18:56:50 D1817C1F148C21EC4403186D731DF042 540752 ----a-w- C:\Windows\SysWOW64\fontdrvhost.exe 2016-03-08 18:56:50 C8892F76C2D15CB1175E3F7A04D07904 890880 ----a-w- C:\Windows\SysWOW64\WMSPDMOD.DLL 2016-03-08 18:56:50 C86784A6F08E733BE19D62C82182FA7D 266752 ----a-w- C:\Windows\SysWOW64\MSFlacDecoder.dll 2016-03-08 18:56:50 7D81335F3FCD9C37DE3C8C9989428C99 431240 ----a-w- C:\Windows\SysWOW64\WWanAPI.dll 2016-03-08 18:56:50 550ECFF3C3808065169BFEA6C2B7837C 400896 ----a-w- C:\Windows\SysWOW64\winspool.drv 2016-03-08 18:56:50 3BFCD46B7D67D0B137BD54C2BE644C4A 161280 ----a-w- C:\Windows\SysWOW64\InstallAgent.exe 2016-03-08 18:56:49 AC42505CBCEE5825BB2695C34E43B1D0 184832 ----a-w- C:\Windows\SysWOW64\PackageStateRoaming.dll 2016-03-08 18:56:49 559358D3C39A1EC0D944714C32FAD582 799744 ----a-w- C:\Windows\SysWOW64\rasdlg.dll 2016-03-08 18:56:49 4591BC3EC5FD8336642F8B94EABD4D4F 187744 ----a-w- C:\Windows\SysWOW64\AppxAllUserStore.dll 2016-03-08 18:56:49 30C2700A2CDEF6042585C9296ABC9054 499432 ----a-w- C:\Windows\SysWOW64\advapi32.dll 2016-03-08 18:56:49 1C1DC38D8D6E075DE06ED174B9E81FE9 535040 ----a-w- C:\Windows\SysWOW64\rastls.dll 2016-03-08 18:56:49 053E2D136DB8A4743E4C40D5D979834B 200704 ----a-w- C:\Windows\SysWOW64\DisplayManager.dll 2016-03-08 18:56:48 A34EDEA5F401143A0190642EABA28518 709688 ----a-w- C:\Windows\SysWOW64\mfsvr.dll 2016-03-08 18:56:48 626E736B04150EC59601D2D3EEFEDA6D 123392 ----a-w- C:\Windows\SysWOW64\ProximityCommon.dll 2016-03-08 18:56:48 4D2E3D6BC01E7A5E9C6F9AFDBFAF98BB 220064 ----a-w- C:\Windows\SysWOW64\sqmapi.dll 2016-03-08 18:56:48 395F9E50709FAE503C339047207E46CF 540160 ----a-w- C:\Windows\SysWOW64\ChatApis.dll 2016-03-08 18:56:48 100E983F59F3BF3A3F8BFA327CF9B438 157184 ----a-w- C:\Windows\SysWOW64\WiFiDisplay.dll 2016-03-08 18:56:47 94A99147A62D9830676B47D2BFA8FA46 125440 ----a-w- C:\Windows\SysWOW64\wshom.ocx 2016-03-08 18:56:47 8880848DC5DEE8BF8FE34DBC57C5655C 129024 ----a-w- C:\Windows\SysWOW64\SimAuth.dll 2016-03-08 18:56:47 6DA0B412C0DD9DDB5382527488A5AD2E 237056 ----a-w- C:\Windows\SysWOW64\thumbcache.dll 2016-03-08 18:56:47 160CC95D34D62B6A72F9E4E3EE52EBCC 369664 ----a-w- C:\Windows\SysWOW64\FirewallAPI.dll 2016-03-08 18:56:47 132209E26098FCDDEC023B460E68EBEB 1070080 ----a-w- C:\Windows\SysWOW64\WMSPDMOE.DLL 2016-03-08 18:56:46 F2061A1835E8844637168800292309BF 84832 ----a-w- C:\Windows\SysWOW64\NetSetupApi.dll 2016-03-08 18:56:46 DD73501C379ABF585DC7CC1765BE8E2E 303104 ----a-w- C:\Windows\SysWOW64\atmfd.dll 2016-03-08 18:56:46 650A2E42A8965FEEF24105EF3D19780B 510976 ----a-w- C:\Windows\SysWOW64\wlidcli.dll 2016-03-08 18:56:46 5A212173FC0622865F409B16ED77C9DF 98304 ----a-w- C:\Windows\SysWOW64\AppointmentActivation.dll 2016-03-08 18:56:46 51B550A0FBFA6E04F8595ED0BD99C202 100160 ----a-w- C:\Windows\SysWOW64\MP3DMOD.DLL 2016-03-08 18:56:46 4C85D9A9FD26D3F00BBF5D3F469F1800 241664 ----a-w- C:\Windows\SysWOW64\cryptngc.dll 2016-03-08 18:56:45 F87C928A9C09611670BBF6533281003C 162816 ----a-w- C:\Windows\SysWOW64\msorcl32.dll 2016-03-08 18:56:45 A589CD44BDB433F727EE84792FCCF0C0 87040 ----a-w- C:\Windows\SysWOW64\MapsBtSvc.dll 2016-03-08 18:56:45 9797BB52F1943B78CD245B41AE833E1F 653312 ----a-w- C:\Windows\SysWOW64\rasapi32.dll 2016-03-08 18:56:45 56315A6A6598E701BB0A5F506DA6143E 200704 ----a-w- C:\Windows\SysWOW64\cemapi.dll 2016-03-08 18:56:45 2C84609F09FD003FA955567D395EEA8A 575488 ----a-w- C:\Windows\SysWOW64\EmailApis.dll 2016-03-08 18:56:44 D9EF9F5DA78CD085FD23C8EBB6108662 409088 ----a-w- C:\Windows\SysWOW64\StoreAgent.dll 2016-03-08 18:56:44 B315EB17077EF082A79922D4EA47DBF4 163328 ----a-w- C:\Windows\SysWOW64\fwbase.dll 2016-03-08 18:56:44 AD18802933E2F0BD9FDE02FF35D8AEC3 118272 ----a-w- C:\Windows\SysWOW64\mtxoci.dll 2016-03-08 18:56:44 6CE4F5BC53932C885B2276C2B352065C 34816 ----a-w- C:\Windows\SysWOW64\usermgrcli.dll 2016-03-08 18:56:44 5467DAD0BDB397D84052FCCF8686FB9C 60928 ----a-w- C:\Windows\SysWOW64\mssign32.dll 2016-03-08 18:56:44 3547D79A60007624BFEBAFCAE158E992 169984 ----a-w- C:\Windows\SysWOW64\PhoneCallHistoryApis.dll 2016-03-08 18:56:44 1F48933EFAB68EDD3B456C78E17B89CE 871936 ----a-w- C:\Windows\SysWOW64\MSMPEG2ENC.DLL 2016-03-08 18:56:43 EF3D963CD01DBBBAA7394BB1A638A1BB 116728 ----a-w- C:\Windows\SysWOW64\mfps.dll 2016-03-08 18:56:43 A60B02C7D70EEBF8E362BA5C06339177 366224 ----a-w- C:\Windows\SysWOW64\AUDIOKSE.dll 2016-03-08 18:56:43 8CE4D365EF60DA0A098757371DD43752 88576 ----a-w- C:\Windows\SysWOW64\olepro32.dll 2016-03-08 18:56:43 4C421E34FF4A836590401A3E9A5B5DE8 415744 ----a-w- C:\Windows\SysWOW64\catsrvut.dll 2016-03-08 18:56:43 0B247775E6D85763E490BAE3B7CE0CB9 31232 ----a-w- C:\Windows\SysWOW64\ztrace_maps.dll 2016-03-08 18:56:43 05B15BD9C92BE52F35A2295B22C5D892 168448 ----a-w- C:\Windows\SysWOW64\Windows.Devices.Scanners.dll 2016-03-08 18:56:42 F7169F42A954DEAD789529859921BD36 81112 ----a-w- C:\Windows\SysWOW64\OpenWith.exe 2016-03-08 18:56:42 7A2A3BAAA05C8124D95B2915E904F900 141664 ----a-w- C:\Windows\SysWOW64\wermgr.exe 2016-03-08 18:56:42 43AE8C9F7D031AB3DBEADA4C17D8C682 150528 ----a-w- C:\Windows\SysWOW64\VCardParser.dll 2016-03-08 18:56:42 102F3BB5D63225A25817C8E44B85533F 63528 ----a-w- C:\Windows\SysWOW64\wwapi.dll 2016-03-08 18:56:41 97E96ABEBCB6CF556406781C47C5282A 78848 ----a-w- C:\Windows\SysWOW64\asycfilt.dll 2016-03-08 18:56:41 3B1F2F6F89F3F4ED75C5FADDB2E7CFE1 56320 ----a-w- C:\Windows\SysWOW64\POSyncServices.dll 2016-03-08 18:56:41 35383CA7169E12D885B9B553F59E3154 41984 ----a-w- C:\Windows\SysWOW64\XblAuthManagerProxy.dll 2016-03-08 18:56:41 29EF8EC898FE21680DB5FB15DB513EC8 235008 ----a-w- C:\Windows\SysWOW64\ksproxy.ax 2016-03-08 18:56:41 259517866C369BCC5990292BCB57E709 223744 ----a-w- C:\Windows\SysWOW64\ExSMime.dll 2016-03-08 18:56:41 15E75D27F0C67A7A21D5A514601F0E5A 135168 ----a-w- C:\Windows\SysWOW64\AppxSip.dll 2016-03-08 18:56:40 F7F4D3C8F419097D5219C80B811978A9 203264 ----a-w- C:\Windows\SysWOW64\iassam.dll 2016-03-08 18:56:40 DBE39E4BDCC3D8F49A2B0277652120D0 41984 ----a-w- C:\Windows\SysWOW64\pcaui.exe 2016-03-08 18:56:40 242708810A22D373904539EDF39FFAD1 196608 ----a-w- C:\Windows\SysWOW64\UserDataAccountApis.dll 2016-03-08 18:56:39 EBD26D676238C0B3938AFF925043576F 394752 ----a-w- C:\Windows\SysWOW64\werui.dll 2016-03-08 18:56:39 E34395496B11CF5C8C5B6D2E438BFA43 18944 ----a-w- C:\Windows\SysWOW64\ExtrasXmlParser.dll 2016-03-08 18:56:39 D8DA5B9D54225B46242011154C9E417A 133632 ----a-w- C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll 2016-03-08 18:56:39 2DE2DAF437341AECB280DBFE88CBB581 346112 ----a-w- C:\Windows\SysWOW64\MapConfiguration.dll 2016-03-08 18:56:39 0FC0E3CA4D36EB8A3BC1BA48436C1645 63488 ----a-w- C:\Windows\SysWOW64\cfgbkend.dll 2016-03-08 18:56:38 CF17C8CA575EC10ACDE1671CDED01B73 17408 ----a-w- C:\Windows\SysWOW64\rasautou.exe 2016-03-08 18:56:38 93B7ED5F44D9C3FB0A74C059E1B9E68B 89088 ----a-w- C:\Windows\SysWOW64\UserDataTimeUtil.dll 2016-03-08 18:56:38 75B5C1588D3703F44004D3EB2BD358AD 129024 ----a-w- C:\Windows\SysWOW64\CallHistoryClient.dll 2016-03-08 18:56:38 64B0C2833EB2501DAE37C0A9700BF48F 45568 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2016-03-08 18:56:38 1AEBF2230422716D8CE1BEBCBAE961D3 48128 ----a-w- C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll 2016-03-08 18:56:37 CA2EA5401563387162E61444AE15AF59 53248 ----a-w- C:\Windows\SysWOW64\profext.dll 2016-03-08 18:56:37 529D8C676C042EC2E6930221F81C1A4A 99840 ----a-w- C:\Windows\SysWOW64\hlink.dll 2016-03-08 18:56:37 39E7BAB659A6AB4419A908E578BE7029 56320 ----a-w- C:\Windows\SysWOW64\UserDataPlatformHelperUtil.dll 2016-03-08 18:56:37 392434472351B2DA0499AEC962E988CE 37888 ----a-w- C:\Windows\SysWOW64\UserDataLanguageUtil.dll 2016-03-08 18:56:37 31657EDEEA6039E71C708BDA61AB62D5 37888 ----a-w- C:\Windows\SysWOW64\UserDataTypeHelperUtil.dll 2016-03-08 18:56:36 F7447D7EDE2E9F4FEC87143F5CC021F5 65536 ----a-w- C:\Windows\SysWOW64\wininetlui.dll 2016-03-08 18:56:36 9DEB4C56FAAB147839BF68B6C28A38FC 164864 ----a-w- C:\Windows\SysWOW64\fwpolicyiomgr.dll 2016-03-08 18:56:36 9DB69A637142A6C72DF22706CF2F6F7B 31744 ----a-w- C:\Windows\SysWOW64\TimeBrokerClient.dll 2016-03-08 18:56:36 7734BD0E9C8ED7DC48F559A67D0A79F4 20480 ----a-w- C:\Windows\SysWOW64\wfapigp.dll 2016-03-08 18:56:36 64F7A89D4DBFA69D40C7C1FF5BB4457E 166912 ----a-w- C:\Windows\SysWOW64\UserMgrProxy.dll 2016-03-08 18:56:35 88D538838692B2D66514301CCB37B4E7 83456 ----a-w- C:\Windows\SysWOW64\InputLocaleManager.dll 2016-03-08 18:56:34 4A2AD2C3B186FFE8EFE4DC7AB492F73E 79360 ----a-w- C:\Windows\SysWOW64\winhttpcom.dll 2016-03-08 18:56:33 B7B67257F01B0B814066F245DAD34367 93696 ----a-w- C:\Windows\SysWOW64\winbio.dll 2016-03-08 18:56:33 A971D150CD168A1F7BD775674896F02C 711680 ----a-w- C:\Windows\SysWOW64\MapControlCore.dll 2016-03-08 18:56:33 96D60277EF8CB48BD3D920298C9D7F83 11776 ----a-w- C:\Windows\SysWOW64\rastlsext.dll 2016-03-08 18:56:33 27C3814755F5078A06B3B95CC6BAD111 13312 ----a-w- C:\Windows\SysWOW64\rasadhlp.dll 2016-03-08 18:56:33 197948552BE23DACBEF10ECC8168FD11 29696 ----a-w- C:\Windows\SysWOW64\LaunchWinApp.exe 2016-03-08 18:56:32 CA260C1A4CFC95D49DBE4DAEDCD65585 58368 ----a-w- C:\Windows\SysWOW64\MosStorage.dll 2016-03-08 18:56:32 B0DB58B85CF68C61AFBEFC107807FECF 784896 ----a-w- C:\Windows\SysWOW64\NMAA.dll 2016-03-08 18:56:32 978D6640C869D7FA4FCDD877E4A5C2C7 93696 ----a-w- C:\Windows\SysWOW64\fontsub.dll 2016-03-08 18:56:32 7F64C196D3FA41C0F437A158FDEF7F50 800768 ----a-w- C:\Windows\SysWOW64\JpMapControl.dll 2016-03-08 18:56:32 761E6E736B47DA42D74227A26F658108 100864 ----a-w- C:\Windows\SysWOW64\offlinelsa.dll 2016-03-08 18:56:31 F60E1993D8D8FD2E23516C1278B209C1 34304 ----a-w- C:\Windows\SysWOW64\BackgroundTransferHost.exe 2016-03-08 18:56:31 D707B12965D5E8DFBD7C5BF7FB12AF02 24064 ----a-w- C:\Windows\SysWOW64\WordBreakers.dll 2016-03-08 18:56:31 AA0644D24DD488B1E1517189DD3DC00B 48640 ----a-w- C:\Windows\SysWOW64\MosHostClient.dll 2016-03-08 18:56:31 9FE071ED2AAE48A691D234E757297CF3 49152 ----a-w- C:\Windows\SysWOW64\XblAuthTokenBrokerExt.dll 2016-03-08 18:56:31 6FA3485DB4DE58EE9E73597CAC493AB4 37376 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2016-03-08 18:56:31 65E98344070A6C0B66ED476F735B14D3 59904 ----a-w- C:\Windows\SysWOW64\EditBufferTestHook.dll 2016-03-08 18:56:30 D51618B0CB2B51F7D9B8DEB38A454126 36352 ----a-w- C:\Windows\SysWOW64\UIAutomationCoreRes.dll 2016-03-08 18:56:30 C11AFEBFFDD62BA366D2F146212B415E 110592 ----a-w- C:\Windows\SysWOW64\Microsoft-Windows-MapControls.dll 2016-03-08 18:56:30 6AE2C3CFEA73E2D01CB1E00DBD1EC4A5 205824 ----a-w- C:\Windows\SysWOW64\NmaDirect.dll 2016-03-08 18:56:30 53E2029302DA056DE856D4C662663B2B 10240 ----a-w- C:\Windows\SysWOW64\Microsoft-Windows-MosTrace.dll 2016-03-08 18:56:30 451356B814B46BB6582F307E24AA0863 9728 ----a-w- C:\Windows\SysWOW64\Microsoft-Windows-MosHost.dll 2016-03-08 18:56:30 3FCEAC0D175851962F9CF797A370A14F 3072 ----a-w- C:\Windows\SysWOW64\MapControlStringsRes.dll 2016-03-08 18:56:30 262D880248233D3A96C15F7C7E1BAD21 58368 ----a-w- C:\Windows\SysWOW64\MosResource.dll 2016-02-29 19:00:58 19F2050EA8A725657120089B5EFE4D4F 90768 ----a-w- C:\Windows\SysWOW64\nvaudcap32v.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-03-11 12:58:44 CA0C6CEBB04627E6D5063EA3EE0F921C 143659408 ----a-w- C:\Windows\Sysnative\MRT.exe 2016-03-11 11:29:25 CBE6A51D10DA701BAFF2729EAD1BAC6B 398152 ----a-w- C:\Windows\Sysnative\aswBoot.exe 2016-03-11 11:17:59 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\Sysnative\SETA1BB.tmp 2016-03-11 11:09:18 6FB144600FAE112D455DC5792091B42A 301728 ------w- C:\Windows\Sysnative\MpSigStub.exe 2016-03-08 18:57:45 EB05F5368F8BBF75157B87FD1F689167 2581504 ----a-w- C:\Windows\Sysnative\MFMediaEngine.dll 2016-03-08 18:57:45 4F0263646FF401695E0C14FE81D3E6A5 16986112 ----a-w- C:\Windows\Sysnative\Windows.UI.Xaml.dll 2016-03-08 18:57:42 447413C46C687CF730051DD8B4EA12F6 75264 ----a-w- C:\Windows\Sysnative\wwanprotdim.dll 2016-03-08 18:57:42 417D1526811D9646A7E8779209F11361 1213440 ----a-w- C:\Windows\Sysnative\wwansvc.dll 2016-03-08 18:57:41 5B7B6AF7E94E972DCE4BF892ABD466B6 115200 ----a-w- C:\Windows\Sysnative\win32k.sys 2016-03-08 18:57:41 54E585CFCD208E460A70D1356CD489BE 13382656 ----a-w- C:\Windows\Sysnative\ieframe.dll 2016-03-08 18:57:41 3ED081A1F371E63BC6DA0327E1E51D22 22376960 ----a-w- C:\Windows\Sysnative\edgehtml.dll 2016-03-08 18:57:40 83012CF88DF6EC835B2308941B47CA8A 7474528 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2016-03-08 18:57:40 7C6B51E0233814D401905289AFD27BC5 1390592 ----a-w- C:\Windows\Sysnative\win32kbase.sys 2016-03-08 18:57:40 6855984AA46D2452A7C518787E1F2643 1996288 ----a-w- C:\Windows\Sysnative\ActiveSyncProvider.dll 2016-03-08 18:57:40 32509061F29DA432B62336A4462ADEBF 3593216 ----a-w- C:\Windows\Sysnative\win32kfull.sys 2016-03-08 18:57:39 408E62A03168C0016B986C80ECFD088C 24600576 ----a-w- C:\Windows\Sysnative\mshtml.dll 2016-03-08 18:57:38 2DDEA2BEDD3169F483C9BE610ADFE8B1 8705672 ----a-w- C:\Windows\Sysnative\Windows.Media.Protection.PlayReady.dll 2016-03-08 18:57:33 3E80E2B0C0010154CC504DC51BE21968 14252544 ----a-w- C:\Windows\Sysnative\wmp.dll 2016-03-08 18:57:32 F3FE9C939D684607118E306B98CEBBBC 22564328 ----a-w- C:\Windows\Sysnative\shell32.dll 2016-03-08 18:57:32 D169A4C1EDA2F63545628420014F2FE3 808800 ----a-w- C:\Windows\Sysnative\WWAHost.exe 2016-03-08 18:57:32 5CBB046266CD7CD1593354C93BCDBE91 870400 ----a-w- C:\Windows\Sysnative\modernexecserver.dll 2016-03-08 18:57:30 36EC82F0E399F36BD25F593D63DC144A 912384 ----a-w- C:\Windows\Sysnative\usermgr.dll 2016-03-08 18:57:30 043051E7D39381BC1DCA5B25236BBA72 11545600 ----a-w- C:\Windows\Sysnative\twinui.dll 2016-03-08 18:57:27 6E04BBE242E2889B37300C4DF5CE1126 3449168 ----a-w- C:\Windows\Sysnative\WSService.dll 2016-03-08 18:57:27 597AA6F5B21B1B15C87982FAFD1555EE 6607080 ----a-w- C:\Windows\Sysnative\windows.storage.dll 2016-03-08 18:57:25 EB850DDF36D7462F1ADC1B6A329CE266 7835648 ----a-w- C:\Windows\Sysnative\Chakra.dll 2016-03-08 18:57:25 DAB53783AD08864E873A6B7B874D1783 3671888 ----a-w- C:\Windows\Sysnative\iertutil.dll 2016-03-08 18:57:25 797497201A406D6CFDB72FE0545F990C 6972416 ----a-w- C:\Windows\Sysnative\Windows.Data.Pdf.dll 2016-03-08 18:57:24 2989A5B700D1C706ED496CCA75DCFA67 7533568 ----a-w- C:\Windows\Sysnative\mstscax.dll 2016-03-08 18:57:20 A6E666BC673DD38C3ECDB53FD83138E7 3993600 ----a-w- C:\Windows\Sysnative\SettingsHandlers_nt.dll 2016-03-08 18:57:20 186B00E5849DA43B2CEF58252105F3CE 5503488 ----a-w- C:\Windows\Sysnative\d2d1.dll 2016-03-08 18:57:19 40D666AEFB8775F25AA403EDB5D2414E 4894208 ----a-w- C:\Windows\Sysnative\jscript9.dll 2016-03-08 18:57:19 3FDFB93023689FBA65741B9D92C2D75A 7979008 ----a-w- C:\Windows\Sysnative\mos.dll 2016-03-08 18:57:18 BD70B866034C1366D74CCBB5CA97395E 2544264 ----a-w- C:\Windows\Sysnative\mfcore.dll 2016-03-08 18:57:18 6807A6D971AA7A26245397ADDFE3B5D8 2755584 ----a-w- C:\Windows\Sysnative\wininet.dll 2016-03-08 18:57:18 63F861960D2EA541831072D88E08EABA 3425792 ----a-w- C:\Windows\Sysnative\Windows.Media.dll 2016-03-08 18:57:17 BA4DB0DDCF88E0D609E085130773A034 2597888 ----a-w- C:\Windows\Sysnative\NetworkMobileSettings.dll 2016-03-08 18:57:17 722FA682ED9EA8B85FA843A5C8F39E61 2273792 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2016-03-08 18:57:16 F5AF729AD65041D74FED75E02DA4A4DC 138240 ----a-w- C:\Windows\Sysnative\ETWCoreUIComponentsResources.dll 2016-03-08 18:57:16 8CDC28FB78253481353A882FA3139FBB 2654872 ----a-w- C:\Windows\Sysnative\CoreUIComponents.dll 2016-03-08 18:57:16 70E822EC30C93426C2C51D8CB8BBCDDF 2587696 ----a-w- C:\Windows\Sysnative\msxml6.dll 2016-03-08 18:57:16 0DC4BEB16161362B4E46D117204D8566 2843136 ----a-w- C:\Windows\Sysnative\cdp.dll 2016-03-08 18:57:15 E48BBF1363F843E030757EC190DD33E6 2057216 ----a-w- C:\Windows\Sysnative\wlidsvc.dll 2016-03-08 18:57:15 A407435633C74CB1D6911DC05A90D939 2912256 ----a-w- C:\Windows\Sysnative\CertEnroll.dll 2016-03-08 18:57:15 50007CDB0F9801A7186F3E81D3377D12 2773096 ----a-w- C:\Windows\Sysnative\d3d11.dll 2016-03-08 18:57:14 FF0F6AAD313DCD878D2ECF1BA0B32478 2624512 ----a-w- C:\Windows\Sysnative\InputService.dll 2016-03-08 18:57:14 E4AFFF129D51A779B75164CB6D077FC1 1831936 ----a-w- C:\Windows\Sysnative\AppXDeploymentExtensions.dll 2016-03-08 18:57:14 7950D23F5542F6F8A9D41F046C01067F 2756096 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2016-03-08 18:57:13 F0D97E9816795E1AAA17396ABD2660C4 4827136 ----a-w- C:\Windows\Sysnative\ExplorerFrame.dll 2016-03-08 18:57:12 C62ACC8B1B1136464583F871EBB4ACE1 1946624 ----a-w- C:\Windows\Sysnative\dwmcore.dll 2016-03-08 18:57:12 9610CE53A9ED0789C8B669A5F86008F7 1054208 ----a-w- C:\Windows\Sysnative\audiosrv.dll 2016-03-08 18:57:12 45B88D0BBAB3EAA10883097C14C33678 1281376 ----a-w- C:\Windows\Sysnative\LicenseManager.dll 2016-03-08 18:57:11 91038CB7820CFB27E7C9D10320307301 1390080 ----a-w- C:\Windows\Sysnative\Windows.UI.Shell.dll 2016-03-08 18:57:11 8C8161E40F42E437161972E8866025D5 3355136 ----a-w- C:\Windows\Sysnative\msftedit.dll 2016-03-08 18:57:11 6F9775D843AA4595A3F60A60829B11A9 1098752 ----a-w- C:\Windows\Sysnative\dosvc.dll 2016-03-08 18:57:11 3DF25A56F18D2AB4CF58C1300C8CD323 2158592 ----a-w- C:\Windows\Sysnative\AppXDeploymentServer.dll 2016-03-08 18:57:11 2771EBB565F5C121E66060B173991D4D 1490432 ----a-w- C:\Windows\Sysnative\UserDataService.dll 2016-03-08 18:57:10 9A3D731707AC0059E0ACBD4E8CDF46E6 1731584 ----a-w- C:\Windows\Sysnative\urlmon.dll 2016-03-08 18:57:10 80AD89A1EF678960E13D977EF8C047A9 1750440 ----a-w- C:\Windows\Sysnative\WpcMon.exe 2016-03-08 18:57:09 F202F182FF6046869E2995DF333C5B2A 7199232 ----a-w- C:\Windows\Sysnative\BingMaps.dll 2016-03-08 18:57:09 C402B84B789382748EEEC04284781732 2606824 ----a-w- C:\Windows\Sysnative\combase.dll 2016-03-08 18:57:09 7118498F6E48758A2EF5A7D1982E2B62 1139712 ----a-w- C:\Windows\Sysnative\XblGameSave.dll 2016-03-08 18:57:08 EA195B8BC11C1CDB313CFD456EFFA0E9 997376 ----a-w- C:\Windows\Sysnative\schedsvc.dll 2016-03-08 18:57:08 669F733F85FEBE6F7438C66CBF7FD3FD 1062480 ----a-w- C:\Windows\Sysnative\mfmp4srcsnk.dll 2016-03-08 18:57:08 5CB2CB9410BD09BE144D64BF447D6582 1299504 ----a-w- C:\Windows\Sysnative\mfnetsrc.dll 2016-03-08 18:57:07 E7588419770BDDB510741F734D290E27 1318912 ----a-w- C:\Windows\Sysnative\wifinetworkmanager.dll 2016-03-08 18:57:07 CD2CC65DDF46F065BCC975C2BC89DD11 1648640 ----a-w- C:\Windows\Sysnative\comsvcs.dll 2016-03-08 18:57:07 218CEC10714AF029BF4D8BCE600AD1DA 819648 ----a-w- C:\Windows\Sysnative\mfmpeg2srcsnk.dll 2016-03-08 18:57:06 CB902A15DD21B363FECA5DCCF34F5C57 1224704 ----a-w- C:\Windows\Sysnative\Unistore.dll 2016-03-08 18:57:06 8AA095B5A4826840B348D0A94969CE1A 1268736 ----a-w- C:\Windows\Sysnative\Windows.UI.Xaml.Resources.dll 2016-03-08 18:57:06 5B5F518D6487FDCC9C40A74D3C72B8EE 828928 ----a-w- C:\Windows\Sysnative\Windows.AccountsControl.dll 2016-03-08 18:57:06 486C22DD70BE538B1C164AE38E130009 2352128 ----a-w- C:\Windows\Sysnative\authui.dll 2016-03-08 18:57:06 405A419F4CDAC3C18F91FEDBD146C0A8 948736 ----a-w- C:\Windows\Sysnative\XblAuthManager.dll 2016-03-08 18:57:06 350CFCC870E30BEE151F3DFB83BD0178 1017032 ----a-w- C:\Windows\Sysnative\mfsrcsnk.dll 2016-03-08 18:57:06 2EC83C9326B6731398674C0C0CB1636F 1674240 ----a-w- C:\Windows\Sysnative\quartz.dll 2016-03-08 18:57:05 FFD04E8263FC9CDB89BAD8C27C337223 794112 ----a-w- C:\Windows\Sysnative\winhttp.dll 2016-03-08 18:57:05 549A1696E594E6939C210972B4AD9747 824320 ----a-w- C:\Windows\Sysnative\WpcWebFilter.dll 2016-03-08 18:57:04 D79FFE2219AE3BA3B871BA2D39B16519 1152328 ----a-w- C:\Windows\Sysnative\mfasfsrcsnk.dll 2016-03-08 18:57:04 B67BE37DB6E01693A8529DBC4B2A1C88 970752 ----a-w- C:\Windows\Sysnative\kerberos.dll 2016-03-08 18:57:04 80D6AF1D9BE30E386322E9E723F7B6DE 1387520 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2016-03-08 18:57:04 6BB898FE9AE437C3D9D1F4920B92B1C3 1500672 ----a-w- C:\Windows\Sysnative\RecoveryDrive.exe 2016-03-08 18:57:04 5C6B3AFF685A17163315276E86CE173E 696160 ----a-w- C:\Windows\Sysnative\NetSetupEngine.dll 2016-03-08 18:57:04 0088614FE67298E6996AD19B05AE90C7 1997328 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2016-03-08 18:57:03 C9BFE1D6420BFADB249162039C321F63 1131520 ----a-w- C:\Windows\Sysnative\Windows.Media.Audio.dll 2016-03-08 18:57:03 9D9A25E3E658EAC6FA9BC1BC23168516 1092456 ----a-w- C:\Windows\Sysnative\mfplat.dll 2016-03-08 18:57:03 98112F9B965646D338896FD7B13BB32E 1173344 ----a-w- C:\Windows\Sysnative\aeinv.dll 2016-03-08 18:57:03 69B4974176206D7276B733B30BCE442E 1717248 ----a-w- C:\Windows\Sysnative\GdiPlus.dll 2016-03-08 18:57:03 3A1FCBE9103770CF17F81EBD9809FE1B 697856 ----a-w- C:\Windows\Sysnative\PlayToManager.dll 2016-03-08 18:57:03 39D5E08E69BFC5CBFA94EE09656D6427 1713664 ----a-w- C:\Windows\Sysnative\SRHInproc.dll 2016-03-08 18:57:03 1C8474EF741ABA77E53BE94DE8E89D26 990720 ----a-w- C:\Windows\Sysnative\SettingSyncCore.dll 2016-03-08 18:57:03 15D174719872A30F2FDD6B5B1B8BA5D9 1613664 ----a-w- C:\Windows\Sysnative\diagtrack.dll 2016-03-08 18:57:03 01AE64981A7C7AE4F84799931D8DAAD1 900608 ----a-w- C:\Windows\Sysnative\Windows.Networking.BackgroundTransfer.dll 2016-03-08 18:57:02 FEBBA212353E4FA90C6164AA970B772F 536256 ----a-w- C:\Windows\Sysnative\AudioSes.dll 2016-03-08 18:57:02 FA7FE5ECB4E0103F132BB00E526E67EF 852480 ----a-w- C:\Windows\Sysnative\Windows.ApplicationModel.Store.dll 2016-03-08 18:57:02 F232BE986A85BA857E7C5FDBEFC71653 1415200 ----a-w- C:\Windows\Sysnative\msctf.dll 2016-03-08 18:57:02 C64B693DF26EB7BFF25F9BAD8B54D571 649216 ----a-w- C:\Windows\Sysnative\ngcsvc.dll 2016-03-08 18:57:02 8AF0CBE3FC6129C42D7A2A73B681F226 1118208 ----a-w- C:\Windows\Sysnative\localspl.dll 2016-03-08 18:57:02 751F5B6AF16546162E06211AF1FC2979 794888 ----a-w- C:\Windows\Sysnative\mfds.dll 2016-03-08 18:57:02 4DAAEB83744362082EA91B05C9CC13F3 604672 ----a-w- C:\Windows\Sysnative\vbscript.dll 2016-03-08 18:57:02 45FDB4ACF680DF92D6510F77E7FF3E7F 713568 ----a-w- C:\Windows\Sysnative\invagent.dll 2016-03-08 18:57:02 2985697A74DE409D53C6ACD2CD30FDAA 1818696 ----a-w- C:\Windows\Sysnative\ntdll.dll 2016-03-08 18:57:02 03EB1EBAB72BB8322C30D070C346EA33 1395200 ----a-w- C:\Windows\Sysnative\UIAutomationCore.dll 2016-03-08 18:57:01 E9A0D466F6D8EC349DB526146618BCB6 606720 ----a-w- C:\Windows\Sysnative\wcmsvc.dll 2016-03-08 18:57:01 A1A4838C326E1C33AACAD537E84880D3 851456 ----a-w- C:\Windows\Sysnative\MapsStore.dll 2016-03-08 18:57:01 96BAB1499995B85B91C312BA5114CA03 1322248 ----a-w- C:\Windows\Sysnative\ole32.dll 2016-03-08 18:57:01 3FAD094B789D7D8C130D474A8FD479D6 785088 ----a-w- C:\Windows\Sysnative\evr.dll 2016-03-08 18:57:01 25086E02B6C3F34BC4646C134C3E1769 1042432 ----a-w- C:\Windows\Sysnative\BingOnlineServices.dll 2016-03-08 18:57:01 21098276051C6BEBBA7C8EB79AAF4E22 938496 ----a-w- C:\Windows\Sysnative\ContactApis.dll 2016-03-08 18:57:00 EA30B6E587862DF15E35525C60CCAFA9 838144 ----a-w- C:\Windows\Sysnative\uDWM.dll 2016-03-08 18:57:00 BAEFEFB04D7F9A554C029FBA52A02BB8 652392 ----a-w- C:\Windows\Sysnative\dxgi.dll 2016-03-08 18:57:00 9C4C3EB6A2371A2038E2BB3A9D54CDE0 498448 ----a-w- C:\Windows\Sysnative\MFCaptureEngine.dll 2016-03-08 18:57:00 7B24B823404D53DA4748F21AD2BF04C9 584704 ----a-w- C:\Windows\Sysnative\winlogon.exe 2016-03-08 18:57:00 7489ACBF86C3774E7EF0DC8C7616B07E 641536 ----a-w- C:\Windows\Sysnative\enterprisecsps.dll 2016-03-08 18:57:00 6FF8248F3A9D69A095C7F3F42BC29CB2 440152 ----a-w- C:\Windows\Sysnative\services.exe 2016-03-08 18:57:00 5548D83C60E37CBB1B451A1108D4142C 513888 ----a-w- C:\Windows\Sysnative\devinv.dll 2016-03-08 18:57:00 186BAF9C9F422E6B784E4C990585E2E3 673792 ----a-w- C:\Windows\Sysnative\Windows.UI.dll 2016-03-08 18:56:59 F07301C282AA222C33F8C28B4F545275 591872 ----a-w- C:\Windows\Sysnative\SmsRouterSvc.dll 2016-03-08 18:56:59 D12D3DD397A35EF06CDF41C1A9E3EE45 613376 ----a-w- C:\Windows\Sysnative\SettingSync.dll 2016-03-08 18:56:59 B37F21B4C25BF10605A196791F93E324 360448 ----a-w- C:\Windows\Sysnative\vaultsvc.dll 2016-03-08 18:56:59 B174232356859EBB0CF8FA950119DA1E 159232 ----a-w- C:\Windows\Sysnative\DeviceCensus.exe 2016-03-08 18:56:59 A80237F337639402450C5F6CE9B75C94 474624 ----a-w- C:\Windows\Sysnative\NetSetupShim.dll 2016-03-08 18:56:59 69E727F94BEA64E66C284F3C482F33E6 1035776 ----a-w- C:\Windows\Sysnative\XboxNetApiSvc.dll 2016-03-08 18:56:59 69B6B69C95E1FBDC796F5B2019A8B24D 791744 ----a-w- C:\Windows\Sysnative\generaltel.dll 2016-03-08 18:56:59 6817CD1A33EB94CDE8FBBCB7E3C4E469 1317640 ----a-w- C:\Windows\Sysnative\winload.efi 2016-03-08 18:56:59 557496EE056CEF8D1D569D2663BC701F 988160 ----a-w- C:\Windows\Sysnative\SharedStartModel.dll 2016-03-08 18:56:59 4EB351CB5A23E0F7AB2B7137374EFB85 870400 ----a-w- C:\Windows\Sysnative\wpncore.dll 2016-03-08 18:56:59 453740989239803FE363FF8B40EA2E08 2295808 ----a-w- C:\Windows\Sysnative\wlansvc.dll 2016-03-08 18:56:59 3932940E0DB7A31B00A415F6B3D3E242 700416 ----a-w- C:\Windows\Sysnative\AppointmentApis.dll 2016-03-08 18:56:59 0307E9C189E8FD376109265BAD5E3475 784384 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2016-03-08 18:56:58 BC767AD01E4DAFD08C21D5D07CC290C9 567808 ----a-w- C:\Windows\Sysnative\MCRecvSrc.dll 2016-03-08 18:56:58 A9073B21B807C28A5A2246BB1440E823 1030416 ----a-w- C:\Windows\Sysnative\winresume.efi 2016-03-08 18:56:58 8465AF051B7C887C0D163AB939FDF570 358752 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2016-03-08 18:56:58 43B6BF7F95CF7D60599740EF2BF0DDD8 938496 ----a-w- C:\Windows\Sysnative\MapControlCore.dll 2016-03-08 18:56:58 29C0CB42B16F323AB8003A73B7E81DD5 1141504 ----a-w- C:\Windows\Sysnative\winload.exe 2016-03-08 18:56:57 D02F3E132E6AD02F2CB4F9991FB77B56 1270072 ----a-w- C:\Windows\Sysnative\WinTypes.dll 2016-03-08 18:56:57 9972A886D911234F833A265D5D641D30 587776 ----a-w- C:\Windows\Sysnative\bisrv.dll 2016-03-08 18:56:57 839F7EC52C8E6888C4E9120E68652438 589312 ----a-w- C:\Windows\Sysnative\MbaeApi.dll 2016-03-08 18:56:57 67C00AEDBE4B3AD408A4910A357E046F 786696 ----a-w- C:\Windows\Sysnative\WMADMOD.DLL 2016-03-08 18:56:57 4098813724BDAC23A74DD6E75CA360CC 450560 ----a-w- C:\Windows\Sysnative\Windows.Internal.Bluetooth.dll 2016-03-08 18:56:56 F7526C133AC265F283012E9CD751F873 625000 ----a-w- C:\Windows\Sysnative\ClipSVC.dll 2016-03-08 18:56:56 D1824F779289CA26635A186FF30C0F92 858952 ----a-w- C:\Windows\Sysnative\mfnetcore.dll 2016-03-08 18:56:56 9BE5ECE2F17B3BEDE6FDE1175BD23266 376536 ----a-w- C:\Windows\Sysnative\Windows.Media.MediaControl.dll 2016-03-08 18:56:56 93373D10F0F00D1DEE2EB822654735A5 275968 ----a-w- C:\Windows\Sysnative\facecredentialprovider.dll 2016-03-08 18:56:56 57606281E23B0F53347527691E947B2B 749056 ----a-w- C:\Windows\Sysnative\PhoneService.dll 2016-03-08 18:56:55 F9B6E75F16F92CB79F68DA3ABCB576E0 989536 ----a-w- C:\Windows\Sysnative\SecConfig.efi 2016-03-08 18:56:55 B84FEAB09387BECCA1900E4BFBD899A9 1009152 ----a-w- C:\Windows\Sysnative\WMSPDMOD.DLL 2016-03-08 18:56:55 96B060E7FDDD6E2902282C12C3BFD6AE 630632 ----a-w- C:\Windows\Sysnative\fontdrvhost.exe 2016-03-08 18:56:55 6D31FB3E4263749BD994B3895322D799 982016 ----a-w- C:\Windows\Sysnative\AppxPackaging.dll 2016-03-08 18:56:55 56027D21265759F4EADD0555E7915D9A 957952 ----a-w- C:\Windows\Sysnative\SRH.dll 2016-03-08 18:56:55 5125BB69518578E5EDC4117BABF2A687 874968 ----a-w- C:\Windows\Sysnative\winresume.exe 2016-03-08 18:56:54 FF07BE14ED82E218C3EEE7C986118A2E 307712 ----a-w- C:\Windows\Sysnative\usbmon.dll 2016-03-08 18:56:54 F3B1BFB19C6A47DE7706A9CF1A177028 526856 ----a-w- C:\Windows\Sysnative\mfreadwrite.dll 2016-03-08 18:56:54 DD97EF0AE9224B8C1161736E033C03F1 1399224 ----a-w- C:\Windows\Sysnative\user32.dll 2016-03-08 18:56:54 D1241DFC397FA8CCFB4BB4B63AAD31AC 755712 ----a-w- C:\Windows\Sysnative\spoolsv.exe 2016-03-08 18:56:54 C3F15E167CB84E2E6027AF17D49D5904 372224 ----a-w- C:\Windows\Sysnative\MDEServer.exe 2016-03-08 18:56:54 BEF109D45139E2646C116DD9B6E53E3C 847360 ----a-w- C:\Windows\Sysnative\netlogon.dll 2016-03-08 18:56:54 844EB2280A13842B9919DCD0113F5487 343552 ----a-w- C:\Windows\Sysnative\SensorsApi.dll 2016-03-08 18:56:54 836DC2848B800FC890E8FCF96F5E639B 458752 ----a-w- C:\Windows\Sysnative\PlayToDevice.dll 2016-03-08 18:56:54 717FDDACE38C314CA5A517E12162CC6D 216576 ----a-w- C:\Windows\Sysnative\QuickActionsDataModel.dll 2016-03-08 18:56:54 7014B74B0F62698EC891A19A781689D5 337840 ----a-w- C:\Windows\Sysnative\MFPlay.dll 2016-03-08 18:56:54 53AC4B2658807691D2A485EE0F8A50E9 463360 ----a-w- C:\Windows\Sysnative\wlansec.dll 2016-03-08 18:56:54 48E90F12346EE70764CEE435826ABD31 493568 ----a-w- C:\Windows\Sysnative\mfmkvsrcsnk.dll 2016-03-08 18:56:54 333F190DFAE2E1EE500234B78ADDA297 640472 ----a-w- C:\Windows\Sysnative\wer.dll 2016-03-08 18:56:54 2E165E1CF278FC2B4959B825642A595B 558080 ----a-w- C:\Windows\Sysnative\MBMediaManager.dll 2016-03-08 18:56:54 28CFFDB411375B2BBB0EBF295ABAEF29 382464 ----a-w- C:\Windows\Sysnative\wuuhext.dll 2016-03-08 18:56:54 285D92DAC2C93818615C70A5719DD1F8 440320 ----a-w- C:\Windows\Sysnative\CredProvDataModel.dll 2016-03-08 18:56:53 9CB84B6398F10BCF0CE357F2C7B6056D 286720 ----a-w- C:\Windows\Sysnative\deviceaccess.dll 2016-03-08 18:56:53 9C17CF2D05F8DA5AC66880B6BEE64E7D 190464 ----a-w- C:\Windows\Sysnative\wscsvc.dll 2016-03-08 18:56:53 7E81E3E0D7F83BFE3C3975020B6C7F12 163840 ----a-w- C:\Windows\Sysnative\TimeBrokerServer.dll 2016-03-08 18:56:53 777F439F1E5989777805647F1684529D 2127360 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2016-03-08 18:56:53 72534830694CCABA9A5CBA33F9771C63 260608 ----a-w- C:\Windows\Sysnative\MTFServer.dll 2016-03-08 18:56:53 6E0BFE7FAFAC7B5D0C13062D5884B135 369912 ----a-w- C:\Windows\Sysnative\audiodg.exe 2016-03-08 18:56:52 FB2FBCF8AD0DF4F8A50B1639F0256D83 555520 ----a-w- C:\Windows\Sysnative\SyncController.dll 2016-03-08 18:56:52 DFDA465D7D14906ECC04071E20D0F19E 644096 ----a-w- C:\Windows\Sysnative\uReFS.dll 2016-03-08 18:56:52 DEEA03E61DCE718C64BF68D446E8ABA0 1309376 ----a-w- C:\Windows\Sysnative\appraiser.dll 2016-03-08 18:56:52 C7A6CC05D5D1BE5A863F858D963F7E0C 628736 ----a-w- C:\Windows\Sysnative\MessagingDataModel2.dll 2016-03-08 18:56:52 92F74BF86088520654BD5636A69E37F1 848168 ----a-w- C:\Windows\Sysnative\mfsvr.dll 2016-03-08 18:56:52 90AA1A4C3B4FF984BB33D74C23D71536 678912 ----a-w- C:\Windows\Sysnative\qedit.dll 2016-03-08 18:56:52 7677EA28D43C73FBD58BFA7C8E21FE97 479232 ----a-w- C:\Windows\Sysnative\schannel.dll 2016-03-08 18:56:52 334A9D347CC52E7581DC21FA7CDBB261 515584 ----a-w- C:\Windows\Sysnative\LogonController.dll 2016-03-08 18:56:52 140201A765860592F320B6AD6AA35155 235008 ----a-w- C:\Windows\Sysnative\MTF.dll 2016-03-08 18:56:52 11B74BAF9BD95FC3B7F17658A8CDBF3C 1804664 ----a-w- C:\Windows\Sysnative\WMALFXGFXDSP.dll 2016-03-08 18:56:51 F8083C536BEDE61AFB4069D8A8C16DA7 456704 ----a-w- C:\Windows\Sysnative\ipnathlp.dll 2016-03-08 18:56:51 E00F94FADD6FE28F62841F8D31EF47BF 1594408 ----a-w- C:\Windows\Sysnative\gdi32.dll 2016-03-08 18:56:51 D20C52607024BD08A88CF1CA6B339C9B 517632 ----a-w- C:\Windows\Sysnative\winspool.drv 2016-03-08 18:56:51 C3D11EE0D07D6CAF9F8D4073B9F5579E 557056 ----a-w- C:\Windows\Sysnative\PsmServiceExtHost.dll 2016-03-08 18:56:51 BF53DA0A9C4BC6A0D8DCF529154DBF74 538632 ----a-w- C:\Windows\Sysnative\WWanAPI.dll 2016-03-08 18:56:51 A74C62AE99A015CD6275F0D8D8843886 342016 ----a-w- C:\Windows\Sysnative\SensorService.dll 2016-03-08 18:56:51 642EFABF900374FA85639D83B5533AFD 621568 ----a-w- C:\Windows\Sysnative\wbiosrvc.dll 2016-03-08 18:56:51 6072C7DB85FD3FE8D308EE44865C04DE 305664 ----a-w- C:\Windows\Sysnative\wifiprofilessettinghandler.dll 2016-03-08 18:56:51 5B50521452D87A439A87B1EAEBC138C7 208896 ----a-w- C:\Windows\Sysnative\storewuauth.dll 2016-03-08 18:56:51 3D58D04A9269CE21B61960544A05573D 204288 ----a-w- C:\Windows\Sysnative\NetSetupSvc.dll 2016-03-08 18:56:51 3CE8EBC0B1A74A7AC639C5FAFC549CCA 436736 ----a-w- C:\Windows\Sysnative\AppXDeploymentClient.dll 2016-03-08 18:56:51 29A61BF9EAB31507C36060CFAFEBE154 234504 ----a-w- C:\Windows\Sysnative\mftranscode.dll 2016-03-08 18:56:50 EAB4B1DD5E18EE57853ACD0156AE92E6 199168 ----a-w- C:\Windows\Sysnative\InstallAgent.exe 2016-03-08 18:56:50 D53F94A3F5DA461209C6128D5337FFF1 304752 ----a-w- C:\Windows\Sysnative\systemreset.exe 2016-03-08 18:56:50 9953FA89A4E3BC33296DAFB1ACFDC62F 617984 ----a-w- C:\Windows\Sysnative\StorSvc.dll 2016-03-08 18:56:50 960E3DB158FC9D262EE33D928AEDA3F5 320000 ----a-w- C:\Windows\Sysnative\cryptngc.dll 2016-03-08 18:56:50 8E3B324D6479A63B6F23D663307D53A1 477696 ----a-w- C:\Windows\Sysnative\srcore.dll 2016-03-08 18:56:50 7DD3B4B77A787E06A6B3DC9AE7B451E0 292352 ----a-w- C:\Windows\Sysnative\provengine.dll 2016-03-08 18:56:50 6E76BB89EED6C2BD7B1E7B5F9A1C41F0 320000 ----a-w- C:\Windows\Sysnative\MSFlacDecoder.dll 2016-03-08 18:56:50 63B9376F17E6DE7DE8B25BC6F3319A98 671472 ----a-w- C:\Windows\Sysnative\advapi32.dll 2016-03-08 18:56:50 57C2033773055CEE5963EBCB999337F8 210432 ----a-w- C:\Windows\Sysnative\wcmcsp.dll 2016-03-08 18:56:50 46D84D62993CEB88542EFA438F4D6E82 167936 ----a-w- C:\Windows\Sysnative\dafBth.dll 2016-03-08 18:56:50 42BF7FA295F453618104B5A50BEE105B 275456 ----a-w- C:\Windows\Sysnative\AudioEndpointBuilder.dll 2016-03-08 18:56:50 3EEB5260D4321F7F124955E1D228FDF2 274944 ----a-w- C:\Windows\Sysnative\DisplayManager.dll 2016-03-08 18:56:50 28343B7C30E6AF073B02288EB579D984 476728 ----a-w- C:\Windows\Sysnative\msvproc.dll 2016-03-08 18:56:50 18CE63A5B5EB84FF7F9F575C8FE53F44 931328 ----a-w- C:\Windows\Sysnative\MSMPEG2ENC.DLL 2016-03-08 18:56:50 0A9C90159378EAF0F45AF2275156EF0D 264544 ----a-w- C:\Windows\Sysnative\ContentDeliveryManager.Utilities.dll 2016-03-08 18:56:49 F01ADB9BD13B60B6AB9538447F901921 365568 ----a-w- C:\Windows\Sysnative\atmfd.dll 2016-03-08 18:56:49 D229D73154CD66884BEAD67393ABE5C7 726528 ----a-w- C:\Windows\Sysnative\wlidcli.dll 2016-03-08 18:56:49 C78D43083400B8FAE408FEB1E99F9DA8 1847808 ----a-w- C:\Windows\Sysnative\WMPDMC.exe 2016-03-08 18:56:49 A34D9229F8D3A7164247213C9A283DB0 189952 ----a-w- C:\Windows\Sysnative\WiFiDisplay.dll 2016-03-08 18:56:49 95B9A9F4D41A54FD421CF6F7323B87FF 126464 ----a-w- C:\Windows\Sysnative\dialserver.dll 2016-03-08 18:56:49 903F7858A69A95836B0C1D36CBEC5E5B 387072 ----a-w- C:\Windows\Sysnative\qdvd.dll 2016-03-08 18:56:49 8EC4F381818F8A073DEC52C6D1ED9C76 86016 ----a-w- C:\Windows\Sysnative\DeviceEnroller.exe 2016-03-08 18:56:49 83365A5A2632275C7B005B7A4995DCE1 416768 ----a-w- C:\Windows\Sysnative\dmenrollengine.dll 2016-03-08 18:56:49 6B058785608DAB0D191575E12A45201D 406528 ----a-w- C:\Windows\Sysnative\MusUpdateHandlers.dll 2016-03-08 18:56:49 55FB0D95CC3EF6A0EB40DBDBC529787A 1255936 ----a-w- C:\Windows\Sysnative\WMSPDMOE.DLL 2016-03-08 18:56:49 4EA244C67F3D3B0EB0CC694443D3F5AA 167936 ----a-w- C:\Windows\Sysnative\ProximityCommon.dll 2016-03-08 18:56:49 467F2BD2CC73E322839B3AED763BA2DC 193024 ----a-w- C:\Windows\Sysnative\SimCfg.dll 2016-03-08 18:56:48 F93E9FA2A54843D6EC529E4754F12946 166400 ----a-w- C:\Windows\Sysnative\MusNotification.exe 2016-03-08 18:56:48 E0932D924DA7C363F40E5B90DC9D2669 129536 ----a-w- C:\Windows\Sysnative\flvprophandler.dll 2016-03-08 18:56:48 CD8C4364BC6040C0226638EF37E13CBB 161280 ----a-w- C:\Windows\Sysnative\CallHistoryClient.dll 2016-03-08 18:56:48 C6F9333F6C5F326B075CBC062E33793D 7680 ----a-w- C:\Windows\Sysnative\readingviewresources.dll 2016-03-08 18:56:48 C177128E60700E43109584F33D0430F9 258048 ----a-w- C:\Windows\Sysnative\iassam.dll 2016-03-08 18:56:48 A84812FE1FC4EAE9BBD816A2AEE4830D 383488 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2016-03-08 18:56:48 A74CEC306AB99D74559F7075EDB60A9B 451584 ----a-w- C:\Windows\Sysnative\werui.dll 2016-03-08 18:56:48 85EB31A46D618AC52726253A32539082 221696 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2016-03-08 18:56:48 8321155AACF85779A42582B0CD5084A4 148992 ----a-w- C:\Windows\Sysnative\wshom.ocx 2016-03-08 18:56:48 7C20F3EC0BA5ACB8ED40CDEF41B0AC56 779384 ----a-w- C:\Windows\Sysnative\taskschd.dll 2016-03-08 18:56:48 446E107CFCFECA7EF4A79414E882D8C8 574976 ----a-w- C:\Windows\Sysnative\Windows.Networking.UX.EapRequestHandler.dll 2016-03-08 18:56:48 2362BCA98EAF8CE0487664467F720861 178176 ----a-w- C:\Windows\Sysnative\psmsrv.dll 2016-03-08 18:56:48 215C9C65601378F56BEECDECBD1EF4AE 216416 ----a-w- C:\Windows\Sysnative\AppxAllUserStore.dll 2016-03-08 18:56:48 0319FFA35F366D2FD1C9776DAA98FE96 299008 ----a-w- C:\Windows\Sysnative\microsoft-windows-system-events.dll 2016-03-08 18:56:47 BE8C62B0B7BBA8F1152A6A7FCF248404 915456 ----a-w- C:\Windows\Sysnative\configurationclient.dll 2016-03-08 18:56:47 7E1AE9B225DEA8A142BAE7AFFC2A78F5 160768 ----a-w- C:\Windows\Sysnative\SimAuth.dll 2016-03-08 18:56:47 79F73D66F612FE53C8E5E607FCDCFAB1 884736 ----a-w- C:\Windows\Sysnative\rasdlg.dll 2016-03-08 18:56:47 61C99C1A4BB5EE14563ED321A859ACB6 726528 ----a-w- C:\Windows\Sysnative\ChatApis.dll 2016-03-08 18:56:47 553F19DC6F3F73545CB17FCD7A8AE37B 870912 ----a-w- C:\Windows\Sysnative\MPSSVC.dll 2016-03-08 18:56:47 50FED971D0FAD2B990C0A05735761D62 733184 ----a-w- C:\Windows\Sysnative\rasapi32.dll 2016-03-08 18:56:47 2BCCAEB08EAF8C5D6BD024B3F020D0EA 790528 ----a-w- C:\Windows\Sysnative\EmailApis.dll 2016-03-08 18:56:46 F2E3456FD405F9BEACA0B8CF2BBDF0DE 202472 ----a-w- C:\Windows\Sysnative\wscapi.dll 2016-03-08 18:56:46 B58CE40AC84F1B068A2004400E68245B 87040 ----a-w- C:\Windows\Sysnative\MDMAppInstaller.exe 2016-03-08 18:56:46 7890990143812A452858058BBD52149F 297472 ----a-w- C:\Windows\Sysnative\thumbcache.dll 2016-03-08 18:56:46 703430E9FFF072334B247B5E88428331 288768 ----a-w- C:\Windows\Sysnative\vaultcli.dll 2016-03-08 18:56:46 6D0F04544716C90220B58008B4422B97 459776 ----a-w- C:\Windows\Sysnative\MapConfiguration.dll 2016-03-08 18:56:46 63A71E0B8BEF5FC3A5C9669B5C771A1C 286208 ----a-w- C:\Windows\Sysnative\provhandlers.dll 2016-03-08 18:56:46 610D0502400BDAFD4BB8EA10713234C7 74240 ----a-w- C:\Windows\Sysnative\SMSRouter.dll 2016-03-08 18:56:46 497EB340D13433E8FE53625103E0C2D0 146432 ----a-w- C:\Windows\Sysnative\AuthBroker.dll 2016-03-08 18:56:46 468D29ECE0AD7700B790A20FA2765313 408120 ----a-w- C:\Windows\Sysnative\AUDIOKSE.dll 2016-03-08 18:56:45 D754BB9E00B5D305617461E9C3CB6057 120320 ----a-w- C:\Windows\Sysnative\MapsBtSvc.dll 2016-03-08 18:56:45 B94746868C7AD8F0449662E8552E55DE 145920 ----a-w- C:\Windows\Sysnative\omadmclient.exe 2016-03-08 18:56:45 B8CBDF64077D764D26E6E0255270B7BF 224256 ----a-w- C:\Windows\Sysnative\PackageStateRoaming.dll 2016-03-08 18:56:45 815D17429CBDA7DD5D11AA57B379E94B 119320 ----a-w- C:\Windows\Sysnative\MP3DMOD.DLL 2016-03-08 18:56:45 6D7B4647F5FB25CE88E2555A9DFF1D2E 70656 ----a-w- C:\Windows\Sysnative\XblAuthManagerProxy.dll 2016-03-08 18:56:45 68B34C3558BEE0F6B822FA603E9AE441 258280 ----a-w- C:\Windows\Sysnative\sqmapi.dll 2016-03-08 18:56:45 5D88798FC34BB61C74256CDD66BDD205 318976 ----a-w- C:\Windows\Sysnative\domgmt.dll 2016-03-08 18:56:45 55A629331D5EB924A1926C18E5028243 764928 ----a-w- C:\Windows\Sysnative\fveapi.dll 2016-03-08 18:56:45 503FFDCC4319F7419DE2B201B03BDB54 305664 ----a-w- C:\Windows\Sysnative\ksproxy.ax 2016-03-08 18:56:45 4BCE40BC42A874A57B0E1B3E0FED0ABA 475648 ----a-w- C:\Windows\Sysnative\DDDS.dll 2016-03-08 18:56:45 47323DE2A684895004CE63EC66FB4AB4 401408 ----a-w- C:\Windows\Sysnative\sharemediacpl.dll 2016-03-08 18:56:45 3B36AFC1B127B13A82752A3F02CE9D8C 543232 ----a-w- C:\Windows\Sysnative\StoreAgent.dll 2016-03-08 18:56:45 38F068BA3D5CE3C53A025E1F9381CC54 115040 ----a-w- C:\Windows\Sysnative\NetSetupApi.dll 2016-03-08 18:56:45 2B91178DE30EF92DD383486485B0C97D 523776 ----a-w- C:\Windows\Sysnative\catsrvut.dll 2016-03-08 18:56:45 1D00BBEEE33FA7F64A8CBFF471968CB0 195072 ----a-w- C:\Windows\Sysnative\VCardParser.dll 2016-03-08 18:56:45 1C375486D1F6D0DD5281B76C750EEFA3 147456 ----a-w- C:\Windows\Sysnative\mtxoci.dll 2016-03-08 18:56:45 04BB77409644685810DBD63D86F5720E 99328 ----a-w- C:\Windows\Sysnative\ngckeyenum.dll 2016-03-08 18:56:44 DD57E9F1482E1A9BD2514F6D017DF58A 258560 ----a-w- C:\Windows\Sysnative\UserDataAccountApis.dll 2016-03-08 18:56:44 907B65AD953EA159B573A0BCC82F6DB0 243712 ----a-w- C:\Windows\Sysnative\cemapi.dll 2016-03-08 18:56:44 26DFF195B1A59942541CE199C586F0D4 43520 ----a-w- C:\Windows\Sysnative\usermgrcli.dll 2016-03-08 18:56:44 18DF88220B196D0D45644BC2730D6757 55296 ----a-w- C:\Windows\Sysnative\MusNotificationUx.exe 2016-03-08 18:56:43 FAB5054707064EA9881954F98D9150C0 85320 ----a-w- C:\Windows\Sysnative\OpenWith.exe 2016-03-08 18:56:43 F66EEB5365413D4B968C5B51D25F88B8 141560 ----a-w- C:\Windows\Sysnative\AuthHost.exe 2016-03-08 18:56:43 D974EACE921C3B1C78DD29334CC7F861 109056 ----a-w- C:\Windows\Sysnative\hlink.dll 2016-03-08 18:56:43 C6856D20BE1DB90407C9154B0EC319B9 77824 ----a-w- C:\Windows\Sysnative\provpackageapidll.dll 2016-03-08 18:56:43 95D2BD6AC94FB337AF69F8AFE056BEBE 147808 ----a-w- C:\Windows\Sysnative\wermgr.exe 2016-03-08 18:56:43 8A48AEAACC0F44E999BEC15BF017E74B 36864 ----a-w- C:\Windows\Sysnative\ztrace_maps.dll 2016-03-08 18:56:43 7BD715D15060E0B6E4AF222CA7120BD1 69632 ----a-w- C:\Windows\Sysnative\EnterpriseDesktopAppMgmtCSP.dll 2016-03-08 18:56:43 6CA51117CDDB89DB6AE9F196B01C3491 389992 ----a-w- C:\Windows\Sysnative\wlanapi.dll 2016-03-08 18:56:43 4C3A93515CA70A7017CBA3A6A95CF080 121856 ----a-w- C:\Windows\Sysnative\AppointmentActivation.dll 2016-03-08 18:56:43 09918925526BC0B5B823CF1A2473D909 412672 ----a-w- C:\Windows\Sysnative\wlanmsm.dll 2016-03-08 18:56:43 04F7878E7017105AB782353231561749 252928 ----a-w- C:\Windows\Sysnative\PimIndexMaintenance.dll 2016-03-08 18:56:42 F40D409308162E071561049ACADF753C 80600 ----a-w- C:\Windows\Sysnative\wwapi.dll 2016-03-08 18:56:42 CCFE330C465256D5D835E9248C676E9E 245840 ----a-w- C:\Windows\Sysnative\mfps.dll 2016-03-08 18:56:42 9920C9AD4528A4396D19BC03AA2D0882 58408 ----a-w- C:\Windows\Sysnative\SensorsNativeApi.dll 2016-03-08 18:56:42 8BACF65C95DA69173FA80F644502F9BC 26408 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2016-03-08 18:56:42 849275D7BF36660743973B8E28542E45 51680 ----a-w- C:\Windows\Sysnative\SensorsUtilsV2.dll 2016-03-08 18:56:42 5058E240BBD22D66CE29D9C3279C8A91 610816 ----a-w- C:\Windows\Sysnative\rastls.dll 2016-03-08 18:56:42 2DA8708EB1FCB83375A450D401A1ED09 74240 ----a-w- C:\Windows\Sysnative\mssign32.dll 2016-03-08 18:56:41 E78793375E53690605E4441078CCBF84 87552 ----a-w- C:\Windows\Sysnative\AppxSysprep.dll 2016-03-08 18:56:41 E432FCF8572682126C3362AA856DC4AE 221184 ----a-w- C:\Windows\Sysnative\PhoneCallHistoryApis.dll 2016-03-08 18:56:41 D4170CA7268AEDE7DE43EE54D7C8F639 256512 ----a-w- C:\Windows\Sysnative\accountaccessor.dll 2016-03-08 18:56:41 D1BB4122E41E04E2D8D57702396AE031 412512 ----a-w- C:\Windows\Sysnative\wifitask.exe 2016-03-08 18:56:41 A78E76034D230AFE6B74B57BAF8C8BF2 27648 ----a-w- C:\Windows\Sysnative\WiFiConfigSP.dll 2016-03-08 18:56:41 A249C98D869623F1AF0DB4BCFFF6D2A8 68096 ----a-w- C:\Windows\Sysnative\UserDataPlatformHelperUtil.dll 2016-03-08 18:56:41 77B2F9C522467B1FC8770028D09534DB 91648 ----a-w- C:\Windows\Sysnative\asycfilt.dll 2016-03-08 18:56:41 7185B16516478DF0061C2561C1B072CE 228352 ----a-w- C:\Windows\Sysnative\wsqmcons.exe 2016-03-08 18:56:41 6D7BC576DEC9750D5F8AED361E687384 704000 ----a-w- C:\Windows\Sysnative\CellularAPI.dll 2016-03-08 18:56:41 54C5C6E962A873A1D05394DFF553FD18 149504 ----a-w- C:\Windows\Sysnative\FilterDS.dll 2016-03-08 18:56:41 54051585F9E1A644C3ED024B639C0E32 231936 ----a-w- C:\Windows\Sysnative\KnobsCore.dll 2016-03-08 18:56:41 1C671129864880F66678D3B80316074E 56320 ----a-w- C:\Windows\Sysnative\provtool.exe 2016-03-08 18:56:40 F0BA42C8EB6ADB733E35D2EC7714408F 49152 ----a-w- C:\Windows\Sysnative\pcaui.exe 2016-03-08 18:56:40 EEA1E99FBC7D91A1A271012F2B4567BB 60416 ----a-w- C:\Windows\Sysnative\PimIndexMaintenanceClient.dll 2016-03-08 18:56:40 DEFF4C7B937F60923980D4BB7D1724B8 274944 ----a-w- C:\Windows\Sysnative\ExSMime.dll 2016-03-08 18:56:40 AFAF7063071A1124985A63382B2BC34C 161792 ----a-w- C:\Windows\Sysnative\AppxSip.dll 2016-03-08 18:56:40 67C1D042FA62E2294973FD0CD1F1BC36 192000 ----a-w- C:\Windows\Sysnative\provisioningcsp.dll 2016-03-08 18:56:40 156963089DF9C18AF330E08BFE41884D 165376 ----a-w- C:\Windows\Sysnative\provdatastore.dll 2016-03-08 18:56:40 0ED8556CB47EC7689D0046791F3427AE 26112 ----a-w- C:\Windows\Sysnative\wlansvcpal.dll 2016-03-08 18:56:39 FDB262D0B2C0790385B894AA4B2C0A6C 182784 ----a-w- C:\Windows\Sysnative\shutdownux.dll 2016-03-08 18:56:39 FBC8C56814642A7CA88ACBCA8DD1121F 145408 ----a-w- C:\Windows\Sysnative\dssvc.dll 2016-03-08 18:56:39 EBD07BD20B5E0E92A398566EF8720F79 31232 ----a-w- C:\Windows\Sysnative\seclogon.dll 2016-03-08 18:56:39 E9B10E704AD5B1BA5E531809C89A085B 93184 ----a-w- C:\Windows\Sysnative\wpninprc.dll 2016-03-08 18:56:39 E853D5823793FE6E5FB0351F256DC1F2 223232 ----a-w- C:\Windows\Sysnative\fveapibase.dll 2016-03-08 18:56:39 E1D8055043DF089DB8ADB67C21DF2CC4 70656 ----a-w- C:\Windows\Sysnative\POSyncServices.dll 2016-03-08 18:56:39 BAAB5AE1EC2A970C16FDA670882EEE39 79360 ----a-w- C:\Windows\Sysnative\cfgbkend.dll 2016-03-08 18:56:39 AA97AC06BFA15DA23C7C9C145A226C2D 25600 ----a-w- C:\Windows\Sysnative\wfapigp.dll 2016-03-08 18:56:39 9CEBBE3FB11718F2B2B2086102711C2E 19456 ----a-w- C:\Windows\Sysnative\rasautou.exe 2016-03-08 18:56:39 9AE80C03EA83537F17B286ECBBA13D43 184320 ----a-w- C:\Windows\Sysnative\fwbase.dll 2016-03-08 18:56:39 6A5290128257BC733107E7819648CA76 526336 ----a-w- C:\Windows\Sysnative\FirewallAPI.dll 2016-03-08 18:56:39 1D445E497D7BE9566D51BD60CA8B8CE7 175616 ----a-w- C:\Windows\Sysnative\Windows.UI.Core.TextInput.dll 2016-03-08 18:56:39 023338E1DA5B6E5C2EFC7E5ADA7929C5 685568 ----a-w- C:\Windows\Sysnative\scapi.dll 2016-03-08 18:56:38 E95EA71BD560BF02276DF339FA412FCB 472576 ----a-w- C:\Windows\Sysnative\DscCore.dll 2016-03-08 18:56:38 DD877B48C28AB34197AD88902971B81D 45056 ----a-w- C:\Windows\Sysnative\UserDataLanguageUtil.dll 2016-03-08 18:56:38 B6877446C93D3110E56C90CF13CBEC89 45568 ----a-w- C:\Windows\Sysnative\UserDataTypeHelperUtil.dll 2016-03-08 18:56:38 A0C330AAF06A36A13171A28FE4B582A2 92160 ----a-w- C:\Windows\Sysnative\policymanagerprecheck.dll 2016-03-08 18:56:38 88B38A7435DFA9B7E8F94F5D5FE999D2 66560 ----a-w- C:\Windows\Sysnative\moshost.dll 2016-03-08 18:56:38 70BA4CAAC5D621DCE88082DA0B1FF014 23552 ----a-w- C:\Windows\Sysnative\ExtrasXmlParser.dll 2016-03-08 18:56:38 3F8466CC13D1F614C8FAC24B1C030D59 214528 ----a-w- C:\Windows\Sysnative\Windows.Devices.Scanners.dll 2016-03-08 18:56:38 25DA92A03FFF1A620A950ED6209CDC8F 77312 ----a-w- C:\Windows\Sysnative\ProvPluginEng.dll 2016-03-08 18:56:38 20E6B1B1F23615B5CF21AC3CE0A2E227 52224 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2016-03-08 18:56:38 020AD2DA67F206DC160053F88454A0D4 111616 ----a-w- C:\Windows\Sysnative\UserDataTimeUtil.dll 2016-03-08 18:56:38 0053C878CDBA8F8D55339547EC2E99E8 269824 ----a-w- C:\Windows\Sysnative\moshostcore.dll 2016-03-08 18:56:37 9822B613AEB1CF24E05EFEE748160637 25088 ----a-w- C:\Windows\Sysnative\irmon.dll 2016-03-08 18:56:37 84ADBF35DAF6404148AE85973BE26D59 48640 ----a-w- C:\Windows\Sysnative\wfdprov.dll 2016-03-08 18:56:37 80021DC2AF64B92F3FA8935C0D5C81D7 69632 ----a-w- C:\Windows\Sysnative\wininetlui.dll 2016-03-08 18:56:37 561B71EE613240D3CC643E2E308BD3F7 248832 ----a-w- C:\Windows\Sysnative\UserMgrProxy.dll 2016-03-08 18:56:36 FF1FF1A83425C77D1CAFF9EC7AFA8C1F 108544 ----a-w- C:\Windows\Sysnative\InputLocaleManager.dll 2016-03-08 18:56:36 F6B9E6CB351D86A0C318B37E14B97656 196608 ----a-w- C:\Windows\Sysnative\fwpolicyiomgr.dll 2016-03-08 18:56:36 F2232A78D975E8F1B99DAC4873CBDC89 414720 ----a-w- C:\Windows\Sysnative\bcastdvr.exe 2016-03-08 18:56:36 DAFECF80513C6E6892BBEBB48D555A31 115712 ----a-w- C:\Windows\Sysnative\srpapi.dll 2016-03-08 18:56:36 C8C10002DF980C3830D103960957AA3C 1582080 ----a-w- C:\Windows\Sysnative\aitstatic.exe 2016-03-08 18:56:36 BF0B4D43097A7FEFE3F7F9EEC13C31FB 764928 ----a-w- C:\Windows\Sysnative\Chakradiag.dll 2016-03-08 18:56:36 AE46FC3FC01DA2DC876D75776F5943B0 86528 ----a-w- C:\Windows\Sysnative\AppCapture.dll 2016-03-08 18:56:36 5F8178A9C45D9C69819C63AFC5988C33 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2016-03-08 18:56:36 52B49D01CE8F8EEC3D557D2CCD46548B 17408 ----a-w- C:\Windows\Sysnative\rasadhlp.dll 2016-03-08 18:56:36 4F83D9D2478E3421BFA7B7F13FAD614B 130560 ----a-w- C:\Windows\Sysnative\winbio.dll 2016-03-08 18:56:36 266B9C1CC212C255ED61CB13CE3A98A4 13824 ----a-w- C:\Windows\Sysnative\sscoreext.dll 2016-03-08 18:56:36 1A0945D67F0499600E7B43A69210EC5B 41984 ----a-w- C:\Windows\Sysnative\TimeBrokerClient.dll 2016-03-08 18:56:36 0FEE16BB03B1A97A70121165E7414903 67584 ----a-w- C:\Windows\Sysnative\profext.dll 2016-03-08 18:56:36 0D7BB44BFFFA4E153F4EA1E05522D2C3 37376 ----a-w- C:\Windows\Sysnative\LaunchWinApp.exe 2016-03-08 18:56:35 B83CCF1BEECF4BCDE71FC431BAB9A790 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2016-03-08 18:56:35 B46D8BBF27B186B0AE7C57C88A1A6D93 6572032 ----a-w- C:\Windows\Sysnative\wwanmm.dll 2016-03-08 18:56:35 2C8130AFF9C3F0E99DE4B52A0A187CB3 118272 ----a-w- C:\Windows\Sysnative\fontsub.dll 2016-03-08 18:56:34 EFA47480BEB0968E3A18479593B2E60C 18944 ----a-w- C:\Windows\Sysnative\wshrm.dll 2016-03-08 18:56:34 671DA2607117AC3BC7C028C0A6F4555E 210432 ----a-w- C:\Windows\Sysnative\aepic.dll 2016-03-08 18:56:34 380A4E413E227A6445FDB5244181BAFF 1087488 ----a-w- C:\Windows\Sysnative\reseteng.dll 2016-03-08 18:56:33 F6D1F548315E07F98B6294940CCBE7FB 97280 ----a-w- C:\Windows\Sysnative\winhttpcom.dll 2016-03-08 18:56:33 E8C7F673B75210D3F35142361923C945 157184 ----a-w- C:\Windows\Sysnative\dmcertinst.exe 2016-03-08 18:56:33 D7ED1ADDC1D19A9D6A1C583A938F4AF4 465920 ----a-w- C:\Windows\Sysnative\wwanconn.dll 2016-03-08 18:56:33 D60BA4C76D194472D6602FF3D2D51ADE 106496 ----a-w- C:\Windows\Sysnative\rasauto.dll 2016-03-08 18:56:33 8A0BAD6F9EEFB0FCD1629F6366394380 1814528 ----a-w- C:\Windows\Sysnative\pnidui.dll 2016-03-08 18:56:33 781EFD88C2BD9A95CA6961E16AFF7332 168960 ----a-w- C:\Windows\Sysnative\mdmmigrator.dll 2016-03-08 18:56:33 096671DD1AA23C708FC4493C41D5DB82 13824 ----a-w- C:\Windows\Sysnative\rastlsext.dll 2016-03-08 18:56:32 B7D367ABFC188C1AC27C6C961694B5B4 1056256 ----a-w- C:\Windows\Sysnative\JpMapControl.dll 2016-03-08 18:56:32 8938F957903BBA18ED242AE4DBF419FD 73728 ----a-w- C:\Windows\Sysnative\wwancfg.dll 2016-03-08 18:56:32 7538F05A7C07DB69F6E82B67CAA67286 92160 ----a-w- C:\Windows\Sysnative\SensorsNativeApi.V2.dll 2016-03-08 18:56:32 716E299C1058C9F2030F31BC7270A210 52224 ----a-w- C:\Windows\Sysnative\Wwanpref.dll 2016-03-08 18:56:32 4E5B496EBD95AEE005F54EA49EECAAC6 72704 ----a-w- C:\Windows\Sysnative\MosStorage.dll 2016-03-08 18:56:32 4B4970CB5FF1D25B444F95A18ED8AF22 114688 ----a-w- C:\Windows\Sysnative\offlinelsa.dll 2016-03-08 18:56:32 35F9920E5B9757E2047C024063C9A279 988160 ----a-w- C:\Windows\Sysnative\NMAA.dll 2016-03-08 18:56:32 301A917544D10E9F28A946BA0E84C407 160768 ----a-w- C:\Windows\Sysnative\enrollmentapi.dll 2016-03-08 18:56:31 E0FBBE85A7DC215F97F7B81236CE2674 60928 ----a-w- C:\Windows\Sysnative\XblAuthTokenBrokerExt.dll 2016-03-08 18:56:31 DC59D9253F50A2D329945CBDBE3B8B7A 32256 ----a-w- C:\Windows\Sysnative\wups2.dll 2016-03-08 18:56:31 D0E812616609B1E6E3317FF46B9177C8 44032 ----a-w- C:\Windows\Sysnative\wsplib.dll 2016-03-08 18:56:31 BF1A001A4EBD005CB412E322F20DB0D7 75264 ----a-w- C:\Windows\Sysnative\EditBufferTestHook.dll 2016-03-08 18:56:31 9F171CF4EDEB38DB4CA906ABD535DC44 13312 ----a-w- C:\Windows\Sysnative\MapsBtSvcProxy.dll 2016-03-08 18:56:31 9E55D606C3CE9A37FB2FE5A419AE9CE6 30208 ----a-w- C:\Windows\Sysnative\StorageUsage.dll 2016-03-08 18:56:31 9AEEB769F72EF13134BC21BA1465CCE3 134656 ----a-w- C:\Windows\Sysnative\wificonnapi.dll 2016-03-08 18:56:31 8C86CB7C7725B196773451DE66602199 75776 ----a-w- C:\Windows\Sysnative\Windows.Networking.XboxLive.ProxyStub.dll 2016-03-08 18:56:31 80EEB2E91EE933EFB1384D9866BD997F 64000 ----a-w- C:\Windows\Sysnative\MosHostClient.dll 2016-03-08 18:56:31 7CDB2034A13C7009CFF479C170E21C90 55808 ----a-w- C:\Windows\Sysnative\rilproxy.dll 2016-03-08 18:56:31 5358F9A3A5C55ED1395BBFFCFA65F551 28672 ----a-w- C:\Windows\Sysnative\mapsupdatetask.dll 2016-03-08 18:56:31 52623F9ED4D00357F3874DD31BB232FD 45568 ----a-w- C:\Windows\Sysnative\atmlib.dll 2016-03-08 18:56:31 4AAD96366A51B26F50113A6393CB5587 42496 ----a-w- C:\Windows\Sysnative\mapstoasttask.dll 2016-03-08 18:56:31 46BF56CC45F3EBE9DCF04EA702F79FF7 64000 ----a-w- C:\Windows\Sysnative\ihvrilproxy.dll 2016-03-08 18:56:31 46668562A5BDD2D2F383CAD6D35DCB15 89088 ----a-w- C:\Windows\Sysnative\MapsCSP.dll 2016-03-08 18:56:31 3C9066503DE3E45CB98C8584DE19C186 28160 ----a-w- C:\Windows\Sysnative\nativemap.dll 2016-03-08 18:56:31 23B32FD7B58007D0407B8A4191AB76BB 28672 ----a-w- C:\Windows\Sysnative\WordBreakers.dll 2016-03-08 18:56:31 1CC123FE215B7FFBA4B7889FD13B32D5 36864 ----a-w- C:\Windows\Sysnative\BackgroundTransferHost.exe 2016-03-08 18:56:30 EBDDBFCAA0E8BF346F5DC13BC364B39E 110592 ----a-w- C:\Windows\Sysnative\Microsoft-Windows-MapControls.dll 2016-03-08 18:56:30 79EE5C9F9DF073C315D035A1785B502F 3072 ----a-w- C:\Windows\Sysnative\MapControlStringsRes.dll 2016-03-08 18:56:30 79BD0E63A9E54ED8AFFD19F43B5B83F2 264192 ----a-w- C:\Windows\Sysnative\NmaDirect.dll 2016-03-08 18:56:30 33F4AE1E913D7F865D0CFA716BDC9032 10240 ----a-w- C:\Windows\Sysnative\Microsoft-Windows-MosTrace.dll 2016-03-08 18:56:30 2031A1DA09AFF8A8BADFFF73511AF306 58368 ----a-w- C:\Windows\Sysnative\MosResource.dll 2016-03-08 18:56:30 183B210A411E23AC9C5374AEE5645312 36352 ----a-w- C:\Windows\Sysnative\UIAutomationCoreRes.dll 2016-03-08 18:56:30 08F0E6B466F44EA24CA1601F3196E43E 9728 ----a-w- C:\Windows\Sysnative\Microsoft-Windows-MosHost.dll 2016-02-29 19:02:09 0E4D45C44C41E2E8D4156C26F6331D92 112216 ----a-w- C:\Windows\Sysnative\NvRtmpStreamer64.dll 2016-02-29 19:00:58 8776536A8734F3C2A5313AFA7291DC49 99472 ----a-w- C:\Windows\Sysnative\nvaudcap64v.dll ====== C:\Windows\Sysnative\drivers ===== 2016-03-11 11:28:02 9949BBD5BB70C4D317B7549896132579 287016 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys 2016-03-11 11:28:02 7E66DFE6B62C6C34FD6B09DB6169E9F6 37656 ----a-w- C:\Windows\Sysnative\drivers\aswHwid.sys 2016-03-11 11:28:02 719B704109B933D819093CDDB156A7F1 1070904 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys 2016-03-11 11:28:02 43F46E7D103F46EC345B1056BDD2A60B 463744 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys 2016-03-11 11:28:02 219D0E2348629FAE4E6E3478C21B23D6 165344 ----a-w- C:\Windows\Sysnative\drivers\aswStm.sys 2016-03-11 11:28:02 1459AAD5C6A66A458C2D57EE6E080FA5 107792 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys 2016-03-11 11:28:02 0AA12ADF5F87B4A70BDBAED77F54B978 74544 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys 2016-03-11 11:28:02 0866D5FE02D614501B7B4AD5E1BC7B53 103064 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys 2016-03-08 18:57:13 F45665E77D11F3C1552EDBEAD1559DC8 1997152 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2016-03-08 18:57:11 58BFFEF692A47FCE3FAAEDBC8F3DCBBB 2152288 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2016-03-08 18:57:01 33190E86460C4FF7382848187463DC28 576864 ----a-w- C:\Windows\Sysnative\drivers\dxgmms2.sys 2016-03-08 18:57:00 CEFF59649E90987D263D96078724A54A 954368 ----a-w- C:\Windows\Sysnative\drivers\bthport.sys 2016-03-08 18:56:53 318E816717431D3C23DC82779900C744 1089880 ----a-w- C:\Windows\Sysnative\drivers\http.sys 2016-03-08 18:56:50 BF6CA7EA5ECD6CF72D3D76652A9B8280 144384 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2016-03-08 18:56:50 74727B8BF0227820660A79450F2D94EF 176640 ----a-w- C:\Windows\Sysnative\drivers\rfcomm.sys 2016-03-08 18:56:50 469441BAE3FF8A16826FC62C51EF5E18 563552 ----a-w- C:\Windows\Sysnative\drivers\acpi.sys 2016-03-08 18:56:49 F279536122B83FD0D8E158AA753E1B7C 238592 ----a-w- C:\Windows\Sysnative\drivers\xboxgip.sys 2016-03-08 18:56:49 DBBACE77DDE8CCFD85B37B114965C385 147968 ----a-w- C:\Windows\Sysnative\drivers\rmcast.sys 2016-03-08 18:56:48 0B3B0C1D86050355676640488FA897D3 430944 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-03-08 18:56:47 70165A0A2653FB8AFDE3D85000727F29 277856 ----a-w- C:\Windows\Sysnative\drivers\sdbus.sys 2016-03-08 18:56:46 F871CE85AF64D81A9CB6C361CF797144 185184 ----a-w- C:\Windows\Sysnative\drivers\dumpsd.sys 2016-03-08 18:56:46 DBACD4E4FE191D0CE7C624ACA389535E 29696 ----a-w- C:\Windows\Sysnative\drivers\xinputhid.sys 2016-03-08 18:56:46 A4411C522D41707D5BCA817A5BB9E30B 114688 ----a-w- C:\Windows\Sysnative\drivers\bridge.sys 2016-03-08 18:56:46 64D4F5DE44B64B8284BADE5819B5195A 394080 ----a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys 2016-03-08 18:56:45 DE6D7DC78D956928F59F7415A0F41E13 95072 ----a-w- C:\Windows\Sysnative\drivers\sdstor.sys 2016-03-08 18:56:45 1A490555FD330CA2764D89191177C867 285696 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-03-08 18:56:44 C24C27FDF93B85A4EFCF25F830253AA2 117248 ----a-w- C:\Windows\Sysnative\drivers\capimg.sys 2016-03-08 18:56:44 A1105260EEEE3DBD8D38FD054B22BD00 604928 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2016-03-08 18:56:43 EDDB0D726DBECDFC1DBCC6DB464E5A13 146272 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2016-03-08 18:56:43 36417FC4F11C31C880CB428037DEDF3F 112640 ----a-w- C:\Windows\Sysnative\drivers\bthenum.sys 2016-03-08 18:56:42 8949F77132A4F8F3BA17C6727099F002 127840 ----a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS 2016-03-08 18:56:41 B7E1CAA9429E4C3E7E01CB35B97E1536 534368 ----a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS 2016-03-08 18:56:41 7D8B9214692C4D0F1646215D9984E19A 161632 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-03-08 18:56:40 CC6C1393B423EBFF9F6696CB9CC4CBCB 245760 ----a-w- C:\Windows\Sysnative\drivers\BthLEEnum.sys 2016-03-08 18:56:39 F259A45D6B555B14CC8365AA6BC8DC20 67072 ----a-w- C:\Windows\Sysnative\drivers\usbser.sys 2016-03-08 18:56:37 0D279373091AA1BBEEE958AAF02B5EDF 84992 ----a-w- C:\Windows\Sysnative\drivers\BTHUSB.SYS 2016-03-08 18:56:36 E3C82823B22463BC38AA4F8ADA852624 104960 ----a-w- C:\Windows\Sysnative\drivers\rasl2tp.sys ====== C:\Windows\Tasks ====== 2016-03-11 12:28:55 -------- d-----w- C:\Windows\Sysnative\Tasks\COMODO 2016-03-11 11:28:07 E24526D50EA64680E924ABE1289E0AF8 4006 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-03-12 19:34:49 -------- d-----w- C:\Program Files\trend micro 2016-03-11 12:28:34 -------- d-----w- C:\Program Files\COMODO 2016-03-11 11:21:25 -------- d-----w- C:\Program Files\Dolby ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Michael\AppData\Roaming ====== 2016-03-14 13:14:24 -------- d-----w- C:\Users\Michael\AppData\Local\CrashDumps 2016-03-13 14:29:30 -------- d-----w- C:\Users\Michael\AppData\Local\Temp 2016-03-12 20:02:58 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow 2016-03-11 13:43:47 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\DataSharing 2016-03-03 20:49:11 -------- d-----w- C:\Users\Michael\AppData\Local\Diagnostics 2016-03-03 12:38:28 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2016-03-03 12:31:27 -------- d-----w- C:\Users\Michael\AppData\Local\ElevatedDiagnostics 2016-02-25 12:35:08 -------- d-----w- C:\Users\Michael\AppData\Local\NVIDIA Corporation 2016-02-21 16:46:31 -------- d-----w- C:\Users\Michael\AppData\Local\MicrosoftEdge 2016-02-21 16:37:42 -------- d-----w- C:\Users\Michael\AppData\Local\Comms 2016-02-21 16:26:02 -------- d-----w- C:\Users\Michael\AppData\Local\Power2Go8 2016-02-21 16:25:53 -------- d-----w- C:\Users\Michael\AppData\Local\NVIDIA 2016-02-21 16:25:22 -------- d-----w- C:\Users\Michael\AppData\Local\CyberLink 2016-02-21 16:24:08 -------- d-----w- C:\Users\Michael\AppData\Local\Publishers 2016-02-21 16:23:22 -------- d-----r- C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2016-02-21 16:23:22 -------- d-----r- C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2016-02-21 16:23:17 -------- d-----w- C:\Users\Michael\AppData\Local\Packages 2016-02-21 16:23:15 -------- d-----w- C:\Users\Michael\AppData\Local\TileDataLayer 2016-02-21 16:23:02 -------- d-----w- C:\Users\Michael\AppData\LocalLow 2016-02-21 16:23:01 -------- d-s---r- C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-02-21 16:23:01 -------- d-----w- C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-02-21 16:23:01 -------- d-----w- C:\Users\Michael\AppData\Roaming 2016-02-21 16:23:01 -------- d-----w- C:\Users\Michael\AppData\Local\Microsoft 2016-02-21 16:23:01 -------- d-----w- C:\Users\Michael\AppData\Local 2016-02-21 16:23:01 -------- d-----r- C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-02-21 16:23:01 -------- d-----r- C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-02-21 16:23:01 -------- d-----r- C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-02-21 16:23:01 -------- d-----r- C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-02-21 16:17:03 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\LocalLow ====== C:\Users\Michael ====== 2016-03-11 13:34:06 -------- d-----r- C:\Users\Michael\Desktop 2016-03-11 12:28:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO 2016-03-11 12:26:32 -------- d-----w- C:\ProgramData\Comodo 2016-03-11 11:21:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby 2016-03-11 11:21:25 -------- d-----w- C:\ProgramData\Dolby 2016-03-03 20:54:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2016-03-03 20:54:03 -------- d-----w- C:\ProgramData\EPSON 2016-02-21 16:28:46 -------- d-----r- C:\Users\Michael\OneDrive 2016-02-21 16:23:15 -------- d-sh--w- C:\Users\Michael\IntelGraphicsProfiles 2016-02-21 16:23:02 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Michael\ntuser.ini 2016-02-21 16:23:01 -------- d--h--w- C:\Users\Michael\AppData 2016-02-21 16:23:00 -------- d-----w- C:\Users\Michael\Roaming ====== C: exe-files == 2016-03-12 19:34:49 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Michael.exe 2016-03-12 17:07:11 E07281C1F0097664EE028DB06C11EBFE 7410504 ----a-w- C:\Users\Michael\AppData\Local\NVIDIA\NvBackend\Packages\000087f8\DAO.20529890.exe 2016-03-11 19:33:42 4EA3608F0611BE3BACFF0F53B265BD05 630200 ----a-w- C:\Users\Michael\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-03-11 19:33:38 7ADB989840104D5EB52F0A1A4811F131 172984 ----a-w- C:\Users\Michael\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-03-11 12:58:44 CA0C6CEBB04627E6D5063EA3EE0F921C 143659408 ----a-w- C:\Windows\System32\MRT.exe 2016-03-11 11:29:25 CBE6A51D10DA701BAFF2729EAD1BAC6B 398152 ----a-w- C:\Windows\System32\aswBoot.exe 2016-03-11 11:09:18 6FB144600FAE112D455DC5792091B42A 301728 ------w- C:\Windows\System32\MpSigStub.exe 2016-03-11 10:59:05 E4D26B91BBDC51ADF460F371323AECD1 8076992 ----a-w- C:\Users\Michael\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe 2016-03-11 10:59:05 E4D26B91BBDC51ADF460F371323AECD1 8076992 ----a-w- C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\OneDriveSetup.exe 2016-03-11 10:58:55 1E9D2587344160BB2AF16C503F062868 171712 ----a-w- C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe 2016-03-11 10:58:55 092405FB2D6BC20668BEA02647FE2393 164040 ----a-w- C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncConfig.exe 2016-03-08 18:57:40 83012CF88DF6EC835B2308941B47CA8A 7474528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-03-08 18:57:34 3B27CD5D7CE5023586EE861EE56069FB 7305072 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 2016-03-08 18:57:32 D169A4C1EDA2F63545628420014F2FE3 808800 ----a-w- C:\Windows\System32\WWAHost.exe 2016-03-08 18:57:32 A91A579274B3EF5DF8547CC643354CE7 167936 ----a-w- C:\Windows\System32\oobe\msoobe.exe 2016-03-08 18:57:32 A8EF9AEDACF24908E12E910BF3977DC9 703840 ----a-w- C:\Windows\SysWOW64\WWAHost.exe 2016-03-08 18:57:23 8ED88C794234FC7755366E0532471360 9371488 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 2016-03-08 18:57:16 95D730526EF81792CD6848D8D10FAA1C 4502352 ----a-w- C:\Windows\explorer.exe 2016-03-08 18:57:13 FCBCED2A237DCD7EF86CED551B731742 4064320 ----a-w- C:\Windows\SysWOW64\explorer.exe 2016-03-08 18:57:10 80AD89A1EF678960E13D977EF8C047A9 1750440 ----a-w- C:\Windows\System32\WpcMon.exe 2016-03-08 18:57:04 6BB898FE9AE437C3D9D1F4920B92B1C3 1500672 ----a-w- C:\Windows\System32\RecoveryDrive.exe 2016-03-08 18:57:00 7B24B823404D53DA4748F21AD2BF04C9 584704 ----a-w- C:\Windows\System32\winlogon.exe 2016-03-08 18:57:00 6FF8248F3A9D69A095C7F3F42BC29CB2 440152 ----a-w- C:\Windows\System32\services.exe 2016-03-08 18:56:59 B174232356859EBB0CF8FA950119DA1E 159232 ----a-w- C:\Windows\System32\DeviceCensus.exe 2016-03-08 18:56:59 AD1B282BDE4A19D7CE2D405409DBB8D0 1497088 ----a-w- C:\Windows\SysWOW64\WMPDMC.exe 2016-03-08 18:56:58 29C0CB42B16F323AB8003A73B7E81DD5 1141504 ----a-w- C:\Windows\System32\winload.exe 2016-03-08 18:56:58 29C0CB42B16F323AB8003A73B7E81DD5 1141504 ----a-w- C:\Windows\System32\Boot\winload.exe 2016-03-08 18:56:55 96B060E7FDDD6E2902282C12C3BFD6AE 630632 ----a-w- C:\Windows\System32\fontdrvhost.exe 2016-03-08 18:56:55 5125BB69518578E5EDC4117BABF2A687 874968 ----a-w- C:\Windows\System32\winresume.exe 2016-03-08 18:56:55 5125BB69518578E5EDC4117BABF2A687 874968 ----a-w- C:\Windows\System32\Boot\winresume.exe 2016-03-08 18:56:54 D1241DFC397FA8CCFB4BB4B63AAD31AC 755712 ----a-w- C:\Windows\System32\spoolsv.exe 2016-03-08 18:56:54 C3F15E167CB84E2E6027AF17D49D5904 372224 ----a-w- C:\Windows\System32\MDEServer.exe 2016-03-08 18:56:53 6E0BFE7FAFAC7B5D0C13062D5884B135 369912 ----a-w- C:\Windows\System32\audiodg.exe 2016-03-08 18:56:52 E25912F0DA86EF6D0812ED848BDA60C0 797024 ----a-w- C:\Windows\Boot\PCAT\memtest.exe 2016-03-08 18:56:52 0BD0029D4DB1AE29640692C2DDFA5C49 315760 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe 2016-03-08 18:56:50 EAB4B1DD5E18EE57853ACD0156AE92E6 199168 ----a-w- C:\Windows\System32\InstallAgent.exe 2016-03-08 18:56:50 D53F94A3F5DA461209C6128D5337FFF1 304752 ----a-w- C:\Windows\System32\systemreset.exe 2016-03-08 18:56:50 D1817C1F148C21EC4403186D731DF042 540752 ----a-w- C:\Windows\SysWOW64\fontdrvhost.exe 2016-03-08 18:56:50 3BFCD46B7D67D0B137BD54C2BE644C4A 161280 ----a-w- C:\Windows\SysWOW64\InstallAgent.exe 2016-03-08 18:56:50 09D8EBC01776C2D117918993EDDC19B2 1474560 ----a-w- C:\Program Files\Windows Media Player\wmpnetwk.exe 2016-03-08 18:56:49 C78D43083400B8FAE408FEB1E99F9DA8 1847808 ----a-w- C:\Windows\System32\WMPDMC.exe 2016-03-08 18:56:49 8EC4F381818F8A073DEC52C6D1ED9C76 86016 ----a-w- C:\Windows\System32\DeviceEnroller.exe 2016-03-08 18:56:48 F93E9FA2A54843D6EC529E4754F12946 166400 ----a-w- C:\Windows\System32\MusNotification.exe 2016-03-08 18:56:48 85EB31A46D618AC52726253A32539082 221696 ----a-w- C:\Windows\System32\ie4uinit.exe 2016-03-08 18:56:46 E7CD04555F47651B79A50DBA6148019C 820416 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2016-03-08 18:56:46 B58CE40AC84F1B068A2004400E68245B 87040 ----a-w- C:\Windows\System32\MDMAppInstaller.exe 2016-03-08 18:56:46 05CB7AA244D84ED3BB43FDA10413E2F8 815808 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2016-03-08 18:56:45 B94746868C7AD8F0449662E8552E55DE 145920 ----a-w- C:\Windows\System32\omadmclient.exe 2016-03-08 18:56:44 BD0C18CCF84C65F091F670181032BF75 2095968 ----a-w- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe 2016-03-08 18:56:44 18DF88220B196D0D45644BC2730D6757 55296 ----a-w- C:\Windows\System32\MusNotificationUx.exe 2016-03-08 18:56:43 FAB5054707064EA9881954F98D9150C0 85320 ----a-w- C:\Windows\System32\OpenWith.exe 2016-03-08 18:56:43 F66EEB5365413D4B968C5B51D25F88B8 141560 ----a-w- C:\Windows\System32\AuthHost.exe 2016-03-08 18:56:43 95D2BD6AC94FB337AF69F8AFE056BEBE 147808 ----a-w- C:\Windows\System32\wermgr.exe 2016-03-08 18:56:43 3EE26A3CAC87E359F09E8F904741B79C 602624 ----a-w- C:\Windows\System32\IME\IMEJP\IMJPDCT.EXE 2016-03-08 18:56:43 22725026F4DA5E8B132235CE9D70DAFB 343040 ----a-w- C:\Windows\System32\IME\SHARED\ImeBroker.exe 2016-03-08 18:56:42 FA457DEBC6875EF5DFC0DF6B7A1003B8 654688 ----a-w- C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe 2016-03-08 18:56:42 F7169F42A954DEAD789529859921BD36 81112 ----a-w- C:\Windows\SysWOW64\OpenWith.exe 2016-03-08 18:56:42 8BACF65C95DA69173FA80F644502F9BC 26408 ----a-w- C:\Windows\System32\wuauclt.exe 2016-03-08 18:56:42 7A2A3BAAA05C8124D95B2915E904F900 141664 ----a-w- C:\Windows\SysWOW64\wermgr.exe 2016-03-08 18:56:41 D1BB4122E41E04E2D8D57702396AE031 412512 ----a-w- C:\Windows\System32\wifitask.exe 2016-03-08 18:56:41 7185B16516478DF0061C2561C1B072CE 228352 ----a-w- C:\Windows\System32\wsqmcons.exe 2016-03-08 18:56:41 6ADEBB28E5AB802CC671523936CA51DA 264032 ----a-w- C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe 2016-03-08 18:56:41 1C671129864880F66678D3B80316074E 56320 ----a-w- C:\Windows\System32\provtool.exe 2016-03-08 18:56:40 F0BA42C8EB6ADB733E35D2EC7714408F 49152 ----a-w- C:\Windows\System32\pcaui.exe 2016-03-08 18:56:40 DBE39E4BDCC3D8F49A2B0277652120D0 41984 ----a-w- C:\Windows\SysWOW64\pcaui.exe 2016-03-08 18:56:40 CC1C7CA4077F0BFA920C70F2E4F48D82 219136 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe 2016-03-08 18:56:40 69F62BD8BA07B6A9FFA5827361D88D12 138240 ----a-w- C:\Windows\System32\oobe\windeploy.exe 2016-03-08 18:56:39 9CEBBE3FB11718F2B2B2086102711C2E 19456 ----a-w- C:\Windows\System32\rasautou.exe 2016-03-08 18:56:39 5BD26C1FD29FE0A3A42141CCAF21D5B3 491520 ----a-w- C:\Windows\SysWOW64\IME\IMEJP\IMJPDCT.EXE 2016-03-08 18:56:38 CF17C8CA575EC10ACDE1671CDED01B73 17408 ----a-w- C:\Windows\SysWOW64\rasautou.exe 2016-03-08 18:56:37 3FE3E8C8495C10BFEE0CBFF21EC14C2A 104448 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe 2016-03-08 18:56:36 F2232A78D975E8F1B99DAC4873CBDC89 414720 ----a-w- C:\Windows\System32\bcastdvr.exe 2016-03-08 18:56:36 C8C10002DF980C3830D103960957AA3C 1582080 ----a-w- C:\Windows\System32\aitstatic.exe 2016-03-08 18:56:36 0D7BB44BFFFA4E153F4EA1E05522D2C3 37376 ----a-w- C:\Windows\System32\LaunchWinApp.exe 2016-03-08 18:56:33 E8C7F673B75210D3F35142361923C945 157184 ----a-w- C:\Windows\System32\dmcertinst.exe 2016-03-08 18:56:33 A311E40B856ACCE11AD177AD40574385 356864 ----a-w- C:\Windows\SystemApps\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\XBox.TCUI.exe 2016-03-08 18:56:33 197948552BE23DACBEF10ECC8168FD11 29696 ----a-w- C:\Windows\SysWOW64\LaunchWinApp.exe 2016-03-08 18:56:32 583C928C02CD7A283AFB7A9007ECB444 578048 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe 2016-03-08 18:56:31 F60E1993D8D8FD2E23516C1278B209C1 34304 ----a-w- C:\Windows\SysWOW64\BackgroundTransferHost.exe 2016-03-08 18:56:31 1CC123FE215B7FFBA4B7889FD13B32D5 36864 ----a-w- C:\Windows\System32\BackgroundTransferHost.exe 2016-03-08 18:44:39 2384136459696BB8D996DA481DFFDFA7 610744 ----a-w- C:\Users\Michael\AppData\Local\NVIDIA\NvBackend\Packages\000087c4\CoProc update.20514959.exe === C: other files == 2016-03-12 20:03:27 65543A86C0A531EFB844187447450DBD 791679 ----a-w- C:\Users\Michael\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\CI3IH0J0\MSCasualGames[2].zip 2016-03-12 20:03:02 4378AF1A81F709B223583885A6E6DA21 2887 ----a-w- C:\Users\Michael\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\C40U5DR2\manifest[1].zip 2016-03-11 11:28:02 9949BBD5BB70C4D317B7549896132579 287016 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2016-03-11 11:28:02 7E66DFE6B62C6C34FD6B09DB6169E9F6 37656 ----a-w- C:\Windows\System32\drivers\aswHwid.sys 2016-03-11 11:28:02 719B704109B933D819093CDDB156A7F1 1070904 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2016-03-11 11:28:02 43F46E7D103F46EC345B1056BDD2A60B 463744 ----a-w- C:\Windows\System32\drivers\aswSP.sys 2016-03-11 11:28:02 219D0E2348629FAE4E6E3478C21B23D6 165344 ----a-w- C:\Windows\System32\drivers\aswStm.sys 2016-03-11 11:28:02 1459AAD5C6A66A458C2D57EE6E080FA5 107792 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2016-03-11 11:28:02 0AA12ADF5F87B4A70BDBAED77F54B978 74544 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2016-03-11 11:28:02 0866D5FE02D614501B7B4AD5E1BC7B53 103064 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2016-03-11 10:58:55 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\CollectOneDriveLogs.bat 2016-03-08 18:57:41 5B7B6AF7E94E972DCE4BF892ABD466B6 115200 ----a-w- C:\Windows\System32\win32k.sys 2016-03-08 18:57:40 7C6B51E0233814D401905289AFD27BC5 1390592 ----a-w- C:\Windows\System32\win32kbase.sys 2016-03-08 18:57:40 32509061F29DA432B62336A4462ADEBF 3593216 ----a-w- C:\Windows\System32\win32kfull.sys 2016-03-08 18:57:13 F45665E77D11F3C1552EDBEAD1559DC8 1997152 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2016-03-08 18:57:11 58BFFEF692A47FCE3FAAEDBC8F3DCBBB 2152288 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2016-03-08 18:57:01 33190E86460C4FF7382848187463DC28 576864 ----a-w- C:\Windows\System32\drivers\dxgmms2.sys 2016-03-08 18:57:00 CEFF59649E90987D263D96078724A54A 954368 ----a-w- C:\Windows\System32\drivers\bthport.sys 2016-03-08 18:56:53 318E816717431D3C23DC82779900C744 1089880 ----a-w- C:\Windows\System32\drivers\http.sys 2016-03-08 18:56:50 BF6CA7EA5ECD6CF72D3D76652A9B8280 144384 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2016-03-08 18:56:50 74727B8BF0227820660A79450F2D94EF 176640 ----a-w- C:\Windows\System32\drivers\rfcomm.sys 2016-03-08 18:56:50 469441BAE3FF8A16826FC62C51EF5E18 563552 ----a-w- C:\Windows\System32\drivers\acpi.sys 2016-03-08 18:56:49 F279536122B83FD0D8E158AA753E1B7C 238592 ----a-w- C:\Windows\System32\drivers\xboxgip.sys 2016-03-08 18:56:49 DBBACE77DDE8CCFD85B37B114965C385 147968 ----a-w- C:\Windows\System32\drivers\rmcast.sys 2016-03-08 18:56:48 0B3B0C1D86050355676640488FA897D3 430944 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2016-03-08 18:56:47 70165A0A2653FB8AFDE3D85000727F29 277856 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2016-03-08 18:56:46 F871CE85AF64D81A9CB6C361CF797144 185184 ----a-w- C:\Windows\System32\drivers\dumpsd.sys 2016-03-08 18:56:46 DBACD4E4FE191D0CE7C624ACA389535E 29696 ----a-w- C:\Windows\System32\drivers\xinputhid.sys 2016-03-08 18:56:46 A4411C522D41707D5BCA817A5BB9E30B 114688 ----a-w- C:\Windows\System32\drivers\bridge.sys 2016-03-08 18:56:46 64D4F5DE44B64B8284BADE5819B5195A 394080 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2016-03-08 18:56:45 DE6D7DC78D956928F59F7415A0F41E13 95072 ----a-w- C:\Windows\System32\drivers\sdstor.sys 2016-03-08 18:56:45 1A490555FD330CA2764D89191177C867 285696 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2016-03-08 18:56:44 C24C27FDF93B85A4EFCF25F830253AA2 117248 ----a-w- C:\Windows\System32\drivers\capimg.sys 2016-03-08 18:56:44 A1105260EEEE3DBD8D38FD054B22BD00 604928 ----a-w- C:\Windows\System32\drivers\cng.sys 2016-03-08 18:56:43 EDDB0D726DBECDFC1DBCC6DB464E5A13 146272 ----a-w- C:\Windows\System32\drivers\appid.sys 2016-03-08 18:56:43 36417FC4F11C31C880CB428037DEDF3F 112640 ----a-w- C:\Windows\System32\drivers\bthenum.sys 2016-03-08 18:56:42 8949F77132A4F8F3BA17C6727099F002 127840 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2016-03-08 18:56:41 B7E1CAA9429E4C3E7E01CB35B97E1536 534368 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS 2016-03-08 18:56:41 7D8B9214692C4D0F1646215D9984E19A 161632 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2016-03-08 18:56:40 CC6C1393B423EBFF9F6696CB9CC4CBCB 245760 ----a-w- C:\Windows\System32\drivers\BthLEEnum.sys 2016-03-08 18:56:39 F259A45D6B555B14CC8365AA6BC8DC20 67072 ----a-w- C:\Windows\System32\drivers\usbser.sys 2016-03-08 18:56:37 0D279373091AA1BBEEE958AAF02B5EDF 84992 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS 2016-03-08 18:56:36 E3C82823B22463BC38AA4F8ADA852624 104960 ----a-w- C:\Windows\System32\drivers\rasl2tp.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-1567209026-1636312064-3747786047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Michael\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_USERS\S-1-5-21-1567209026-1636312064-3747786047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Michael\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4" "DAX2_APP"="C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe -Hide" "COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"="C:\Program Files\COMODO\COMODO Internet Security\cistray.exe" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\PDVDServ12 Task" [C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe] "C:\Windows\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe] "C:\Windows\SysNative\tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}" ["C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"] "C:\Windows\SysNative\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"] "C:\Windows\SysNative\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [11/03/2016 12:29] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [11/03/2016 12:29] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[11/03/2016 12:27] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://lenovo15.msn.com/?pc=LCTE" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://lenovo15.msn.com/?pc=LCTE" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [OneDrive] "C:\Users\Michael\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Unknown owner - C:\Windows\system32\IntelCpHDCPSvc.exe (file missing) O23 - Service: Dolby DAX2 API Service (DAX2API) - Unknown owner - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PGFNEX Service (PGFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Michael\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Michael\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Michael\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Michael\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=25 folders=24 86990614 bytes) ==== Empty Temp Folders ====================== C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Michael\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 14/03/2016 at 16:24:09,89 ======================