Zoek.exe v5.0.0.0 Updated 05-November-2014 Tool run by Hunter on Thu 11/06/2014 at 12:02:41.42. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Hunter\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 11/6/2014 12:05:24 PM Zoek.exe System Restore Point Created Succesfully. ==== Installed Programs ====================== ASUS VivoBook Adobe Reader X MUI Alcor Micro USB Card Reader Apple Application Support Apple Mobile Device Support Apple Software Update ASUS Instant Connect ASUS InstantOn ASUS LifeFrame3 ASUS Live Update ASUS Power4Gear Hybrid ASUS S200 Product Demo ASUS Screen Saver ASUS Smart Gesture ASUS Splendid Video Enhancement Technology ASUS Tutor ASUS USB Charger Plus Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver ATK Package Avast Free Antivirus Battle.net Bonjour D3DX10 Damned Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition GIMP 2.8.10 Google Chrome Google Update Helper HL-2240 Intel(R) Dynamic Platform and Thermal Framework Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) SDK for OpenCL - CPU Only Runtime Package Intelr Trusted Connect Service Client iTunes Java 7 Update 67 Java 7 Update 67 (64-bit) Java Auto Updater Kerbal Space Program Microsoft Application Error Reporting Microsoft Office Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Movie Maker MSVCRT MSVCRT110 MSVCRT110_amd64 Overwolf Photo Common Photo Gallery Python 2.7.6 Qualcomm Atheros Client Installation Program Realtek High Definition Audio Driver Recuva RuneScape Launcher 1.2.3 Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SkypeT 6.21 StarCraft II Steam System Requirements Lab CYRI TeamSpeak 3 Client Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition VLC media player Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinFlash ==== Running Processes ====================== C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\Overwolf\Overwolf.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Browny02\BrYNSvc.exe C:\Program Files (x86)\Common Files\Overwolf\0.81.34.0\OverwolfHelper.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe C:\Program Files (x86)\Overwolf\0.81.34.0\OverwolfBrowser.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Hunter\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Services(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R2 - [Apple Mobile Device] - Apple Mobile Device - c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe R2 - [ASLDRService] - ASLDR Service - c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe R2 - [ASUS InstantOn] - ASUS InstantOn Service - c:\program files (x86)\asus\asus instanton\insonsrv.exe R2 - [ATKGFNEXSrv] - ATKGFNEX Service - c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe R2 - [Bonjour Service] - Bonjour Service - c:\program files\bonjour\mdnsresponder.exe R2 - [DptfParticipantProcessorService] - Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application - c:\windows\system32\dptfparticipantprocessorservice.exe R2 - [DptfPolicyConfigTDPService] - Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application - c:\windows\system32\dptfpolicyconfigtdpservice.exe R2 - [DptfPolicyLpmService] - Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application - c:\windows\system32\dptfpolicylpmservice.exe R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe R2 - [Intel(R) ME Service] - Intel(R) ME Service - c:\program files (x86)\intel\intel(r) management engine components\fwservice\intelmefwservice.exe R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe R2 - [UNS] - Intel(R) Management and Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe R2 - [WakeupService] - ASUS Wake Service - c:\program files\asus\asus vivobook\asuswakeupservice.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R3 - [AvastVBoxSvc] - AvastVBox COM Service - c:\program files\avast software\avast\ng\vbox\avastvboxsvc.exe R3 - [BrYNSvc] - BrYNSvc - c:\program files (x86)\browny02\brynsvc.exe R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe R3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe S3 - [iPod Service] - iPod Service - c:\program files\ipod\bin\ipodservice.exe S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files (x86)\microsoft office\office14\groove.exe S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe S3 - [OverwolfUpdater] - Overwolf Updater Windows SCM - c:\program files (x86)\overwolf\overwolfupdater.exe S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3982 MB CPU Info: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz CPU Speed: 1849.9 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Qualcomm Atheros AR9485 Wireless Network Adapter | Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30) CD / DVD Drives: No optical drives found. Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 444.5GB Hard Disks - Free: C: 311.6GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | _ASUS_ - 1072009 Time Zone: Central Standard Time Motherboard *: ASUSTeK COMPUTER INC. X202E Country: United States Language: ENU ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Google Chrome 38.0.2125.104 Internet Explorer Version: 11.0.9600.17351 Google Chrome version: 38.0.2125.104 Adobe Reader version: 10.0.0.396 Sun Java version: 1.7.0_67 (32-bit) Sun Java version: 1.7.0_67 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-11-03 23:29:21 CB00A6ADEBF09A782BF0159A594EB8BF 43152 ----a-w- C:\WINDOWS\avastSS.scr 2014-10-25 15:56:19 ACDBE1ED38167C8B01B8F63161BB2CEA 2374784 ----a-w- C:\WINDOWS\explorer.exe 2014-10-23 15:45:39 2FA1C0E3C228B79D3E461952802CFA5F 32388 ----a-w- C:\WINDOWS\diagwrn.xml 2014-10-23 15:45:39 2FA1C0E3C228B79D3E461952802CFA5F 32388 ----a-w- C:\WINDOWS\diagerr.xml ====== C:\Users\Hunter\AppData\Local\Temp ==== 2014-11-06 17:48:15 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\libiconv2.dll 2014-11-06 17:48:15 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\libintl3.dll 2014-11-06 17:48:15 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\pcre3.dll 2014-11-06 17:48:15 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\regex2.dll 2014-11-06 17:48:15 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\erunt\ERUNT.EXE ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2014-11-03 23:08:05 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\WINDOWS\SysWOW64\sqlite3.dll 2014-10-27 05:52:16 68058D91D76350473E8961D60530D663 105440 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-10-27 05:52:16 4B90A440C945F78BDDC23495BEA8AD87 706016 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-10-26 23:34:42 91B4AAD4412BB223B466F3DFB43E86DA 452440 ----a-w- C:\WINDOWS\SysWOW64\d3dx10_40.dll 2014-10-26 23:34:42 3384134EEB8F223178C2EB8323003EC0 2036576 ----a-w- C:\WINDOWS\SysWOW64\D3DCompiler_40.dll 2014-10-26 23:34:39 EEA5E428CE63804F9B12D21C97B5968F 4379984 ----a-w- C:\WINDOWS\SysWOW64\D3DX9_40.dll 2014-10-25 16:01:11 38045850ACB96313A1983A8803302906 35480 ----a-w- C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2014-10-25 15:58:05 949E0E42DAAD0418513B44C31A697CA5 1797896 ----a-w- C:\WINDOWS\SysWOW64\d3d9.dll 2014-10-25 15:57:57 E28501E3A241DDC5DC65382E55661B1D 285696 ----a-w- C:\WINDOWS\SysWOW64\dhcpcore.dll 2014-10-25 15:57:55 EA15CC7B75A2DE287E3B0C266A35490C 235008 ----a-w- C:\WINDOWS\SysWOW64\framedynos.dll 2014-10-25 15:57:55 E4783EB6A6B2D04F3B541B378E843617 229888 ----a-w- C:\WINDOWS\SysWOW64\dhcpcore6.dll 2014-10-25 15:57:53 0CCDFED2DFCD4FBA73EE989249379458 52736 ----a-w- C:\WINDOWS\SysWOW64\ncobjapi.dll 2014-10-25 15:57:50 4E07710A2C9EA43E7509BF7D0452430E 106496 ----a-w- C:\WINDOWS\SysWOW64\Robocopy.exe 2014-10-25 15:57:49 BEA7A26C2C22381B6DD88758352B9D9B 62976 ----a-w- C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2014-10-25 15:57:49 BA6E52B0D82682EDE4B49D9CCC7D529B 207360 ----a-w- C:\WINDOWS\SysWOW64\framedyn.dll 2014-10-25 15:57:49 57E0A896C38C41C8B5B7F3127F8FD0D9 56320 ----a-w- C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2014-10-25 15:57:46 191B7F25BE13D9F9E56B2B4EA595AC62 11776 ----a-w- C:\WINDOWS\SysWOW64\d3d8thk.dll 2014-10-25 15:56:22 A1EE5C4A020DB9A8DB216C660C3FBDBE 11818496 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2014-10-25 15:56:18 C0281344E7702939DCE4A17734269E58 1038336 ----a-w- C:\WINDOWS\SysWOW64\actxprxy.dll 2014-10-25 15:56:18 1E4CD5DB4F61DF2A9053C8B9A46B4013 50176 ----a-w- C:\WINDOWS\SysWOW64\UXInit.dll 2014-10-25 15:56:18 195822ACCDAA2B4815DD01BAFC335595 2084520 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2014-10-25 15:55:40 F51B727AFF404ED8D730DFA069D88D7B 18722600 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2014-10-25 15:55:39 074BF061D97E49AAF04F2FAF46409A14 5902848 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-10-25 15:55:37 7BEE9E040222E7033A820780E1A61204 5777408 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll 2014-10-25 15:55:30 E86549FED3008360730A6B722079D537 756224 ----a-w- C:\WINDOWS\SysWOW64\WSShared.dll 2014-10-25 15:55:29 A4E624F7658D08C1717542FA10E0A973 1467384 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2014-10-25 15:55:29 76831C139BD9E227712B283A6A5ABBA8 840192 ----a-w- C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-10-25 15:55:28 BFC6F7889A9CFF451A418862444B9F63 321024 ----a-w- C:\WINDOWS\SysWOW64\Wldap32.dll 2014-10-25 15:55:28 24B30DB8D1F8CF0F8C1AAAE319BC508E 838144 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2014-10-25 15:55:27 DBA00F3FC75495058A25B24906C24599 1205976 ----a-w- C:\WINDOWS\SysWOW64\propsys.dll 2014-10-25 15:55:24 DA65F1320538BC417B8FAE0BCAC330A0 265216 ----a-w- C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-10-25 15:47:23 DB3ED0BA26D7C598481A23E7D06A370E 2344448 ----a-w- C:\WINDOWS\SysWOW64\Wpc.dll 2014-10-25 15:46:57 4C48253C6A21CCEBA071B58A5CDF17C1 875688 ----a-w- C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2014-10-25 15:46:12 684CF6A72A8DF7D66D262AC4A6E07845 270848 ----a-w- C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll 2014-10-23 18:34:07 FBC21212942F17DBA0A66C93ADC23F59 31232 ----a-w- C:\WINDOWS\SysWOW64\wuapp.exe 2014-10-23 18:34:07 C2F6C71F5316DA478632B3B463B06E6D 80896 ----a-w- C:\WINDOWS\SysWOW64\wudriver.dll 2014-10-23 18:34:07 B6D3D955FBB174081CDFB977B726D069 123904 ----a-w- C:\WINDOWS\SysWOW64\wuwebv.dll 2014-10-23 18:34:07 09ABB665890DDCB614974AE563F0D877 672256 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll 2014-10-23 18:33:54 CDB3123A2ABB34B830224B986568F4D4 626688 ----a-w- C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-10-23 18:33:41 CE9FDB173E3FDA974B9CC2596558EA47 68608 ----a-w- C:\WINDOWS\SysWOW64\packager.dll 2014-10-23 18:33:28 C49344C2F399A22704C682C5E18B8DF2 2321920 ----a-w- C:\WINDOWS\SysWOW64\authui.dll 2014-10-23 18:33:28 10F428429F7FF957B226E068A08B158A 3117568 ----a-w- C:\WINDOWS\SysWOW64\msi.dll 2014-10-23 18:33:05 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-10-23 18:33:05 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2014-10-23 18:33:05 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2014-10-23 18:33:05 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2014-10-23 18:33:05 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2014-10-23 18:33:05 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2014-10-23 18:33:05 980D01CB48811552E09D9CFF397886C9 315904 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-10-23 18:33:05 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-10-23 18:33:05 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2014-10-23 18:33:05 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-10-23 18:33:05 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2014-10-23 18:33:05 4E9D7F3948E0B1DB2F861A0C9BA186AB 597504 ----a-w- C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-10-23 18:33:05 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\WINDOWS\SysWOW64\dxtrans.dll 2014-10-23 18:33:05 332E39115D7AE6071357E453574FCD48 365056 ----a-w- C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-10-23 18:33:05 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2014-10-23 18:33:05 2BFB1103B7D2B45A094B0600CDD775F3 60416 ----a-w- C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-23 18:33:05 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\WINDOWS\SysWOW64\mshtmled.dll 2014-10-23 18:32:25 5D2C15BDAD48646C8CBC83903252D87C 514048 ----a-w- C:\WINDOWS\SysWOW64\rastls.dll 2014-10-23 18:28:17 262AD0EF90F757FB715B3EDD6A8E469C 778936 ----a-w- C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2014-10-23 18:28:17 2083BD93AE43F9494318B422FF8943D1 102608 ----a-w- C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-11-03 23:29:27 F8EE2816C555200C5A61ED6FAC729612 364512 ----a-w- C:\WINDOWS\Sysnative\aswBoot.exe 2014-10-26 23:34:42 862586AD4B1355F7DCDE111EE0AAF350 519000 ----a-w- C:\WINDOWS\Sysnative\d3dx10_40.dll 2014-10-26 23:34:42 37309B833480DC69FDE7DB68F9B8BC20 2605920 ----a-w- C:\WINDOWS\Sysnative\D3DCompiler_40.dll 2014-10-26 23:34:39 29A79F0B607FAF5722D7BAF2485F632A 5631312 ----a-w- C:\WINDOWS\Sysnative\D3DX9_40.dll 2014-10-25 16:01:11 6DBE73C09215E281F4283641144110A5 35480 ----a-w- C:\WINDOWS\Sysnative\TsWpfWrp.exe 2014-10-25 15:58:06 C1E44A99F7CF8C3A08CD5ADDF451636C 2125344 ----a-w- C:\WINDOWS\Sysnative\d3d9.dll 2014-10-25 15:58:00 EA432A85ABF371E14FB364D5F4405897 403968 ----a-w- C:\WINDOWS\Sysnative\vpnike.dll 2014-10-25 15:57:59 98D0985521BF8F7086EA9C860898A1EE 721408 ----a-w- C:\WINDOWS\Sysnative\fveapi.dll 2014-10-25 15:57:59 05DE04005CE0D84D0E6AD21CAEB369C6 353280 ----a-w- C:\WINDOWS\Sysnative\dhcpcore.dll 2014-10-25 15:57:57 6B374D279DC423FE69DB8DD1401E84FC 301056 ----a-w- C:\WINDOWS\Sysnative\framedynos.dll 2014-10-25 15:57:56 E07C80468D0C599BFF01D9D4EC7AEDC3 339456 ----a-w- C:\WINDOWS\Sysnative\bdesvc.dll 2014-10-25 15:57:56 10AC9494ECE22A2362E4E4D98C528D01 271872 ----a-w- C:\WINDOWS\Sysnative\dhcpcore6.dll 2014-10-25 15:57:55 20FB137ADDE1255F15F265A7BD9579BE 827392 ----a-w- C:\WINDOWS\Sysnative\BFE.DLL 2014-10-25 15:57:53 FBB1841434072FFA76E4AD287448E34A 262656 ----a-w- C:\WINDOWS\Sysnative\framedyn.dll 2014-10-25 15:57:53 1824052F17B12B5D7B21445B869EE9F2 71168 ----a-w- C:\WINDOWS\Sysnative\ncobjapi.dll 2014-10-25 15:57:52 2616E8E9C8B66A67CFB6197E9517A2F2 123392 ----a-w- C:\WINDOWS\Sysnative\Robocopy.exe 2014-10-25 15:57:51 7E1EBDB3424337ABB553F249A7811D94 87552 ----a-w- C:\WINDOWS\Sysnative\dhcpcsvc.dll 2014-10-25 15:57:50 DEA76F90F9777E3427D70E380222B23B 1063424 ----a-w- C:\WINDOWS\Sysnative\IKEEXT.DLL 2014-10-25 15:57:50 D3883FBCA97D10C8A39632D6CDDC6E85 65024 ----a-w- C:\WINDOWS\Sysnative\dhcpcsvc6.dll 2014-10-25 15:57:47 71BAEAFD05B3040173F5BBEA2CFE9607 997888 ----a-w- C:\WINDOWS\Sysnative\reseteng.dll 2014-10-25 15:57:46 B7CC32E00C5C5152D221DF182827F58E 50745 ----a-w- C:\WINDOWS\Sysnative\srms.dat 2014-10-25 15:56:21 91AEA2A8671DDDFA526604B2379867F3 13423104 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2014-10-25 15:56:20 A4EE37B24370FABA65EF64FF24B5539E 2860032 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2014-10-25 15:56:19 00CD1254837739E310505EBCB19F7971 796672 ----a-w- C:\WINDOWS\Sysnative\uDWM.dll 2014-10-25 15:56:17 04AE20974DF91DC7B9075FC5A126B77C 68096 ----a-w- C:\WINDOWS\Sysnative\UXInit.dll 2014-10-25 15:55:44 34A16F6F9546595952C65003D9A4B474 21195616 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2014-10-25 15:55:42 1676B06421492B439A9E60C55692A921 8757760 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Search.dll 2014-10-25 15:55:38 8A522BBE4E06586C57E5D9DC50FB88B0 6649344 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll 2014-10-25 15:55:36 57CA779C19C2F224BE0C5EFC40F54B60 4758528 ----a-w- C:\WINDOWS\Sysnative\SyncEngine.dll 2014-10-25 15:55:33 37C1CBCB3F420C754E86E3EC313D436D 1112512 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2014-10-25 15:55:33 10CE7F7704E293F6CC6E0AF51DBFD95A 1106432 ----a-w- C:\WINDOWS\Sysnative\SearchFolder.dll 2014-10-25 15:55:32 5053FE9043FB84D71B04EFC7D5DA13CF 1710184 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2014-10-25 15:55:31 2ECA23663D13100032E09062C743C70D 1507648 ----a-w- C:\WINDOWS\Sysnative\propsys.dll 2014-10-25 15:55:30 ACFEE9487693C2BD573DFCA71D98E17C 914432 ----a-w- C:\WINDOWS\Sysnative\iphlpsvc.dll 2014-10-25 15:55:30 30293301B14D0D11D086B09831F5FE0D 920064 ----a-w- C:\WINDOWS\Sysnative\WSShared.dll 2014-10-25 15:55:29 ABB028BAB78E7B4AFE374F8246F6CCB6 359424 ----a-w- C:\WINDOWS\Sysnative\Wldap32.dll 2014-10-25 15:55:27 FD4EA8E9232ADD51DC31C295DDEF2768 287744 ----a-w- C:\WINDOWS\Sysnative\SystemEventsBrokerServer.dll 2014-10-25 15:55:26 66CBCDDEF429E5BA83C3288EEB0771A6 717824 ----a-w- C:\WINDOWS\Sysnative\SkyDriveTelemetry.dll 2014-10-25 15:55:25 F58FBEA392B663B936E62939A877CA80 1120768 ----a-w- C:\WINDOWS\Sysnative\SkyDrive.exe 2014-10-25 15:55:25 E325BCD68EC0CF2E2EDD0AB7CC17C698 267776 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll 2014-10-25 15:55:25 73F269436228D5625E83A1EAF3549F58 118272 ----a-w- C:\WINDOWS\Sysnative\httpprxm.dll 2014-10-25 15:55:24 5D4A403DAE434FBA11779496EAFBDDE8 75776 ----a-w- C:\WINDOWS\Sysnative\adhsvc.dll 2014-10-25 15:55:24 3014CE5846A486C624E3E2CEB8C3290C 286208 ----a-w- C:\WINDOWS\Sysnative\SkyDriveShell.dll 2014-10-25 15:55:24 0DD29E5328436D51517316CD6D3BACCA 286208 ----a-w- C:\WINDOWS\Sysnative\pcsvDevice.dll 2014-10-25 15:55:23 36F977EDAE6CEE96CE6409B2B16765B4 290816 ----a-w- C:\WINDOWS\Sysnative\ProximityService.dll 2014-10-25 15:55:21 B6F423906D3E10BE38C16726C0905033 388729 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml 2014-10-25 15:47:37 D3AE5DB16EAF913860EC28654CE00E6B 1212928 ----a-w- C:\WINDOWS\Sysnative\schedsvc.dll 2014-10-25 15:47:33 D46FD43F65070EAA744F2AEC0B7F2405 527360 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2014-10-25 15:47:33 6F338144D6C1115C9901024F5CFFDC87 275968 ----a-w- C:\WINDOWS\Sysnative\generaltel.dll 2014-10-25 15:47:33 668D58194CF9C9550C5433B5C210E996 678400 ----a-w- C:\WINDOWS\Sysnative\aepdu.dll 2014-10-25 15:47:31 5C809DB631BEB5DCC63C23203102D91A 97280 ----a-w- C:\WINDOWS\Sysnative\aepic.dll 2014-10-25 15:47:25 E7DE316FEEFC79327CFAD8F527979CC0 3118080 ----a-w- C:\WINDOWS\Sysnative\Wpc.dll 2014-10-25 15:47:25 AF33B3D7B32FE39656147E0849D987A4 321536 ----a-w- C:\WINDOWS\Sysnative\lockscreencn.dll 2014-10-25 15:47:24 E2F4125BFAC99244088324A1841C0B83 3048880 ----a-w- C:\WINDOWS\Sysnative\WpcMon.exe 2014-10-25 15:47:24 6BC31FB4E24A962C98801D3687A984C0 2861056 ----a-w- C:\WINDOWS\Sysnative\WpcWebSync.dll 2014-10-25 15:46:57 8BB7548307EE6147137993A410D64387 869544 ----a-w- C:\WINDOWS\Sysnative\msvcr120_clr0400.dll 2014-10-25 15:46:13 B312E157D20E727F30EAB3A250441B6F 284672 ----a-w- C:\WINDOWS\Sysnative\WUDFHost.exe 2014-10-25 15:46:13 9CDC2059A23E3C9B57696178508777E7 99840 ----a-w- C:\WINDOWS\Sysnative\WUDFSvc.dll 2014-10-25 15:46:13 42D257559F97B30A94A027EB4555C62F 323584 ----a-w- C:\WINDOWS\Sysnative\DaOtpCredentialProvider.dll 2014-10-25 15:46:13 1A54E3DF2CBB8DBE8A17C87BB07E3A7E 209408 ----a-w- C:\WINDOWS\Sysnative\WUDFPlatform.dll 2014-10-25 15:46:12 08DCA300264238F9AE941302321F3D54 423768 ----a-w- C:\WINDOWS\Sysnative\hal.dll 2014-10-25 15:45:46 F381B380B7B2704EA4C0F8D8C49C1C50 623616 ----a-w- C:\WINDOWS\Sysnative\MDMAgent.exe 2014-10-23 18:34:07 EEC80B8BF5B050D04DDCD88D03C9A771 59904 ----a-w- C:\WINDOWS\Sysnative\wups.dll 2014-10-23 18:34:07 9FDD8CD31F3FBA88F050318F32D640E2 3448320 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2014-10-23 18:34:07 6D3FB811007A5330C6D85E182BCDFC85 839680 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll 2014-10-23 18:34:07 65297383420B2C09A7D2838C76106CEE 93696 ----a-w- C:\WINDOWS\Sysnative\wudriver.dll 2014-10-23 18:34:07 5E89EC6165E545B77122227E1DFFA23A 54752 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2014-10-23 18:34:07 35D45C2646794C66EAAD8FE11944A714 35328 ----a-w- C:\WINDOWS\Sysnative\wuapp.exe 2014-10-23 18:34:07 23C814333BDA6B07248E6E865D91B728 1702400 ----a-w- C:\WINDOWS\Sysnative\wucltux.dll 2014-10-23 18:34:07 1D66D0788D7A398B4BF9030C45B5F71C 50688 ----a-w- C:\WINDOWS\Sysnative\wups2.dll 2014-10-23 18:34:07 1A941A83126E35782401E43C84FC90C7 388608 ----a-w- C:\WINDOWS\Sysnative\WUSettingsProvider.dll 2014-10-23 18:34:07 094D5D55C02FA2547A0B46A0ABC629D5 137728 ----a-w- C:\WINDOWS\Sysnative\wuwebv.dll 2014-10-23 18:33:54 CFD6DBED27511D7A5FBE33AFA7E6B669 76800 ----a-w- C:\WINDOWS\Sysnative\BulkOperationHost.exe 2014-10-23 18:33:54 8CBF1E2761816CFD9D32F8B32531D0FB 118272 ----a-w- C:\WINDOWS\Sysnative\winbici.dll 2014-10-23 18:33:54 34B5290B8770A2FC578E3FEAD3FD7462 921600 ----a-w- C:\WINDOWS\Sysnative\MrmCoreR.dll 2014-10-23 18:33:41 F782575495709CD79F1A15EFD11D51E3 76288 ----a-w- C:\WINDOWS\Sysnative\packager.dll 2014-10-23 18:33:34 C2BBFC3872442092AD2260F564AB9AD9 4183040 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2014-10-23 18:33:28 A00B916CD6A67984257DC53052350219 2646016 ----a-w- C:\WINDOWS\Sysnative\authui.dll 2014-10-23 18:33:28 7667B9D81EA8FD6540E6CF72F92161A6 109568 ----a-w- C:\WINDOWS\Sysnative\appinfo.dll 2014-10-23 18:33:28 4C3A631A721A49324715717535633002 2779648 ----a-w- C:\WINDOWS\Sysnative\msi.dll 2014-10-23 18:33:05 DB101A62F9BF8E7765685950169EF52B 758272 ----a-w- C:\WINDOWS\Sysnative\jscript9diag.dll 2014-10-23 18:33:05 D3B07C2FABEAE749E4E51F1E93CABA23 5829632 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2014-10-23 18:33:05 A2105E46DC9CE38A1D57FB124436E1BC 85504 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll 2014-10-23 18:33:05 9D98D4F390F0B14A782F3B931E613A1A 2309632 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2014-10-23 18:33:05 98241BE7EB26C41562D33393DD12608F 289280 ----a-w- C:\WINDOWS\Sysnative\dxtrans.dll 2014-10-23 18:33:05 7F733479C6DC92B649B2B1298EE6D6B6 446464 ----a-w- C:\WINDOWS\Sysnative\dxtmsft.dll 2014-10-23 18:33:05 7E60EE8A68F7270D1E1662CBA275D4FA 13619200 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2014-10-23 18:33:05 7415B29AFE2E4494A57358B8C7E78600 23631360 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2014-10-23 18:33:05 646C004F58AA4762F92BF7C595216C37 2108416 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2014-10-23 18:33:05 550531ED60E7AD5CA02EDB0FAFA6280B 72704 ----a-w- C:\WINDOWS\Sysnative\JavaScriptCollectionAgent.dll 2014-10-23 18:33:05 45B736E3184B68515FDB71D4083A9BCF 731136 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2014-10-23 18:33:05 328143D6BC5951E1797BD524C4E98CDC 547328 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2014-10-23 18:33:05 30FB9ABB6C45C3299CFA5F556904DD5F 83968 ----a-w- C:\WINDOWS\Sysnative\MshtmlDac.dll 2014-10-23 18:33:05 2E5AF1507CBE735B4D7EBFF1908EA0E1 775168 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2014-10-23 18:33:05 2A1C9DB3F9C09795D77E9F24C30BE423 363008 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2014-10-23 18:33:05 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2014-10-23 18:33:05 0F5A279522FA6A30C9C5A297A1064933 1447936 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2014-10-23 18:33:05 050FD78BA4EFA62417F61F4C098B5B25 2796032 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2014-10-23 18:32:25 25EE65F2FA154EDED0E87354311FB1E2 590336 ----a-w- C:\WINDOWS\Sysnative\rastls.dll 2014-10-23 18:28:15 DF290FC4E1116D92F34D8B6410AE544E 124112 ----a-w- C:\WINDOWS\Sysnative\PresentationCFFRasterizerNative_v0300.dll 2014-10-23 18:28:13 E35AD6DAECED1213658E0976A16D6266 1166520 ----a-w- C:\WINDOWS\Sysnative\PresentationNative_v0300.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2014-11-03 23:29:29 CDE120D6279DD61B341CB871C48E5374 83280 ----a-w- C:\WINDOWS\Sysnative\drivers\aswmonflt.sys 2014-11-03 23:29:29 7250DFE069F4CB68F736A12F51AC083E 116728 ----a-w- C:\WINDOWS\Sysnative\drivers\aswStm.sys 2014-11-03 23:29:29 6FC940A01C53BC874F531349E991F2BC 436624 ----a-w- C:\WINDOWS\Sysnative\drivers\aswSP.sys 2014-11-03 23:29:29 6669541A3566F5B2F64A87ACC9B8821F 93568 ----a-w- C:\WINDOWS\Sysnative\drivers\aswRdr2.sys 2014-11-03 23:29:29 60FED5EA7F14315C319E7FFB3679CC24 65776 ----a-w- C:\WINDOWS\Sysnative\drivers\aswRvrt.sys 2014-11-03 23:29:29 5EA98C99B780EE215401658BE5E217CA 267632 ----a-w- C:\WINDOWS\Sysnative\drivers\aswVmm.sys 2014-11-03 23:29:29 56098BE0C735ED563C466CD835937993 1050432 ----a-w- C:\WINDOWS\Sysnative\drivers\aswsnx.sys 2014-11-03 23:29:29 001CFE1AE7A6377D70F654305ED10458 29208 ----a-w- C:\WINDOWS\Sysnative\drivers\aswHwid.sys 2014-10-25 16:04:29 8DF1254093B5C354CE725EB6B9B0DE19 146752 ----a-w- C:\WINDOWS\Sysnative\drivers\msgpioclx.sys 2014-10-25 15:57:57 7A1A3F213CDB3363D179D5014272025D 402432 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2014-10-25 15:57:55 674A4702E4E144E8710ED1A2EC6DD049 96768 ----a-w- C:\WINDOWS\Sysnative\drivers\agilevpn.sys 2014-10-25 15:57:52 65ED7B9CFEA893DF7748D5FF692690DE 38912 ----a-w- C:\WINDOWS\Sysnative\drivers\vwifimp.sys 2014-10-25 15:57:49 35BF5C5F5E3C9902C98978C7640574DA 71680 ----a-w- C:\WINDOWS\Sysnative\drivers\vwififlt.sys 2014-10-25 15:55:35 87F3713E620F62D243A82B3CB66CBDDE 2498880 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2014-10-25 15:55:24 329FEB41BBE82FBBD9BD69547BA1CB82 428864 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS 2014-10-25 15:46:14 7CCBBCEE408A5DBE3FE47297DB5A6CFC 227840 ----a-w- C:\WINDOWS\Sysnative\drivers\WUDFRd.sys 2014-10-25 15:46:13 D537815E450A149752C15868392AD1F3 110592 ----a-w- C:\WINDOWS\Sysnative\drivers\WUDFPf.sys 2014-10-25 02:55:03 8E98D21EE06192492A5671A6144D092F 33240 ----a-w- C:\WINDOWS\Sysnative\drivers\GEARAspiWDM.sys 2014-10-23 15:38:39 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_DptfDevFan_01009.Wdf 2014-10-23 15:38:34 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_DptfDevGen_01009.Wdf 2014-10-23 15:38:27 EC97C90DEA93F04F0408E48E4F30EBDA 83805 ----a-w- C:\WINDOWS\Sysnative\drivers\RTWAVES30.dat 2014-10-23 15:38:14 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_DptfDevDram_01009.Wdf 2014-10-23 15:37:34 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_DptfDevProc_01009.Wdf 2014-10-23 15:37:30 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_DptfDevPch_01009.Wdf 2014-10-23 15:37:29 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_DptfManager_01009.Wdf ====== C:\WINDOWS\Tasks ====== 2014-11-03 23:29:39 4BA2C7242791FF582575DC1B3EF22B8C 4182 ----a-w- C:\WINDOWS\Sysnative\Tasks\avast! Emergency Update 2014-10-25 02:51:19 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Apple ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-11-01 12:38:14 -------- d-----w- C:\Program Files\Recuva 2014-10-25 02:52:25 -------- d-----w- C:\Program Files\iPod 2014-10-25 02:51:59 -------- d-----w- C:\Program Files\iTunes 2014-10-25 02:49:41 -------- d-----w- C:\Program Files\Common Files\Apple 2014-10-25 02:49:07 -------- d-----w- C:\Program Files\Bonjour 2014-10-23 18:29:07 -------- d-----w- C:\Program Files\Reference Assemblies 2014-10-23 18:29:07 -------- d-----w- C:\Program Files\MSBuild 2014-10-23 15:38:18 -------- d-----w- C:\Program Files\Realtek ======= C:\PROGRA~2 ===== 2014-11-02 01:00:16 -------- d-----w- C:\PROGRA~2\StarCraft II 2014-11-02 00:55:44 -------- d-----w- C:\PROGRA~2\COMMON~1\Blizzard Entertainment 2014-11-02 00:55:44 -------- d-----w- C:\PROGRA~2\Battle.net 2014-10-26 21:03:42 -------- d-----w- C:\PROGRA~2\COMMON~1\Steam 2014-10-26 21:03:38 -------- d-----w- C:\PROGRA~2\Steam 2014-10-25 02:51:59 -------- d-----w- C:\PROGRA~2\iTunes 2014-10-25 02:51:14 -------- d-----w- C:\PROGRA~2\Apple Software Update 2014-10-25 02:49:07 -------- d-----w- C:\PROGRA~2\Bonjour 2014-10-25 02:48:19 -------- d-----w- C:\PROGRA~2\COMMON~1\Apple 2014-10-23 18:29:08 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2014-10-23 18:29:08 -------- d-----w- C:\PROGRA~2\MSBuild 2014-10-23 15:38:09 -------- d-----w- C:\PROGRA~2\Intel 2014-10-23 15:37:46 -------- d-----w- C:\PROGRA~2\COMMON~1\Intel 2014-10-09 23:59:24 -------- d-----w- C:\PROGRA~2\EA Games ======= C: ===== ====== C:\Users\Hunter\AppData\Roaming ====== 2014-11-02 00:56:35 -------- d-----w- C:\Users\Hunter\AppData\Local\Blizzard Entertainment 2014-11-02 00:56:27 -------- d-----w- C:\Users\Hunter\AppData\Roaming\Battle.net 2014-11-02 00:56:27 -------- d-----w- C:\Users\Hunter\AppData\Local\Battle.net 2014-11-01 12:31:04 -------- d-----w- C:\Users\Hunter\AppData\Roaming\AmazingiOSRecovery 2014-11-01 12:30:48 -------- d-----w- C:\Users\Hunter\AppData\Roaming\WaveinsightiOSRecovery 2014-10-29 13:07:53 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Overwolf 2014-10-28 02:04:03 -------- d-----w- C:\Users\Hunter\AppData\Roaming\3909 LLC 2014-10-27 05:25:10 -------- d-----w- C:\Users\Hunter\AppData\Local\Comodo 2014-10-27 05:25:09 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-10-27 05:25:09 -------- d-----w- C:\Users\Guest\AppData\Local\Comodo 2014-10-27 05:25:09 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo 2014-10-27 05:25:08 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Google 2014-10-27 05:25:08 -------- d-----w- C:\Users\Guest\AppData\Local\Google 2014-10-27 05:25:08 -------- d-----w- C:\Users\Administrator\AppData\Local\Google 2014-10-26 23:36:02 -------- d-----w- C:\Users\Hunter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 2.7 2014-10-26 21:23:02 -------- d-----w- C:\Users\Hunter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-10-25 03:00:16 -------- d-----w- C:\Users\Hunter\AppData\Roaming\uTorrent 2014-10-25 02:55:12 -------- d-----w- C:\Users\Hunter\AppData\Local\Apple Computer 2014-10-25 02:55:11 -------- d-----w- C:\Users\Hunter\AppData\Roaming\Apple Computer 2014-10-25 02:51:18 -------- d-----w- C:\Users\Hunter\AppData\Local\Apple 2014-10-25 02:51:10 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Apple Computer 2014-10-25 02:45:33 -------- d-----w- C:\Users\Hunter\AppData\Roaming\TuneUpMedia 2014-10-25 02:30:09 -------- d-s---w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-10-23 18:58:15 -------- d-s---w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft 2014-10-23 18:47:34 -------- d-----w- C:\Users\Hunter\AppData\Roaming\Identities 2014-10-23 18:46:26 -------- d-s---w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Locallow\Microsoft 2014-10-23 18:31:36 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Microsoft 2014-10-23 15:59:42 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Adobe 2014-10-23 15:57:34 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2014-10-23 15:51:24 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help 2014-10-23 15:51:24 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help 2014-10-23 15:45:09 -------- d-s---w- C:\Users\Hunter\AppData\Roaming\Microsoft 2014-10-23 15:45:09 -------- d-----w- C:\Users\Hunter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-10-23 15:45:09 -------- d-----w- C:\Users\Hunter\AppData\Local\Temp 2014-10-23 15:45:09 -------- d-----w- C:\Users\Hunter\AppData\Local\Microsoft 2014-10-23 15:45:09 -------- d-----r- C:\Users\Hunter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-10-23 15:45:09 -------- d-----r- C:\Users\Hunter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-10-23 15:45:09 -------- d-----r- C:\Users\Hunter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-10-23 15:45:07 -------- d-s---w- C:\Users\Guest\AppData\Roaming\Microsoft 2014-10-23 15:45:07 -------- d-----w- C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-10-23 15:45:07 -------- d-----w- C:\Users\Guest\AppData\Local\Temp 2014-10-23 15:45:07 -------- d-----w- C:\Users\Guest\AppData\Local\Microsoft 2014-10-23 15:45:07 -------- d-----r- C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-10-23 15:45:07 -------- d-----r- C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-10-23 15:45:07 -------- d-----r- C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-10-15 21:08:52 37A609C1F8A8DE77B58B52F2AB14D82D 494872 ----a-w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2014-10-11 20:43:59 -------- d-----w- C:\Users\Hunter\AppData\Local\PunkBuster ====== C:\Users\Hunter ====== 2014-11-06 17:48:09 B49FC8AAB94378109AAF61A79E6B1D6C 1706939 ----a-w- C:\Users\Hunter\Downloads\JRT.exe 2014-11-06 17:31:49 12EFD5FA51597F188E5DB50BE20EE597 1375089 ----a-w- C:\Users\Hunter\Downloads\adwcleaner_3.311 (1).exe 2014-11-05 00:56:48 6533D4E37325E51C4305CBC49498BCAB 2114560 ----a-w- C:\Users\Hunter\Desktop\FRST64.exe 2014-11-05 00:56:05 EA7B436C751F1069C840FD985A31B841 1106432 ----a-w- C:\Users\Hunter\Downloads\FRST (1).exe 2014-11-04 04:30:50 D30FA77E5771C882F9B71E733C3CDB76 1106432 ----a-w- C:\Users\Hunter\Downloads\FRST.exe 2014-11-03 23:24:53 73A0C739E3C73D4888C89A1672198BD6 5004328 ----a-w- C:\Users\Hunter\Downloads\avast_free_antivirus_setup_online.exe 2014-11-03 23:21:38 291276753932926347CFC669E7B37FB4 1125200 ----a-w- C:\Users\Hunter\Downloads\avast-free-antivirus.exe 2014-11-03 23:04:36 12EFD5FA51597F188E5DB50BE20EE597 1375089 ----a-w- C:\Users\Hunter\Downloads\adwcleaner_3.311.exe 2014-11-02 01:02:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II 2014-11-02 00:55:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2014-11-02 00:55:44 -------- d-----w- C:\ProgramData\Blizzard Entertainment 2014-11-02 00:53:31 -------- d-----w- C:\ProgramData\Battle.net 2014-11-02 00:48:57 22D2CC00140568F1D3276425A65B77CC 3227560 ----a-w- C:\Users\Hunter\Downloads\StarCraft-II-Setup-enUS.exe 2014-11-02 00:48:57 22D2CC00140568F1D3276425A65B77CC 3227560 ----a-w- C:\Users\Hunter\Downloads\StarCraft-II-Setup-enUS (5).exe 2014-11-02 00:48:57 22D2CC00140568F1D3276425A65B77CC 3227560 ----a-w- C:\Users\Hunter\Downloads\StarCraft-II-Setup-enUS (2).exe 2014-11-02 00:48:57 22D2CC00140568F1D3276425A65B77CC 3227560 ----a-w- C:\Users\Hunter\Downloads\StarCraft-II-Setup-enUS (1).exe 2014-11-01 12:38:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2014-11-01 12:37:20 3F9C12E62A0AE1D7A9DBB252195C4C54 4210920 ----a-w- C:\Users\Hunter\Downloads\rcsetup151 (1).exe 2014-11-01 12:35:15 79BF3EFFD6C6CB67D1A263439339AFC8 11954956 ----a-w- C:\Users\Hunter\Downloads\tenorshare-ipod-data-recovery-trial.exe 2014-11-01 12:28:09 27A2DB73F88A8155646F4A08294BCB8D 370544 ----a-w- C:\Users\Hunter\Downloads\SoftonicDownloader_for_free-any-iphone-data-recovery.exe 2014-10-29 02:56:16 4ADCFEE16EE9978F06157634669D36FB 602112 ----a-w- C:\Users\Hunter\Desktop\OTL (2).exe 2014-10-29 02:55:55 4ADCFEE16EE9978F06157634669D36FB 602112 ----a-w- C:\Users\Hunter\Downloads\OTL (2).exe 2014-10-28 20:57:11 302DD0119A39F3E726721BC6D82E29A4 1035696 ----a-w- C:\Users\Hunter\Downloads\OffercastInstaller_AVR_U-0103-01-L_.exe 2014-10-28 05:14:02 -------- d-----r- C:\WINDOWS\SysNative\config\systemprofile\Searches 2014-10-27 13:54:16 BEE528803E6F77D22F8CF882258E7FEC 1539402 ----a-w- C:\Users\Hunter\Downloads\IRST_12.8.0.1016_ANdisable_Win8.1_64.exe 2014-10-27 05:25:13 8E1B08222F20E45A3E8DB04C569F9CB7 8 --sha-r- C:\ProgramData\ntuser.pol 2014-10-27 05:25:08 -------- d-----w- C:\Users\HomeGroupUser$\AppData 2014-10-27 05:25:08 -------- d-----w- C:\Users\Administrator\AppData 2014-10-26 23:36:21 -------- d-----w- C:\ProgramData\Damned 2014-10-26 21:03:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-10-26 21:02:28 6844B18EACA3D6F90A2A0C6772CF6A99 1142392 ----a-w- C:\Users\Hunter\Downloads\SteamSetup.exe 2014-10-25 04:42:27 60E418F6DF6499BD7D734BE34B1861FB 15300480 ----a-w- C:\Users\Hunter\Downloads\podtrans-pro-setup.exe 2014-10-25 02:59:38 907427F445B518BF3A5041DF8E0585E9 1689168 ----a-w- C:\Users\Hunter\Downloads\uTorrent (1).exe 2014-10-25 02:55:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-10-25 02:51:59 -------- d-----w- C:\ProgramData\Apple Computer 2014-10-25 02:48:19 -------- d-----w- C:\ProgramData\Apple 2014-10-25 02:43:15 D1E6D9BEEF71DA6FC161C7B259448581 122418480 ----a-w- C:\Users\Hunter\Downloads\iTunes64Setup (1).exe 2014-10-25 02:40:12 4BC969E86DF298BC168306A8F034FA26 35702127 ----a-w- C:\Users\Hunter\Downloads\TuneUpInst-2.4.8.5.exe 2014-10-25 02:28:04 1D0D846DD15635F42099C0F02703ABF3 15204184 ----a-w- C:\Users\Hunter\Downloads\MediaMonkey_4.1.5.1719.exe 2014-10-23 18:53:04 -------- d---a-w- C:\Users\Hunter\OneDrive 2014-10-23 18:47:08 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Hunter\ntuser.ini 2014-10-23 15:45:09 -------- d--h--w- C:\Users\Hunter\AppData 2014-10-23 15:45:09 -------- d-----r- C:\Users\Hunter\Favorites 2014-10-23 15:45:09 -------- d-----r- C:\Users\Hunter\Documents 2014-10-23 15:45:09 -------- d-----r- C:\Users\Hunter\Desktop 2014-10-23 15:45:07 -------- d--h--w- C:\Users\Guest\AppData 2014-10-23 15:45:07 -------- d-----r- C:\Users\Guest\Favorites 2014-10-23 15:45:07 -------- d-----r- C:\Users\Guest\Documents 2014-10-23 15:45:07 -------- d-----r- C:\Users\Guest\Desktop ====== C: exe-files == 2014-11-04 04:39:53 C714408EEFF4EA72239A39A97FA062E6 10615856 ----a-w- C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe 2014-11-02 01:15:27 C69442812638BB1F21C1789D10E62013 1971760 ----a-w- C:\Program Files (x86)\StarCraft II\Support\SystemSurvey.exe 2014-11-02 01:15:27 C174017BE87608045A30841BB3AA3586 364592 ----a-w- C:\Program Files (x86)\StarCraft II\StarCraft II Editor.exe 2014-11-02 01:15:27 BC67E25F77CCD33CABCC8887F9888EEF 19991088 ----a-w- C:\Program Files (x86)\StarCraft II\Versions\Base32283\SC2.exe 2014-11-02 01:02:03 FAC8115919205A756F0971312C06BD4B 38448 ----a-w- C:\Program Files (x86)\StarCraft II\Support\PrePopulateCache.exe 2014-11-02 01:02:03 C1FA48828ACA8DBAC355D78428FC5627 333360 ----a-w- C:\Program Files (x86)\StarCraft II\Support\BlizzardError.exe 2014-11-02 01:02:03 BAC15C35509613629BC18B66A455E2FA 3182128 ----a-w- C:\Program Files (x86)\StarCraft II\StarCraft II.exe 2014-11-02 01:02:03 616AF2E7440E697D21319391BFF83CD2 491520 ----a-w- C:\Program Files (x86)\StarCraft II\Support\ErrorReporter.exe 2014-11-02 01:02:03 57A90C6F62D2213DED9866DD9E40F0B5 1414192 ----a-w- C:\Program Files (x86)\StarCraft II\Support\SC2Switcher.exe 2014-11-02 01:02:03 12ED2239320D39D45753FF09B43B8F4D 26865712 ----a-w- C:\Program Files (x86)\StarCraft II\Support\SC2Editor.exe 2014-11-02 00:55:44 C69442812638BB1F21C1789D10E62013 1971760 ----a-w- C:\Program Files (x86)\Battle.net\SystemSurvey.exe 2014-11-02 00:55:44 C2703038EDF286117EC4ABE77897038D 399408 ----a-w- C:\Program Files (x86)\Battle.net\Battle.net.exe 2014-11-02 00:55:44 A829DDDC417B4BB4D8175DF1846B8BAA 1337424 ----a-w- C:\Program Files (x86)\Common Files\Blizzard Entertainment\Battle.net\Uninstall.exe 2014-11-02 00:55:44 9281BA1479347C2757EF6FBB52697921 333360 ----a-w- C:\Program Files (x86)\Battle.net\BlizzardError.exe 2014-11-02 00:55:44 65E168CE4D531B15C0E7DD52460DDE7B 9986608 ----a-w- C:\Program Files (x86)\Battle.net\Battle.net.5191\Battle.net.exe 2014-11-02 00:55:44 0FB5EB5C3639C88A02DADA0BBC079A58 2864688 ----a-w- C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe 2014-11-02 00:54:21 9281BA1479347C2757EF6FBB52697921 333360 ----a-w- C:\ProgramData\Battle.net\Agent\BlizzardError.exe 2014-11-02 00:54:15 52F2B8439890B30ED08E2D078ECBF5FA 1620016 ----a-w- C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe 2014-11-02 00:54:14 4A4741E73877927897732C50FF0C08FA 10593328 ----a-w- C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe 2014-11-02 00:54:14 29FAB2FC7D56FD39D76D81808BBFB6D3 404016 ----a-w- C:\ProgramData\Battle.net\Agent\Agent.exe 2014-11-02 00:53:35 F1B0AF7DBFAD17CF2370894319AD3C85 3186232 ----a-w- C:\ProgramData\Battle.net\Setup\s2_enus\StarCraft II Setup.exe === C: other files == 2014-11-06 17:48:15 F56A319979F631C141F5FF02DF87FDB1 43563 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\prelim.bat 2014-11-06 17:48:15 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\TDL4.bat 2014-11-06 17:48:15 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\medfos.bat 2014-11-06 17:48:15 AA5821310E10C13463A7E25E5C51F7DD 10253 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\runvalues.bat 2014-11-06 17:48:15 AA0C656F898523BEDF2DA6923197BB80 1264 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\surfvox.bat 2014-11-06 17:48:15 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\searchlnk.bat 2014-11-06 17:48:15 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\firefox.bat 2014-11-06 17:48:15 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\ev_clear.bat 2014-11-06 17:48:15 4D80C7010E2CE44AB25FA25B013649E4 8085 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\mws.bat 2014-11-06 17:48:15 3EDDB1480A817D64A57A4243BF329E3B 14957 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\get.bat 2014-11-06 17:48:15 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\ask.bat 2014-11-06 17:48:15 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\iexplore.bat 2014-11-06 17:48:15 16A582C44AE3F9725B04785D3026E9CE 184872 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\misc.bat 2014-11-06 17:48:15 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\delfolders.bat 2014-11-06 17:48:15 048407135C9B1FB6A355E256BD96160D 14192 ----a-w- C:\Users\Hunter\AppData\Local\Temp\jrt\chrome.bat 2014-11-03 23:33:15 CCED99682127E8582E5F716ECE775EF8 147584 ----a-w- C:\Windows\System32\vbox\E1G6032E.sys 2014-11-03 23:32:24 1133A9773733681932992093B2F25616 372680 ----a-w- C:\Windows\System32\vbox\VBoxVideoW8.sys 2014-11-03 23:32:19 A107013571E87A29D45B44B5E7DBFE0D 368048 ----a-w- C:\Windows\System32\vbox\VBoxVideoWddm.sys 2014-11-03 23:32:16 FC67425913948C47F5AD73CBE73E4927 146080 ----a-w- C:\Windows\System32\vbox\VBoxVideo.sys 2014-11-03 23:32:14 2D686B7962B85730B4D683A2870B3D57 123432 ----a-w- C:\Windows\System32\vbox\VBoxMouse.sys 2014-11-03 23:32:11 1696F7E3FA90D4401FEBA59B57601398 155880 ----a-w- C:\Windows\System32\vbox\VBoxGuest.sys 2014-11-03 23:29:29 CDE120D6279DD61B341CB871C48E5374 83280 ----a-w- C:\Windows\System32\drivers\aswmonflt.sys 2014-11-03 23:29:29 7250DFE069F4CB68F736A12F51AC083E 116728 ----a-w- C:\Windows\System32\drivers\aswStm.sys 2014-11-03 23:29:29 6FC940A01C53BC874F531349E991F2BC 436624 ----a-w- C:\Windows\System32\drivers\aswSP.sys 2014-11-03 23:29:29 6669541A3566F5B2F64A87ACC9B8821F 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2014-11-03 23:29:29 60FED5EA7F14315C319E7FFB3679CC24 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2014-11-03 23:29:29 5EA98C99B780EE215401658BE5E217CA 267632 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2014-11-03 23:29:29 56098BE0C735ED563C466CD835937993 1050432 ----a-w- C:\Windows\System32\drivers\aswsnx.sys 2014-11-03 23:29:29 001CFE1AE7A6377D70F654305ED10458 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1311309213-366418069-3707397937-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Overwolf"="C:\Program Files (x86)\Overwolf\Overwolf.exe -silent" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Overwolf"="C:\Program Files (x86)\Overwolf\Overwolf.exe -silent" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DptfPolicyLpmServiceHelper"="C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe" "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 " ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\WINDOWS\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe] "C:\WINDOWS\SysNative\tasks\ASUS Patch for Touch Panel" [C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe] "C:\WINDOWS\SysNative\tasks\ASUS Splendid ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\WINDOWS\SysNative\tasks\ASUS Splendid ColorU" [C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe] "C:\WINDOWS\SysNative\tasks\ASUS Touchpad Launcher (x64)" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe] "C:\WINDOWS\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"] "C:\WINDOWS\SysNative\tasks\ASUS VivoBook" [C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Overwolf Updater Task" [C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [11/03/2014 05:29 PM] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[11/03/2014 05:29 PM] GoSave - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdfgpmikhalfldglcgoefcbeikmcbpk GoSave - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdfgpmikhalfldglcgoefcbeikmcbpk GoSave - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdfgpmikhalfldglcgoefcbeikmcbpk GoSave - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdfgpmikhalfldglcgoefcbeikmcbpk GoSave - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdfgpmikhalfldglcgoefcbeikmcbpk GoSave - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdfgpmikhalfldglcgoefcbeikmcbpk GoSave - Hunter\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfdfgpmikhalfldglcgoefcbeikmcbpk Google Drive - Hunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Google Voice Search Hotword (Beta) - Hunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn YouTube - Hunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Hunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AdBlock - Hunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Bookmark Manager - Hunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik Avast Online Security - Hunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Google Wallet - Hunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Hunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia GoSave - Hunter\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfdfgpmikhalfldglcgoefcbeikmcbpk ==== Chromium Startpages ====================== C:\Users\Hunter\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com", "startup_urls": [ "http://www.google.com/", "https://pittstate.instructure.com/login" ], ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on Thu 11/06/2014 at 12:14:42.11 ======================