API tools faq
paste
Advertisement
Guest User

Mark-zoek

a guest
Mar 12th, 2016
25
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 62.48 KB | None | 0 0
raw download clone embed print report
  1.  
  2. Zoek.exe v5.0.0.1 Updated 31-December-2015
  3. Tool run by rterr on Sat 03/12/2016 at 7:16:50.59.
  4. Microsoft Windows 10 Home 10.0.10586 x64
  5. Running in: Normal Mode Internet Access Detected
  6. Launched: C:\Users\rterr\Desktop\zoek.exe [Scan all users] [Checkboxes used]
  7.  
  8. ==== System Restore Info ======================
  9.  
  10. 3/12/2016 7:19:55 AM Zoek.exe System Restore Point Created Successfully.
  11.  
  12. ==== Running Processes ======================
  13.  
  14. C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
  15. c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
  16. C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
  17. C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\N360.exe
  18. C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
  19. C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  20. C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
  21. C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\N360.exe
  22. C:\Program Files (x86)\TeamViewer\TeamViewer.exe
  23. C:\Program Files (x86)\TeamViewer\tv_w32.exe
  24. C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
  25. C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
  26. C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
  27. C:\Users\rterr\AppData\Local\Microsoft\OneDrive\OneDrive.exe
  28. C:\Program Files (x86)\Skype\Phone\Skype.exe
  29. C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
  30. C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
  31. C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  32. C:\Users\rterr\Desktop\zoek.exe
  33. C:\WINDOWS\SysWOW64\cmd.exe
  34. C:\WINDOWS\SysWOW64\cmd.exe
  35. C:\WINDOWS\SysWOW64\cmd.exe
  36.  
  37. ==== System Specs ======================
  38.  
  39. Windows: Windows Version 6.2 (Build 9200)
  40. Memory (RAM): 8050 MB
  41. CPU Info: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz
  42. CPU Speed: 1629.3 MHz
  43. Sound Card: Speaker/HP (Realtek High Defini |
  44. Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | Intel(R) HD Graphics
  45. Monitors: 1x; Generic PnP Monitor |
  46. Screen Resolution: 1600 X 900 - 32 bit
  47. Network: Network Present
  48. Network Adapters: Realtek RTL8188EE 802.11 bgn Wi-Fi Adapter | Realtek PCIe FE Family Controller | Microsoft Wi-Fi Direct Virtual Adapter
  49. CD / DVD Drives: 1x (E: | ) E: hp DVDRW DU8A6SH
  50. Ports: COM Ports NOT Present. LPT Port NOT Present.
  51. Mouse: 5 Button Wheel Mouse Present
  52. Hard Disks: C: 908.9GB | D: 21.3GB
  53. Hard Disks - Free: C: 852.7GB | D: 2.5GB
  54. Manufacturer *: Insyde
  55. BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 3
  56. Time Zone: Eastern Standard Time
  57. Motherboard *: HP 809D
  58. Country: United States
  59. Language: ENU
  60.  
  61. ==== System Specs (Software) ======================
  62.  
  63. Default Browser: Firefox 43.0.3
  64. Internet Explorer Version: 11.162.10586.0
  65. Mozilla Firefox version: 43.0.3 (x86 en-US)
  66. Google Chrome version: 48.0.2564.116
  67. Flash Player version: 21.0.0.182
  68. Shockwave Player version: 12.1.7r157
  69.  
  70. ==== Files Recently Created / Modified ======================
  71.  
  72. ====== C:\WINDOWS ====
  73. ====== C:\Users\rterr\AppData\Local\Temp ====
  74. ====== Java Cache =====
  75. ====== C:\WINDOWS\SysWOW64 =====
  76. 2016-03-12 01:17:09 498BD12B38B549887D9E856EB734354E 106928 ----a-w- C:\WINDOWS\SysWOW64\GEARAspi.dll
  77. 2016-03-09 03:58:00 D641F5B6C115C334FD990827979028F3 18677760 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll
  78. 2016-03-09 03:57:58 00CE414BA74B576960B559C8C2674106 19339776 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll
  79. 2016-03-09 03:57:51 780795062541AF34415CCCE4072FBBB8 12586496 ----a-w- C:\WINDOWS\SysWOW64\wmp.dll
  80. 2016-03-09 03:57:49 C97B5BEADC79FFC5DAF1C9011CAE796B 5242496 ----a-w- C:\WINDOWS\SysWOW64\windows.storage.dll
  81. 2016-03-09 03:57:49 05B81C404A34101E1DC17C0D9A67EA32 5321728 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
  82. 2016-03-09 03:57:48 AA20E6BCDC5A617F4333EE5EEE3CC79E 5661696 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll
  83. 2016-03-09 03:57:43 2BECAD7E55AB723F361254477270ED2F 1707520 ----a-w- C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
  84. 2016-03-09 03:57:40 2D0C2AB110A51895D9D1E875201013DE 1557768 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll
  85. 2016-03-09 03:57:38 A34EDEA5F401143A0190642EABA28518 709688 ----a-w- C:\WINDOWS\SysWOW64\mfsvr.dll
  86. 2016-03-09 03:57:38 4B9DE8EAA2E16C34E018749F325BAEFF 949248 ----a-w- C:\WINDOWS\SysWOW64\Unistore.dll
  87. 2016-03-09 03:57:37 C012CE3AB0120D01C75EDBB869AC463E 523752 ----a-w- C:\WINDOWS\SysWOW64\dxgi.dll
  88. 2016-03-09 03:57:37 A8EF9AEDACF24908E12E910BF3977DC9 703840 ----a-w- C:\WINDOWS\SysWOW64\WWAHost.exe
  89. 2016-03-09 03:57:36 EB5DBA11B7C79B28A759AF12F03A17BB 769536 ----a-w- C:\WINDOWS\SysWOW64\ContactApis.dll
  90. 2016-03-09 03:57:36 DB6C9645A16676FDE0D730CB05D8F6E1 1443328 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll
  91. 2016-03-09 03:57:36 B073C14F8B76DF8652415488C22F10A1 670928 ----a-w- C:\WINDOWS\SysWOW64\mfds.dll
  92. 2016-03-09 03:57:36 AD1B282BDE4A19D7CE2D405409DBB8D0 1497088 ----a-w- C:\WINDOWS\SysWOW64\WMPDMC.exe
  93. 2016-03-09 03:57:35 952D6065F133D9525B399E6274CFE027 793600 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll
  94. 2016-03-09 03:57:34 CA57FE09C1255009C9AC1462B7D7264D 957608 ----a-w- C:\WINDOWS\SysWOW64\ole32.dll
  95. 2016-03-09 03:57:34 620737C11CD32E03299E0B60BC896230 552960 ----a-w- C:\WINDOWS\SysWOW64\AppointmentApis.dll
  96. 2016-03-09 03:57:33 EC21FC40C74206DAB19F1A8F9132EFAB 890368 ----a-w- C:\WINDOWS\SysWOW64\AppxPackaging.dll
  97. 2016-03-09 03:57:33 9B60985A87BA2FED9F57DA30F191098E 315904 ----a-w- C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
  98. 2016-03-09 03:57:32 C406A5FDC8A1ECF2A9632F302B7D0EC3 294752 ----a-w- C:\WINDOWS\SysWOW64\msv1_0.dll
  99. 2016-03-09 03:57:32 38EE252AD45EB7D6834F718B9487D3F9 538736 ----a-w- C:\WINDOWS\SysWOW64\wer.dll
  100. 2016-03-09 03:57:31 856AD15FD2D187EA8435564A135C85C0 228352 ----a-w- C:\WINDOWS\SysWOW64\deviceaccess.dll
  101. 2016-03-09 03:57:30 D1817C1F148C21EC4403186D731DF042 540752 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe
  102. 2016-03-09 03:57:30 AC42505CBCEE5825BB2695C34E43B1D0 184832 ----a-w- C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
  103. 2016-03-09 03:57:30 65D0043F608A12AF75ED37A65AFB906B 342528 ----a-w- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
  104. 2016-03-09 03:57:29 4D2E3D6BC01E7A5E9C6F9AFDBFAF98BB 220064 ----a-w- C:\WINDOWS\SysWOW64\sqmapi.dll
  105. 2016-03-09 03:57:28 395F9E50709FAE503C339047207E46CF 540160 ----a-w- C:\WINDOWS\SysWOW64\ChatApis.dll
  106. 2016-03-09 03:57:27 DD73501C379ABF585DC7CC1765BE8E2E 303104 ----a-w- C:\WINDOWS\SysWOW64\atmfd.dll
  107. 2016-03-09 03:57:27 5A212173FC0622865F409B16ED77C9DF 98304 ----a-w- C:\WINDOWS\SysWOW64\AppointmentActivation.dll
  108. 2016-03-09 03:57:27 4591BC3EC5FD8336642F8B94EABD4D4F 187744 ----a-w- C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
  109. 2016-03-09 03:57:27 160CC95D34D62B6A72F9E4E3EE52EBCC 369664 ----a-w- C:\WINDOWS\SysWOW64\FirewallAPI.dll
  110. 2016-03-09 03:57:25 56315A6A6598E701BB0A5F506DA6143E 200704 ----a-w- C:\WINDOWS\SysWOW64\cemapi.dll
  111. 2016-03-09 03:57:25 2C84609F09FD003FA955567D395EEA8A 575488 ----a-w- C:\WINDOWS\SysWOW64\EmailApis.dll
  112. 2016-03-09 03:57:23 B315EB17077EF082A79922D4EA47DBF4 163328 ----a-w- C:\WINDOWS\SysWOW64\fwbase.dll
  113. 2016-03-09 03:57:23 3547D79A60007624BFEBAFCAE158E992 169984 ----a-w- C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
  114. 2016-03-09 03:57:20 8CE4D365EF60DA0A098757371DD43752 88576 ----a-w- C:\WINDOWS\SysWOW64\olepro32.dll
  115. 2016-03-09 03:57:20 05B15BD9C92BE52F35A2295B22C5D892 168448 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
  116. 2016-03-09 03:57:18 97E96ABEBCB6CF556406781C47C5282A 78848 ----a-w- C:\WINDOWS\SysWOW64\asycfilt.dll
  117. 2016-03-09 03:57:18 7A2A3BAAA05C8124D95B2915E904F900 141664 ----a-w- C:\WINDOWS\SysWOW64\wermgr.exe
  118. 2016-03-09 03:57:18 43AE8C9F7D031AB3DBEADA4C17D8C682 150528 ----a-w- C:\WINDOWS\SysWOW64\VCardParser.dll
  119. 2016-03-09 03:57:17 3B1F2F6F89F3F4ED75C5FADDB2E7CFE1 56320 ----a-w- C:\WINDOWS\SysWOW64\POSyncServices.dll
  120. 2016-03-09 03:57:17 259517866C369BCC5990292BCB57E709 223744 ----a-w- C:\WINDOWS\SysWOW64\ExSMime.dll
  121. 2016-03-09 03:57:17 15E75D27F0C67A7A21D5A514601F0E5A 135168 ----a-w- C:\WINDOWS\SysWOW64\AppxSip.dll
  122. 2016-03-09 03:57:15 242708810A22D373904539EDF39FFAD1 196608 ----a-w- C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
  123. 2016-03-09 03:57:14 E34395496B11CF5C8C5B6D2E438BFA43 18944 ----a-w- C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
  124. 2016-03-09 03:57:14 93B7ED5F44D9C3FB0A74C059E1B9E68B 89088 ----a-w- C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
  125. 2016-03-09 03:57:13 CA2EA5401563387162E61444AE15AF59 53248 ----a-w- C:\WINDOWS\SysWOW64\profext.dll
  126. 2016-03-09 03:57:13 75B5C1588D3703F44004D3EB2BD358AD 129024 ----a-w- C:\WINDOWS\SysWOW64\CallHistoryClient.dll
  127. 2016-03-09 03:57:13 1AEBF2230422716D8CE1BEBCBAE961D3 48128 ----a-w- C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
  128. 2016-03-09 03:57:12 39E7BAB659A6AB4419A908E578BE7029 56320 ----a-w- C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
  129. 2016-03-09 03:57:12 392434472351B2DA0499AEC962E988CE 37888 ----a-w- C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
  130. 2016-03-09 03:57:11 31657EDEEA6039E71C708BDA61AB62D5 37888 ----a-w- C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
  131. 2016-03-09 03:57:08 7734BD0E9C8ED7DC48F559A67D0A79F4 20480 ----a-w- C:\WINDOWS\SysWOW64\wfapigp.dll
  132. 2016-03-09 03:57:07 EBD26D676238C0B3938AFF925043576F 394752 ----a-w- C:\WINDOWS\SysWOW64\werui.dll
  133. 2016-03-09 03:57:07 9DEB4C56FAAB147839BF68B6C28A38FC 164864 ----a-w- C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
  134. 2016-03-09 03:57:06 978D6640C869D7FA4FCDD877E4A5C2C7 93696 ----a-w- C:\WINDOWS\SysWOW64\fontsub.dll
  135. 2016-03-09 03:57:06 6FA3485DB4DE58EE9E73597CAC493AB4 37376 ----a-w- C:\WINDOWS\SysWOW64\atmlib.dll
  136. 2016-03-01 21:56:12 C23A52581FEA6CD49A49160BFA794BF7 6952088 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
  137. 2016-03-01 21:56:08 64B0C2833EB2501DAE37C0A9700BF48F 45568 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll
  138. 2016-03-01 21:56:06 F7447D7EDE2E9F4FEC87143F5CC021F5 65536 ----a-w- C:\WINDOWS\SysWOW64\wininetlui.dll
  139. 2016-03-01 21:56:06 E83DA16178E4E97B572900803183419D 1542816 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll
  140. 2016-03-01 21:56:06 CF342DCC0B8053DCABA7C5D30BE4B5C3 1500672 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll
  141. 2016-03-01 21:56:06 594B272EA8C34067CD74AAE90EFFBE88 1626624 ----a-w- C:\WINDOWS\SysWOW64\dwmcore.dll
  142. 2016-03-01 21:56:06 44F1D7984F8B7739EF7EF50DEC6B41B9 2229760 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll
  143. 2016-03-01 21:56:05 7BB6C35792323E4761AC6624E2D42397 12125696 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll
  144. 2016-03-01 21:56:05 22269B90E92BECDEB3D67EBE1DDB378E 3666432 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll
  145. 2016-03-01 21:55:53 1ECA3CCBC61038D780FC179C9CB5F0CA 1944576 ----a-w- C:\WINDOWS\SysWOW64\InputService.dll
  146. 2016-03-01 21:55:52 76B9CA3DF18D9E116051652EB4CD2FF2 9919488 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll
  147. 2016-03-01 21:55:48 0C60922D59461C8D1B0A2AA3CF493438 21124344 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll
  148. 2016-03-01 21:55:35 162CB5DE3BAB5A029E658180A2E0673A 2919320 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll
  149. 2016-03-01 21:55:31 5D676C1C350EA4976B888804444932CE 2061312 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll
  150. 2016-03-01 21:55:29 CE9B87CDE4D7BCEA229D676720E28C6B 1859960 ----a-w- C:\WINDOWS\SysWOW64\CoreUIComponents.dll
  151. 2016-03-01 21:55:29 6DFDAD2B0EA3385069276DF547F4CAC8 2186864 ----a-w- C:\WINDOWS\SysWOW64\d3d11.dll
  152. 2016-03-01 21:55:23 C117F577BB0CC6545EA181FBB3FACE99 980352 ----a-w- C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
  153. 2016-03-01 21:55:23 49CF99392314B7CAD65DE8A05ABFE30D 882720 ----a-w- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
  154. 2016-03-01 21:55:22 AF209F751EB761084CEFE2CF10E1CE8D 895080 ----a-w- C:\WINDOWS\SysWOW64\mfsrcsnk.dll
  155. 2016-03-01 21:55:19 888D41F5EFD6995491326C0DEEA2124A 713824 ----a-w- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
  156. 2016-03-01 21:55:18 B65549A1CDB2C827AD022A3F35994FCF 2180136 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll
  157. 2016-03-01 21:55:17 C8F351BE29CEA63BC5EE5A175576B7F3 1105920 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
  158. 2016-03-01 21:55:15 A43688711B5DA91ED9FC159BB8F8AF14 646656 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
  159. 2016-03-01 21:55:14 B014F98BEE810D5BF9F8C1C75F0EAD92 489984 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.dll
  160. 2016-03-01 21:55:13 053E2D136DB8A4743E4C40D5D979834B 200704 ----a-w- C:\WINDOWS\SysWOW64\DisplayManager.dll
  161. 2016-03-01 21:55:11 8C2E49ACD2A820A3FA7C598B811F3803 450912 ----a-w- C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
  162. 2016-03-01 21:55:11 7F0A9630C78E3783680CC9620C4E09C0 6740992 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll
  163. 2016-03-01 21:55:10 D8DA5B9D54225B46242011154C9E417A 133632 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
  164. 2016-03-01 21:55:09 C9B1E5A2FE0C7BF75B8B751311331EB4 2604032 ----a-w- C:\WINDOWS\SysWOW64\CertEnroll.dll
  165. 2016-03-01 21:55:09 0C39C1CC2ABC5D88D586EA0D86E79EEE 2793472 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll
  166. 2016-03-01 21:55:08 964DE3052B6A869EFBC86930DD51E8BD 379392 ----a-w- C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
  167. 2016-03-01 21:55:08 5A98CF000F5202776E4A58438AB2E070 4412928 ----a-w- C:\WINDOWS\SysWOW64\ExplorerFrame.dll
  168. 2016-03-01 21:55:07 FC90756CB632C0E4AC0D6A60AF2DF9AD 585216 ----a-w- C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
  169. 2016-03-01 21:55:05 C86784A6F08E733BE19D62C82182FA7D 266752 ----a-w- C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
  170. 2016-03-01 21:55:04 550ECFF3C3808065169BFEA6C2B7837C 400896 ----a-w- C:\WINDOWS\SysWOW64\winspool.drv
  171. 2016-03-01 21:55:03 8BD7A79F9A8FF011B89A61C8AC796988 502112 ----a-w- C:\WINDOWS\SysWOW64\NetSetupEngine.dll
  172. 2016-03-01 21:54:59 F40196C743D54C56C7C2CCDD6FDE262E 572272 ----a-w- C:\WINDOWS\SysWOW64\taskschd.dll
  173. 2016-03-01 21:54:59 3BFCD46B7D67D0B137BD54C2BE644C4A 161280 ----a-w- C:\WINDOWS\SysWOW64\InstallAgent.exe
  174. 2016-03-01 21:54:58 6DA0B412C0DD9DDB5382527488A5AD2E 237056 ----a-w- C:\WINDOWS\SysWOW64\thumbcache.dll
  175. 2016-03-01 21:54:57 E43400F37F8F0FA9281FEB64E3D7F72B 754176 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncCore.dll
  176. 2016-03-01 21:54:57 463DA1563BB9C1849527967BA80C1810 287712 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
  177. 2016-03-01 21:54:56 FABAF2C5E74BA9ADC07D28BB03F5C32A 349696 ----a-w- C:\WINDOWS\SysWOW64\NetSetupShim.dll
  178. 2016-03-01 21:54:55 E3C2853C8F2EED113646F07D62D08C9E 503296 ----a-w- C:\WINDOWS\SysWOW64\SettingSync.dll
  179. 2016-03-01 21:54:54 A7583A49B0F4A91E5B2E154C3582DF82 420928 ----a-w- C:\WINDOWS\SysWOW64\msvproc.dll
  180. 2016-03-01 21:54:52 3249EA75874EE3DD3FCBA141656DF210 713728 ----a-w- C:\WINDOWS\SysWOW64\netlogon.dll
  181. 2016-03-01 21:54:51 A19A2DDCC69FF16B5FB68AD4F02B564A 480256 ----a-w- C:\WINDOWS\SysWOW64\MCRecvSrc.dll
  182. 2016-03-01 21:54:51 100E983F59F3BF3A3F8BFA327CF9B438 157184 ----a-w- C:\WINDOWS\SysWOW64\WiFiDisplay.dll
  183. 2016-03-01 21:54:50 42248856CC8A2AE6642B5D1B170EAB35 450560 ----a-w- C:\WINDOWS\SysWOW64\SyncController.dll
  184. 2016-03-01 21:54:43 9DB69A637142A6C72DF22706CF2F6F7B 31744 ----a-w- C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
  185. 2016-03-01 21:54:42 88D538838692B2D66514301CCB37B4E7 83456 ----a-w- C:\WINDOWS\SysWOW64\InputLocaleManager.dll
  186. 2016-03-01 21:54:42 197948552BE23DACBEF10ECC8168FD11 29696 ----a-w- C:\WINDOWS\SysWOW64\LaunchWinApp.exe
  187. ====== C:\WINDOWS\SysWOW64\drivers =====
  188. ====== C:\WINDOWS\Sysnative =====
  189. 2016-03-12 01:17:09 5C7B8533FEC9E65368D14965EC4C9D8A 125872 ----a-w- C:\WINDOWS\Sysnative\GEARAspi64.dll
  190. 2016-03-11 18:45:12 CCBD7980E8617C364B9A1AE022FF4603 275368 ----a-w- C:\WINDOWS\Sysnative\mfevtps.exe
  191. 2016-03-09 03:58:05 3ED081A1F371E63BC6DA0327E1E51D22 22376960 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll
  192. 2016-03-09 03:58:04 83012CF88DF6EC835B2308941B47CA8A 7474528 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe
  193. 2016-03-09 03:58:03 722FA682ED9EA8B85FA843A5C8F39E61 2273792 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll
  194. 2016-03-09 03:58:02 32509061F29DA432B62336A4462ADEBF 3593216 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys
  195. 2016-03-09 03:58:01 408E62A03168C0016B986C80ECFD088C 24600576 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll
  196. 2016-03-09 03:57:56 6E04BBE242E2889B37300C4DF5CE1126 3449168 ----a-w- C:\WINDOWS\Sysnative\WSService.dll
  197. 2016-03-09 03:57:55 3E80E2B0C0010154CC504DC51BE21968 14252544 ----a-w- C:\WINDOWS\Sysnative\wmp.dll
  198. 2016-03-09 03:57:54 797497201A406D6CFDB72FE0545F990C 6972416 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll
  199. 2016-03-09 03:57:52 EB850DDF36D7462F1ADC1B6A329CE266 7835648 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll
  200. 2016-03-09 03:57:50 597AA6F5B21B1B15C87982FAFD1555EE 6607080 ----a-w- C:\WINDOWS\Sysnative\windows.storage.dll
  201. 2016-03-09 03:57:44 E4AFFF129D51A779B75164CB6D077FC1 1831936 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll
  202. 2016-03-09 03:57:43 6F9775D843AA4595A3F60A60829B11A9 1098752 ----a-w- C:\WINDOWS\Sysnative\dosvc.dll
  203. 2016-03-09 03:57:43 6855984AA46D2452A7C518787E1F2643 1996288 ----a-w- C:\WINDOWS\Sysnative\ActiveSyncProvider.dll
  204. 2016-03-09 03:57:40 92F74BF86088520654BD5636A69E37F1 848168 ----a-w- C:\WINDOWS\Sysnative\mfsvr.dll
  205. 2016-03-09 03:57:40 7C6B51E0233814D401905289AFD27BC5 1390592 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys
  206. 2016-03-09 03:57:39 39D5E08E69BFC5CBFA94EE09656D6427 1713664 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll
  207. 2016-03-09 03:57:39 15D174719872A30F2FDD6B5B1B8BA5D9 1613664 ----a-w- C:\WINDOWS\Sysnative\diagtrack.dll
  208. 2016-03-09 03:57:39 0088614FE67298E6996AD19B05AE90C7 1997328 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll
  209. 2016-03-09 03:57:38 D169A4C1EDA2F63545628420014F2FE3 808800 ----a-w- C:\WINDOWS\Sysnative\WWAHost.exe
  210. 2016-03-09 03:57:38 21098276051C6BEBBA7C8EB79AAF4E22 938496 ----a-w- C:\WINDOWS\Sysnative\ContactApis.dll
  211. 2016-03-09 03:57:37 CB902A15DD21B363FECA5DCCF34F5C57 1224704 ----a-w- C:\WINDOWS\Sysnative\Unistore.dll
  212. 2016-03-09 03:57:37 96BAB1499995B85B91C312BA5114CA03 1322248 ----a-w- C:\WINDOWS\Sysnative\ole32.dll
  213. 2016-03-09 03:57:36 BAEFEFB04D7F9A554C029FBA52A02BB8 652392 ----a-w- C:\WINDOWS\Sysnative\dxgi.dll
  214. 2016-03-09 03:57:35 45FDB4ACF680DF92D6510F77E7FF3E7F 713568 ----a-w- C:\WINDOWS\Sysnative\invagent.dll
  215. 2016-03-09 03:57:35 3932940E0DB7A31B00A415F6B3D3E242 700416 ----a-w- C:\WINDOWS\Sysnative\AppointmentApis.dll
  216. 2016-03-09 03:57:34 F7526C133AC265F283012E9CD751F873 625000 ----a-w- C:\WINDOWS\Sysnative\ClipSVC.dll
  217. 2016-03-09 03:57:34 4098813724BDAC23A74DD6E75CA360CC 450560 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Bluetooth.dll
  218. 2016-03-09 03:57:33 96B060E7FDDD6E2902282C12C3BFD6AE 630632 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe
  219. 2016-03-09 03:57:33 751F5B6AF16546162E06211AF1FC2979 794888 ----a-w- C:\WINDOWS\Sysnative\mfds.dll
  220. 2016-03-09 03:57:33 6D31FB3E4263749BD994B3895322D799 982016 ----a-w- C:\WINDOWS\Sysnative\AppxPackaging.dll
  221. 2016-03-09 03:57:33 56027D21265759F4EADD0555E7915D9A 957952 ----a-w- C:\WINDOWS\Sysnative\SRH.dll
  222. 2016-03-09 03:57:32 9CB84B6398F10BCF0CE357F2C7B6056D 286720 ----a-w- C:\WINDOWS\Sysnative\deviceaccess.dll
  223. 2016-03-09 03:57:32 8465AF051B7C887C0D163AB939FDF570 358752 ----a-w- C:\WINDOWS\Sysnative\msv1_0.dll
  224. 2016-03-09 03:57:31 3CE8EBC0B1A74A7AC639C5FAFC549CCA 436736 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentClient.dll
  225. 2016-03-09 03:57:31 333F190DFAE2E1EE500234B78ADDA297 640472 ----a-w- C:\WINDOWS\Sysnative\wer.dll
  226. 2016-03-09 03:57:30 46D84D62993CEB88542EFA438F4D6E82 167936 ----a-w- C:\WINDOWS\Sysnative\dafBth.dll
  227. 2016-03-09 03:57:30 3DF25A56F18D2AB4CF58C1300C8CD323 2158592 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
  228. 2016-03-09 03:57:29 F01ADB9BD13B60B6AB9538447F901921 365568 ----a-w- C:\WINDOWS\Sysnative\atmfd.dll
  229. 2016-03-09 03:57:29 CD8C4364BC6040C0226638EF37E13CBB 161280 ----a-w- C:\WINDOWS\Sysnative\CallHistoryClient.dll
  230. 2016-03-09 03:57:29 C78D43083400B8FAE408FEB1E99F9DA8 1847808 ----a-w- C:\WINDOWS\Sysnative\WMPDMC.exe
  231. 2016-03-09 03:57:28 61C99C1A4BB5EE14563ED321A859ACB6 726528 ----a-w- C:\WINDOWS\Sysnative\ChatApis.dll
  232. 2016-03-09 03:57:28 553F19DC6F3F73545CB17FCD7A8AE37B 870912 ----a-w- C:\WINDOWS\Sysnative\MPSSVC.dll
  233. 2016-03-09 03:57:28 2BCCAEB08EAF8C5D6BD024B3F020D0EA 790528 ----a-w- C:\WINDOWS\Sysnative\EmailApis.dll
  234. 2016-03-09 03:57:27 497EB340D13433E8FE53625103E0C2D0 146432 ----a-w- C:\WINDOWS\Sysnative\AuthBroker.dll
  235. 2016-03-09 03:57:27 215C9C65601378F56BEECDECBD1EF4AE 216416 ----a-w- C:\WINDOWS\Sysnative\AppxAllUserStore.dll
  236. 2016-03-09 03:57:26 68B34C3558BEE0F6B822FA603E9AE441 258280 ----a-w- C:\WINDOWS\Sysnative\sqmapi.dll
  237. 2016-03-09 03:57:26 47323DE2A684895004CE63EC66FB4AB4 401408 ----a-w- C:\WINDOWS\Sysnative\sharemediacpl.dll
  238. 2016-03-09 03:57:26 1D00BBEEE33FA7F64A8CBFF471968CB0 195072 ----a-w- C:\WINDOWS\Sysnative\VCardParser.dll
  239. 2016-03-09 03:57:25 B8CBDF64077D764D26E6E0255270B7BF 224256 ----a-w- C:\WINDOWS\Sysnative\PackageStateRoaming.dll
  240. 2016-03-09 03:57:24 5D88798FC34BB61C74256CDD66BDD205 318976 ----a-w- C:\WINDOWS\Sysnative\domgmt.dll
  241. 2016-03-09 03:57:23 DD57E9F1482E1A9BD2514F6D017DF58A 258560 ----a-w- C:\WINDOWS\Sysnative\UserDataAccountApis.dll
  242. 2016-03-09 03:57:23 907B65AD953EA159B573A0BCC82F6DB0 243712 ----a-w- C:\WINDOWS\Sysnative\cemapi.dll
  243. 2016-03-09 03:57:21 04F7878E7017105AB782353231561749 252928 ----a-w- C:\WINDOWS\Sysnative\PimIndexMaintenance.dll
  244. 2016-03-09 03:57:20 F66EEB5365413D4B968C5B51D25F88B8 141560 ----a-w- C:\WINDOWS\Sysnative\AuthHost.exe
  245. 2016-03-09 03:57:20 5B50521452D87A439A87B1EAEBC138C7 208896 ----a-w- C:\WINDOWS\Sysnative\storewuauth.dll
  246. 2016-03-09 03:57:20 4C3A93515CA70A7017CBA3A6A95CF080 121856 ----a-w- C:\WINDOWS\Sysnative\AppointmentActivation.dll
  247. 2016-03-09 03:57:18 E432FCF8572682126C3362AA856DC4AE 221184 ----a-w- C:\WINDOWS\Sysnative\PhoneCallHistoryApis.dll
  248. 2016-03-09 03:57:18 98112F9B965646D338896FD7B13BB32E 1173344 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll
  249. 2016-03-09 03:57:18 95D2BD6AC94FB337AF69F8AFE056BEBE 147808 ----a-w- C:\WINDOWS\Sysnative\wermgr.exe
  250. 2016-03-09 03:57:18 77B2F9C522467B1FC8770028D09534DB 91648 ----a-w- C:\WINDOWS\Sysnative\asycfilt.dll
  251. 2016-03-09 03:57:18 7185B16516478DF0061C2561C1B072CE 228352 ----a-w- C:\WINDOWS\Sysnative\wsqmcons.exe
  252. 2016-03-09 03:57:17 E78793375E53690605E4441078CCBF84 87552 ----a-w- C:\WINDOWS\Sysnative\AppxSysprep.dll
  253. 2016-03-09 03:57:17 A249C98D869623F1AF0DB4BCFFF6D2A8 68096 ----a-w- C:\WINDOWS\Sysnative\UserDataPlatformHelperUtil.dll
  254. 2016-03-09 03:57:16 AFAF7063071A1124985A63382B2BC34C 161792 ----a-w- C:\WINDOWS\Sysnative\AppxSip.dll
  255. 2016-03-09 03:57:15 FBC8C56814642A7CA88ACBCA8DD1121F 145408 ----a-w- C:\WINDOWS\Sysnative\dssvc.dll
  256. 2016-03-09 03:57:15 EEA1E99FBC7D91A1A271012F2B4567BB 60416 ----a-w- C:\WINDOWS\Sysnative\PimIndexMaintenanceClient.dll
  257. 2016-03-09 03:57:15 DEFF4C7B937F60923980D4BB7D1724B8 274944 ----a-w- C:\WINDOWS\Sysnative\ExSMime.dll
  258. 2016-03-09 03:57:15 5548D83C60E37CBB1B451A1108D4142C 513888 ----a-w- C:\WINDOWS\Sysnative\devinv.dll
  259. 2016-03-09 03:57:14 EBD07BD20B5E0E92A398566EF8720F79 31232 ----a-w- C:\WINDOWS\Sysnative\seclogon.dll
  260. 2016-03-09 03:57:14 E9B10E704AD5B1BA5E531809C89A085B 93184 ----a-w- C:\WINDOWS\Sysnative\wpninprc.dll
  261. 2016-03-09 03:57:14 E1D8055043DF089DB8ADB67C21DF2CC4 70656 ----a-w- C:\WINDOWS\Sysnative\POSyncServices.dll
  262. 2016-03-09 03:57:14 AA97AC06BFA15DA23C7C9C145A226C2D 25600 ----a-w- C:\WINDOWS\Sysnative\wfapigp.dll
  263. 2016-03-09 03:57:14 9AE80C03EA83537F17B286ECBBA13D43 184320 ----a-w- C:\WINDOWS\Sysnative\fwbase.dll
  264. 2016-03-09 03:57:14 6A5290128257BC733107E7819648CA76 526336 ----a-w- C:\WINDOWS\Sysnative\FirewallAPI.dll
  265. 2016-03-09 03:57:13 DD877B48C28AB34197AD88902971B81D 45056 ----a-w- C:\WINDOWS\Sysnative\UserDataLanguageUtil.dll
  266. 2016-03-09 03:57:13 B6877446C93D3110E56C90CF13CBEC89 45568 ----a-w- C:\WINDOWS\Sysnative\UserDataTypeHelperUtil.dll
  267. 2016-03-09 03:57:13 70BA4CAAC5D621DCE88082DA0B1FF014 23552 ----a-w- C:\WINDOWS\Sysnative\ExtrasXmlParser.dll
  268. 2016-03-09 03:57:13 3F8466CC13D1F614C8FAC24B1C030D59 214528 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Scanners.dll
  269. 2016-03-09 03:57:13 020AD2DA67F206DC160053F88454A0D4 111616 ----a-w- C:\WINDOWS\Sysnative\UserDataTimeUtil.dll
  270. 2016-03-09 03:57:10 F6B9E6CB351D86A0C318B37E14B97656 196608 ----a-w- C:\WINDOWS\Sysnative\fwpolicyiomgr.dll
  271. 2016-03-09 03:57:10 BF0B4D43097A7FEFE3F7F9EEC13C31FB 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll
  272. 2016-03-09 03:57:10 2771EBB565F5C121E66060B173991D4D 1490432 ----a-w- C:\WINDOWS\Sysnative\UserDataService.dll
  273. 2016-03-09 03:57:10 0FEE16BB03B1A97A70121165E7414903 67584 ----a-w- C:\WINDOWS\Sysnative\profext.dll
  274. 2016-03-09 03:57:09 BE8C62B0B7BBA8F1152A6A7FCF248404 915456 ----a-w- C:\WINDOWS\Sysnative\configurationclient.dll
  275. 2016-03-09 03:57:08 A74CEC306AB99D74559F7075EDB60A9B 451584 ----a-w- C:\WINDOWS\Sysnative\werui.dll
  276. 2016-03-09 03:57:08 703430E9FFF072334B247B5E88428331 288768 ----a-w- C:\WINDOWS\Sysnative\vaultcli.dll
  277. 2016-03-09 03:57:07 B37F21B4C25BF10605A196791F93E324 360448 ----a-w- C:\WINDOWS\Sysnative\vaultsvc.dll
  278. 2016-03-09 03:57:07 2C8130AFF9C3F0E99DE4B52A0A187CB3 118272 ----a-w- C:\WINDOWS\Sysnative\fontsub.dll
  279. 2016-03-09 03:57:07 023338E1DA5B6E5C2EFC7E5ADA7929C5 685568 ----a-w- C:\WINDOWS\Sysnative\scapi.dll
  280. 2016-03-09 03:57:06 52623F9ED4D00357F3874DD31BB232FD 45568 ----a-w- C:\WINDOWS\Sysnative\atmlib.dll
  281. 2016-03-01 21:56:14 2DDEA2BEDD3169F483C9BE610ADFE8B1 8705672 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Protection.PlayReady.dll
  282. 2016-03-01 21:56:03 9A3D731707AC0059E0ACBD4E8CDF46E6 1731584 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll
  283. 2016-03-01 21:56:03 80021DC2AF64B92F3FA8935C0D5C81D7 69632 ----a-w- C:\WINDOWS\Sysnative\wininetlui.dll
  284. 2016-03-01 21:56:03 6807A6D971AA7A26245397ADDFE3B5D8 2755584 ----a-w- C:\WINDOWS\Sysnative\wininet.dll
  285. 2016-03-01 21:56:02 C62ACC8B1B1136464583F871EBB4ACE1 1946624 ----a-w- C:\WINDOWS\Sysnative\dwmcore.dll
  286. 2016-03-01 21:56:01 40D666AEFB8775F25AA403EDB5D2414E 4894208 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll
  287. 2016-03-01 21:56:01 2985697A74DE409D53C6ACD2CD30FDAA 1818696 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll
  288. 2016-03-01 21:56:00 54E585CFCD208E460A70D1356CD489BE 13382656 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll
  289. 2016-03-01 21:55:54 6E0BFE7FAFAC7B5D0C13062D5884B135 369912 ----a-w- C:\WINDOWS\Sysnative\audiodg.exe
  290. 2016-03-01 21:55:53 FEBBA212353E4FA90C6164AA970B772F 536256 ----a-w- C:\WINDOWS\Sysnative\AudioSes.dll
  291. 2016-03-01 21:55:53 7489ACBF86C3774E7EF0DC8C7616B07E 641536 ----a-w- C:\WINDOWS\Sysnative\enterprisecsps.dll
  292. 2016-03-01 21:55:53 42BF7FA295F453618104B5A50BEE105B 275456 ----a-w- C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll
  293. 2016-03-01 21:55:52 9610CE53A9ED0789C8B669A5F86008F7 1054208 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll
  294. 2016-03-01 21:55:51 FF0F6AAD313DCD878D2ECF1BA0B32478 2624512 ----a-w- C:\WINDOWS\Sysnative\InputService.dll
  295. 2016-03-01 21:55:50 043051E7D39381BC1DCA5B25236BBA72 11545600 ----a-w- C:\WINDOWS\Sysnative\twinui.dll
  296. 2016-03-01 21:55:45 F8083C536BEDE61AFB4069D8A8C16DA7 456704 ----a-w- C:\WINDOWS\Sysnative\ipnathlp.dll
  297. 2016-03-01 21:55:45 20E6B1B1F23615B5CF21AC3CE0A2E227 52224 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll
  298. 2016-03-01 21:55:44 F3FE9C939D684607118E306B98CEBBBC 22564328 ----a-w- C:\WINDOWS\Sysnative\shell32.dll
  299. 2016-03-01 21:55:33 E7588419770BDDB510741F734D290E27 1318912 ----a-w- C:\WINDOWS\Sysnative\wifinetworkmanager.dll
  300. 2016-03-01 21:55:31 EB05F5368F8BBF75157B87FD1F689167 2581504 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll
  301. 2016-03-01 21:55:31 50007CDB0F9801A7186F3E81D3377D12 2773096 ----a-w- C:\WINDOWS\Sysnative\d3d11.dll
  302. 2016-03-01 21:55:30 9953FA89A4E3BC33296DAFB1ACFDC62F 617984 ----a-w- C:\WINDOWS\Sysnative\StorSvc.dll
  303. 2016-03-01 21:55:30 8CDC28FB78253481353A882FA3139FBB 2654872 ----a-w- C:\WINDOWS\Sysnative\CoreUIComponents.dll
  304. 2016-03-01 21:55:29 F07301C282AA222C33F8C28B4F545275 591872 ----a-w- C:\WINDOWS\Sysnative\SmsRouterSvc.dll
  305. 2016-03-01 21:55:28 468D29ECE0AD7700B790A20FA2765313 408120 ----a-w- C:\WINDOWS\Sysnative\AUDIOKSE.dll
  306. 2016-03-01 21:55:25 669F733F85FEBE6F7438C66CBF7FD3FD 1062480 ----a-w- C:\WINDOWS\Sysnative\mfmp4srcsnk.dll
  307. 2016-03-01 21:55:23 218CEC10714AF029BF4D8BCE600AD1DA 819648 ----a-w- C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll
  308. 2016-03-01 21:55:22 BD70B866034C1366D74CCBB5CA97395E 2544264 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll
  309. 2016-03-01 21:55:22 350CFCC870E30BEE151F3DFB83BD0178 1017032 ----a-w- C:\WINDOWS\Sysnative\mfsrcsnk.dll
  310. 2016-03-01 21:55:21 DAB53783AD08864E873A6B7B874D1783 3671888 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll
  311. 2016-03-01 21:55:21 417D1526811D9646A7E8779209F11361 1213440 ----a-w- C:\WINDOWS\Sysnative\wwansvc.dll
  312. 2016-03-01 21:55:20 A407435633C74CB1D6911DC05A90D939 2912256 ----a-w- C:\WINDOWS\Sysnative\CertEnroll.dll
  313. 2016-03-01 21:55:18 FA7FE5ECB4E0103F132BB00E526E67EF 852480 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll
  314. 2016-03-01 21:55:18 D79FFE2219AE3BA3B871BA2D39B16519 1152328 ----a-w- C:\WINDOWS\Sysnative\mfasfsrcsnk.dll
  315. 2016-03-01 21:55:18 C9BFE1D6420BFADB249162039C321F63 1131520 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Audio.dll
  316. 2016-03-01 21:55:17 EA195B8BC11C1CDB313CFD456EFFA0E9 997376 ----a-w- C:\WINDOWS\Sysnative\schedsvc.dll
  317. 2016-03-01 21:55:16 7118498F6E48758A2EF5A7D1982E2B62 1139712 ----a-w- C:\WINDOWS\Sysnative\XblGameSave.dll
  318. 2016-03-01 21:55:16 405A419F4CDAC3C18F91FEDBD146C0A8 948736 ----a-w- C:\WINDOWS\Sysnative\XblAuthManager.dll
  319. 2016-03-01 21:55:15 91038CB7820CFB27E7C9D10320307301 1390080 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll
  320. 2016-03-01 21:55:15 3EEB5260D4321F7F124955E1D228FDF2 274944 ----a-w- C:\WINDOWS\Sysnative\DisplayManager.dll
  321. 2016-03-01 21:55:15 186BAF9C9F422E6B784E4C990585E2E3 673792 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.dll
  322. 2016-03-01 21:55:14 2989A5B700D1C706ED496CCA75DCFA67 7533568 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll
  323. 2016-03-01 21:55:13 E9A0D466F6D8EC349DB526146618BCB6 606720 ----a-w- C:\WINDOWS\Sysnative\wcmsvc.dll
  324. 2016-03-01 21:55:13 9C4C3EB6A2371A2038E2BB3A9D54CDE0 498448 ----a-w- C:\WINDOWS\Sysnative\MFCaptureEngine.dll
  325. 2016-03-01 21:55:13 63F861960D2EA541831072D88E08EABA 3425792 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll
  326. 2016-03-01 21:55:12 5B5F518D6487FDCC9C40A74D3C72B8EE 828928 ----a-w- C:\WINDOWS\Sysnative\Windows.AccountsControl.dll
  327. 2016-03-01 21:55:12 1D445E497D7BE9566D51BD60CA8B8CE7 175616 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Core.TextInput.dll
  328. 2016-03-01 21:55:11 5C6B3AFF685A17163315276E86CE173E 696160 ----a-w- C:\WINDOWS\Sysnative\NetSetupEngine.dll
  329. 2016-03-01 21:55:10 5CBB046266CD7CD1593354C93BCDBE91 870400 ----a-w- C:\WINDOWS\Sysnative\modernexecserver.dll
  330. 2016-03-01 21:55:08 F0D97E9816795E1AAA17396ABD2660C4 4827136 ----a-w- C:\WINDOWS\Sysnative\ExplorerFrame.dll
  331. 2016-03-01 21:55:07 C64B693DF26EB7BFF25F9BAD8B54D571 649216 ----a-w- C:\WINDOWS\Sysnative\ngcsvc.dll
  332. 2016-03-01 21:55:07 610D0502400BDAFD4BB8EA10713234C7 74240 ----a-w- C:\WINDOWS\Sysnative\SMSRouter.dll
  333. 2016-03-01 21:55:07 04BB77409644685810DBD63D86F5720E 99328 ----a-w- C:\WINDOWS\Sysnative\ngckeyenum.dll
  334. 2016-03-01 21:55:06 C3F15E167CB84E2E6027AF17D49D5904 372224 ----a-w- C:\WINDOWS\Sysnative\MDEServer.exe
  335. 2016-03-01 21:55:06 1C8474EF741ABA77E53BE94DE8E89D26 990720 ----a-w- C:\WINDOWS\Sysnative\SettingSyncCore.dll
  336. 2016-03-01 21:55:05 D20C52607024BD08A88CF1CA6B339C9B 517632 ----a-w- C:\WINDOWS\Sysnative\winspool.drv
  337. 2016-03-01 21:55:05 48E90F12346EE70764CEE435826ABD31 493568 ----a-w- C:\WINDOWS\Sysnative\mfmkvsrcsnk.dll
  338. 2016-03-01 21:55:04 A80237F337639402450C5F6CE9B75C94 474624 ----a-w- C:\WINDOWS\Sysnative\NetSetupShim.dll
  339. 2016-03-01 21:55:04 717FDDACE38C314CA5A517E12162CC6D 216576 ----a-w- C:\WINDOWS\Sysnative\QuickActionsDataModel.dll
  340. 2016-03-01 21:55:04 3D58D04A9269CE21B61960544A05573D 204288 ----a-w- C:\WINDOWS\Sysnative\NetSetupSvc.dll
  341. 2016-03-01 21:55:03 7E81E3E0D7F83BFE3C3975020B6C7F12 163840 ----a-w- C:\WINDOWS\Sysnative\TimeBrokerServer.dll
  342. 2016-03-01 21:55:03 6E76BB89EED6C2BD7B1E7B5F9A1C41F0 320000 ----a-w- C:\WINDOWS\Sysnative\MSFlacDecoder.dll
  343. 2016-03-01 21:55:03 69B6B69C95E1FBDC796F5B2019A8B24D 791744 ----a-w- C:\WINDOWS\Sysnative\generaltel.dll
  344. 2016-03-01 21:55:02 FF07BE14ED82E218C3EEE7C986118A2E 307712 ----a-w- C:\WINDOWS\Sysnative\usbmon.dll
  345. 2016-03-01 21:55:02 D12D3DD397A35EF06CDF41C1A9E3EE45 613376 ----a-w- C:\WINDOWS\Sysnative\SettingSync.dll
  346. 2016-03-01 21:55:02 9BE5ECE2F17B3BEDE6FDE1175BD23266 376536 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.MediaControl.dll
  347. 2016-03-01 21:55:02 6817CD1A33EB94CDE8FBBCB7E3C4E469 1317640 ----a-w- C:\WINDOWS\Sysnative\winload.efi
  348. 2016-03-01 21:55:02 557496EE056CEF8D1D569D2663BC701F 988160 ----a-w- C:\WINDOWS\Sysnative\SharedStartModel.dll
  349. 2016-03-01 21:55:01 8EC4F381818F8A073DEC52C6D1ED9C76 86016 ----a-w- C:\WINDOWS\Sysnative\DeviceEnroller.exe
  350. 2016-03-01 21:55:01 453740989239803FE363FF8B40EA2E08 2295808 ----a-w- C:\WINDOWS\Sysnative\wlansvc.dll
  351. 2016-03-01 21:55:01 29C0CB42B16F323AB8003A73B7E81DD5 1141504 ----a-w- C:\WINDOWS\Sysnative\winload.exe
  352. 2016-03-01 21:55:00 EAB4B1DD5E18EE57853ACD0156AE92E6 199168 ----a-w- C:\WINDOWS\Sysnative\InstallAgent.exe
  353. 2016-03-01 21:55:00 A9073B21B807C28A5A2246BB1440E823 1030416 ----a-w- C:\WINDOWS\Sysnative\winresume.efi
  354. 2016-03-01 21:55:00 5125BB69518578E5EDC4117BABF2A687 874968 ----a-w- C:\WINDOWS\Sysnative\winresume.exe
  355. 2016-03-01 21:54:58 8AF0CBE3FC6129C42D7A2A73B681F226 1118208 ----a-w- C:\WINDOWS\Sysnative\localspl.dll
  356. 2016-03-01 21:54:57 EA30B6E587862DF15E35525C60CCAFA9 838144 ----a-w- C:\WINDOWS\Sysnative\uDWM.dll
  357. 2016-03-01 21:54:57 E0932D924DA7C363F40E5B90DC9D2669 129536 ----a-w- C:\WINDOWS\Sysnative\flvprophandler.dll
  358. 2016-03-01 21:54:56 7890990143812A452858058BBD52149F 297472 ----a-w- C:\WINDOWS\Sysnative\thumbcache.dll
  359. 2016-03-01 21:54:56 28343B7C30E6AF073B02288EB579D984 476728 ----a-w- C:\WINDOWS\Sysnative\msvproc.dll
  360. 2016-03-01 21:54:55 BEF109D45139E2646C116DD9B6E53E3C 847360 ----a-w- C:\WINDOWS\Sysnative\netlogon.dll
  361. 2016-03-01 21:54:55 9972A886D911234F833A265D5D641D30 587776 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll
  362. 2016-03-01 21:54:55 7C20F3EC0BA5ACB8ED40CDEF41B0AC56 779384 ----a-w- C:\WINDOWS\Sysnative\taskschd.dll
  363. 2016-03-01 21:54:54 28CFFDB411375B2BBB0EBF295ABAEF29 382464 ----a-w- C:\WINDOWS\Sysnative\wuuhext.dll
  364. 2016-03-01 21:54:53 D1241DFC397FA8CCFB4BB4B63AAD31AC 755712 ----a-w- C:\WINDOWS\Sysnative\spoolsv.exe
  365. 2016-03-01 21:54:53 B174232356859EBB0CF8FA950119DA1E 159232 ----a-w- C:\WINDOWS\Sysnative\DeviceCensus.exe
  366. 2016-03-01 21:54:53 A34D9229F8D3A7164247213C9A283DB0 189952 ----a-w- C:\WINDOWS\Sysnative\WiFiDisplay.dll
  367. 2016-03-01 21:54:53 6072C7DB85FD3FE8D308EE44865C04DE 305664 ----a-w- C:\WINDOWS\Sysnative\wifiprofilessettinghandler.dll
  368. 2016-03-01 21:54:52 BC767AD01E4DAFD08C21D5D07CC290C9 567808 ----a-w- C:\WINDOWS\Sysnative\MCRecvSrc.dll
  369. 2016-03-01 21:54:51 FB2FBCF8AD0DF4F8A50B1639F0256D83 555520 ----a-w- C:\WINDOWS\Sysnative\SyncController.dll
  370. 2016-03-01 21:54:51 F9B6E75F16F92CB79F68DA3ABCB576E0 989536 ----a-w- C:\WINDOWS\Sysnative\SecConfig.efi
  371. 2016-03-01 21:54:50 C3D11EE0D07D6CAF9F8D4073B9F5579E 557056 ----a-w- C:\WINDOWS\Sysnative\PsmServiceExtHost.dll
  372. 2016-03-01 21:54:49 B58CE40AC84F1B068A2004400E68245B 87040 ----a-w- C:\WINDOWS\Sysnative\MDMAppInstaller.exe
  373. 2016-03-01 21:54:49 6CA51117CDDB89DB6AE9F196B01C3491 389992 ----a-w- C:\WINDOWS\Sysnative\wlanapi.dll
  374. 2016-03-01 21:54:47 7BD715D15060E0B6E4AF222CA7120BD1 69632 ----a-w- C:\WINDOWS\Sysnative\EnterpriseDesktopAppMgmtCSP.dll
  375. 2016-03-01 21:54:47 2362BCA98EAF8CE0487664467F720861 178176 ----a-w- C:\WINDOWS\Sysnative\psmsrv.dll
  376. 2016-03-01 21:54:46 D4170CA7268AEDE7DE43EE54D7C8F639 256512 ----a-w- C:\WINDOWS\Sysnative\accountaccessor.dll
  377. 2016-03-01 21:54:46 53AC4B2658807691D2A485EE0F8A50E9 463360 ----a-w- C:\WINDOWS\Sysnative\wlansec.dll
  378. 2016-03-01 21:54:46 2E165E1CF278FC2B4959B825642A595B 558080 ----a-w- C:\WINDOWS\Sysnative\MBMediaManager.dll
  379. 2016-03-01 21:54:45 C6856D20BE1DB90407C9154B0EC319B9 77824 ----a-w- C:\WINDOWS\Sysnative\provpackageapidll.dll
  380. 2016-03-01 21:54:45 09918925526BC0B5B823CF1A2473D909 412672 ----a-w- C:\WINDOWS\Sysnative\wlanmsm.dll
  381. 2016-03-01 21:54:44 A78E76034D230AFE6B74B57BAF8C8BF2 27648 ----a-w- C:\WINDOWS\Sysnative\WiFiConfigSP.dll
  382. 2016-03-01 21:54:44 9822B613AEB1CF24E05EFEE748160637 25088 ----a-w- C:\WINDOWS\Sysnative\irmon.dll
  383. 2016-03-01 21:54:44 84ADBF35DAF6404148AE85973BE26D59 48640 ----a-w- C:\WINDOWS\Sysnative\wfdprov.dll
  384. 2016-03-01 21:54:44 0ED8556CB47EC7689D0046791F3427AE 26112 ----a-w- C:\WINDOWS\Sysnative\wlansvcpal.dll
  385. 2016-03-01 21:54:43 FF1FF1A83425C77D1CAFF9EC7AFA8C1F 108544 ----a-w- C:\WINDOWS\Sysnative\InputLocaleManager.dll
  386. 2016-03-01 21:54:43 F2232A78D975E8F1B99DAC4873CBDC89 414720 ----a-w- C:\WINDOWS\Sysnative\bcastdvr.exe
  387. 2016-03-01 21:54:43 DAFECF80513C6E6892BBEBB48D555A31 115712 ----a-w- C:\WINDOWS\Sysnative\srpapi.dll
  388. 2016-03-01 21:54:43 1A0945D67F0499600E7B43A69210EC5B 41984 ----a-w- C:\WINDOWS\Sysnative\TimeBrokerClient.dll
  389. 2016-03-01 21:54:43 0D7BB44BFFFA4E153F4EA1E05522D2C3 37376 ----a-w- C:\WINDOWS\Sysnative\LaunchWinApp.exe
  390. 2016-03-01 21:54:42 AE46FC3FC01DA2DC876D75776F5943B0 86528 ----a-w- C:\WINDOWS\Sysnative\AppCapture.dll
  391. ====== C:\WINDOWS\Sysnative\drivers =====
  392. 2016-03-12 01:17:17 8E98D21EE06192492A5671A6144D092F 33240 ----a-w- C:\WINDOWS\Sysnative\drivers\GEARAspiWDM.sys
  393. 2016-03-11 18:45:23 F280FF5882EC38F996AECE08045F3CC2 351144 ----a-w- C:\WINDOWS\Sysnative\drivers\mfeavfk.sys
  394. 2016-03-11 18:45:22 0AD2A3FFE438E5F7E9F0C16E6917B5BA 419624 ----a-w- C:\WINDOWS\Sysnative\drivers\mfeaack.sys
  395. 2016-03-11 18:45:17 AC1394617F8537EBDEBF2F6B3BEAA547 846080 ----a-w- C:\WINDOWS\Sysnative\drivers\mfehidk.sys
  396. 2016-03-09 22:17:50 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
  397. 2016-03-09 22:17:10 CFBC6C6D8A492697CABD1D353EE64933 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys
  398. 2016-03-09 22:17:10 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849 109272 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys
  399. 2016-03-09 22:17:10 08DECFCB9BA97786165A69AB1015BC30 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys
  400. 2016-03-09 03:57:44 F45665E77D11F3C1552EDBEAD1559DC8 1997152 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
  401. 2016-03-09 03:57:37 33190E86460C4FF7382848187463DC28 576864 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
  402. 2016-03-09 03:57:26 64D4F5DE44B64B8284BADE5819B5195A 394080 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
  403. 2016-03-09 03:57:19 8949F77132A4F8F3BA17C6727099F002 127840 ----a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS
  404. 2016-03-01 21:55:24 58BFFEF692A47FCE3FAAEDBC8F3DCBBB 2152288 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys
  405. 2016-03-01 21:54:59 70165A0A2653FB8AFDE3D85000727F29 277856 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys
  406. 2016-03-01 21:54:57 A4411C522D41707D5BCA817A5BB9E30B 114688 ----a-w- C:\WINDOWS\Sysnative\drivers\bridge.sys
  407. 2016-03-01 21:54:54 F871CE85AF64D81A9CB6C361CF797144 185184 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys
  408. 2016-03-01 21:54:54 DBACD4E4FE191D0CE7C624ACA389535E 29696 ----a-w- C:\WINDOWS\Sysnative\drivers\xinputhid.sys
  409. 2016-03-01 21:54:52 0B3B0C1D86050355676640488FA897D3 430944 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys
  410. 2016-03-01 21:54:51 F279536122B83FD0D8E158AA753E1B7C 238592 ----a-w- C:\WINDOWS\Sysnative\drivers\xboxgip.sys
  411. 2016-03-01 21:54:51 469441BAE3FF8A16826FC62C51EF5E18 563552 ----a-w- C:\WINDOWS\Sysnative\drivers\acpi.sys
  412. 2016-03-01 21:54:50 EDDB0D726DBECDFC1DBCC6DB464E5A13 146272 ----a-w- C:\WINDOWS\Sysnative\drivers\appid.sys
  413. 2016-03-01 21:54:47 B7E1CAA9429E4C3E7E01CB35B97E1536 534368 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
  414. 2016-03-01 21:54:44 E3C82823B22463BC38AA4F8ADA852624 104960 ----a-w- C:\WINDOWS\Sysnative\drivers\rasl2tp.sys
  415. 2016-03-01 21:54:44 1A490555FD330CA2764D89191177C867 285696 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys
  416. ====== C:\WINDOWS\Tasks ======
  417. 2016-02-18 21:51:51 E13ED1C14F456C137F7BB8D81D507828 364 ----a-w- C:\WINDOWS\Tasks\HPCeeScheduleForrterr.job
  418. 2016-02-18 21:51:51 8BC5E0F3E7AA5F58D1DAA8A434864DDD 3256 ----a-w- C:\WINDOWS\Sysnative\Tasks\HPCeeScheduleForrterr
  419. ====== C:\WINDOWS\Temp ======
  420. ======= C:\Program Files =====
  421. ======= C:\PROGRA~2 =====
  422. 2016-03-09 21:48:01 -------- d-----w- C:\PROGRA~2\AdwCleaner
  423. 2016-02-25 23:18:03 -------- d-----w- C:\PROGRA~2\LogMeIn Rescue RC - c7382fad-5c75-45da-b574-c5a2c4f4356d
  424. ======= C: =====
  425. 2016-02-24 20:56:35 7BF74F62A9781FD29FD72926473D9311 248 ----a-w- C:\rescue.info
  426. ====== C:\Users\rterr\AppData\Roaming ======
  427. 2016-03-09 21:58:32 -------- d-----w- C:\Users\rterr\AppData\Local\NPE
  428. 2016-03-09 04:26:22 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps
  429. 2016-02-24 20:54:55 -------- d-----w- C:\Users\rterr\AppData\Local\LogMeIn Rescue Applet
  430. ====== C:\Users\rterr ======
  431. 2016-03-12 02:32:24 D9D59BD0D90893F9AE9F875B30A382AE 2374144 ----a-w- C:\Users\rterr\Desktop\FRST64.exe
  432. 2016-03-11 23:34:23 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp
  433. 2016-03-11 00:22:50 77A7519F29E8A4B06FA02F54DE9FE556 3088296 ----a-w- C:\Users\rterr\Downloads\NPE (3).exe
  434. 2016-03-11 00:22:17 77A7519F29E8A4B06FA02F54DE9FE556 3088296 ----a-w- C:\Users\rterr\Downloads\NPE (2).exe
  435. 2016-03-11 00:21:35 77A7519F29E8A4B06FA02F54DE9FE556 3088296 ----a-w- C:\Users\rterr\Downloads\NPE (1).exe
  436. 2016-03-11 00:21:05 77A7519F29E8A4B06FA02F54DE9FE556 3088296 ----a-w- C:\Users\rterr\Downloads\NPE.exe
  437. 2016-03-09 21:47:45 DC53456D60B2FF018598866EE1863E82 1524224 ----a-w- C:\Users\rterr\Downloads\adwcleaner_5.101.exe
  438. 2016-02-19 21:49:05 -------- d-----r- C:\WINDOWS\sysWoW64\config\systemprofile\Desktop
  439.  
  440. ====== C: exe-files ==
  441. 2016-03-09 03:57:30 09D8EBC01776C2D117918993EDDC19B2 1474560 ----a-w- C:\Program Files\Windows Media Player\wmpnetwk.exe
  442. === C: other files ==
  443. 2016-03-12 01:17:17 8E98D21EE06192492A5671A6144D092F 33240 -c--a-r- C:\Windows\System32\DRVSTORE\GEARAspiWD_53DFBC3344EBC2614851E0BF38F60B616DF86778\x64\GEARAspiWDM.sys
  444. 2016-03-12 01:17:17 8E98D21EE06192492A5671A6144D092F 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
  445. 2016-03-11 18:45:23 F280FF5882EC38F996AECE08045F3CC2 351144 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
  446. 2016-03-11 18:45:22 0AD2A3FFE438E5F7E9F0C16E6917B5BA 419624 ----a-w- C:\Windows\System32\drivers\mfeaack.sys
  447. 2016-03-11 18:45:17 AC1394617F8537EBDEBF2F6B3BEAA547 846080 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
  448. 2016-03-11 03:25:44 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\rterr\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\CollectOneDriveLogs.bat
  449. 2016-03-09 22:17:50 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
  450. 2016-03-09 22:17:10 CFBC6C6D8A492697CABD1D353EE64933 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
  451. 2016-03-09 22:17:10 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
  452. 2016-03-09 22:17:10 08DECFCB9BA97786165A69AB1015BC30 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys
  453. 2016-03-09 03:58:02 32509061F29DA432B62336A4462ADEBF 3593216 ----a-w- C:\Windows\System32\win32kfull.sys
  454. 2016-03-09 03:57:44 F45665E77D11F3C1552EDBEAD1559DC8 1997152 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
  455. 2016-03-09 03:57:40 7C6B51E0233814D401905289AFD27BC5 1390592 ----a-w- C:\Windows\System32\win32kbase.sys
  456. 2016-03-09 03:57:37 33190E86460C4FF7382848187463DC28 576864 ----a-w- C:\Windows\System32\drivers\dxgmms2.sys
  457. 2016-03-09 03:57:26 64D4F5DE44B64B8284BADE5819B5195A 394080 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
  458. 2016-03-09 03:57:19 8949F77132A4F8F3BA17C6727099F002 127840 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS
  459.  
  460. ==== Startup Registry Enabled ======================
  461.  
  462. [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  463. "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"
  464.  
  465. [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  466. "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"
  467.  
  468. [HKEY_USERS\S-1-5-21-3355830756-1789120713-3534354194-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  469. "OneDrive"="C:\Users\rterr\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
  470. "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
  471. "BingSvc"="C:\Users\rterr\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
  472.  
  473. [HKEY_USERS\S-1-5-21-3355830756-1789120713-3534354194-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
  474. "Uninstall C:\Users\rterr\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\rterr\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
  475.  
  476. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  477. "AccelerometerSysTrayApplet"="C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe"
  478. "HPMessageService"="C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe"
  479. "PowerDVD14Agent"="C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe"
  480. "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
  481.  
  482. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  483. "OneDrive"="C:\Users\rterr\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
  484. "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
  485. "BingSvc"="C:\Users\rterr\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
  486.  
  487. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
  488. "Uninstall C:\Users\rterr\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\rterr\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
  489.  
  490. ==== Startup Registry Enabled x64 ======================
  491.  
  492. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  493. "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
  494. "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
  495.  
  496. ==== Task Scheduler Jobs ======================
  497.  
  498. C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [03/11/2016 02:08 PM]
  499. C:\WINDOWS\tasks\EPSON XP-620 Series Update {84C35374-C9C2-4A8E-A2B6-978A0FE0BAE0}.job --a-------- C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNOE.exe [11/22/2013 01:30 AM]
  500. C:\WINDOWS\tasks\EPSON XP-620 Series Update {B41EEF45-B943-4F4B-9F17-AC392E782F81}.job --a-------- C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNOE.exe [11/22/2013 01:30 AM]
  501. C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/01/2016 08:59 PM]
  502. C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/01/2016 08:59 PM]
  503. C:\WINDOWS\tasks\HPCeeScheduleForrterr.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [06/16/2015 11:51 AM]
  504.  
  505. ==== Other Scheduled Tasks ======================
  506.  
  507. "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
  508. "C:\WINDOWS\SysNative\tasks\EPSON XP-620 Series Update {84C35374-C9C2-4A8E-A2B6-978A0FE0BAE0}" [C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE]
  509. "C:\WINDOWS\SysNative\tasks\EPSON XP-620 Series Update {B41EEF45-B943-4F4B-9F17-AC392E782F81}" [C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE]
  510. "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
  511. "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
  512. "C:\WINDOWS\SysNative\tasks\HPCeeScheduleForrterr" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
  513. "C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\WSCStub.exe"]
  514. "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{43ED3A7B-1402-42E8-B261-AEE8AE80FF9F}" [C:\Windows\system32\msfeedssync.exe]
  515. "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon" [C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe]
  516. "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe]
  517. "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
  518. "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe]
  519. "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
  520. "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
  521. "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
  522. "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
  523. "C:\WINDOWS\SysNative\tasks\Norton 360\Norton Autofix" [C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\SymErr.exe]
  524. "C:\WINDOWS\SysNative\tasks\Norton 360\Norton Error Analyzer" [C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\SymErr.exe]
  525. "C:\WINDOWS\SysNative\tasks\Norton 360\Norton Error Processor" [C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\SymErr.exe]
  526.  
  527. ==== Firefox Start and Search pages ======================
  528.  
  529. ProfilePath: C:\Users\rterr\AppData\Roaming\Mozilla\Firefox\Profiles\hggoywmn.default
  530. user_pref("browser.search.defaultenginename", "Bing®");
  531. user_pref("browser.search.defaultenginename.US", "Bing ");
  532. user_pref("browser.search.selectedEngine", "Bing®");
  533. user_pref("keyword.URL", "http://www.bing.com/search?FORM=SK2KDF&PC=SK2K&q=");
  534.  
  535. ==== Firefox Extensions Registry ======================
  536.  
  537. [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
  538. "{C1A2A613-35F1-4FCF-B27F-2840527B6556}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon" [01/14/2016 02:54 AM]
  539. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
  540. "{C1A2A613-35F1-4FCF-B27F-2840527B6556}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon" [01/14/2016 02:54 AM]
  541.  
  542. ==== Firefox Extensions ======================
  543.  
  544. ProfilePath: C:\Users\rterr\AppData\Roaming\Mozilla\Firefox\Profiles\hggoywmn.default
  545. - Bing Search - %ProfilePath%\extensions\bingsearch.full@microsoft.com.xpi
  546.  
  547. AppDir: C:\Program Files (x86)\Mozilla Firefox
  548. - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  549.  
  550. ==== Firefox Plugins ======================
  551.  
  552. Profilepath: C:\Users\rterr\AppData\Roaming\Mozilla\Firefox\Profiles\hggoywmn.default
  553. B5CFBB8AC7C0069D80DBEAA72F3CE9E2 - C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll - Shockwave for Director / Shockwave for Director
  554.  
  555.  
  556. ==== Chromium Look ======================
  557.  
  558. HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
  559. cjabmdjcfcfdmffimndhafhblfmpjdpe - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\Exts\Chrome.crx[11/05/2015 04:30 PM]
  560. iikflkcanblccfahdhdonehdalibjnif - No path found[]
  561.  
  562. Google Slides - rterr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
  563. Google Docs - rterr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
  564. Google Drive - rterr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
  565. YouTube - rterr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
  566. Norton Security Toolbar - rterr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe
  567. Google Search - rterr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
  568. Google Sheets - rterr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
  569. Google Docs Offline - rterr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
  570. Norton Identity Safe - rterr\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif
  571. Chrome Web Store Payments - rterr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
  572. Gmail - rterr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
  573.  
  574. ==== IE Start and Search Settings ======================
  575.  
  576. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
  577. "Start Page"="http://www.msn.com/"
  578. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
  579. "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
  580. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found
  581.  
  582. ==== All HKLM and HKCU SearchScopes ======================
  583.  
  584. HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
  585. HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  586. HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
  587. HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS
  588. HKLM\Wow6432Node\SearchScopes\{1D183557-EBD3-45CE-AD07-B196B7623836} - http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
  589. HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
  590. HKCU\SearchScopes\{1D183557-EBD3-45CE-AD07-B196B7623836} - http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
  591. HKCU\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} - http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NSBU&chn=1122&geo=US&ver=22&locale=en_US&gct=kwd&qsrc=2869
  592.  
  593. ==== HijackThis Entries ======================
  594.  
  595. O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\coIEPlg.dll
  596. O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
  597. O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\coIEPlg.dll
  598. O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
  599. O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
  600. O4 - HKLM\..\Run: [PowerDVD14Agent] "C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe"
  601. O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
  602. O4 - HKCU\..\Run: [OneDrive] "C:\Users\rterr\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
  603. O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
  604. O4 - HKCU\..\Run: [BingSvc] C:\Users\rterr\AppData\Local\Microsoft\BingSvc\BingSvc.exe
  605. O4 - HKCU\..\RunOnce: [Uninstall C:\Users\rterr\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\rterr\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
  606. O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
  607. O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
  608. O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
  609. O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
  610. O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  611. O15 - Trusted Zone: http://*.webcompanion.com
  612. O17 - HKLM\System\CCS\Services\Tcpip\..\{4dbe738a-a9aa-4b2c-b608-950132108d9c}: NameServer = 8.8.8.8,8.8.4.4
  613. O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
  614. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
  615. O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
  616. O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
  617. O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  618. O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
  619. O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
  620. O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
  621. O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
  622. O23 - Service: EpsonCustomerResearchParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
  623. O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
  624. O23 - Service: @oem12.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWOW64\esif_uf.exe
  625. O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
  626. O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  627. O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  628. O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
  629. O23 - Service: @oem16.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
  630. O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
  631. O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
  632. O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
  633. O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
  634. O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
  635. O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
  636. O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
  637. O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
  638. O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
  639. O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
  640. O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\WINDOWS\system32\mfevtps.exe (file missing)
  641. O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
  642. O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
  643. O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\N360.exe
  644. O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
  645. O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
  646. O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
  647. O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
  648. O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
  649. O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
  650. O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
  651. O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
  652. O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
  653. O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
  654. O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
  655. O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  656. O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
  657. O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
  658. O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
  659. O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
  660. O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
  661. O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
  662. O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
  663. O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
  664. O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
  665. O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
  666.  
  667. ==== C:\zoek_backup content ======================
  668.  
  669. C:\zoek_backup (files=0 folders=0 0 bytes)
  670.  
  671. ==== EOF on Sat 03/12/2016 at 7:29:34.08 ======================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!