Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by RANO on 15/07/2017 at 20:55:29,62. Microsoft Windows 7 Professionnel 6.1.7601 Service Pack 1 x86 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\RANO\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 15/07/2017 21:26:32 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\IDM deleted successfully C:\Users\RANO\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\ProductData deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2017-07-13 05:11:38 A4F6DF0E33E644E802C8798ED94D80EA 179712 ----a-w- C:\Windows\notepad.exe 2017-07-13 04:35:09 6DDCA324434FFA506CF7DC4E51DB7935 2972672 ----a-w- C:\Windows\explorer.exe 2017-07-11 02:40:13 3B55B2000DEBDC210693530B669B9966 497152 ----a-w- C:\Windows\HelpPane.exe 2017-07-11 00:53:35 31590C258ADA12E7A6B59F569016F9AD 3570176 ----a-w- C:\Windows\RtCRU32.exe ====== C:\Users\RANO\AppData\Local\Temp ==== 2017-07-15 01:29:19 EC07F7B75BD90112F123F880283406A1 347648 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\WimProvider.dll 2017-07-15 01:29:19 E2F5147A72BFAD06DD4FCAA87B0D5E19 347648 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\TransmogProvider.dll 2017-07-15 01:29:19 A399514D3B28C9A3453A486BBAAFF1C7 189952 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\wdscore.dll 2017-07-15 01:29:19 82A8FE6F7C1F2FA21C273983BF95AEDB 245248 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\UnattendProvider.dll 2017-07-15 01:29:18 F8E0CC54A12AF3D6B8C76C4E21633686 222208 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\SmiProvider.dll 2017-07-15 01:29:18 E9B1D50474C192496537F63611C05EF1 105472 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\OSProvider.dll 2017-07-15 01:29:18 E5624ABE1AC913CD0530D5E0DBA735C2 252416 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\IntlProvider.dll 2017-07-15 01:29:18 CC14EA096EC5715D0CE45FADE8FF5774 89600 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\LogProvider.dll 2017-07-15 01:29:18 BC72ACDF946DCEBF708F2CE12E2E2F68 159744 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\MsiProvider.dll 2017-07-15 01:29:18 B3B143AE5BAA7B9C40FF3DAD427963E4 144896 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\CompatProvider.dll 2017-07-15 01:29:18 A1CF92651A2274E887189DABD2929DEF 82944 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\DismHost.exe 2017-07-15 01:29:18 7DC8ED97691BD6D30EBA7D90AD4A9AE0 324608 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\DmiProvider.dll 2017-07-15 01:29:18 5D95DF18511BA6BE207E47F331FA98D4 50688 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\DismCorePS.dll 2017-07-15 01:29:18 1FC533A70922B87A18FD877CA2E07319 141312 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\DismProv.dll 2017-07-15 01:29:18 07510FD54406B1ECF304A38BB25B90A8 49152 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\FolderProvider.dll 2017-07-15 01:29:18 06CCDF4B17DE0CEB624F936150C9984B 1286656 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\CbsProvider.dll 2017-07-15 01:29:18 06B2345D0DD4A6313FD16BFAF8534208 230912 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\DismCore.dll ====== Java Cache ===== ====== C:\Windows\system32 ===== 2017-07-14 08:43:00 FE47B7BC8EA320C2D9B5E5BF6E303765 73216 ----a-w- C:\Windows\System32\WUDFSvc.dll 2017-07-14 08:43:00 D5CF1536137026ACDED95BF6CBF849F6 172032 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2017-07-14 08:42:57 D689B2C2E69156D954C24810F4081C1E 38912 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2017-07-14 08:42:56 A36F7A256E65D858A7039DB00ADEEBDD 613888 ----a-w- C:\Windows\System32\WUDFx.dll 2017-07-14 08:42:56 980B6A5F92B8DB235C4A26728C2BE732 196608 ----a-w- C:\Windows\System32\WUDFHost.exe 2017-07-13 05:32:39 DDE994E9159497D0D5AB2CDF66D1EAD6 76800 ----a-w- C:\Windows\System32\wdi.dll 2017-07-13 05:32:39 A580CFFC56EE72550B803AED2EFD5442 27136 ----a-w- C:\Windows\System32\powertracker.dll 2017-07-13 05:32:39 1115D5A98043254A0E787F888FC273C0 635904 ----a-w- C:\Windows\System32\perftrack.dll 2017-07-13 05:17:29 75EB35FBAB92EC0A08372B4595DA7833 1549312 ----a-w- C:\Windows\System32\tquery.dll 2017-07-13 05:17:29 57C84B89033DA3F6C15D0A28FAA53B9B 1363968 ----a-w- C:\Windows\System32\Query.dll 2017-07-13 05:17:29 41FB065C6CC6BCD58CA79659020082DD 554496 ----a-w- C:\Windows\System32\kerberos.dll 2017-07-13 05:17:29 18B9744F4F73B7EDEA7747E69F33D5BF 2402304 ----a-w- C:\Windows\System32\win32k.sys 2017-07-13 05:17:28 B35EB84A9510414B7DFEBF594DC80501 271360 ----a-w- C:\Windows\System32\Wldap32.dll 2017-07-13 05:17:28 9AD4807BFD28CD14362FAE2DE0AA7890 1227264 ----a-w- C:\Windows\System32\wdc.dll 2017-07-13 05:17:28 5CD9B178321F00EC8A26570DC2749259 1499648 ----a-w- C:\Windows\System32\ExplorerFrame.dll 2017-07-13 05:17:27 D5FDF7E990A1AE2E19C64E1FF267580A 444928 ----a-w- C:\Windows\System32\wvc.dll 2017-07-13 05:17:27 568B65A1B16264570F1B4E3565F49519 47104 ----a-w- C:\Windows\System32\pdhui.dll 2017-07-13 05:17:27 53FF7C0EF6A7E6DAFAEE2FE1B526A01A 157184 ----a-w- C:\Windows\System32\perfmon.exe 2017-07-13 05:17:27 2EF9EA403EAE8CC98C2B76B68337FE91 250600 ----a-w- C:\Windows\System32\clfs.sys 2017-07-13 05:17:27 2B7A702E23751739AF46760436873929 390144 ----a-w- C:\Windows\System32\sysmon.ocx 2017-07-13 05:17:27 0DF768001BB6B2191E475F5DC0EC6328 303616 ----a-w- C:\Windows\System32\msinfo32.exe 2017-07-13 05:17:26 E58AFFDB6C80A7A5D716CE05F388D1F3 261120 ----a-w- C:\Windows\System32\msv1_0.dll 2017-07-13 05:17:26 E397AAC317A041D0A266F735EF62E484 254464 ----a-w- C:\Windows\System32\schannel.dll 2017-07-13 05:17:26 D3DD087848F1A27E7326C20B0AEFA214 655360 ----a-w- C:\Windows\System32\rpcrt4.dll 2017-07-13 05:17:26 BB1D7E779FFC9D4D58DE6D6C39429FF1 103424 ----a-w- C:\Windows\System32\resmon.exe 2017-07-13 05:17:26 B9FDA90938BA4FEA508DBF1B1077B65E 1400320 ----a-w- C:\Windows\System32\mssrch.dll 2017-07-13 05:17:26 6CFFCC9CB150BBF405E907E518DCBE66 1062912 ----a-w- C:\Windows\System32\lsasrv.dll 2017-07-13 05:17:26 620466AE72AEB695B66AB8221D30CF41 666624 ----a-w- C:\Windows\System32\mssvp.dll 2017-07-13 05:17:26 5EC30CDE96F931B79ADC5E679CC2BD0B 172032 ----a-w- C:\Windows\System32\wdigest.dll 2017-07-13 05:17:26 561E0E2E8A2185E69F77A50E5419313E 337408 ----a-w- C:\Windows\System32\mssph.dll 2017-07-13 05:17:25 A0F3F40932D5D664D7933E2C7369E847 141312 ----a-w- C:\Windows\System32\rpchttp.dll 2017-07-13 05:17:25 7EC7C5BB997F9AFF1B171A64F99090EF 104448 ----a-w- C:\Windows\System32\mssitlb.dll 2017-07-13 05:17:25 6243ACC0197317B57D379C615123835E 223232 ----a-w- C:\Windows\System32\ncrypt.dll 2017-07-13 05:17:25 5A59CF8469BBA7700B30D6D7ADC0CCFD 99840 ----a-w- C:\Windows\System32\sspicli.dll 2017-07-13 05:17:25 387C1A4A696734E9D300B707FF97531A 197120 ----a-w- C:\Windows\System32\mssphtb.dll 2017-07-13 05:17:25 2887D0EBE47A35AB018CB2D8B7106425 65536 ----a-w- C:\Windows\System32\TSpkg.dll 2017-07-13 05:17:25 140812D46FCE7826E898D5E609F170E8 427520 ----a-w- C:\Windows\System32\SearchIndexer.exe 2017-07-13 05:17:25 140582E3CA40CC4979D996A1216F2C68 82432 ----a-w- C:\Windows\System32\bcrypt.dll 2017-07-13 05:17:24 FE74BFB5C339FE4BB85FDA3487F3AE3F 22016 ----a-w- C:\Windows\System32\lsass.exe 2017-07-13 05:17:24 EA93B00312DFDE23F040BE6F320EBAF7 34816 ----a-w- C:\Windows\System32\mssprxy.dll 2017-07-13 05:17:24 A0B2E298CECF1ECABB9B82672EAF956F 22016 ----a-w- C:\Windows\System32\secur32.dll 2017-07-13 05:17:24 88AF9EF76D4DA6010D2A2C1166E5DB66 59392 ----a-w- C:\Windows\System32\msscntrs.dll 2017-07-13 05:17:24 813868B12CE290B94021ECDBF37FC043 36352 ----a-w- C:\Windows\System32\cryptbase.dll 2017-07-13 05:17:24 7B454CA5F19383704BC7D11181851D09 50176 ----a-w- C:\Windows\System32\auditpol.exe 2017-07-13 05:17:24 7397C69676EFE33C42B19C8CBD1BB7FE 107520 ----a-w- C:\Windows\System32\cdd.dll 2017-07-13 05:17:24 6C2DE051587B0E9C810385618C033BE5 9728 ----a-w- C:\Windows\System32\msshooks.dll 2017-07-13 05:17:24 5F449D0668C775D01DCB86139F78061F 17408 ----a-w- C:\Windows\System32\credssp.dll 2017-07-13 05:17:24 3FB6E28F1D02F013F0575EC3AA5180CF 86528 ----a-w- C:\Windows\System32\SearchFilterHost.exe 2017-07-13 05:17:24 22338589E0C614A7E0895E442053D4E0 164352 ----a-w- C:\Windows\System32\SearchProtocolHost.exe 2017-07-13 05:17:24 1E8F56E92553660B0326AB5590E69791 2048 ----a-w- C:\Windows\System32\tzres.dll 2017-07-13 05:17:24 16A317F200430B2784EFF537E2CC9945 15872 ----a-w- C:\Windows\System32\sspisrv.dll 2017-07-13 05:17:24 0A18AC4E28DD84779BEADF422B91B941 690688 ----a-w- C:\Windows\System32\adtschema.dll 2017-07-13 05:17:23 70B580B47FD9BC15B33EDA30F2C35488 146432 ----a-w- C:\Windows\System32\msaudite.dll 2017-07-13 05:17:23 2DD23D464D396667A58CC0A9201706DC 60416 ----a-w- C:\Windows\System32\msobjs.dll 2017-07-13 05:16:12 F1886C30C3E4A7C5513525CBA665AA31 6144 ----a-w- C:\Windows\System32\KBDTAT.DLL 2017-07-13 05:16:12 EB3D06A9EDFDFD12228AD7A9F24D15D6 5632 ----a-w- C:\Windows\System32\KBDRU.DLL 2017-07-13 05:16:11 40FFC65117C4AC69D33DEC6D567392FD 6144 ----a-w- C:\Windows\System32\KBDYAK.DLL 2017-07-13 05:16:11 33DB506498E0419CD50B144DE7CCFC75 6144 ----a-w- C:\Windows\System32\KBDBASH.DLL 2017-07-13 05:16:11 1235259E135F87BF4AE5864A818E1513 6144 ----a-w- C:\Windows\System32\KBDRU1.DLL 2017-07-13 05:16:02 E560675EBC524A78547D1FB4CE07AC60 446464 ----a-w- C:\Windows\System32\devinv.dll 2017-07-13 05:16:02 B5EFAD36CF49C2A373E9F89D5359EDFD 1602048 ----a-w- C:\Windows\System32\aitstatic.exe 2017-07-13 05:16:02 ADB082DC56D03C731FB867500066F102 104960 ----a-w- C:\Windows\System32\acmigration.dll 2017-07-13 05:16:02 8D2142B9F2CC683E9F730D439DCBF039 81640 ----a-w- C:\Windows\System32\CompatTelRunner.exe 2017-07-13 05:16:02 8C0B5776EC934187F2F063F88FC81238 275456 ----a-w- C:\Windows\System32\invagent.dll 2017-07-13 05:16:02 7930CA12242941DF8CBC36E625F993BF 505856 ----a-w- C:\Windows\System32\generaltel.dll 2017-07-13 05:16:02 0C10B86351828234C120B827E89C8F66 236032 ----a-w- C:\Windows\System32\centel.dll 2017-07-13 05:16:01 BE68B1D544073E4B5C826F6E0D513FB9 1327616 ----a-w- C:\Windows\System32\appraiser.dll 2017-07-13 05:16:01 6BD3D75299E4DD4F8267BC8CB08CE1BC 987648 ----a-w- C:\Windows\System32\aeinv.dll 2017-07-13 05:16:01 5D1717A3EE14D860F9E93F7FFF15AAA1 182784 ----a-w- C:\Windows\System32\aepic.dll 2017-07-13 05:15:35 22F2EFADEAEEB66D8C7E22D9457AB7E0 363520 ----a-w- C:\Windows\System32\StructuredQuery.dll 2017-07-13 05:15:10 136AA5B5E93C0C9B426D6AD68343CEE8 3221504 ----a-w- C:\Windows\System32\mstscax.dll 2017-07-13 05:15:09 8D28FCB0502B9E0871AF42257091EE3E 36864 ----a-w- C:\Windows\System32\tsgqec.dll 2017-07-13 05:15:09 67AF92E4BEF45CA8CC99996D96D51688 131584 ----a-w- C:\Windows\System32\aaclient.dll 2017-07-13 05:14:15 678E0C7F245672456A9DAE1584FA3FCA 489984 ----a-w- C:\Windows\System32\d3d10level9.dll 2017-07-13 05:14:14 38CBFFED5FC39CDFE6B4014401ED2629 21504 ----a-w- C:\Windows\System32\seclogon.dll 2017-07-13 05:14:12 F60154A0DD1DCCF2EE75BE45A676BA51 1242624 ----a-w- C:\Windows\System32\comsvcs.dll 2017-07-13 05:14:12 169BDD4EF6E99E43720534E07798400C 487936 ----a-w- C:\Windows\System32\catsrvut.dll 2017-07-13 05:14:11 9C9A6FECD9D50E47B0DF6824F8316730 1011712 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2017-07-13 05:11:39 310F6F492A3B4B1020ED9BF9CCBBE6B6 376832 ----a-w- C:\Windows\System32\dpnet.dll 2017-07-13 05:11:38 A4F6DF0E33E644E802C8798ED94D80EA 179712 ----a-w- C:\Windows\System32\notepad.exe 2017-07-13 05:11:27 34C07D9BED227103E32E21FBCC2F1FBD 428032 ----a-w- C:\Windows\System32\vbscript.dll 2017-07-13 05:10:03 73B2226CA11907E2AE3427BBF4C09967 296448 ----a-w- C:\Windows\System32\mfds.dll 2017-07-13 05:08:42 B8C1ED09E8F557634B263ABDDD1007BF 297472 ----a-w- C:\Windows\System32\ntprint.dll 2017-07-13 05:08:42 34BE8D3FE5114F3776E4BAA6260F226C 61952 ----a-w- C:\Windows\System32\ntprint.exe 2017-07-13 05:08:40 B40420876B9288E0A1C8CCA8A84E5DC9 270336 ----a-w- C:\Windows\System32\dnsapi.dll 2017-07-13 05:08:40 ACBC1FB1950AC0C41944A6C8917032EF 28672 ----a-w- C:\Windows\System32\dnscacheugc.exe 2017-07-13 05:08:40 33EF4861F19A0736B11314AAD9AE28D0 132608 ----a-w- C:\Windows\System32\dnsrslvr.dll 2017-07-13 05:05:50 E7B9D5FF20FFDD4AAE2EF1D1B8C27A37 159232 ----a-w- C:\Windows\System32\imagehlp.dll 2017-07-13 05:03:53 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\System32\wscript.exe 2017-07-13 05:03:53 09F65975C1C9793B923BB52A7FA83453 121856 ----a-w- C:\Windows\System32\wshom.ocx 2017-07-13 05:03:52 A3B1D1312602280839A4A2AFBDFD066E 163840 ----a-w- C:\Windows\System32\scrrun.dll 2017-07-13 05:03:52 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\System32\cscript.exe 2017-07-13 05:01:12 68DCA1777D7224A79A9DC3D47BED6D32 75776 ----a-w- C:\Windows\System32\psisrndr.ax 2017-07-13 05:01:12 00ADF21DE55AA97297FAC65E4F3A0256 465408 ----a-w- C:\Windows\System32\psisdecd.dll 2017-07-13 04:59:49 EC7BC28D207DA09E79B3E9FAF8B232CA 293376 ----a-w- C:\Windows\System32\umpnpmgr.dll 2017-07-13 04:59:47 8E01332CC4B68BC6B5B7EFFE374442AA 233472 ----a-w- C:\Windows\System32\oleacc.dll 2017-07-13 04:59:26 37C395C075E6FA66623C82DE50A8FAED 372736 ----a-w- C:\Windows\System32\rastls.dll 2017-07-13 04:59:24 E7CA874DA58A607E11ACAB33718AE9FA 179712 ----a-w- C:\Windows\System32\els.dll 2017-07-13 04:57:30 0D52559AEF4AA5EAC82F530617032283 903168 ----a-w- C:\Windows\System32\certutil.exe 2017-07-13 04:57:29 CC917AC4D3F8756FF13174980B474791 43008 ----a-w- C:\Windows\System32\certenc.dll 2017-07-13 04:56:38 72910F1DEB838E6E08A9017BFB7D4F0B 41984 ----a-w- C:\Windows\System32\browcli.dll 2017-07-13 04:56:38 3DAA727B5B0A45039B0E1C9A211B8400 102912 ----a-w- C:\Windows\System32\browser.dll 2017-07-13 04:56:38 2FCA0D2C59A855C54BAFA22AA329DF0F 57344 ----a-w- C:\Windows\System32\netapi32.dll 2017-07-13 04:56:35 556C2554154D20B57800F40D28AA2386 1171456 ----a-w- C:\Windows\System32\d3d10warp.dll 2017-07-13 04:56:20 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\System32\osk.exe 2017-07-13 04:53:52 D0CA74BE380498A0111A73EB9C76CF8F 342016 ----a-w- C:\Windows\System32\certcli.dll 2017-07-13 04:53:08 92FB57D9D865019D26346EB13E15CD75 642048 ----a-w- C:\Windows\System32\CPFilters.dll 2017-07-13 04:53:08 4D05D7A79E970398D8C687712E65A9B0 850944 ----a-w- C:\Windows\System32\sbe.dll 2017-07-13 04:53:08 4205DC9FF7471FE844F31BD063A01037 534528 ----a-w- C:\Windows\System32\EncDec.dll 2017-07-13 04:53:08 246560C5B7995489F25BF9175F2B6380 199680 ----a-w- C:\Windows\System32\mpg2splt.ax 2017-07-13 04:53:05 0780A42DBD7D9969F9BF4A19AA4285B5 259072 ----a-w- C:\Windows\System32\services.exe 2017-07-13 04:49:16 744AB3C1A73A57DEED49D631F1BDEA1D 2311168 ----a-w- C:\Windows\System32\wpdshext.dll 2017-07-13 04:48:30 E9BB0CD09DA17C71FD1B9954D75AEEF7 168960 ----a-w- C:\Windows\System32\credui.dll 2017-07-13 04:48:30 4BCC63ED1C3D15B2635A8AE2B854B3EB 152576 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll 2017-07-13 04:48:04 EDF2A5E96BEC469DA3F64E9BDD386111 180224 ----a-w- C:\Windows\System32\xmllite.dll 2017-07-13 04:48:02 5D1BFF0FCE80F9E2E539F436710D4A79 31232 ----a-w- C:\Windows\System32\prevhost.exe 2017-07-13 04:47:51 AFA53BD631FB0509A91A99391209BB70 301568 ----a-w- C:\Windows\System32\msieftp.dll 2017-07-13 04:46:45 C86AFCDD4584CFDF7B57335FEC7546E4 111616 ----a-w- C:\Windows\System32\mtxoci.dll 2017-07-13 04:46:44 936AF75B1A7A663C24F999029A84142C 176128 ----a-w- C:\Windows\System32\msorcl32.dll 2017-07-13 04:46:21 2032B7698A8DCA5E157FD4ED153E9A76 1391104 ----a-w- C:\Windows\System32\msxml6.dll 2017-07-13 04:46:20 F615574BF6B81533F3382856BE359237 2048 ----a-w- C:\Windows\System32\msxml6r.dll 2017-07-13 04:46:17 CB52DEF1B1E1B9950F29548F2F19115A 316416 ----a-w- C:\Windows\System32\webio.dll 2017-07-13 04:46:15 7E9917D5309A90E7576653BFE39F80D8 478720 ----a-w- C:\Windows\System32\timedate.cpl 2017-07-13 04:46:13 1F1D2BEAB6295511F5FF121ADDC1FF28 216064 ----a-w- C:\Windows\System32\InkEd.dll 2017-07-13 04:46:10 D5AFC3A476925CE740B7079D9BD2D269 295936 ----a-w- C:\Windows\System32\apphelp.dll 2017-07-13 04:46:10 39AEAECE9F42407F176FE130D790BFBE 62464 ----a-w- C:\Windows\System32\aelupsvc.dll 2017-07-13 04:46:10 2996B3E7BBA42BEA62D386D9386EDE97 20992 ----a-w- C:\Windows\System32\sdbinst.exe 2017-07-13 04:46:10 15DDF8D059752C6CBE3DCDCAA1264F45 5120 ----a-w- C:\Windows\System32\shimeng.dll 2017-07-13 04:45:37 786B9C958A4F217322C24C736263C51F 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe 2017-07-13 04:45:01 DA8AAF7E56F698608A89542131F74818 40960 ----a-w- C:\Windows\System32\wwanprotdim.dll 2017-07-13 04:45:01 7CC38741B8F68F1E0D5D79DA6123666A 185344 ----a-w- C:\Windows\System32\wwansvc.dll 2017-07-13 04:37:36 A8DDB7ACB122FC36FF0D7C9B3099A380 793600 ----a-w- C:\Windows\System32\TSWorkspace.dll 2017-07-13 04:34:00 8229618C90801E957BADC332CE32A6C5 2048 ----a-w- C:\Windows\System32\iologmsg.dll 2017-07-13 04:33:00 58F67245D041FBE7AF88F4EAF79DF0FA 499712 ----a-w- C:\Windows\System32\iphlpsvc.dll 2017-07-13 04:33:00 5078492B9CAC9CB721698DB51F039035 175104 ----a-w- C:\Windows\System32\netcorehc.dll 2017-07-13 04:32:59 23FC8068953C9BE2D63AE4EF1129112A 18944 ----a-w- C:\Windows\System32\netevent.dll 2017-07-13 03:48:15 A691D4B4B4167F56A717C421F9CF58C7 1372160 ----a-w- C:\Windows\System32\dwmcore.dll 2017-07-13 03:48:15 52213D271F6804AAA44F57AEFD2B778A 67584 ----a-w- C:\Windows\System32\dwmapi.dll 2017-07-13 03:48:13 AD2461E5433DFECC4D068591DB86D90E 716800 ----a-w- C:\Windows\System32\jscript.dll 2017-07-13 03:40:48 ED59143843560B5EDB543C2A48CB9E4B 45568 ----a-w- C:\Windows\System32\oflc-nz.rs 2017-07-13 03:40:48 6EC618588447B82EA8D88719EE46F725 43520 ----a-w- C:\Windows\System32\csrr.rs 2017-07-13 03:40:48 41CE7975CAD7BCF92538D2C452239523 40960 ----a-w- C:\Windows\System32\cob-au.rs 2017-07-13 03:40:47 A704E750245D5D4EE4A23E99A00F27D5 46592 ----a-w- C:\Windows\System32\fpb.rs 2017-07-13 03:40:47 A067A19A91C2AA0198F9BD01A5CEF5C6 21504 ----a-w- C:\Windows\System32\grb.rs 2017-07-13 03:40:47 9EDCFA23CC081E38C86CA309D0F7E3DC 30720 ----a-w- C:\Windows\System32\usk.rs 2017-07-13 03:40:47 9B7D7F4D1F79E8B7D727BE94B1630D59 44544 ----a-w- C:\Windows\System32\pegibbfc.rs 2017-07-13 03:40:47 5109C45498BC709C8A7E016D5FFCCAC2 20480 ----a-w- C:\Windows\System32\pegi.rs 2017-07-13 03:40:47 4F5C56DBF076D5BBB1D22B37BF281396 20480 ----a-w- C:\Windows\System32\pegi-pt.rs 2017-07-13 03:40:47 27828AAA24AA46F11036954ADE355C1C 15360 ----a-w- C:\Windows\System32\djctq.rs 2017-07-13 03:40:46 64E211E0FDFCE4D186DF58BB7D0503BC 2576384 ----a-w- C:\Windows\System32\gameux.dll 2017-07-13 03:40:46 43C9CF6825CEA58F1815B7C3DBBB385C 308736 ----a-w- C:\Windows\System32\Wpc.dll 2017-07-13 03:40:45 DDD1C4AB9A9DAE6D4092C4C95E714650 51712 ----a-w- C:\Windows\System32\esrb.rs 2017-07-13 03:40:45 CBC69A055EF410CBD65593E4808B6DB4 23552 ----a-w- C:\Windows\System32\oflc.rs 2017-07-13 03:40:45 7752619457598CF057C4CC02A0867029 55296 ----a-w- C:\Windows\System32\cero.rs 2017-07-13 03:40:45 72035C97983745E742D71E9A8EF70BBB 20480 ----a-w- C:\Windows\System32\pegi-fi.rs 2017-07-13 03:39:02 9EA3783672D21817B9DF1061B54C3B3C 155136 ----a-w- C:\Windows\System32\charmap.exe 2017-07-13 03:37:46 C2E392F3CE66FE21ADB7CA1158790BAA 15360 ----a-w- C:\Windows\System32\tbs.dll 2017-07-13 03:37:46 6B83397B551BA65E2B28F7AD17DE1F9C 355456 ----a-w- C:\Windows\System32\fveapi.dll 2017-07-13 03:37:46 0036298766DB8C93D72F03AE7C1337BF 97792 ----a-w- C:\Windows\System32\fveapibase.dll 2017-07-13 03:37:33 03F3B770DFBED6131653CEDA8CA780F0 442880 ----a-w- C:\Windows\System32\ntshrui.dll 2017-07-13 03:35:31 E01D2AC63453534DB8AD1EA97DEE9C3A 594944 ----a-w- C:\Windows\System32\RMActivate_isv.exe 2017-07-13 03:35:31 6142C5540C8D2764D59CBC11AF4A5900 572416 ----a-w- C:\Windows\System32\RMActivate.exe 2017-07-13 03:35:30 BBCE3E9E74C7CEA47FA4115B360AC2C6 423936 ----a-w- C:\Windows\System32\secproc_isv.dll 2017-07-13 03:35:30 12A9F24DC9F465DA79AC2272D829A81E 428032 ----a-w- C:\Windows\System32\secproc.dll 2017-07-13 03:35:30 0F5FEF37588AF457E02125674F171A4F 508928 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe 2017-07-13 03:35:30 08D323750350A8A29611D1004C0CF319 510976 ----a-w- C:\Windows\System32\RMActivate_ssp.exe 2017-07-13 03:35:29 9158DBE2F8483434FC72F320690C9DB8 87040 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll 2017-07-13 03:35:29 7FA485555BF802FE3DB5598004DBDFAC 390144 ----a-w- C:\Windows\System32\msdrm.dll 2017-07-13 03:35:29 58712A48D31B40EBCB35B47205F87771 87040 ----a-w- C:\Windows\System32\secproc_ssp.dll 2017-07-13 02:46:41 EF71BA5DF59034962B0C62314A71351A 193536 ----a-w- C:\Windows\System32\dhcpcore6.dll 2017-07-13 02:46:41 81F6C1AE23B1C493D9E996C3103915D7 44032 ----a-w- C:\Windows\System32\dhcpcsvc6.dll 2017-07-13 01:05:13 EF4D3166B4D2B5231CA93F1F492D7DEB 803328 ----a-w- C:\Windows\System32\FlashPlayerApp.exe 2017-07-13 01:05:13 69DE13929434E4D6DE21DA558F23AF5D 144896 ----a-w- C:\Windows\System32\FlashPlayerCPLApp.cpl 2017-07-12 20:27:55 474A7580DFDBC54CDCA1E93C7D59937F 267168 ----a-w- C:\Windows\System32\FNTCACHE.DAT 2017-07-12 04:23:02 14162DF5D6DE2C51B22309FD9545D3BB 132532600 -c--a-w- C:\Windows\System32\MRT.exe 2017-07-11 14:00:04 AF6655214DEBB2C8446DE843A02AAEBA 99480 ----a-w- C:\Windows\System32\infocardapi.dll 2017-07-11 13:59:58 370FC4421ADE62FC89AC93B345570388 8856 ----a-w- C:\Windows\System32\icardres.dll 2017-07-11 13:59:49 8D466B36076BCD7997838C0DDB69764C 619672 ----a-w- C:\Windows\System32\icardagt.exe 2017-07-11 13:59:44 28A8B99DE70F376B18709E6B07D6A352 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe 2017-07-11 13:59:03 907281ED4AD35D41B29FFDC211EBAD80 5120 ----a-w- C:\Windows\System32\wmi.dll 2017-07-11 04:28:38 4FA66A573E9A45D05AD5A25B1E76A35D 103120 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2017-07-11 03:10:12 9060B8D5BCD5F2B019249F85E3D811F3 751104 ----a-w- C:\Windows\System32\schedsvc.dll 2017-07-11 03:00:33 124380826D6CBA8B19DE4609017A6CF1 591872 ----a-w- C:\Windows\System32\gpprefcl.dll 2017-07-11 03:00:32 FBE4E7975289230F84D9DA2222448AC3 79360 ----a-w- C:\Windows\System32\gpapi.dll 2017-07-11 03:00:32 C0DC9F7398238C17E480BCBF2C080B25 24576 ----a-w- C:\Windows\System32\gpscript.exe 2017-07-11 03:00:32 A2FEA7E16D8D056D2FF1EE93F9C73FB1 351744 ----a-w- C:\Windows\System32\IPSECSVC.DLL 2017-07-11 03:00:32 8DA745095F6B73BB5B8266BF773DA1FA 606720 ----a-w- C:\Windows\System32\gpsvc.dll 2017-07-11 03:00:32 8C31021343FA64CDC9BCB69831744000 70144 ----a-w- C:\Windows\System32\winipsec.dll 2017-07-11 03:00:32 84CDD4457746E78BC13B935B6C5B2635 274944 ----a-w- C:\Windows\System32\polstore.dll 2017-07-11 03:00:32 6FAB14EF21421A893B2117DF03087A75 44032 ----a-w- C:\Windows\System32\FwRemoteSvr.dll 2017-07-11 03:00:32 1ABEA9BAD90A14EC79923E63E3C09057 30720 ----a-w- C:\Windows\System32\gpscript.dll 2017-07-11 02:56:24 D824C1C235349B67E652A5CA70D1AA49 58880 ----a-w- C:\Windows\System32\clfsw32.dll 2017-07-11 02:55:24 81FCF3B7A0C63AB9C3EC37DF01C642B0 123904 ----a-w- C:\Windows\System32\poqexec.exe 2017-07-11 02:40:31 960AE99A15B1C8C9FBDDDE97606478F9 3550208 ----a-w- C:\Windows\System32\D3DCompiler_47.dll 2017-07-11 02:40:30 F125D0EA19EA00B1841EFAD8C1B4B378 174080 ----a-w- C:\Windows\System32\wuwebv.dll 2017-07-11 02:40:30 C3B4631AEA2EE375796FE15818A0F6F8 573440 ----a-w- C:\Windows\System32\wuapi.dll 2017-07-11 02:40:30 9222E721E38EF60B6627B4AC73E54AB7 35328 ----a-w- C:\Windows\System32\wuapp.exe 2017-07-11 02:40:30 8E6E93DFE1C8C1732E4B2C843CE4ABA5 2092032 ----a-w- C:\Windows\System32\wuaueng.dll 2017-07-11 02:40:30 8737C6345141BB27430A836D359E23FF 136192 ----a-w- C:\Windows\System32\wuauclt.exe 2017-07-11 02:40:30 4FFDF016543C1BF8915CF933CF75BC11 2953216 ----a-w- C:\Windows\System32\wucltux.dll 2017-07-11 02:40:30 21D5B06910FED890196328720CE0E69F 93696 ----a-w- C:\Windows\System32\wudriver.dll 2017-07-11 02:40:29 FD249B899473DB28ED981B9E0E5B801D 12128 ----a-w- C:\Windows\System32\api-ms-win-crt-locale-l1-1-0.dll 2017-07-11 02:40:29 EE65E37045571B807DC00F9680DDBD16 22368 ----a-w- C:\Windows\System32\api-ms-win-crt-math-l1-1-0.dll 2017-07-11 02:40:29 C1C1F70A4569C1B2690FCF783D77994B 12640 ----a-w- C:\Windows\System32\api-ms-win-crt-heap-l1-1-0.dll 2017-07-11 02:40:29 BC2AD6F1C2C399EA27521A3518593E07 15712 ----a-w- C:\Windows\System32\api-ms-win-crt-convert-l1-1-0.dll 2017-07-11 02:40:29 A5860B7DF6B40093C99D6461F06B4D80 17760 ----a-w- C:\Windows\System32\api-ms-win-crt-string-l1-1-0.dll 2017-07-11 02:40:29 545DBDD439DBBE8186AD151EDF87B154 12128 ----a-w- C:\Windows\System32\api-ms-win-crt-environment-l1-1-0.dll 2017-07-11 02:40:29 4CC02D6FA12D3083F7321386E882B52A 12640 ----a-w- C:\Windows\System32\api-ms-win-crt-process-l1-1-0.dll 2017-07-11 02:40:29 1F9BCEEBC1E99FC7F0B694B81FDA43A0 19808 ----a-w- C:\Windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll 2017-07-11 02:40:29 0F6629FA73B3DDD4B40F1B46E8075FF1 14176 ----a-w- C:\Windows\System32\api-ms-win-crt-time-l1-1-0.dll 2017-07-11 02:40:29 01E72E2445304D7AE4338083F93E5C70 12640 ----a-w- C:\Windows\System32\api-ms-win-crt-conio-l1-1-0.dll 2017-07-11 02:40:28 EFA4EF3470878D23F9ECFA8E08455974 17760 ----a-w- C:\Windows\System32\api-ms-win-crt-stdio-l1-1-0.dll 2017-07-11 02:40:28 A5CBD3FDAF8D3A3A6242958CA7D93DA7 66400 ----a-w- C:\Windows\System32\api-ms-win-crt-private-l1-1-0.dll 2017-07-11 02:40:28 9627653DFE3A056E100AA1E8DF6C929E 12128 ----a-w- C:\Windows\System32\api-ms-win-crt-utility-l1-1-0.dll 2017-07-11 02:40:28 8EB808138DEE25BA53D331A14BFD39D8 3209216 ----a-w- C:\Windows\System32\mf.dll 2017-07-11 02:40:28 75E6484129105709D6192F747C79AEC3 922432 ----a-w- C:\Windows\System32\ucrtbase.dll 2017-07-11 02:40:28 58F9BFBAE3C25D1A349DF0C6ECE8F9DF 935424 ----a-w- C:\Windows\System32\diagtrack.dll 2017-07-11 02:40:28 4C810345240D1EEADA8DCCA0D324841D 16224 ----a-w- C:\Windows\System32\api-ms-win-crt-runtime-l1-1-0.dll 2017-07-11 02:40:28 0A00ADD7F7BC5916E1F3EDC7EE8199F9 13664 ----a-w- C:\Windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll 2017-07-11 02:40:27 B9207CFAB9E4D7B4F015694FBAFBD8EA 744960 ----a-w- C:\Windows\System32\blackbox.dll 2017-07-11 02:40:27 9B4F4DBBC088BAFACF92890FC2D2A01A 988160 ----a-w- C:\Windows\System32\drmv2clt.dll 2017-07-11 02:40:26 9C11D851979D4E8BF71091580AA073C2 2365440 ----a-w- C:\Windows\System32\msi.dll 2017-07-11 02:40:26 52B3191AA23820242F7CBC777C620C9F 2136064 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2017-07-11 02:40:25 8949A93520F7008C3B7AD320A0EEA267 1178112 ----a-w- C:\Windows\System32\WsmSvc.dll 2017-07-11 02:40:25 78C2B9F66D4242AA9CC0A8693E2001F9 2291712 ----a-w- C:\Windows\System32\MSVidCtl.dll 2017-07-11 02:40:25 6CC7F7093B490721EAFA260DEC766528 1417728 ----a-w- C:\Windows\System32\ole32.dll 2017-07-11 02:40:25 3CB096F266A52F65A571B2A3FC81D13E 1241088 ----a-w- C:\Windows\System32\msxml3.dll 2017-07-11 02:40:25 2ADE0250EC6773A04D47C4FA253FDA8D 4001000 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2017-07-11 02:40:24 FC8A22A65745A620DDEE41669765BB56 1329664 ----a-w- C:\Windows\System32\quartz.dll 2017-07-11 02:40:24 BECFF07257DD80EEF20904B4A2D3B319 3945704 ----a-w- C:\Windows\System32\ntoskrnl.exe 2017-07-11 02:40:24 730D1A6314222A79058F78D4CB96EC85 617984 ----a-w- C:\Windows\System32\wmdrmsdk.dll 2017-07-11 02:40:24 41F428133A37B1EE61503BCA6BB96A92 437248 ----a-w- C:\Windows\System32\scavengeui.dll 2017-07-11 02:40:23 B310E460A94B8493924BC219B1EA07C8 805376 ----a-w- C:\Windows\System32\cdosys.dll 2017-07-11 02:40:23 A9B552F2F039119661A388B986EF3DCA 489984 ----a-w- C:\Windows\System32\evr.dll 2017-07-11 02:40:23 9FFE34F51517B4FA97B8C942323C2D0F 741888 ----a-w- C:\Windows\System32\inetcomm.dll 2017-07-11 02:40:23 6B1E1D3D3DB1C1FAD675E01C6FBEF330 1176064 ----a-w- C:\Windows\System32\crypt32.dll 2017-07-11 02:40:23 4F1E405154D2E68E6ACC3FE07DE02E93 474624 ----a-w- C:\Windows\System32\audiosrv.dll 2017-07-11 02:40:23 4C7A52467D41DE158258A551C49CC169 829952 ----a-w- C:\Windows\System32\msctf.dll 2017-07-11 02:40:23 470F085F2C23C4303532FF4A30D6686E 872448 ----a-w- C:\Windows\System32\kernel32.dll 2017-07-11 02:40:23 31CA273CC39FB99AA8E784A190E58074 202240 ----a-w- C:\Windows\System32\input.dll 2017-07-11 02:40:23 2B2967A22F1331DD5E6F8B1C5745F143 575488 ----a-w- C:\Windows\System32\samsrv.dll 2017-07-11 02:40:23 217E1BBAB85862194CA05333949CCA85 1806848 ----a-w- C:\Windows\System32\authui.dll 2017-07-11 02:40:22 94E1C3A20358DB82B31677318BBEB120 581632 ----a-w- C:\Windows\System32\oleaut32.dll 2017-07-11 02:40:22 46D60EF6ECA5A058CA0A63E2F0990E77 73728 ----a-w- C:\Windows\System32\WinSetupUI.dll 2017-07-11 02:40:21 FFE8DC32786ED2CFF21AB907A51B332D 126976 ----a-w- C:\Windows\System32\tintlgnt.ime 2017-07-11 02:40:21 D4798407E750CDA7C3885D5B8E37403F 125952 ----a-w- C:\Windows\System32\chajei.ime 2017-07-11 02:40:21 AF40161FD6CC6F243A6E3F2181CA7FD0 125952 ----a-w- C:\Windows\System32\cintlgnt.ime 2017-07-11 02:40:21 579E21723234BB05DC46B19C3BC65CCD 125952 ----a-w- C:\Windows\System32\qintlgnt.ime 2017-07-11 02:40:21 474E6D5718A08617EF48699DAC1C67EE 125952 ----a-w- C:\Windows\System32\phon.ime 2017-07-11 02:40:21 435C9129A479D912F53292DBDA5B1191 125952 ----a-w- C:\Windows\System32\quick.ime 2017-07-11 02:40:21 36A48A1471CEE37D11CFDAB2C9EF63B2 12880896 ----a-w- C:\Windows\System32\shell32.dll 2017-07-11 02:40:21 18E8C40C3C2AB0D315331677823555C0 377344 ----a-w- C:\Windows\System32\rpcss.dll 2017-07-11 02:40:20 DC54D7A40B6E18E5C7F592F836D163FF 208896 ----a-w- C:\Windows\System32\WebClnt.dll 2017-07-11 02:40:20 9D7DA46D498CFE621791BE6A9A3C189D 308456 ----a-w- C:\Windows\System32\atmfd.dll 2017-07-11 02:40:20 8BA94352C881197F31FA6CAE2AF429B3 406016 ----a-w- C:\Windows\System32\drmmgrtn.dll 2017-07-11 02:40:20 4AC7097C296BA9949B2925FE890279E1 294400 ----a-w- C:\Windows\System32\KernelBase.dll 2017-07-11 02:40:20 3528127B3B004A5A41245E11DD14B64D 701440 ----a-w- C:\Windows\System32\IMJP10K.DLL 2017-07-11 02:40:20 248F7D11EEA0B85158343942B4967D0C 519680 ----a-w- C:\Windows\System32\qdvd.dll 2017-07-11 02:40:19 CE257A97D20DD8BC28E8D720BE980F09 442368 ----a-w- C:\Windows\System32\AUDIOKSE.dll 2017-07-11 02:40:19 B3DCFDB1CC7AE5C2EAE08E87588CE360 1310528 ----a-w- C:\Windows\System32\ntdll.dll 2017-07-11 02:40:19 AAE96A2A48C7332310C1C28A1D466761 145920 ----a-w- C:\Windows\System32\cryptsvc.dll 2017-07-11 02:40:19 9EBDBA38CA08F9A56CCBF59082FBB79E 1082368 ----a-w- C:\Windows\System32\DWrite.dll 2017-07-11 02:40:19 425C7B3B3D4DC06FA62283C92C4C1759 813056 ----a-w- C:\Windows\System32\FntCache.dll 2017-07-11 02:40:19 31EB4BD6ED72AE69382F427A221D3498 249344 ----a-w- C:\Windows\System32\WSManMigrationPlugin.dll 2017-07-11 02:40:19 09E512220E90ADDA6E818120BB528B0A 179200 ----a-w- C:\Windows\System32\wintrust.dll 2017-07-11 02:40:18 D55A6842A7B9AF46DFE1990FAA802BED 1005056 ----a-w- C:\Windows\System32\cryptui.dll 2017-07-11 02:40:18 C5A6D18A8F4E083B22604F587D4D1F5C 409272 ----a-w- C:\Windows\System32\ci.dll 2017-07-11 02:40:18 A9DEBA92E58E4BA20D99E8C0EA911642 214016 ----a-w- C:\Windows\System32\WsmWmiPl.dll 2017-07-11 02:40:18 98A4C2E7045F5EC08755DCD6B952B9A4 470704 ----a-w- C:\Windows\System32\winresume.exe 2017-07-11 02:40:18 91D4629DA1EBD286D8A7C24FBC5DC641 811520 ----a-w- C:\Windows\System32\user32.dll 2017-07-11 02:40:18 7B125B0729DA7539CC12C3AC9CC1FA1C 534600 ----a-w- C:\Windows\System32\winload.exe 2017-07-11 02:40:18 78447010471493D83301BDC26A7DC178 374784 ----a-w- C:\Windows\System32\AudioEng.dll 2017-07-11 02:40:18 6211282EDFB9577773CCFFFA8D97ED67 354816 ----a-w- C:\Windows\System32\mfplat.dll 2017-07-11 02:40:18 3AE4191A320803F49BA101C15221C0B3 199168 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe 2017-07-11 02:40:18 0632439227EE10B807054F234C85FE8D 337408 ----a-w- C:\Windows\System32\msihnd.dll 2017-07-11 02:40:17 D14F44C54BE1418853E5ED90B4E4B346 87040 ----a-w- C:\Windows\System32\davclnt.dll 2017-07-11 02:40:17 79FED832C161DFA33201352891478D7F 419648 ----a-w- C:\Windows\System32\locale.nls 2017-07-11 02:40:17 19BD5196020E5D015E224905BBF7C8A1 271360 ----a-w- C:\Windows\System32\conhost.exe 2017-07-11 02:40:16 F5C3A7DC4A3C2E1A518D1D9BF5CE35EE 644096 ----a-w- C:\Windows\System32\advapi32.dll 2017-07-11 02:40:16 EC546E99AD2A4CE11D1186C6F770B6E8 106496 ----a-w- C:\Windows\System32\cryptnet.dll 2017-07-11 02:40:16 B84BBC5FB401B06499D4CF1A6D0350EA 41984 ----a-w- C:\Windows\System32\UtcResources.dll 2017-07-11 02:40:16 B2ABA92F93B3B1BD241EC284BBF53DE1 195072 ----a-w- C:\Windows\System32\AudioSes.dll 2017-07-11 02:40:16 69E1A2342DD24F8BE0C78546EB546277 779776 ----a-w- C:\Windows\System32\localspl.dll 2017-07-11 02:40:16 25FACE67FAECD9E98A712048BF11A623 629760 ----a-w- C:\Windows\System32\usp10.dll 2017-07-11 02:40:15 FA03B5AB1835C5A481EECD9435FD7905 105192 ----a-w- C:\Windows\System32\consent.exe 2017-07-11 02:40:15 DACADD12EAB0D4105C67BC1A4CB0BE04 1027584 ----a-w- C:\Windows\System32\IMJP10.IME 2017-07-11 02:40:15 918F91656FEB3D896A790A95FDAF47B8 146944 ----a-w- C:\Windows\System32\WsmAuto.dll 2017-07-11 02:40:15 84752B402BF64CCDDF11816FEDF12DB4 157184 ----a-w- C:\Windows\System32\pcasvc.dll 2017-07-11 02:40:15 83B1ABAD7075C94A74374EFA623CEAC1 275968 ----a-w- C:\Windows\System32\EncDump.dll 2017-07-11 02:40:15 09B61B4894B05723BACE59F46EF892D4 1508352 ----a-w- C:\Windows\System32\pla.dll 2017-07-11 02:40:15 08A2667D4A1F78292AAE6754AEAC8308 497664 ----a-w- C:\Windows\System32\win32spl.dll 2017-07-11 02:40:14 9BCD9DAB612602A063A2A32ED8E133E1 171008 ----a-w- C:\Windows\System32\winsrv.dll 2017-07-11 02:40:13 D25087EDF7E1EA0FA861B8C5A8791EA1 35840 ----a-w- C:\Windows\System32\wups2.dll 2017-07-11 02:40:13 7AC6ACDBF5FAF53F786E66D43635C819 90112 ----a-w- C:\Windows\System32\pintlgnt.ime 2017-07-11 02:40:13 7A415385F709BB9AD0C8457722FAEA4D 90624 ----a-w- C:\Windows\System32\olepro32.dll 2017-07-11 02:40:13 7612127B53E3486A080A64EB67A0ED95 30208 ----a-w- C:\Windows\System32\wups.dll 2017-07-11 02:40:13 45987221A09C7535395A1A9C38DFB114 306688 ----a-w- C:\Windows\System32\gdi32.dll 2017-07-11 02:40:12 C8C5D6F1B47CB63DAC39FD3D35B888E1 237056 ----a-w- C:\Windows\System32\pdh.dll 2017-07-11 02:40:11 C45CD99002A4BA7F14842375E1C442F3 430080 ----a-w- C:\Windows\System32\imkr80.ime 2017-07-11 02:40:11 ABD373E82F6240031C1E631AA20711C7 295936 ----a-w- C:\Windows\System32\bcdedit.exe 2017-07-11 02:40:11 6B98026761228F913E9FA3F974920A20 249352 ----a-w- C:\Windows\System32\bcryptprimitives.dll 2017-07-11 02:40:10 D161CB594609D47C8E9B7599F3195E56 80896 ----a-w- C:\Windows\System32\cryptsp.dll 2017-07-11 02:40:10 B88B13E10F3D2403FB3775138187811E 29696 ----a-w- C:\Windows\System32\appidsvc.dll 2017-07-11 02:40:10 80C82E8A65D6366A1428856AAB85A1F9 400896 ----a-w- C:\Windows\System32\srcore.dll 2017-07-11 02:40:10 5D32D5DF5540BCE030AFEF8A6B64259C 76800 ----a-w- C:\Windows\System32\adsmsext.dll 2017-07-11 02:40:09 B008EC0EC71EB73B2B13F3032C6FF239 97792 ----a-w- C:\Windows\System32\appidpolicyconverter.exe 2017-07-11 02:40:09 9B2BA304828D5FABF87348D59D635AC7 91368 ----a-w- C:\Windows\System32\MigAutoPlay.exe 2017-07-11 02:40:09 5507083BCC8EFC3E17C4A9787724F27C 481792 ----a-w- C:\Windows\System32\mscms.dll 2017-07-11 02:40:09 47B6897054A76E8F56718DEEFB2B2737 67584 ----a-w- C:\Windows\System32\asycfilt.dll 2017-07-11 02:40:09 0F9B73CA9BD4C4A2ABD7BE71CAA76695 103424 ----a-w- C:\Windows\System32\mfps.dll 2017-07-11 02:40:08 E44701B42419962136EF5CAC198F8D1C 77312 ----a-w- C:\Windows\System32\mfmjpegdec.dll 2017-07-11 02:40:08 BEB5C8CAC2EBD14295F155261F5C8762 215040 ----a-w- C:\Windows\System32\icm32.dll 2017-07-11 02:40:08 BD8A0FCAABECA36E3ADC963FFB11AF4F 50688 ----a-w- C:\Windows\System32\appidapi.dll 2017-07-11 02:40:08 B60514060323CC3966FF50BFC84A2DC0 38912 ----a-w- C:\Windows\System32\csrsrv.dll 2017-07-11 02:40:08 5EDA6BA186D1B05D5EF4E96F81F3F3EF 47104 ----a-w- C:\Windows\System32\appinfo.dll 2017-07-11 02:40:08 43FDFED4530916944F35086228179EB3 11776 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll 2017-07-11 02:40:08 4315D6ECAE85024A0567DF2CB253B7B0 73216 ----a-w- C:\Windows\System32\msiexec.exe 2017-07-11 02:40:08 0E6A08BBAA27D52F77D5E502B13FDBFD 84992 ----a-w- C:\Windows\System32\hlink.dll 2017-07-11 02:40:07 C648901695E275C8F2AD04B687A68CE2 45056 ----a-w- C:\Windows\System32\rundll32.exe 2017-07-11 02:40:06 6C8D411EDC63379A2DF639F254B9BBFA 69632 ----a-w- C:\Windows\System32\smss.exe 2017-07-11 02:40:06 64669AB349067A8A521F96ACF5B527CA 66048 ----a-w- C:\Windows\System32\PrintBrmUi.exe 2017-07-11 02:40:06 589AD7233D55632D20F31F71670E002F 26112 ----a-w- C:\Windows\System32\oleres.dll 2017-07-11 02:40:06 408D5D6E4D3674F9F4D8C73F7668683F 100352 ----a-w- C:\Windows\System32\audiodg.exe 2017-07-11 02:40:06 128B38F33325940F84FA38B16284D032 262656 ----a-w- C:\Windows\System32\rstrui.exe 2017-07-11 02:40:05 F3E69E053D4FA762A663ED7B77A5F4DD 60416 ----a-w- C:\Windows\System32\samlib.dll 2017-07-11 02:40:05 63EF04F2497DBD7408598F2EBBA9BC58 16896 ----a-w- C:\Windows\System32\appidcertstorecheck.exe 2017-07-11 02:40:05 3C48DAA0A29DCC3150CE6ABA291DB511 69120 ----a-w- C:\Windows\System32\nlsbres.dll 2017-07-11 02:40:05 148651465E24BB7D5F35FD87E5837025 504320 ----a-w- C:\Windows\System32\msscp.dll 2017-07-11 02:40:04 D9DF5C53DFE502D88A726DD6EFB3CCC3 32768 ----a-w- C:\Windows\System32\WcsPlugInService.dll 2017-07-11 02:40:04 9E8004DBAC3FE12B7A1B40BE317C00AF 50176 ----a-w- C:\Windows\System32\setbcdlocale.dll 2017-07-11 02:40:04 57A806DF3C9F5E75B405152A5ACF71A6 265216 ----a-w- C:\Windows\System32\msnetobj.dll 2017-07-11 02:40:04 38A3DA3D4C41D07A27F8F7ECB9BACB92 43008 ----a-w- C:\Windows\System32\srclient.dll 2017-07-11 02:40:03 FE978549233F48FFFD40CC57ADFCA0B5 28160 ----a-w- C:\Windows\System32\pcadm.dll 2017-07-11 02:40:03 B8C26E61ABBDD9F47FCA9EAA613A3A9F 23040 ----a-w- C:\Windows\System32\mfpmp.exe 2017-07-11 02:40:03 B6D5D5A08AC21B315B36849137FCF5BE 50176 ----a-w- C:\Windows\System32\rrinstaller.exe 2017-07-11 02:40:03 398AD699A69D62F75E9CF27F3E6B3B58 99328 ----a-w- C:\Windows\System32\UIAnimation.dll 2017-07-11 02:40:02 C2063F63A7007210FF7324C8EF67FB20 9728 ----a-w- C:\Windows\System32\pcawrk.exe 2017-07-11 02:40:02 2D9C5440622FC24B954DA6D17C64DF55 34304 ----a-w- C:\Windows\System32\atmlib.dll 2017-07-11 02:40:01 CA2AAFB33D6A50FB9B54E376CCB43F33 8192 ----a-w- C:\Windows\System32\pcalua.exe 2017-07-11 02:40:01 BA97A0437A9EE4F23103322CC4C7A47E 10240 ----a-w- C:\Windows\System32\dciman32.dll 2017-07-11 02:40:01 808161E20EC7873A1B008EEED300E8AB 26112 ----a-w- C:\Windows\System32\lpk.dll 2017-07-11 02:40:01 6D5F4F19338CCF40712FFD5483D7878F 10752 ----a-w- C:\Windows\System32\msmmsp.dll 2017-07-11 02:40:01 4CFD96C18DC103E5D92E4333BB663EC1 10240 ----a-w- C:\Windows\System32\wsmplpxy.dll 2017-07-11 02:40:01 42F81C6A3835FE279B254AA2CB7B38FE 12288 ----a-w- C:\Windows\System32\wsmprovhost.exe 2017-07-11 02:40:00 C4B23D2CF32765F1E2B7671B27C5E331 6656 ----a-w- C:\Windows\System32\apisetschema.dll 2017-07-11 02:40:00 BE8A2B6B6FC4DF488343018A47EA8AE3 7680 ----a-w- C:\Windows\System32\plasrv.exe 2017-07-11 02:40:00 62F655B6FE64242905ABF135BE29CC00 7168 ----a-w- C:\Windows\System32\comcat.dll 2017-07-11 02:40:00 289AE4BABD0724756B892E7EC7DD6072 70656 ----a-w- C:\Windows\System32\fontsub.dll 2017-07-11 02:39:59 49AA29F3997392CF627767B0AD9D9CE9 25088 ----a-w- C:\Windows\System32\msimsg.dll 2017-07-11 02:39:58 D1231DA7AC171483B85685F0AD325DCE 54272 ----a-w- C:\Windows\System32\WsmRes.dll 2017-07-11 02:39:58 C21CD3DDEF6DAE611D0ADD8F30D8F1F2 8704 ----a-w- C:\Windows\System32\pcaevts.dll 2017-07-11 02:39:58 C0F972C9D4E74545A94716329B28B31B 2048 ----a-w- C:\Windows\System32\mferror.dll 2017-07-11 02:39:58 7DE341A193485F1A1CD2B93C305E80F7 84480 ----a-w- C:\Windows\System32\INETRES.dll 2017-07-11 02:39:56 C033029E10E1209B9267B9C702E273C4 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2017-07-11 02:39:03 BBCD95BC468665A596D7ED2D6233A34E 509952 ----a-w- C:\Windows\System32\qedit.dll 2017-07-11 02:36:50 A139A5E6B34F136405B030EA04595A20 156824 ----a-w- C:\Windows\System32\mscorier.dll 2017-07-11 02:36:50 8580484193CE0A0788830FBAB97CF13B 1131664 ----a-w- C:\Windows\System32\dfshim.dll 2017-07-11 02:36:49 D5D5BBF6AA45D820BAA0BD1303B8AAF6 81560 ----a-w- C:\Windows\System32\mscories.dll 2017-07-11 02:35:47 0F39AC3274312EFFD03928291E8BA7CA 67584 ----a-w- C:\Windows\System32\packager.dll 2017-07-11 02:35:36 306EB846F88E58C7E763946DE95952E3 46592 ----a-w- C:\Windows\System32\TSWbPrxy.exe 2017-07-11 02:35:35 FD9692A3D31E021207D3C2A9DDDC2BE3 164864 ----a-w- C:\Windows\System32\profsvc.dll 2017-07-11 02:34:41 534BF06B2DEE965A1389A9312545AE03 81920 ----a-w- C:\Windows\System32\odbccr32.dll 2017-07-11 02:34:41 3FDB77D0BBEEB36AE35077ABC0BF80EC 319488 ----a-w- C:\Windows\System32\odbcjt32.dll 2017-07-11 02:34:40 EF37EDC20412A01DDD9A42E8D939A5A3 163840 ----a-w- C:\Windows\System32\odbctrac.dll 2017-07-11 02:34:40 E2D83DAA6A229CFDAF129189A9245889 86016 ----a-w- C:\Windows\System32\odbccu32.dll 2017-07-11 02:34:40 66ABBF38123D3113BB55EBAFCF37AB92 122880 ----a-w- C:\Windows\System32\odbccp32.dll 2017-07-11 02:34:37 EB11947B250AD259755939A2DE349FBB 14848 ----a-w- C:\Windows\System32\wshrm.dll 2017-07-11 02:34:24 9DC80A8AAAAAC397BDAB3C67165A824E 690688 ----a-w- C:\Windows\System32\msvcrt.dll 2017-07-11 02:33:44 D23E615E0969AECC1134E372B0B295D1 78336 ----a-w- C:\Windows\System32\synceng.dll 2017-07-11 02:33:43 B804EAA9E037580F96C22537C2ECB62A 171520 ----a-w- C:\Windows\System32\ubpm.dll 2017-07-11 02:33:18 2C4A87CA8C00E98EFDCFA2E8EC9A3503 180224 ----a-w- C:\Windows\System32\shdocvw.dll 2017-07-11 02:33:08 F0D0E883EBBDC7615DC9EDEA0FFB2817 216576 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2017-07-11 02:33:08 CE2A48CD0D2B39FB77FA4797C6434E71 656896 ----a-w- C:\Windows\System32\nshwfp.dll 2017-07-11 02:33:08 B9C54120F46392100478F58F374E5709 679424 ----a-w- C:\Windows\System32\IKEEXT.DLL 2017-07-11 02:31:11 52449FD429D6053B78AE564DEF303870 304128 ----a-w- C:\Windows\System32\winlogon.exe 2017-07-11 02:31:11 0DBD0B4D4766CADEB8C30242A0611395 1051136 ----a-w- C:\Windows\System32\mstsc.exe 2017-07-11 02:31:10 A5661C9330E5FCFCDD53EB03D5F04822 8192 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2017-07-11 02:31:09 FD67683FBA9B2C4BB551780BD8846F64 157696 ----a-w- C:\Windows\System32\winsta.dll 2017-07-11 02:31:09 B4203FC65D4C0D7A0B7A02AFD13472BB 130048 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2017-07-11 02:31:09 954AAF2028CD907B7F7ED40FFFD9D27F 58880 ----a-w- C:\Windows\System32\rdpwsx.dll 2017-07-11 02:30:44 4489D5077C5D2396E3A94D652ADAE1CA 14336 ----a-w- C:\Windows\System32\fixmapi.exe 2017-07-11 02:30:44 2BB34CC2D6DF7194F46C6508589EF8FD 76800 ----a-w- C:\Windows\System32\mapistub.dll 2017-07-11 02:30:44 2BB34CC2D6DF7194F46C6508589EF8FD 76800 ----a-w- C:\Windows\System32\mapi32.dll 2017-07-11 02:30:43 72E953215CADE1A726C04AAFDF6B463D 49152 ----a-w- C:\Windows\System32\taskhost.exe 2017-07-11 02:29:44 5E7C5DE85AF978495C3A9A0B720B9811 44032 ----a-w- C:\Windows\System32\basesrv.dll 2017-07-11 02:29:15 DC6612A9EE015A36BA2A27BC9CC12537 1137664 ----a-w- C:\Windows\System32\mfc42.dll 2017-07-11 02:29:15 24CAEDCD73B5B0E22226283B7B2468C7 1164288 ----a-w- C:\Windows\System32\mfc42u.dll 2017-07-11 02:29:13 4F8CCD3E7D9F17A7C60FA0AE2466CACF 381440 ----a-w- C:\Windows\System32\wer.dll 2017-07-11 02:29:00 F115C5CD29E512F18BD7138A094B77E5 242688 ----a-w- C:\Windows\System32\nlasvc.dll 2017-07-11 02:29:00 50E0DD0A5B8D8BC353578F2F73926697 52224 ----a-w- C:\Windows\System32\nlaapi.dll 2017-07-11 02:29:00 140D9F911182357626165EA0BEB98C4F 156672 ----a-w- C:\Windows\System32\ncsi.dll 2017-07-11 02:28:14 6E91F67335D57DDFFE798C815444B0E3 210432 ----a-w- C:\Windows\System32\cewmdm.dll 2017-07-11 02:28:03 EAD314F2142162AE4DE91355580F6607 351744 ----a-w- C:\Windows\System32\winhttp.dll 2017-07-11 02:28:03 A88241C2A519AFD2C99A40000F9113E6 231424 ----a-w- C:\Windows\System32\mswsock.dll 2017-07-11 02:28:03 895962CB2049447EFD2DBE61DEDE596A 26624 ----a-w- C:\Windows\System32\netbtugc.exe 2017-07-11 02:28:03 59EA5753EBDAE42CF92FD5B6E7AE4D53 206336 ----a-w- C:\Windows\System32\ws2_32.dll 2017-07-11 02:27:59 D1450810490EB170A182C4AC915CB87C 1620992 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2017-07-11 02:27:59 7368176B23E9BE5D23ED9BFE1D58AC0C 902144 ----a-w- C:\Windows\System32\WMADMOD.DLL 2017-07-11 02:27:59 3CC0EF43C256D0A28C908F36AD06963D 970240 ----a-w- C:\Windows\System32\msmpeg2adec.dll 2017-07-11 02:27:58 EDCAA72A69E36517F1493F09B8A834F7 829952 ----a-w- C:\Windows\System32\MSMPEG2ENC.DLL 2017-07-11 02:27:58 EDB8F80672DBF24C6C522A29F5854F14 153600 ----a-w- C:\Windows\System32\COLORCNV.DLL 2017-07-11 02:27:58 A0448DC7978E550FE64B9A984522B963 815616 ----a-w- C:\Windows\System32\WMADMOE.DLL 2017-07-11 02:27:58 96FF617934E6A87AA810719D1D911DA9 541184 ----a-w- C:\Windows\System32\WMVSDECD.DLL 2017-07-11 02:27:58 62851F0D13AD06F0042C8109E680421F 739328 ----a-w- C:\Windows\System32\WMSPDMOD.DLL 2017-07-11 02:27:57 FEAEA5182DB9072EBD493466F8608EB8 1568768 ----a-w- C:\Windows\System32\WMVENCOD.DLL 2017-07-11 02:27:57 92BBFF13DE00F30DABC03CFF59D8678E 609280 ----a-w- C:\Windows\System32\MFWMAAEC.DLL 2017-07-11 02:27:57 71C9DDA9ED939361C1CA2CE21EA84DBF 665088 ----a-w- C:\Windows\System32\WMVXENCD.DLL 2017-07-11 02:27:57 66EB4C814BF7BD76CF7CBC7F562234BA 67584 ----a-w- C:\Windows\System32\devenum.dll 2017-07-11 02:27:57 2C838797F2F6138EF36C8964487775B9 358400 ----a-w- C:\Windows\System32\WMVSENCD.DLL 2017-07-11 02:27:57 0697FF546D6D70AE7F77EF6398004153 241152 ----a-w- C:\Windows\System32\MP43DECD.DLL 2017-07-11 02:27:56 D6A767B747F4D58EBDAAD1925DC863FA 206848 ----a-w- C:\Windows\System32\RESAMPLEDMO.DLL 2017-07-11 02:27:56 A7FAA81D1622D6AF4467A81B42D30DBE 241152 ----a-w- C:\Windows\System32\MPG4DECD.DLL 2017-07-11 02:27:56 8A2A7AA90CBA77DD44FBAE713B4B3877 415744 ----a-w- C:\Windows\System32\MP4SDECD.DLL 2017-07-11 02:27:56 6B1BB70E72B573EBDF1235B77DF5706D 1325056 ----a-w- C:\Windows\System32\WMSPDMOE.DLL 2017-07-11 02:27:56 5CF623B21998B8F1D081D55910A0BDA7 206848 ----a-w- C:\Windows\System32\qasf.dll 2017-07-11 02:27:56 24D74CF313DC62C65EEA4726AE2EB3F8 154112 ----a-w- C:\Windows\System32\VIDRESZR.DLL 2017-07-11 02:27:56 08D48E8CF6072114C656026457D02C15 338944 ----a-w- C:\Windows\System32\SysFxUI.dll 2017-07-11 02:27:55 BE2D4165A6845FEE05CBD36D8B41E518 193536 ----a-w- C:\Windows\System32\ksproxy.ax 2017-07-11 02:27:55 A4C85F362EBB7815676F1CD9CFC5BA59 4608 ----a-w- C:\Windows\System32\ksuser.dll 2017-07-11 02:27:55 5DCE986C8D7E91B455FB3D57BF955A2A 79872 ----a-w- C:\Windows\System32\MP3DMOD.DLL 2017-07-11 02:27:55 4FBCDC326769C31CB283981A51C867F3 53248 ----a-w- C:\Windows\System32\mfvdsp.dll 2017-07-11 02:27:50 2F0BC1FC6142DCB31C7D9804962A7011 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2017-07-11 02:27:48 AA68E88A5CEC6AE30CBD24941DD8FE5E 318464 ----a-w- C:\Windows\System32\WMPhoto.dll 2017-07-11 02:26:27 B3BC38B886CA53C92D52EF724A9F0D45 308224 ----a-w- C:\Windows\System32\scesrv.dll 2017-07-11 02:26:25 58788565442368B0615DDAF1D452B843 530432 ----a-w- C:\Windows\System32\comctl32.dll 2017-07-11 02:22:28 FCFD4F50419B4BC72E80066DA10D2E54 523776 ----a-w- C:\Windows\System32\termsrv.dll 2017-07-11 00:54:51 F37E46293F7745E2CB832B81FE6E0409 120848 ----a-w- C:\Windows\System32\RTNUninst32.dll 2017-07-11 00:54:51 52D3F95EE7F4F9EAB9AD92AB5B652430 117744 ----a-w- C:\Windows\System32\RtNicProp32.dll 2017-07-11 00:53:36 51F16BDF1698D732C494F047BFCA60B1 74752 ----a-w- C:\Windows\System32\RtCRX.dll 2017-07-11 00:53:35 8BD21AA763666F1EA35BCA01E135E576 9890816 ----a-w- C:\Windows\System32\RsCRIcon.dll 2017-07-10 23:48:56 86F34E7288DA428E38E2D8C7E806A871 826880 ----a-w- C:\Windows\System32\rdpcore.dll 2017-07-10 23:40:38 CB136B267569A62EF63D798BC90ABD5A 144 ----a-w- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-07-10 18:44:46 9F45771914360A925252A1B7226EC7EC 451 ----a-w- C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2017-07-10 18:37:15 F1688476B7C0B2A7B9934009B0928AF3 1400800 ----a-w- C:\Windows\System32\tosade.dll 2017-07-10 18:37:15 DEFCE85EC4582453B23F5C7CDC41DE0F 390936 ----a-w- C:\Windows\System32\toseaeapo32.dll 2017-07-10 18:37:15 C51DCE5970270C8970ACB269EC23FF4C 150552 ----a-w- C:\Windows\System32\SRSWOW.dll 2017-07-10 18:37:15 BFC37D7FEA5312DD47CA44A837A522E8 905304 ----a-w- C:\Windows\System32\tosasfapo32.dll 2017-07-10 18:37:15 B98270EA6864726749072E1DB858C8DC 67752 ----a-w- C:\Windows\System32\TepeqAPO.dll 2017-07-10 18:37:15 52544F4BBDB7104A68E910EA51B862B3 1279312 ----a-w- C:\Windows\System32\tossaeapo32.dll 2017-07-10 18:37:15 4F2ED0A64A6C406D635E884B3CE376C7 860512 ----a-w- C:\Windows\System32\tadefxapo2.dll 2017-07-10 18:37:15 31FD44504AC4E8D4885B40B38761BF4E 144680 ----a-w- C:\Windows\System32\tadefxapo.dll 2017-07-10 18:37:15 2AA08F5C378CEAEA16F2007D08C66031 571632 ----a-w- C:\Windows\System32\tossaemaxapo32.dll 2017-07-10 18:37:14 FDE2C7D993233225BFC85612A42DAB1E 196008 ----a-w- C:\Windows\System32\SRSTSHD.dll 2017-07-10 18:37:14 FCB3848E34453ADBE0E01A69C9A9DE70 2904576 ----a-w- C:\Windows\System32\RtkPgExt.dll 2017-07-10 18:37:14 FC87883E7AE7F7B2718B103586519B76 307232 ----a-w- C:\Windows\System32\RP3DHT32.dll 2017-07-10 18:37:14 F820F926023397D1CBB0F336DB5122CE 83640 ----a-w- C:\Windows\System32\SFCOM.dll 2017-07-10 18:37:14 F448008E959B2C780299D6E78A3496F4 71704 ----a-w- C:\Windows\System32\R4EEG32A.dll 2017-07-10 18:37:14 F388F6E0F385AB7D08332E442ADB6F09 1074048 ----a-w- C:\Windows\System32\SRRPTR.dll 2017-07-10 18:37:14 ECE7329BE1C1A90125B40C8F90A770E2 307232 ----a-w- C:\Windows\System32\RP3DAA32.dll 2017-07-10 18:37:14 E07064C9F50B5C97F39287CE50FF5FA4 183608 ----a-w- C:\Windows\System32\SRSHP360.dll 2017-07-10 18:37:14 CDC247444BF90667564D2FFF9F34EF35 225040 ----a-w- C:\Windows\System32\SFNHK.dll 2017-07-10 18:37:14 CA20D2805FC3FEA87E38F08E3F543A7B 2830480 ----a-w- C:\Windows\System32\RltkAPO.dll 2017-07-10 18:37:14 C67BB81922C58B0791519E935679E1E4 2149376 ----a-w- C:\Windows\System32\RtkCoInstII.dll 2017-07-10 18:37:14 C59C9C0C1021946C114ACECA2B7BF9EF 101616 ----a-w- C:\Windows\System32\R4EEA32A.dll 2017-07-10 18:37:14 B49BBCCBB8347301F63FB697C3585F66 866096 ----a-w- C:\Windows\System32\SEHDHF32.dll 2017-07-10 18:37:14 B0172BAC886FDB50C5A70318EEBF2BDF 232752 ----a-w- C:\Windows\System32\slprp32.dll 2017-07-10 18:37:14 A69A2E617963A777BACDF8CC62D751CB 341144 ----a-w- C:\Windows\System32\SRCOM.dll 2017-07-10 18:37:14 9C6B7736B8EFED8B4333C2A55F45660A 357152 ----a-w- C:\Windows\System32\SRSTSXT.dll 2017-07-10 18:37:14 9B394FD2A53C4F47E96150A303D75269 936608 ----a-w- C:\Windows\System32\SFSS_APO.dll 2017-07-10 18:37:14 99EDF09FE997BB4B3454C7971C078B1F 88272 ----a-w- C:\Windows\System32\RTEEL32A.dll 2017-07-10 18:37:14 8CC596FD496C584D3D2EEF2ABF4DE073 364016 ----a-w- C:\Windows\System32\R4EED32A.dll 2017-07-10 18:37:14 85B7CC15B7201291571308CE61B89F1C 22152 ----a-w- C:\Windows\System32\RtkCoLDR.dll 2017-07-10 18:37:14 826245953EB42135B868576020AC7B63 371808 ----a-w- C:\Windows\System32\RTEEP32A.dll 2017-07-10 18:37:14 77EF87DB54EB02912C160D8591AB6658 2800320 ----a-w- C:\Windows\System32\sltech32.dll 2017-07-10 18:37:14 69C631EC28D24C8308AF697681F73918 181224 ----a-w- C:\Windows\System32\RTEED32A.dll 2017-07-10 18:37:14 6093B2C81E4458EF04E2EF9B728F6E13 78480 ----a-w- C:\Windows\System32\SFAPO.dll 2017-07-10 18:37:14 58AD91C535B73BC12897A816600833B8 472528 ----a-w- C:\Windows\System32\SEAPO32.dll 2017-07-10 18:37:14 5016355D89AC2298FB58783EDCA8F276 911080 ----a-w- C:\Windows\System32\sl3apo32.dll 2017-07-10 18:37:14 3672DB934F68B5FB0AADAE20F9C9AA9C 2558352 ----a-w- C:\Windows\System32\RtkApoApi.dll 2017-07-10 18:37:14 2CF223132168C6E3675866B4C6B76A18 401040 ----a-w- C:\Windows\System32\SRAPO.dll 2017-07-10 18:37:14 1E756BD60DCF54BF0E71144688F2F2A2 116648 ----a-w- C:\Windows\System32\R4EEL32A.dll 2017-07-10 18:37:14 17330320EA4A315F526A2978157021E0 3173736 ----a-w- C:\Windows\System32\slcnt32.dll 2017-07-10 18:37:14 0FB8C7FBDBB0FCBA47B86FAD1E418477 74376 ----a-w- C:\Windows\System32\RTEEG32A.dll 2017-07-10 18:37:14 08EB7F3EA3F604B65775327C67B9A0D4 7170864 ----a-w- C:\Windows\System32\R4EEP32A.dll 2017-07-10 18:37:14 063DF93ADD2185700BFA06C329F3F745 726120 ----a-w- C:\Windows\System32\SECOMN32.dll 2017-07-10 18:37:14 03E4F9C1FDE9DF327DC0BB159FF5166D 735920 ----a-w- C:\Windows\System32\SEHDRA32.dll 2017-07-10 18:37:13 FD1474D31C46EDA830A8B88714B82807 316424 ----a-w- C:\Windows\System32\HMAPO.dll 2017-07-10 18:37:13 F9D88F4B53DA5433E0B97EA2B9334F44 221904 ----a-w- C:\Windows\System32\HMHVS.dll 2017-07-10 18:37:13 F6684A0C1BFCB16CC40164817BC41FC8 1239800 ----a-w- C:\Windows\System32\DTSBoostDLL.dll 2017-07-10 18:37:13 F3CD6B7D55CDE01617224C9FEB53833B 1531672 ----a-w- C:\Windows\System32\DTSS2SpeakerDLL.dll 2017-07-10 18:37:13 F2D0AE5698B36091D48720C489F78C4F 229584 ----a-w- C:\Windows\System32\DTSGFXAPONS.dll 2017-07-10 18:37:13 E414F6344FBD7709664332594CF24DCD 402064 ----a-w- C:\Windows\System32\DTSGainCompensatorDLL.dll 2017-07-10 18:37:13 E3413EDD630BA459C2F082CFC6473AD7 340816 ----a-w- C:\Windows\System32\HiFiDAX2APIPCLL.dll 2017-07-10 18:37:13 CDB2FD0D7B5E3008D078C272622274A9 7053688 ----a-w- C:\Windows\System32\DDPP32A.dll 2017-07-10 18:37:13 CB43D64A32BF43ABB386F23794ADDAEE 4244232 ----a-w- C:\Windows\System32\DolbyDAX2APOv211.dll 2017-07-10 18:37:13 BC433BC01BB8746C9140E7D94FDCCEDE 322064 ----a-w- C:\Windows\System32\HiFiDAX2API.dll 2017-07-10 18:37:13 B8A9A29C9E9AF3F83128F489E787569E 363416 ----a-w- C:\Windows\System32\HMClariFi.dll 2017-07-10 18:37:13 B074AEACC1EDC81BAA8F68649D1A06C6 229032 ----a-w- C:\Windows\System32\DTSLFXAPO.dll 2017-07-10 18:37:13 AB6AB9CB794B9681BCD1CA11536B894C 229584 ----a-w- C:\Windows\System32\DTSGFXAPO.dll 2017-07-10 18:37:13 A4880BB67ECE87B9B07985E23736299C 645816 ----a-w- C:\Windows\System32\DTSSymmetryDLL.dll 2017-07-10 18:37:13 9F0E07C9C7D4330EC718040433A1E3BF 232416 ----a-w- C:\Windows\System32\DDPA32.dll 2017-07-10 18:37:13 97FFDF29AE1EFD1E155222AE4EF3181D 1313120 ----a-w- C:\Windows\System32\DTSS2HeadphoneDLL.dll 2017-07-10 18:37:13 91FEC10C9ACF7373BE58F3529D98FB46 387624 ----a-w- C:\Windows\System32\DTSLimiterDLL.dll 2017-07-10 18:37:13 7FA79EC36D2D095D5B54E78F6DC03E03 584888 ----a-w- C:\Windows\System32\ICEsoundAPO.dll 2017-07-10 18:37:13 749025D643592F462AB35FC226186F99 1025040 ----a-w- C:\Windows\System32\DolbyDAX2APOProp.dll 2017-07-10 18:37:13 7154C3A7A3BD0BEEC7EEB32B696E75C6 1512312 ----a-w- C:\Windows\System32\DDPD32A.dll 2017-07-10 18:37:13 6C177FB9ACF2210B983A18A27DE7F8D5 130296 ----a-w- C:\Windows\System32\HarmanAudioInterface.dll 2017-07-10 18:37:13 694F391BABB3220A9DDE11E42FD7D091 1824928 ----a-w- C:\Windows\System32\DolbyDAX2APOv201.dll 2017-07-10 18:37:13 680D707B05157E11680FAA25454A247C 631152 ----a-w- C:\Windows\System32\DolbyDAX2APOvlldp.dll 2017-07-10 18:37:13 6178D341E4CDA25A4B9B21E942D400E0 615872 ----a-w- C:\Windows\System32\DTSVoiceClarityDLL.dll 2017-07-10 18:37:13 5E3F8B453AD18C746322696FE9444BB0 214664 ----a-w- C:\Windows\System32\HMEQ_Voice.dll 2017-07-10 18:37:13 4DFC5A3EEA267FD078C8F5410220637D 214664 ----a-w- C:\Windows\System32\HMEQ.dll 2017-07-10 18:37:13 4811CCFDB1AC423D011BB4FA638A9905 669584 ----a-w- C:\Windows\System32\DTSBassEnhancementDLL.dll 2017-07-10 18:37:13 41217F013E6E3C239F5916EF7FF6A3AF 1134776 ----a-w- C:\Windows\System32\DAX3APOv251.dll 2017-07-10 18:37:13 3EA11335D80D18444F0D9BFE70DB0305 200728 ----a-w- C:\Windows\System32\HMLimiter.dll 2017-07-10 18:37:13 2CE2D9F4A683B49676DCDFF7DA801551 367352 ----a-w- C:\Windows\System32\HMUI.dll 2017-07-10 18:37:13 21F8B2A2ABF610E709ADD3F47CE9B6B7 1224040 ----a-w- C:\Windows\System32\DAX3APOProp.dll 2017-07-10 18:37:13 1868FCA00AE07C0BA19B9A6CCB458FAC 471288 ----a-w- C:\Windows\System32\DTSNeoPCDLL.dll 2017-07-10 18:37:13 01188D0031942AC07E095A75A6E53D13 285624 ----a-w- C:\Windows\System32\DDPO32A.dll 2017-07-10 18:37:12 FAB1E2AF0A567912FF005CA0ACEE28DC 197440 ----a-w- C:\Windows\System32\AcpiServiceVnA.dll 2017-07-10 18:37:12 88CF6AAE6D8F4E022FF7FE49D3CA9D56 101328 ----a-w- C:\Windows\System32\CONEQMSAPOGUILibrary.dll 2017-07-10 18:37:12 5887E10E8F2EC8A926D6269EC7FC8104 96600 ----a-w- C:\Windows\System32\audioLibVc.dll 2017-07-10 18:37:08 C753AD3A2BC6038CBA51B6E76BD36BC0 2946560 ----a-w- C:\Windows\System32\RTSndMgr.cpl 2017-07-10 18:37:08 17A06D004F9DC92FF8300C27F1128911 72520712 ----a-w- C:\Windows\System32\RCoRes.dat 2017-07-10 18:35:28 D823A6ED12810DC4FBA9184B5922E5AD 60416 ----a-w- C:\Windows\System32\OpenCL.DLL 2017-07-10 18:34:39 D823A6ED12810DC4FBA9184B5922E5AD 60416 ----a-w- C:\Windows\System32\Intel_OpenCL_ICD32.dll 2017-07-10 18:34:38 F7B53C7188A29CD413B58333C1838689 10240 ----a-w- C:\Windows\System32\igfxEMLib.dll 2017-07-10 18:34:38 ECF74CB99631F88D32B1B5AB5D5E52E5 317952 ----a-w- C:\Windows\System32\igfxOSP.dll 2017-07-10 18:34:38 EB51A2AA0B36D31AC258300FFC576B8A 1758208 ----a-w- C:\Windows\System32\igfxcmjit32.dll 2017-07-10 18:34:38 D003E0B5EFC19952AA42B0278F7435DE 366680 ----a-w- C:\Windows\System32\igdmd32.dll 2017-07-10 18:34:38 C19EB1934AE6CB723CF65489FE030514 10752 ----a-w- C:\Windows\System32\igfxDILib.dll 2017-07-10 18:34:38 BF4DF5A2277EC44BE002504509A37DF6 69632 ----a-w- C:\Windows\System32\igfxDHLibv2_0.dll 2017-07-10 18:34:38 A235B3301E8CA8D10698539D87659931 215552 ----a-w- C:\Windows\System32\igfxLHM.dll 2017-07-10 18:34:38 97D2D6A79B3888C6133EE5FFCD58620A 1785856 ----a-w- C:\Windows\System32\igdrcl32.dll 2017-07-10 18:34:38 7937953A9515DF8E5BA9BF511A6914FF 250368 ----a-w- C:\Windows\System32\igfxDI.dll 2017-07-10 18:34:38 763FFBA39609ADC233F4D72223B87D88 183840 ----a-w- C:\Windows\System32\iglhcp32.dll 2017-07-10 18:34:38 74D9E9014268ABD2A05ECCD3AAE22C59 172544 ----a-w- C:\Windows\System32\igfxDTCM.dll 2017-07-10 18:34:38 6FE03F35B135BEBCDC72D965793BFFEB 160256 ----a-w- C:\Windows\System32\igfxCoIn_v4425.dll 2017-07-10 18:34:38 65AD067C0A59555DB24E9980106AB358 159096 ----a-w- C:\Windows\System32\igfxcmrt32.dll 2017-07-10 18:34:38 5F7567F7927AAB5B6CEDBA23A0B87DFE 10474040 ----a-w- C:\Windows\System32\igdumdim32.dll 2017-07-10 18:34:38 5D2BBD6994516C88E095CBA54136CD6C 80384 ----a-w- C:\Windows\System32\igfxCUIServicePS.dll 2017-07-10 18:34:38 5D27610F90BB38360AE470249D55942C 5120 ----a-w- C:\Windows\System32\igfxLHMLib.dll 2017-07-10 18:34:38 578F3855CD2429CB9345CDBB9CB305BE 155136 ----a-w- C:\Windows\System32\igfx11cmrt32.dll 2017-07-10 18:34:38 577D965106B65EA1A1A9F3154C113A88 5120 ----a-w- C:\Windows\System32\igfxLHMLibv2_0.dll 2017-07-10 18:34:38 5741B7358B166C1759DE151C2C89CFDE 286720 ----a-w- C:\Windows\System32\IntelOpenCL32.dll 2017-07-10 18:34:38 425097C03968BB173D0817405DEC539B 59904 ----a-w- C:\Windows\System32\igfxDHLib.dll 2017-07-10 18:34:38 410D22D640450A5EA8D80A3383694FD0 34008 ----a-w- C:\Windows\System32\igfxexps.dll 2017-07-10 18:34:38 28D09512B47CA3925D03329F287F2556 3650832 ----a-w- C:\Windows\System32\igdusc32.dll 2017-07-10 18:34:38 28854874A4580278E062AD0F3C08AF86 10752 ----a-w- C:\Windows\System32\igfxDILibv2_0.dll 2017-07-10 18:34:38 1C8F2A77546E02E142861AFE15DA15B3 1133000 ----a-w- C:\Windows\System32\iglhsip32.dll 2017-07-10 18:34:38 0E5C7EE0D45E45D2D8A521E96873223F 605696 ----a-w- C:\Windows\System32\igfxDH.dll 2017-07-10 18:34:38 034DA3F7ACDF8E9694B206F335574769 10240 ----a-w- C:\Windows\System32\igfxEMLibv2_0.dll 2017-07-10 18:34:37 C3246FAA9EEF45024161666B31DC9B47 182784 ----a-w- C:\Windows\System32\igdde32.dll 2017-07-10 18:34:37 60ACD3BEFA2BEDD8DAD47053418A1F49 17837568 ----a-w- C:\Windows\System32\igdfcl32.dll 2017-07-10 18:34:37 58FDF30578DE9FAA22DEE5728C0E0427 321536 ----a-w- C:\Windows\System32\igdbcl32.dll 2017-07-10 18:34:37 3A75670EC8388B89EC775AEBE1936F08 6500352 ----a-w- C:\Windows\System32\ig7icd32.dll 2017-07-10 18:34:37 37CE2F4528C1E2F19F7542E388046B18 143872 ----a-w- C:\Windows\System32\igdail32.dll 2017-07-10 18:34:37 1E965302A695C521705B045ED5020832 11783680 ----a-w- C:\Windows\System32\igd10iumd32.dll 2017-07-10 18:34:36 E977E2210D991637FDE9CF1687561CDA 56548 ----a-w- C:\Windows\System32\iglhxs32.vp 2017-07-10 18:34:36 E61D002FA70DC3E93CD78B1F1E388276 4383352 ----a-w- C:\Windows\System32\Gfxv4_0.exe 2017-07-10 18:34:36 E35EE082AB98080067DF7DE4138B5B61 399992 ----a-w- C:\Windows\System32\CustomModeAppv2_0.exe 2017-07-10 18:34:36 DBAEB8BBEB973A5D236350D1B1A30AD9 43760 ----a-w- C:\Windows\System32\iglhxg32_dev.vp 2017-07-10 18:34:36 B62C7F5A2BCBF8362A0B8B69AE39DEB8 44053 ----a-w- C:\Windows\System32\iglhxo32_dev.vp 2017-07-10 18:34:36 B29D8E835067F1204AA042E707D48B8B 546424 ----a-w- C:\Windows\System32\DPTopologyApp.exe 2017-07-10 18:34:36 9720958624890F990DA0BFC53C4E3E31 42654 ----a-w- C:\Windows\System32\iglhxc32_dev.vp 2017-07-10 18:34:36 823B39A80903BACD254C50C3C40F6426 1125 ----a-w- C:\Windows\System32\iglhxa32.vp 2017-07-10 18:34:36 80054B40083DA39A1A7AC93D1DFB37D7 274040 ----a-w- C:\Windows\System32\igfxCUIService.exe 2017-07-10 18:34:36 6DBAA9A70D56DB966403FA1480B3896D 396408 ----a-w- C:\Windows\System32\igfxTray.exe 2017-07-10 18:34:36 6706D702A030850243AF95F25BDF685C 44235 ----a-w- C:\Windows\System32\iglhxo32.vp 2017-07-10 18:34:36 5C5A40A182527845E98AE63C65D6292A 400504 ----a-w- C:\Windows\System32\CustomModeApp.exe 2017-07-10 18:34:36 5857F661258719BBDD184A818F9D1B57 916600 ----a-w- C:\Windows\System32\GfxUIEx.exe 2017-07-10 18:34:36 5414A6718D7E2559E2C51FE2AE84E09D 4380280 ----a-w- C:\Windows\System32\Gfxv2_0.exe 2017-07-10 18:34:36 53DF92C90CA3EA672672241F6B3307EB 44474 ----a-w- C:\Windows\System32\iglhxg32.vp 2017-07-10 18:34:36 433682E4424C2C1841D6C20C99739D39 415864 ----a-w- C:\Windows\System32\igfxEM.exe 2017-07-10 18:34:36 33BED30FBA858BBDA67053881B716459 545912 ----a-w- C:\Windows\System32\DPTopologyAppv2_0.exe 2017-07-10 18:34:36 2B17118651FBC362B417C1E2858855D1 209528 ----a-w- C:\Windows\System32\igfxHK.exe 2017-07-10 18:34:36 1CB1793C1E808CB4F391249E5E1CE0A4 161912 ----a-w- C:\Windows\System32\igfxext.exe 2017-07-10 18:34:36 16D5661D176EE6523B1B142454F999CF 94208 ----a-w- C:\Windows\System32\IccLibDll.dll 2017-07-10 18:34:36 12BA8E0EA1106E58AEE0D8504ED14FF0 43270 ----a-w- C:\Windows\System32\iglhxc32.vp 2017-07-10 18:34:36 08058DB82EB0084478447D750E1DEA7A 280696 ----a-w- C:\Windows\System32\IntelCpHeciSvc.exe 2017-07-10 18:34:35 EEFBF96A4D771AA0C4CEC841E6AE15DD 232960 ----a-w- C:\Windows\System32\igfxCPL.cpl 2017-07-10 18:34:35 EB9FF588AAF2E64CB52F6B6C3BD6BF1A 179828 ----a-w- C:\Windows\System32\resRUS.cui 2017-07-10 18:34:35 E3ECBE665A85EDA30A7F3FEA0427FA3E 154004 ----a-w- C:\Windows\System32\resNOR.cui 2017-07-10 18:34:35 E34147497C3346D48000124EC377A868 155972 ----a-w- C:\Windows\System32\resFIN.cui 2017-07-10 18:34:35 D48CD2D59E5C72C187883320AFB5FE93 153508 ----a-w- C:\Windows\System32\resDAN.cui 2017-07-10 18:34:35 CD28EBD732ECF7A0FAD7E7F334F04938 157492 ----a-w- C:\Windows\System32\resSKY.cui 2017-07-10 18:34:35 CD1ACAC2BEEFEB1684C975496AC7EDA8 156596 ----a-w- C:\Windows\System32\resTRK.cui 2017-07-10 18:34:35 CA5A38DCA65C8540183DB5989B45971B 157332 ----a-w- C:\Windows\System32\resNLD.cui 2017-07-10 18:34:35 C4E050B32A65B326819AD20331AAB818 160260 ----a-w- C:\Windows\System32\resHUN.cui 2017-07-10 18:34:35 BEC45D17F77784FDE5FEE50B626F1BDC 158148 ----a-w- C:\Windows\System32\resROM.cui 2017-07-10 18:34:35 BB02E0907790B462282C099197F01A07 149524 ----a-w- C:\Windows\System32\resCHS.cui 2017-07-10 18:34:35 A179BBDE67244C7413CC9DD94350575B 157652 ----a-w- C:\Windows\System32\resPLK.cui 2017-07-10 18:34:35 971B2384427DD0133F9FD7B923F395DF 156628 ----a-w- C:\Windows\System32\resCSY.cui 2017-07-10 18:34:35 899E708E589C09700BFF1C73CB7D7002 895 ----a-w- C:\Windows\System32\Gfxv2_0.exe.config 2017-07-10 18:34:35 899E708E589C09700BFF1C73CB7D7002 895 ----a-w- C:\Windows\System32\DPTopologyAppv2_0.exe.config 2017-07-10 18:34:35 899E708E589C09700BFF1C73CB7D7002 895 ----a-w- C:\Windows\System32\CustomModeAppv2_0.exe.config 2017-07-10 18:34:35 82C21F51E2E9912158831CDFB0A206B6 156420 ----a-w- C:\Windows\System32\resPTG.cui 2017-07-10 18:34:35 82566CB31CEA7567BF8B45D832668439 158388 ----a-w- C:\Windows\System32\resDEU.cui 2017-07-10 18:34:35 7CDD3D6A64BC621EB92E97ADBD7C0711 152164 ----a-w- C:\Windows\System32\resENU.cui 2017-07-10 18:34:35 7C47E200D9D049C49156A7D416586C4F 165460 ----a-w- C:\Windows\System32\resARA.cui 2017-07-10 18:34:35 75CF363FB4F974F7D037F1D1BD883E75 164948 ----a-w- C:\Windows\System32\resJPN.cui 2017-07-10 18:34:35 72E26B1A458853B5DC37FCEDDFFDD88E 2108679 ----a-w- C:\Windows\System32\iglhxa32.cpa 2017-07-10 18:34:35 6E29BB7D3A84B8ED2C398483CF037308 160196 ----a-w- C:\Windows\System32\resFRA.cui 2017-07-10 18:34:35 6C1F10F831655D5AFA97FE16FB917067 154964 ----a-w- C:\Windows\System32\resSLV.cui 2017-07-10 18:34:35 5CCF59C6E0B3FB08FE2058533D448FDD 156708 ----a-w- C:\Windows\System32\resPTB.cui 2017-07-10 18:34:35 59075B2A63DF6A568123218BF4DC2696 889 ----a-w- C:\Windows\System32\Gfxv4_0.exe.config 2017-07-10 18:34:35 59075B2A63DF6A568123218BF4DC2696 889 ----a-w- C:\Windows\System32\DPTopologyApp.exe.config 2017-07-10 18:34:35 59075B2A63DF6A568123218BF4DC2696 889 ----a-w- C:\Windows\System32\CustomModeApp.exe.config 2017-07-10 18:34:35 5782CEFEAEF7CA26BAE4CAA27E020F3C 155124 ----a-w- C:\Windows\System32\resSVE.cui 2017-07-10 18:34:35 5168626800CC0FAA332BF1A9E7942D05 158532 ----a-w- C:\Windows\System32\resKOR.cui 2017-07-10 18:34:35 3E4404DF28CE437D634BF3EDFC9A10BE 155540 ----a-w- C:\Windows\System32\resHRV.cui 2017-07-10 18:34:35 3C63073FF29B04706024E5678CF43CF8 158052 ----a-w- C:\Windows\System32\resESN.cui 2017-07-10 18:34:35 342DC30F883BEA56448B60A2E1F0D432 164884 ----a-w- C:\Windows\System32\resHEB.cui 2017-07-10 18:34:35 2F6B4B08827D5B994B097C0D8A9F15C3 150404 ----a-w- C:\Windows\System32\resCHT.cui 2017-07-10 18:34:35 2E9301D9FAFB38E6014BB850E3CC4FD6 158356 ----a-w- C:\Windows\System32\resITA.cui 2017-07-10 18:34:35 267A52FC1DC0DB12959A1F1E293A8E68 191476 ----a-w- C:\Windows\System32\resTHA.cui 2017-07-10 18:34:35 211F5776CF333B89D0BD361F92CB38C3 184036 ----a-w- C:\Windows\System32\resELL.cui 2017-07-10 18:34:34 DDDF9AF0EE727661BCE07C3169AE40A9 275489 ----a-w- C:\Windows\System32\DisplayAudiox86.cab 2017-07-10 18:33:40 133DE8048F656714594A58BAB28FDEFC 21496 ----a-w- C:\Windows\System32\btinstall.dll 2017-07-10 17:56:11 DA33F65E6CB01121D5C71E4E668F760A 94371 ------w- C:\Windows\System32\athwb.cat 2017-07-10 17:56:11 61C330A0D5D6ED9DDAF408B7958CAE49 422026 ------w- C:\Windows\System32\athwb.inf 2017-07-10 17:56:11 3AC42F2B7562B7F401D92A020611AB9F 643925 ------w- C:\Windows\System32\netathr.inf 2017-07-10 17:56:11 3215C388BB0A8AFB6A62794BD032E8C4 3310592 ------w- C:\Windows\System32\athr.sys 2017-07-10 17:56:11 29E2B95F8E4C5D8B0782E5AC1B5D08C7 3247104 ------w- C:\Windows\System32\athwb.sys 2017-07-10 17:56:11 151DEF9B9291DF0A6E7E1F8A824380D6 92290 ------w- C:\Windows\System32\athrext.cat ====== C:\Windows\system32\drivers ===== 2017-07-14 08:43:01 867C301E8B790040AE9CF6486E8041DF 155136 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2017-07-14 08:43:01 06E6F32C8D0A3F66D956F57B43A2E070 66560 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2017-07-14 08:42:56 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2017-07-13 05:17:29 28B64D3792D4F692E45ECB0C3F98C19B 1213672 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2017-07-13 05:17:28 897AE9430D037B056CF76A49CF588542 730856 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2017-07-13 05:17:28 76DFFD56A947370E782F21F4847503E9 240872 ----a-w- C:\Windows\System32\drivers\netio.sys 2017-07-13 05:17:27 F6AA1FE6ECB2C175E9BA14D30C739FD3 94208 ----a-w- C:\Windows\System32\drivers\bthpan.sys 2017-07-13 05:17:27 C25848DB4A86839A7EDD1077F62AD980 1309928 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2017-07-13 05:17:27 91439C1CE4373F6B76666AF7E0ED96EE 218856 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2017-07-13 05:17:27 89670A2DA2B97D3F665C4CC376B4EDAC 187624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2017-07-13 05:17:27 33FD2EFFFF90263D9AD0EC3886913B5C 67304 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2017-07-13 05:17:27 2F50E2780F16E00369F1311B086C3E42 514048 ----a-w- C:\Windows\System32\drivers\http.sys 2017-07-13 05:17:27 28A510CE42C686FC2B45DFEC76E3D0D5 137960 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2017-07-13 05:17:26 BD89C0C6904A1F7CDD239577D49B5B5C 226304 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2017-07-13 05:17:26 3655F8342CEA2D9BCA36BAD641361031 124416 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2017-07-13 05:17:25 C6C113DC665B702D9BEF049774D48069 98304 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2017-07-13 05:15:34 F1B27299F547D452EDAEF01FC187CB91 25728 ----a-w- C:\Windows\System32\drivers\hidparse.sys 2017-07-13 05:15:34 50ABE682EBE752EAF62B18790D6D491C 55808 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2017-07-13 05:14:52 FE8A57C8E04EDD3AA8ADD8F3C8F65297 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2017-07-13 04:59:27 9804FB2E46077F2977552347DFCA7E05 712640 ----a-w- C:\Windows\System32\drivers\ndis.sys 2017-07-13 04:49:22 B4A1789BE90403D9549EF9DBAD37A429 24576 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2017-07-13 04:49:22 90B7F53DD3CE7DC8369A5ECDCC4F441D 285696 ----a-w- C:\Windows\System32\drivers\usbport.sys 2017-07-13 04:49:22 81E1E90305A4C7A13BADC5DFA22ABA37 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2017-07-13 04:49:22 5D57798CAE5A0DD0B8F61C52B8E7C3D1 46592 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2017-07-13 04:49:22 3835ECC1E928042F92D7AA1963D40523 259072 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2017-07-13 04:49:22 325A69967CC7B4BFB170F5636143A94A 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2017-07-13 04:49:21 D8C3D7728D641226D13B1E588441C5B6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2017-07-13 04:49:14 ED80D303102A746D30C1684B387BCBF1 33280 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys 2017-07-13 04:46:19 E306A24D9694C724FA2491278BF50FDB 196328 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2017-07-13 04:44:59 575DF237408CA735631F7A0DC423D873 54656 ----a-w- C:\Windows\System32\drivers\stream.sys 2017-07-13 04:38:39 B7B470F163002A0D0E381EE45834BF6B 57280 ----a-w- C:\Windows\System32\drivers\disk.sys 2017-07-13 04:34:00 F1A449D762657230629D8BFC107ABC14 149440 ----a-w- C:\Windows\System32\drivers\storport.sys 2017-07-13 04:34:00 EB34CE31FABD4DC4343FD2AD16D2CAF9 234432 ----a-w- C:\Windows\System32\drivers\msiscsi.sys 2017-07-13 04:34:00 5FB4F271032B6435F3B2252F577A4815 27072 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2017-07-13 03:48:05 A4BF8BE9D1F7D563C7868AC7B2561545 35840 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys 2017-07-13 03:39:05 DDCE686D76C2B4DB435A3AF5BD0E691D 133056 ----a-w- C:\Windows\System32\drivers\ataport.sys 2017-07-11 13:59:05 7DAE5EBCC80E45D3253F4923DC424D05 19824 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2017-07-11 04:30:54 0C997B061E3C66BD9E927C1288EB1CC7 24688 ----a-w- C:\Windows\System32\drivers\TrueSight.sys 2017-07-11 03:16:55 144DA53294922A84FFAA3D90B1453745 76288 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2017-07-11 02:40:20 EE337A0E80C2554D42487E29C4E41E24 311808 ----a-w- C:\Windows\System32\drivers\srv.sys 2017-07-11 02:40:19 722EDCF256AFD35538E69A933A908CA2 313856 ----a-w- C:\Windows\System32\drivers\srv2.sys 2017-07-11 02:40:18 0C941A3F148B4228867908F98F394461 593920 ----a-w- C:\Windows\System32\drivers\PEAuth.sys 2017-07-11 02:40:17 F582FC7976F1248AC5FBD6875C626B41 338944 ----a-w- C:\Windows\System32\drivers\afd.sys 2017-07-11 02:40:16 06AC0310138E4B2C35AF7344D18BC686 117248 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2017-07-11 02:40:15 EA9DBD76CE9254C77BAAB4339DD4C4FB 81408 ----a-w- C:\Windows\System32\drivers\dfsc.sys 2017-07-11 02:40:15 7F7D4B16389CEF932950F6B2604D2601 373896 ----a-w- C:\Windows\System32\drivers\cng.sys 2017-07-11 02:40:14 BDF998A504EED01787CCA371980EAEDE 116224 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2017-07-11 02:40:13 9664F55623B43FD85D5642A202976AEE 78568 ----a-w- C:\Windows\System32\drivers\mountmgr.sys 2017-07-11 02:40:12 53E8732CC70CC0991839DF9FC8996E4A 142336 ----a-w- C:\Windows\System32\drivers\exfat.sys 2017-07-11 02:40:12 28AF7D4427868B7CE4C00CAB1864C7F6 68608 ----a-w- C:\Windows\System32\drivers\bowser.sys 2017-07-11 02:40:12 24F422E5D7517FEBDA2324116F1A7BE6 148992 ----a-w- C:\Windows\System32\drivers\fastfat.sys 2017-07-11 02:40:08 20ED6F310B7C56389D97B3BC435A466D 50688 ----a-w- C:\Windows\System32\drivers\appid.sys 2017-07-11 02:40:08 01743A8A62F2C0488F9C4F6D25C21B2C 74752 ----a-w- C:\Windows\System32\drivers\tdx.sys 2017-07-11 02:34:37 AFA8CCAFC4A0983B09AC386E643F8F81 117760 ----a-w- C:\Windows\System32\drivers\rmcast.sys 2017-07-11 02:33:45 3F34A1B4C5F6475F320C275E63AFCE9B 56176 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2017-07-11 02:31:09 CD9214A6AE17D188D17C3CF8CB9CC693 184320 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2017-07-11 02:31:08 6C5139E4283249518F7743D7043775B3 31232 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2017-07-11 02:29:18 DE014425522610BEDCA3821BB8C0F1D5 146816 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2017-07-11 02:29:18 2352AB5F9F8F097BF9D41D5A4718A041 86016 ----a-w- C:\Windows\System32\drivers\usbcir.sys 2017-07-11 02:28:03 A00996C9BFEF29A93B9F21DBE1DC502D 188928 ----a-w- C:\Windows\System32\drivers\netbt.sys 2017-07-11 02:27:55 A3F684B866A7D89AE396276CE7AFD416 5120 ----a-w- C:\Windows\System32\drivers\drmkaud.sys 2017-07-11 02:27:55 53F70F2B5ED939C0013D625F6444F5C7 81408 ----a-w- C:\Windows\System32\drivers\drmk.sys 2017-07-11 02:27:55 1F3096B1725382912803B6027AF4B94A 177152 ----a-w- C:\Windows\System32\drivers\portcls.sys 2017-07-11 02:27:50 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2017-07-11 02:27:50 48704647CD2E9DAA2EB81BDE6D029EDB 47720 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2017-07-11 02:27:50 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2017-07-11 00:58:55 E957DA63610A587836EAB9F9B6284A52 839696 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys 2017-07-11 00:54:51 AE73880E4D74693C3B90530EA4458410 794608 ----a-w- C:\Windows\System32\drivers\Rt86win7.sys 2017-07-11 00:53:36 84275D83036315EDBBE63428CD1F5D2F 308192 ----a-w- C:\Windows\System32\drivers\RtsUer.sys 2017-07-10 23:48:56 2C2C5AFE7EE4F620D69C23C0617651A8 24576 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2017-07-10 19:52:35 08D17BD45932F65EE3198BE58F6EA173 162240 ----a-w- C:\Windows\System32\drivers\MBAMChameleon.sys 2017-07-10 19:52:27 601BF49A35D62E1783F328877434ECAF 65824 ----a-w- C:\Windows\System32\drivers\mwac.sys 2017-07-10 19:52:27 1CA8869650513B5F11EBBC9D30B6C372 85400 ----a-w- C:\Windows\System32\drivers\farflt.sys 2017-07-10 19:52:16 EA8012B28C87359AB0AB89FF057DB168 40352 ----a-w- C:\Windows\System32\drivers\mbam.sys 2017-07-10 19:52:09 B72EBB5C4727E67BAFDBC7FEA5A8D49F 221600 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2017-07-10 19:51:59 C00BBCAEDCC2A3503D0FC27DD96D97C8 59936 ----a-w- C:\Windows\System32\drivers\mbae.sys 2017-07-10 18:38:25 94EB9C6A0C07D5329E9EA69C9AA8929F 2094612 ----a-w- C:\Windows\System32\drivers\rtkhdasetting.zip 2017-07-10 18:37:15 6163A2BDD002147DA9481F09E3EAB445 4298792 ----a-w- C:\Windows\System32\drivers\RTKVHDA.sys 2017-07-10 18:37:10 7D7FBC9504575D97885A858EA93684F5 5804772 ----a-w- C:\Windows\System32\drivers\rtvienna.dat 2017-07-10 18:37:08 963C68FAC6839EAA05CCD87533FAB46E 9124224 ----a-w- C:\Windows\System32\drivers\RTAIODAT.DAT 2017-07-10 18:34:40 CDAEA264A9D8E43C872530D2BE586BC8 3031504 ----a-w- C:\Windows\System32\drivers\igdkmd32.sys 2017-07-10 18:34:01 16086445D89EE0E650B4789C1AC66DA2 3365624 ----a-w- C:\Windows\System32\drivers\athr.sys 2017-07-10 18:33:40 132DB251AEC9210B8CD46D17DDB3F01C 47504 ----a-w- C:\Windows\System32\drivers\btcusb.sys 2017-07-10 18:32:31 D01C750421277EDAD729CDE1FA3BF36C 379128 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys 2017-07-10 18:00:13 4004657E385E6C714825EB9031ED2062 23840 ----a-w- C:\Windows\System32\drivers\HWiNFO32.SYS 2017-07-10 17:44:54 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf ====== C:\Windows\Tasks ====== 2017-07-13 01:05:51 96BBDBEF6949D399B3E08B8BDCAE9D7E 4642 ----a-w- C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier 2017-07-13 01:05:15 D6550D8F110DCCC4F593533488460FFD 4496 ----a-w- C:\Windows\system32\Tasks\Adobe Flash Player Updater 2017-07-10 19:47:25 665BD3D907C7B96F201C51A2407311A4 2888 ----a-w- C:\Windows\system32\Tasks\Uninstaller_SkipUac_RANO 2017-07-10 18:33:58 7B4516FB4C971DE32BB8A8F6873C5FDC 3858 ----a-w- C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1499711631 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2044-03-01 15:51:01 -------- d-----w- C:\Program Files\Common Files 2017-07-14 10:20:14 -------- d-----w- C:\Program Files\RogueKiller 2017-07-14 06:43:37 -------- d-----w- C:\Program Files\Unlocker 2017-07-14 00:32:11 -------- d-----w- C:\Program Files\Microsoft.NET 2017-07-11 01:06:48 -------- d-----w- C:\Program Files\VideoLAN 2017-07-10 20:33:35 -------- d-----w- C:\Program Files\Mozilla Maintenance Service 2017-07-10 19:48:08 -------- d-----w- C:\Program Files\Common Files\IObit 2017-07-10 18:37:59 -------- d-----w- C:\Program Files\Realtek 2017-07-10 18:35:19 -------- d-----w- C:\Program Files\Intel 2017-07-10 18:35:16 -------- d-----w- C:\Program Files\Common Files\Intel 2017-07-10 18:14:53 -------- d-----w- C:\Program Files\Opera 2017-07-10 18:12:24 -------- d-----w- C:\Program Files\Internet Download Manager 2017-07-10 18:00:07 -------- d-----w- C:\Program Files\IObit 2017-07-10 17:56:39 -------- d-----w- C:\Program Files\Qualcomm Atheros 2017-07-10 17:56:10 -------- d--h--w- C:\Program Files\InstallShield Installation Information ======= C: ===== 2017-07-11 02:43:05 2051FB625B198BD832FD61245CB0FFB4 206312 --sha-r- C:\grldr 2017-07-10 00:43:30 0B0E7E2916CB452CDB8340647D173A4D 8192 --sha-r- C:\BOOTSECT.BAK 2017-07-10 00:43:28 ACB83AE20552C4F78CABCA8E72763AC8 399860 --sha-r- C:\bootmgr ====== C:\Users\RANO\AppData\Roaming ====== 2017-07-14 06:43:37 -------- d-----w- C:\Users\RANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2017-07-14 01:03:28 -------- d-----w- C:\Users\RANO\AppData\Roaming\Adobe 2017-07-14 00:41:24 -------- d-----w- C:\Users\RANO\AppData\Local\Learnpulse 2017-07-14 00:41:20 6CCDB99AC109A1DA2D7BB715483798AE 58016 ----a-w- C:\Users\RANO\AppData\Local\GDIPFONTCACHEV1.DAT 2017-07-14 00:41:17 -------- d-----w- C:\Users\RANO\AppData\Roaming\Learnpulse 2017-07-11 03:11:02 -------- d-----w- C:\Users\RANO\AppData\Roaming\ZHP 2017-07-11 03:11:02 -------- d-----w- C:\Users\RANO\AppData\Local\ZHP 2017-07-11 01:07:41 -------- d-----w- C:\Users\RANO\AppData\Roaming\vlc 2017-07-11 00:46:38 -------- d-----w- C:\Users\RANO\AppData\Roaming\ESET 2017-07-11 00:45:46 -------- d-----w- C:\Users\RANO\AppData\Locallow\Mozilla 2017-07-11 00:40:59 -------- d-----w- C:\Users\RANO\AppData\Roaming\Mozilla 2017-07-11 00:40:59 -------- d-----w- C:\Users\RANO\AppData\Local\Mozilla 2017-07-10 21:43:34 DA46CE34C8AD45F13370B78C1B67C725 275608 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2017-07-10 20:20:59 -------- d-----w- C:\Users\RANO\AppData\Local\ESET 2017-07-10 20:19:16 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\ESET 2017-07-10 18:34:07 -------- d-----w- C:\Users\RANO\AppData\Roaming\Opera Software 2017-07-10 18:34:07 -------- d-----w- C:\Users\RANO\AppData\Local\Opera Software 2017-07-10 18:12:29 -------- d-----w- C:\Users\RANO\AppData\Roaming\IDM 2017-07-10 18:12:29 -------- d-----w- C:\Users\RANO\AppData\Roaming\DMCache 2017-07-10 18:12:25 -------- d-----w- C:\Users\RANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2017-07-10 18:00:16 -------- d-----w- C:\Users\RANO\AppData\Locallow\IObit 2017-07-10 17:59:46 -------- d-sh--w- C:\Users\RANO\AppData\Locallow\Microsoft 2017-07-10 17:59:42 -------- d-----w- C:\Users\RANO\AppData\Roaming\IObit 2017-07-10 17:59:35 -------- d-----w- C:\Users\RANO\AppData\Local\Programs 2017-07-10 17:46:47 -------- d-----w- C:\Users\RANO\AppData\Local\Diagnostics 2017-07-10 17:38:23 -------- d-----r- C:\Users\RANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2017-07-10 17:38:23 -------- d-----r- C:\Users\RANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2017-07-10 17:38:13 -------- d-----w- C:\Users\RANO\AppData\Roaming\Identities 2017-07-10 17:38:00 -------- d-s---w- C:\Users\RANO\AppData\Roaming\Microsoft 2017-07-10 17:38:00 -------- d-----w- C:\Users\RANO\AppData\Roaming\Media Center Programs 2017-07-10 17:38:00 -------- d-----w- C:\Users\RANO\AppData\Local\Temp 2017-07-10 17:38:00 -------- d-----w- C:\Users\RANO\AppData\Local\Microsoft 2017-07-10 17:38:00 -------- d-----r- C:\Users\RANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2017-07-10 17:38:00 -------- d-----r- C:\Users\RANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories ====== C:\Users\RANO ====== 2017-07-14 10:20:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2017-07-11 04:30:33 -------- d-----w- C:\ProgramData\RogueKiller 2017-07-11 01:07:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2017-07-10 19:47:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2017-07-10 18:45:00 -------- d-sh--w- C:\Users\RANO\IntelGraphicsProfiles 2017-07-10 18:38:20 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\ProgramData\DP45977C.lfl 2017-07-10 18:12:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2017-07-10 18:00:16 -------- d-----w- C:\ProgramData\IObit 2017-07-10 17:55:51 -------- d-----w- C:\ProgramData\Qualcomm Atheros 2017-07-10 17:38:23 -------- d-----r- C:\Users\RANO\Searches 2017-07-10 17:38:11 -------- d-----r- C:\Users\RANO\Contacts 2017-07-10 17:38:01 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\RANO\ntuser.ini 2017-07-10 17:38:00 -------- d--h--w- C:\Users\RANO\AppData 2017-07-10 17:38:00 -------- d-----r- C:\Users\RANO\Videos 2017-07-10 17:38:00 -------- d-----r- C:\Users\RANO\Saved Games 2017-07-10 17:38:00 -------- d-----r- C:\Users\RANO\Pictures 2017-07-10 17:38:00 -------- d-----r- C:\Users\RANO\Music 2017-07-10 17:38:00 -------- d-----r- C:\Users\RANO\Links 2017-07-10 17:38:00 -------- d-----r- C:\Users\RANO\Favorites 2017-07-10 17:38:00 -------- d-----r- C:\Users\RANO\Downloads 2017-07-10 17:38:00 -------- d-----r- C:\Users\RANO\Documents 2017-07-10 17:38:00 -------- d-----r- C:\Users\RANO\Desktop ====== C: exe-files == 2017-07-15 15:32:33 B9A774575DB212ADED6B68F0461AB572 54529672 ----a-w- C:\Users\RANO\Downloads\Programs\torbrowser-install-7.0.2_fr.exe 2017-07-15 01:29:18 A1CF92651A2274E887189DABD2929DEF 82944 ----a-w- C:\Users\RANO\AppData\Local\Temp\A72FC64F-9B63-47FB-BF51-1E5ADBD4487D\DismHost.exe 2017-07-15 00:52:16 788FCDDD88240A85039F7F561093B118 448512 ----a-w- C:\Users\RANO\Downloads\Programs\TFC.exe 2017-07-14 10:20:20 7B13E3BEF47A79AD1FE5B8482E43B875 13393992 ----a-w- C:\Program Files\RogueKiller\Updater.exe 2017-07-14 10:20:17 F52726018E3F8AB64F726A7545166CD6 9463368 ----a-w- C:\Program Files\RogueKiller\RogueKillerCMD.exe 2017-07-14 10:20:14 E612A4A7C9114B0AC0B3B82735C5CD8C 22102088 ----a-w- C:\Program Files\RogueKiller\RogueKiller.exe 2017-07-14 10:20:14 8428602C23862AF629C978B86F0E5E20 799304 ----a-w- C:\Program Files\RogueKiller\unins000.exe 2017-07-14 10:13:19 DF10D860EB64CDE7BA34743ED7EDDA27 35612552 ----a-w- C:\Users\RANO\Downloads\Programs\RogueKiller_setup_ref3.exe 2017-07-14 08:42:56 980B6A5F92B8DB235C4A26728C2BE732 196608 ----a-w- C:\Windows\System32\WUDFHost.exe 2017-07-14 07:59:56 9AE58292D951DA8379A5E444C0250881 2782592 ----a-w- C:\Users\RANO\AppData\Roaming\ZHP\ZHPDiag3.exe 2017-07-14 06:43:38 F10291DEF1FB3B1E1EB582201389E4FE 95802 ----a-w- C:\Program Files\Unlocker\uninst.exe 2017-07-14 00:55:44 563D4B7F8482972ED83BEEC07A88FEBA 88152 ----a-w- C:\Program Files\Opera\46.0.2597.46\installer_helper.exe 2017-07-14 00:55:38 323C3D6B194B4B4318B96F2B41F58F5D 779352 ----a-w- C:\Program Files\Opera\46.0.2597.46\opera_crashreporter.exe 2017-07-14 00:55:37 DFDDD440AE6F1C85E0C617959A0D5989 2229336 ----a-w- C:\Program Files\Opera\46.0.2597.46\opera_autoupdate.exe 2017-07-14 00:55:36 5C24E74CF864735B4EBB4014B3077E37 708184 ----a-w- C:\Program Files\Opera\46.0.2597.46\opera.exe 2017-07-14 00:55:20 86387BC2DBABB780CEA14477B2D4C00A 2081880 ----a-w- C:\Program Files\Opera\46.0.2597.46\installer.exe 2017-07-14 00:41:41 CE7ACDE1C5C143C90FA5169265C9533D 12713536 ----a-w- C:\Users\RANO\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe 2017-07-13 05:17:28 D49BCBE8F762CA43608751B12F5A8E89 4246528 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe 2017-07-13 05:17:27 53FF7C0EF6A7E6DAFAEE2FE1B526A01A 157184 ----a-w- C:\Windows\System32\perfmon.exe 2017-07-13 05:17:27 0DF768001BB6B2191E475F5DC0EC6328 303616 ----a-w- C:\Windows\System32\msinfo32.exe 2017-07-13 05:17:27 0DF768001BB6B2191E475F5DC0EC6328 303616 ----a-w- C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe 2017-07-13 05:17:26 FD812B509F2DDFB535D7F91F25CF316E 40448 ----a-w- C:\Windows\servicing\GC32\tzupd.exe 2017-07-13 05:17:26 BB1D7E779FFC9D4D58DE6D6C39429FF1 103424 ----a-w- C:\Windows\System32\resmon.exe 2017-07-13 05:17:25 140812D46FCE7826E898D5E609F170E8 427520 ----a-w- C:\Windows\System32\SearchIndexer.exe 2017-07-13 05:17:24 FE74BFB5C339FE4BB85FDA3487F3AE3F 22016 ----a-w- C:\Windows\System32\lsass.exe 2017-07-13 05:17:24 7B454CA5F19383704BC7D11181851D09 50176 ----a-w- C:\Windows\System32\auditpol.exe 2017-07-13 05:17:24 3FB6E28F1D02F013F0575EC3AA5180CF 86528 ----a-w- C:\Windows\System32\SearchFilterHost.exe 2017-07-13 05:17:24 22338589E0C614A7E0895E442053D4E0 164352 ----a-w- C:\Windows\System32\SearchProtocolHost.exe 2017-07-13 05:16:02 B5EFAD36CF49C2A373E9F89D5359EDFD 1602048 ----a-w- C:\Windows\System32\aitstatic.exe 2017-07-13 05:16:02 8D2142B9F2CC683E9F730D439DCBF039 81640 ----a-w- C:\Windows\System32\CompatTelRunner.exe 2017-07-13 05:15:59 BDB9BC2631CE81FFB7C3DD628633E8F3 79040 ----a-w- C:\Windows\System32\CompatTel\diagtrackrunner.exe 2017-07-13 05:11:38 A4F6DF0E33E644E802C8798ED94D80EA 179712 ----a-w- C:\Windows\System32\notepad.exe 2017-07-13 05:11:38 A4F6DF0E33E644E802C8798ED94D80EA 179712 ----a-w- C:\Windows\notepad.exe 2017-07-13 05:08:42 34BE8D3FE5114F3776E4BAA6260F226C 61952 ----a-w- C:\Windows\System32\ntprint.exe 2017-07-13 05:08:40 ACBC1FB1950AC0C41944A6C8917032EF 28672 ----a-w- C:\Windows\System32\dnscacheugc.exe 2017-07-13 05:03:54 7EEB4D2A17421D337F970FB5C3B24410 106496 ----a-w- C:\Windows\System32\IME\IMEJP10\imjpuexc.exe 2017-07-13 05:03:53 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\System32\wscript.exe 2017-07-13 05:03:52 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\System32\cscript.exe 2017-07-13 04:59:39 429C2769E37E7F50441ED43EBF9494EA 181760 ----a-w- C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe 2017-07-13 04:57:30 0D52559AEF4AA5EAC82F530617032283 903168 ----a-w- C:\Windows\System32\certutil.exe 2017-07-13 04:56:20 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\System32\osk.exe 2017-07-13 04:53:05 0780A42DBD7D9969F9BF4A19AA4285B5 259072 ----a-w- C:\Windows\System32\services.exe 2017-07-13 04:48:02 5D1BFF0FCE80F9E2E539F436710D4A79 31232 ----a-w- C:\Windows\System32\prevhost.exe 2017-07-13 04:46:10 2996B3E7BBA42BEA62D386D9386EDE97 20992 ----a-w- C:\Windows\System32\sdbinst.exe 2017-07-13 04:45:37 786B9C958A4F217322C24C736263C51F 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe 2017-07-13 04:35:09 6DDCA324434FFA506CF7DC4E51DB7935 2972672 ----a-w- C:\Windows\explorer.exe 2017-07-13 03:45:05 A1CF92651A2274E887189DABD2929DEF 82944 ----a-w- C:\Windows\System32\Dism\DismHost.exe 2017-07-13 03:39:02 9EA3783672D21817B9DF1061B54C3B3C 155136 ----a-w- C:\Windows\System32\charmap.exe 2017-07-13 03:35:31 E01D2AC63453534DB8AD1EA97DEE9C3A 594944 ----a-w- C:\Windows\System32\RMActivate_isv.exe 2017-07-13 03:35:31 6142C5540C8D2764D59CBC11AF4A5900 572416 ----a-w- C:\Windows\System32\RMActivate.exe 2017-07-13 03:35:30 0F5FEF37588AF457E02125674F171A4F 508928 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe 2017-07-13 03:35:30 08D323750350A8A29611D1004C0CF319 510976 ----a-w- C:\Windows\System32\RMActivate_ssp.exe 2017-07-13 01:05:13 EF4D3166B4D2B5231CA93F1F492D7DEB 803328 ----a-w- C:\Windows\System32\FlashPlayerApp.exe 2017-07-12 04:23:02 14162DF5D6DE2C51B22309FD9545D3BB 132532600 -c--a-w- C:\Windows\System32\MRT.exe 2017-07-11 13:59:49 8D466B36076BCD7997838C0DDB69764C 619672 ----a-w- C:\Windows\System32\icardagt.exe 2017-07-11 13:59:44 28A8B99DE70F376B18709E6B07D6A352 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe 2017-07-11 03:11:02 9B5C00B3B189ADE0B92DE665773FAFDB 2818432 ----a-w- C:\Users\RANO\AppData\Roaming\ZHP\ZHPCleaner.exe 2017-07-11 03:00:32 C0DC9F7398238C17E480BCBF2C080B25 24576 ----a-w- C:\Windows\System32\gpscript.exe 2017-07-11 02:55:24 81FCF3B7A0C63AB9C3EC37DF01C642B0 123904 ----a-w- C:\Windows\System32\poqexec.exe 2017-07-11 02:40:30 9222E721E38EF60B6627B4AC73E54AB7 35328 ----a-w- C:\Windows\System32\wuapp.exe 2017-07-11 02:40:30 8737C6345141BB27430A836D359E23FF 136192 ----a-w- C:\Windows\System32\wuauclt.exe 2017-07-11 02:40:25 2ADE0250EC6773A04D47C4FA253FDA8D 4001000 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2017-07-11 02:40:24 BECFF07257DD80EEF20904B4A2D3B319 3945704 ----a-w- C:\Windows\System32\ntoskrnl.exe 2017-07-11 02:40:21 44D70A39B68CC322827DA30BCF372F1C 1971200 ----a-w- C:\Program Files\DVD Maker\DVDMaker.exe 2017-07-11 02:40:18 98A4C2E7045F5EC08755DCD6B952B9A4 470704 ----a-w- C:\Windows\System32\winresume.exe 2017-07-11 02:40:18 98A4C2E7045F5EC08755DCD6B952B9A4 470704 ----a-w- C:\Windows\System32\Boot\winresume.exe 2017-07-11 02:40:18 7B125B0729DA7539CC12C3AC9CC1FA1C 534600 ----a-w- C:\Windows\System32\winload.exe 2017-07-11 02:40:18 7B125B0729DA7539CC12C3AC9CC1FA1C 534600 ----a-w- C:\Windows\System32\Boot\winload.exe 2017-07-11 02:40:18 3AE4191A320803F49BA101C15221C0B3 199168 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe 2017-07-11 02:40:18 25CD599B910FF787026A944E2F456B75 243712 ----a-w- C:\Windows\System32\spool\tools\PrintBrmEngine.exe 2017-07-11 02:40:17 19BD5196020E5D015E224905BBF7C8A1 271360 ----a-w- C:\Windows\System32\conhost.exe 2017-07-11 02:40:15 FA03B5AB1835C5A481EECD9435FD7905 105192 ----a-w- C:\Windows\System32\consent.exe 2017-07-11 02:40:14 D609D1AE800D48128BDA1446A4720265 346112 ----a-w- C:\Windows\System32\IME\IMEJP10\IMJPDCT.EXE 2017-07-11 02:40:13 3B55B2000DEBDC210693530B669B9966 497152 ----a-w- C:\Windows\HelpPane.exe 2017-07-11 02:40:12 C97B6AD59161B8502016C050A758552F 286208 ----a-w- C:\Windows\System32\IME\shared\IMCCPHR.exe 2017-07-11 02:40:12 316FEB05EE3796DF7303E42DDCC2FB2A 269824 ----a-w- C:\Windows\System32\IME\shared\IMEPADSV.EXE 2017-07-11 02:40:11 ABD373E82F6240031C1E631AA20711C7 295936 ----a-w- C:\Windows\System32\bcdedit.exe 2017-07-11 02:40:11 7F39233AA5807E8AC3C52ABD7DAF6B67 362496 ----a-w- C:\Windows\System32\IME\IMETC10\IMTCPROP.exe 2017-07-11 02:40:10 F1A5C84CE3795BECC1EEE9EC1487D455 159400 ----a-w- C:\Windows\System32\migwiz\MigSetup.exe 2017-07-11 02:40:09 B008EC0EC71EB73B2B13F3032C6FF239 97792 ----a-w- C:\Windows\System32\appidpolicyconverter.exe 2017-07-11 02:40:09 9B2BA304828D5FABF87348D59D635AC7 91368 ----a-w- C:\Windows\System32\MigAutoPlay.exe 2017-07-11 02:40:09 5DA59EFB062A0E36048394A04557B61F 59904 ----a-w- C:\Windows\System32\IME\IMEJP10\IMJPDSVR.EXE 2017-07-11 02:40:08 B63F25A66315A27A254060352F3E4B5D 429056 ----a-w- C:\Windows\System32\migwiz\migwiz.exe 2017-07-11 02:40:08 4315D6ECAE85024A0567DF2CB253B7B0 73216 ----a-w- C:\Windows\System32\msiexec.exe 2017-07-11 02:40:07 C648901695E275C8F2AD04B687A68CE2 45056 ----a-w- C:\Windows\System32\rundll32.exe 2017-07-11 02:40:07 6344EAE4813EAE521E3A03A884DB647D 26112 ----a-w- C:\Windows\System32\IME\IMEJP10\imjppdmg.exe 2017-07-11 02:40:06 6C8D411EDC63379A2DF639F254B9BBFA 69632 ----a-w- C:\Windows\System32\smss.exe 2017-07-11 02:40:06 64669AB349067A8A521F96ACF5B527CA 66048 ----a-w- C:\Windows\System32\PrintBrmUi.exe 2017-07-11 02:40:06 408D5D6E4D3674F9F4D8C73F7668683F 100352 ----a-w- C:\Windows\System32\audiodg.exe 2017-07-11 02:40:06 3714D5ECE64AF4AC4D6619D1623F3DC5 20992 ----a-w- C:\Windows\System32\spool\tools\PrintBrm.exe 2017-07-11 02:40:06 128B38F33325940F84FA38B16284D032 262656 ----a-w- C:\Windows\System32\rstrui.exe 2017-07-11 02:40:05 63EF04F2497DBD7408598F2EBBA9BC58 16896 ----a-w- C:\Windows\System32\appidcertstorecheck.exe 2017-07-11 02:40:04 806556D0328C9BDB2369F63968DA4D4C 636416 ----a-w- C:\Windows\System32\migwiz\PostMig.exe 2017-07-11 02:40:03 B8C26E61ABBDD9F47FCA9EAA613A3A9F 23040 ----a-w- C:\Windows\System32\mfpmp.exe 2017-07-11 02:40:03 B6D5D5A08AC21B315B36849137FCF5BE 50176 ----a-w- C:\Windows\System32\rrinstaller.exe 2017-07-11 02:40:02 C2063F63A7007210FF7324C8EF67FB20 9728 ----a-w- C:\Windows\System32\pcawrk.exe 2017-07-11 02:40:02 8B6D70339A1B43C809B10A1020878826 90112 ----a-w- C:\Windows\System32\IME\IMESC5\IMSCPROP.exe 2017-07-11 02:40:02 17C04477B52838B3EAD25DD0CFF2F674 74240 ----a-w- C:\Windows\System32\IME\IMEJP10\IMJPMGR.EXE 2017-07-11 02:40:01 CA2AAFB33D6A50FB9B54E376CCB43F33 8192 ----a-w- C:\Windows\System32\pcalua.exe 2017-07-11 02:40:01 9BA982C33132DD8F483CB8BDB87156B6 58368 ----a-w- C:\Windows\System32\IME\IMEJP10\IMJPUEX.EXE 2017-07-11 02:40:01 42F81C6A3835FE279B254AA2CB7B38FE 12288 ----a-w- C:\Windows\System32\wsmprovhost.exe 2017-07-11 02:40:00 BE8A2B6B6FC4DF488343018A47EA8AE3 7680 ----a-w- C:\Windows\System32\plasrv.exe 2017-07-11 02:40:00 9C0F01C9611DAA6297A028FFD55547E6 14848 ----a-w- C:\Windows\System32\IME\IMEJP10\IMJPDADM.EXE 2017-07-11 02:35:36 306EB846F88E58C7E763946DE95952E3 46592 ----a-w- C:\Windows\System32\TSWbPrxy.exe 2017-07-11 02:31:11 52449FD429D6053B78AE564DEF303870 304128 ----a-w- C:\Windows\System32\winlogon.exe 2017-07-11 02:31:11 0DBD0B4D4766CADEB8C30242A0611395 1051136 ----a-w- C:\Windows\System32\mstsc.exe 2017-07-11 02:31:10 A5661C9330E5FCFCDD53EB03D5F04822 8192 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2017-07-11 02:30:44 4489D5077C5D2396E3A94D652ADAE1CA 14336 ----a-w- C:\Windows\System32\fixmapi.exe 2017-07-11 02:30:43 72E953215CADE1A726C04AAFDF6B463D 49152 ----a-w- C:\Windows\System32\taskhost.exe 2017-07-11 02:28:03 895962CB2049447EFD2DBE61DEDE596A 26624 ----a-w- C:\Windows\System32\netbtugc.exe 2017-07-11 01:07:31 C59559B9A17C05BDF50E3EB23205C1CC 279336 ----a-w- C:\Program Files\VideoLAN\VLC\uninstall.exe 2017-07-11 00:53:35 31590C258ADA12E7A6B59F569016F9AD 3570176 ----a-w- C:\Windows\System32\DriverStore\FileRepository\rtsuerx.inf_x86_neutral_284602da434001db\RtCRU32.exe 2017-07-11 00:53:35 31590C258ADA12E7A6B59F569016F9AD 3570176 ----a-w- C:\Windows\RtCRU32.exe 2017-07-10 20:33:38 C0A19BD59A525199D5318F73D7B97031 89698 ----a-w- C:\Program Files\Mozilla Maintenance Service\Uninstall.exe 2017-07-10 20:33:35 86C9215967686BB8A6AEE8008D914BF8 175560 ----a-w- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 2017-07-10 19:47:21 FEF363F0CB350BFFA9E16E030A7C5669 76576 ----a-w- C:\Program Files\IObit\IObit Uninstaller\Install_PintoStartMenu.exe 2017-07-10 19:47:21 EE5CC13627FEA4A07E6FB4CDFC288E27 116000 ----a-w- C:\Program Files\IObit\IObit Uninstaller\NoteIcon.exe 2017-07-10 19:47:21 DAE1571B0FB864364A967803CFED0061 815392 ----a-w- C:\Program Files\IObit\IObit Uninstaller\ScreenShot.exe 2017-07-10 19:47:21 C6F67A2EFA5E7463D20B79CC6D7726FD 598304 ----a-w- C:\Program Files\IObit\IObit Uninstaller\IUDM.exe 2017-07-10 19:47:21 AF7B10FF5D0AA41F8F4545DA244B6070 2286368 ----a-w- C:\Program Files\IObit\IObit Uninstaller\Feedback.exe 2017-07-10 19:47:21 7F850FF1E793F30C5398CF1554618BFC 360736 ----a-w- C:\Program Files\IObit\IObit Uninstaller\IUService.exe 2017-07-10 19:47:21 79CFAD89C09D87948F2867F62BF6C960 2957600 ----a-w- C:\Program Files\IObit\IObit Uninstaller\IObitLiveUpdate.exe 2017-07-10 19:47:21 3742E259752BFEE9688931140E7E4117 2340640 ----a-w- C:\Program Files\IObit\IObit Uninstaller\IObitDownloader.exe 2017-07-10 19:47:21 358D68AADE77E120C9C1ABC29B916F9E 513528 ----a-w- C:\Program Files\IObit\IObit Uninstaller\Dashlane_Launcher.exe 2017-07-10 19:47:21 25ECB701FF0AC4656BC642A28BB08FB8 2275616 ----a-w- C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe 2017-07-10 19:47:21 1AB3A29077BFEA6FE18E6082E040AF6B 604960 ----a-w- C:\Program Files\IObit\IObit Uninstaller\AUpdate.exe 2017-07-10 19:47:21 11DAEBF05711F29D433413D5A0F51701 1183520 ----a-w- C:\Program Files\IObit\IObit Uninstaller\UninstallHistory.exe 2017-07-10 19:47:20 FA91D933F71D1C3DC4FF9078B8DFCF18 3361568 ----a-w- C:\Program Files\IObit\IObit Uninstaller\UninstallPromote.exe 2017-07-10 19:47:20 E90B78E2BBE9B8A77E168119D7956820 1066272 ----a-w- C:\Program Files\IObit\IObit Uninstaller\IUPluginNotice.exe 2017-07-10 19:47:20 BA274514B3701710F8110CC8BE3216CB 361248 ----a-w- C:\Program Files\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe 2017-07-10 19:47:20 897AC0B7A29E384CE6C5E026D44CF9A3 1034528 ----a-w- C:\Program Files\IObit\IObit Uninstaller\SendBugReportNew.exe 2017-07-10 19:47:20 4B6985ACC1FC8E6F5C885FBF50358E4C 4654368 ----a-w- C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe 2017-07-10 19:47:20 46CFA103CAD1607350071974871FBB5A 577312 ----a-w- C:\Program Files\IObit\IObit Uninstaller\DSPut.exe 2017-07-10 19:47:20 0A926B4D142130F67415EA4B5274E6B4 924960 ----a-w- C:\Program Files\IObit\IObit Uninstaller\PPUninstaller.exe 2017-07-10 19:47:18 7C0AFB6285DF6BBBC405463E4105256C 1201576 ----a-w- C:\Program Files\IObit\IObit Uninstaller\unins000.exe 2017-07-10 19:47:18 7657B10EC49C4F557370F79FBAAC7813 605472 ----a-w- C:\Program Files\IObit\IObit Uninstaller\IU_InstallBeforWork.exe 2017-07-10 18:37:12 FF5BA899D2895EF0580D0B01119817BC 276992 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_1c408d9bb290dd58\RtkAudioService.exe 2017-07-10 18:37:12 FF5BA899D2895EF0580D0B01119817BC 276992 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe 2017-07-10 18:37:12 EA375FA17FBFBD6C3A20AEF1939BF35D 441480 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_1c408d9bb290dd58\vncutil.exe 2017-07-10 18:37:12 EA375FA17FBFBD6C3A20AEF1939BF35D 441480 ----a-w- C:\Program Files\Realtek\Audio\HDA\vncutil.exe 2017-07-10 18:37:12 575FDF61AFC7822E8CB535A38BB1D895 8156672 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_1c408d9bb290dd58\RtkNGUI.exe 2017-07-10 18:37:12 575FDF61AFC7822E8CB535A38BB1D895 8156672 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe 2017-07-10 18:37:12 4ABDBBA944AE3BC9D60FAC2EA29191F7 1566208 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_1c408d9bb290dd58\RtlUpd.exe 2017-07-10 18:37:12 4ABDBBA944AE3BC9D60FAC2EA29191F7 1566208 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe 2017-07-10 18:37:11 F9BC56AE03692AACD4F44C3975F37701 1070592 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_1c408d9bb290dd58\RtHDVBg.exe 2017-07-10 18:37:11 F9BC56AE03692AACD4F44C3975F37701 1070592 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe 2017-07-10 18:37:11 B49DCEEAFE6279105A03A0E35B4320FD 15009280 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_1c408d9bb290dd58\RtHDVCpl.exe 2017-07-10 18:37:11 B49DCEEAFE6279105A03A0E35B4320FD 15009280 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe 2017-07-10 18:37:11 ADAC957B9C9CB3900B44377A7EB1AF1F 182408 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_1c408d9bb290dd58\DTSAudioService.exe 2017-07-10 18:37:11 ADAC957B9C9CB3900B44377A7EB1AF1F 182408 ----a-w- C:\Program Files\Realtek\Audio\HDA\DTSAudioService.exe 2017-07-10 18:37:11 828416D2E21884362D4C979D84FC8E99 75512 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_1c408d9bb290dd58\CreateRtkToastLnk.exe 2017-07-10 18:37:11 828416D2E21884362D4C979D84FC8E99 75512 ----a-w- C:\Program Files\Realtek\Audio\HDA\CreateRtkToastLnk.exe 2017-07-10 18:35:28 E4FEF990BDAD03B60FED7FC07FD67587 997496 ----a-w- C:\Program Files\Intel\Intel(R) Processor Graphics\uninstall\Setup.exe 2017-07-10 18:34:36 E61D002FA70DC3E93CD78B1F1E388276 4383352 ----a-w- C:\Windows\System32\Gfxv4_0.exe 2017-07-10 18:34:36 E61D002FA70DC3E93CD78B1F1E388276 4383352 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\Gfxv4_0.exe 2017-07-10 18:34:36 E35EE082AB98080067DF7DE4138B5B61 399992 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\CustomModeAppv2_0.exe 2017-07-10 18:34:36 E35EE082AB98080067DF7DE4138B5B61 399992 ----a-w- C:\Windows\System32\CustomModeAppv2_0.exe 2017-07-10 18:34:36 B966E471C1397EC88FE46A3670303E01 418424 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\IntelWiDiUMS32.exe 2017-07-10 18:34:36 B29D8E835067F1204AA042E707D48B8B 546424 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\DPTopologyApp.exe 2017-07-10 18:34:36 B29D8E835067F1204AA042E707D48B8B 546424 ----a-w- C:\Windows\System32\DPTopologyApp.exe 2017-07-10 18:34:36 80054B40083DA39A1A7AC93D1DFB37D7 274040 ----a-w- C:\Windows\System32\igfxCUIService.exe 2017-07-10 18:34:36 80054B40083DA39A1A7AC93D1DFB37D7 274040 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\igfxCUIService.exe 2017-07-10 18:34:36 6DBAA9A70D56DB966403FA1480B3896D 396408 ----a-w- C:\Windows\System32\igfxTray.exe 2017-07-10 18:34:36 6DBAA9A70D56DB966403FA1480B3896D 396408 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\igfxTray.exe 2017-07-10 18:34:36 5C5A40A182527845E98AE63C65D6292A 400504 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\CustomModeApp.exe 2017-07-10 18:34:36 5C5A40A182527845E98AE63C65D6292A 400504 ----a-w- C:\Windows\System32\CustomModeApp.exe 2017-07-10 18:34:36 5857F661258719BBDD184A818F9D1B57 916600 ----a-w- C:\Windows\System32\GfxUIEx.exe 2017-07-10 18:34:36 5857F661258719BBDD184A818F9D1B57 916600 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\GfxUIEx.exe 2017-07-10 18:34:36 5414A6718D7E2559E2C51FE2AE84E09D 4380280 ----a-w- C:\Windows\System32\Gfxv2_0.exe 2017-07-10 18:34:36 5414A6718D7E2559E2C51FE2AE84E09D 4380280 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\Gfxv2_0.exe 2017-07-10 18:34:36 433682E4424C2C1841D6C20C99739D39 415864 ----a-w- C:\Windows\System32\igfxEM.exe 2017-07-10 18:34:36 433682E4424C2C1841D6C20C99739D39 415864 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\igfxEM.exe 2017-07-10 18:34:36 33BED30FBA858BBDA67053881B716459 545912 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\DPTopologyAppv2_0.exe 2017-07-10 18:34:36 33BED30FBA858BBDA67053881B716459 545912 ----a-w- C:\Windows\System32\DPTopologyAppv2_0.exe 2017-07-10 18:34:36 2B17118651FBC362B417C1E2858855D1 209528 ----a-w- C:\Windows\System32\igfxHK.exe 2017-07-10 18:34:36 2B17118651FBC362B417C1E2858855D1 209528 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\igfxHK.exe 2017-07-10 18:34:36 1CB1793C1E808CB4F391249E5E1CE0A4 161912 ----a-w- C:\Windows\System32\igfxext.exe 2017-07-10 18:34:36 1CB1793C1E808CB4F391249E5E1CE0A4 161912 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\igfxext.exe 2017-07-10 18:34:36 17180EBB7B2A77E88A570B1A8061C961 2161080 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\IntelWiDiVAD32.exe 2017-07-10 18:34:36 08058DB82EB0084478447D750E1DEA7A 280696 ----a-w- C:\Windows\System32\IntelCpHeciSvc.exe 2017-07-10 18:34:36 08058DB82EB0084478447D750E1DEA7A 280696 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\IntelCpHeciSvc.exe 2017-07-10 18:33:52 7D12B14CC134EDB15AEB88D6A8DD929E 88152 ----a-w- C:\Program Files\Opera\46.0.2597.39\installer_helper.exe 2017-07-10 18:33:52 6C6D248191647A43FACF06C842BD4E85 990296 ----a-w- C:\Program Files\Opera\launcher.exe 2017-07-10 18:33:51 CF6EE9900926A8753D8920E8C57AA8DB 778328 ----a-w- C:\Program Files\Opera\46.0.2597.39\opera_crashreporter.exe 2017-07-10 18:33:51 6887A34023F9C1B04BD8C42CF9CFB11B 2080344 ----a-w- C:\Program Files\Opera\46.0.2597.39\installer.exe 2017-07-10 18:33:51 52AA4D97C79D6C117156DF2D75CEA9A4 708184 ----a-w- C:\Program Files\Opera\46.0.2597.39\opera.exe 2017-07-10 18:33:51 22BC225E58D48D028641CFA1B3663E96 2228312 ----a-w- C:\Program Files\Opera\46.0.2597.39\opera_autoupdate.exe 2017-07-10 17:56:10 3964D77124A57BF24C4A24C7AF78EFB3 853120 ----a-w- C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe 2017-07-10 00:43:28 631EA355665F28D4707448E442FBF5B8 485760 ----a-w- C:\Boot\memtest.exe === C: other files == 2017-07-15 19:28:34 6D9F838FF8D7DC5E69EE16260FE73482 2955443 ----a-w- C:\Users\RANO\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\staged\https-everywhere-eff@eff.org.xpi 2017-07-15 19:28:14 82098DB18555553EE036E37E219039D4 559912 ----a-w- C:\Users\RANO\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\staged\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi 2017-07-14 08:43:01 867C301E8B790040AE9CF6486E8041DF 155136 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2017-07-14 08:43:01 06E6F32C8D0A3F66D956F57B43A2E070 66560 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2017-07-14 00:55:41 298502582B0D74CAC3085C2428F92995 2060 ----a-w- C:\Program Files\Opera\46.0.2597.46\resources\standard_themes\default_theme.zip 2017-07-13 05:17:29 28B64D3792D4F692E45ECB0C3F98C19B 1213672 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2017-07-13 05:17:29 18B9744F4F73B7EDEA7747E69F33D5BF 2402304 ----a-w- C:\Windows\System32\win32k.sys 2017-07-13 05:17:28 897AE9430D037B056CF76A49CF588542 730856 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2017-07-13 05:17:28 76DFFD56A947370E782F21F4847503E9 240872 ----a-w- C:\Windows\System32\drivers\netio.sys 2017-07-13 05:17:27 F6AA1FE6ECB2C175E9BA14D30C739FD3 94208 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bthpan.inf_x86_neutral_9116bd8b7a2a8172\bthpan.sys 2017-07-13 05:17:27 F6AA1FE6ECB2C175E9BA14D30C739FD3 94208 ----a-w- C:\Windows\System32\drivers\bthpan.sys 2017-07-13 05:17:27 C25848DB4A86839A7EDD1077F62AD980 1309928 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2017-07-13 05:17:27 91439C1CE4373F6B76666AF7E0ED96EE 218856 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2017-07-13 05:17:27 89670A2DA2B97D3F665C4CC376B4EDAC 187624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2017-07-13 05:17:27 33FD2EFFFF90263D9AD0EC3886913B5C 67304 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2017-07-13 05:17:27 2F50E2780F16E00369F1311B086C3E42 514048 ----a-w- C:\Windows\System32\drivers\http.sys 2017-07-13 05:17:27 2EF9EA403EAE8CC98C2B76B68337FE91 250600 ----a-w- C:\Windows\System32\clfs.sys 2017-07-13 05:17:27 28A510CE42C686FC2B45DFEC76E3D0D5 137960 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2017-07-13 05:17:26 BD89C0C6904A1F7CDD239577D49B5B5C 226304 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2017-07-13 05:17:26 3655F8342CEA2D9BCA36BAD641361031 124416 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2017-07-13 05:17:25 C6C113DC665B702D9BEF049774D48069 98304 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2017-07-13 05:15:59 242B118BDC00DFB670A8FC242952E4D9 20104 ----a-w- C:\Windows\System32\appraiser\nxquery.sys 2017-07-13 05:15:34 FC6B21DB4B5B398AB93DBE59CBF11036 36352 ----a-w- C:\Windows\System32\DriverStore\FileRepository\sti.inf_x86_neutral_24eb5587941b03fb\usbscan.sys 2017-07-13 05:15:34 F1B27299F547D452EDAEF01FC187CB91 25728 ----a-w- C:\Windows\System32\DriverStore\FileRepository\input.inf_x86_neutral_1436b88c77b8881d\hidparse.sys 2017-07-13 05:15:34 F1B27299F547D452EDAEF01FC187CB91 25728 ----a-w- C:\Windows\System32\drivers\hidparse.sys 2017-07-13 05:15:34 50ABE682EBE752EAF62B18790D6D491C 55808 ----a-w- C:\Windows\System32\DriverStore\FileRepository\input.inf_x86_neutral_1436b88c77b8881d\hidclass.sys 2017-07-13 05:15:34 50ABE682EBE752EAF62B18790D6D491C 55808 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2017-07-13 05:14:52 FE8A57C8E04EDD3AA8ADD8F3C8F65297 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2017-07-13 05:14:52 C44206971082446BA8E9A19A35D41424 30208 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_x86_neutral_1c5becb2deac08f0\rndismp6.sys 2017-07-13 05:14:52 BE444D443F424E3146534BA98978D68A 15872 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_x86_neutral_1c5becb2deac08f0\usb80236.sys 2017-07-13 05:14:52 AF77716205C97E902E6C5B78DECE2CCA 15872 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_x86_neutral_1c5becb2deac08f0\usb8023x.sys 2017-07-13 05:14:52 94617EC3A62336151C039E15A2945042 33280 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_x86_neutral_1c5becb2deac08f0\rndismpx.sys 2017-07-13 04:59:27 9804FB2E46077F2977552347DFCA7E05 712640 ----a-w- C:\Windows\System32\drivers\ndis.sys 2017-07-13 04:49:22 B4A1789BE90403D9549EF9DBAD37A429 24576 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_21d7c5e10748c4b6\usbuhci.sys 2017-07-13 04:49:22 B4A1789BE90403D9549EF9DBAD37A429 24576 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2017-07-13 04:49:22 90B7F53DD3CE7DC8369A5ECDCC4F441D 285696 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_21d7c5e10748c4b6\usbport.sys 2017-07-13 04:49:22 90B7F53DD3CE7DC8369A5ECDCC4F441D 285696 ----a-w- C:\Windows\System32\drivers\usbport.sys 2017-07-13 04:49:22 81E1E90305A4C7A13BADC5DFA22ABA37 20480 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_21d7c5e10748c4b6\usbohci.sys 2017-07-13 04:49:22 81E1E90305A4C7A13BADC5DFA22ABA37 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2017-07-13 04:49:22 5D57798CAE5A0DD0B8F61C52B8E7C3D1 46592 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_21d7c5e10748c4b6\usbehci.sys 2017-07-13 04:49:22 5D57798CAE5A0DD0B8F61C52B8E7C3D1 46592 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2017-07-13 04:49:22 3835ECC1E928042F92D7AA1963D40523 259072 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_21d7c5e10748c4b6\usbhub.sys 2017-07-13 04:49:22 3835ECC1E928042F92D7AA1963D40523 259072 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_8b83b1db39183ab1\usbhub.sys 2017-07-13 04:49:22 3835ECC1E928042F92D7AA1963D40523 259072 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2017-07-13 04:49:22 325A69967CC7B4BFB170F5636143A94A 76288 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_8b83b1db39183ab1\usbccgp.sys 2017-07-13 04:49:22 325A69967CC7B4BFB170F5636143A94A 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2017-07-13 04:49:21 D8C3D7728D641226D13B1E588441C5B6 6016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_21d7c5e10748c4b6\usbd.sys 2017-07-13 04:49:21 D8C3D7728D641226D13B1E588441C5B6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2017-07-13 04:49:14 ED80D303102A746D30C1684B387BCBF1 33280 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys 2017-07-13 04:49:14 C44206971082446BA8E9A19A35D41424 30208 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_x86_neutral_0b46e86f0f566f5a\rndismp6.sys 2017-07-13 04:49:14 94617EC3A62336151C039E15A2945042 33280 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_x86_neutral_0b46e86f0f566f5a\rndismpx.sys 2017-07-13 04:46:19 E306A24D9694C724FA2491278BF50FDB 196328 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2017-07-13 04:44:59 575DF237408CA735631F7A0DC423D873 54656 ----a-w- C:\Windows\System32\drivers\stream.sys 2017-07-13 04:38:39 B7B470F163002A0D0E381EE45834BF6B 57280 ----a-w- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b1d91cea6f3429b1\disk.sys 2017-07-13 04:38:39 B7B470F163002A0D0E381EE45834BF6B 57280 ----a-w- C:\Windows\System32\drivers\disk.sys 2017-07-13 04:34:00 F1A449D762657230629D8BFC107ABC14 149440 ----a-w- C:\Windows\System32\drivers\storport.sys 2017-07-13 04:34:00 EB34CE31FABD4DC4343FD2AD16D2CAF9 234432 ----a-w- C:\Windows\System32\DriverStore\FileRepository\iscsi.inf_x86_neutral_128be931e3e98b62\msiscsi.sys 2017-07-13 04:34:00 EB34CE31FABD4DC4343FD2AD16D2CAF9 234432 ----a-w- C:\Windows\System32\drivers\msiscsi.sys 2017-07-13 04:34:00 5FB4F271032B6435F3B2252F577A4815 27072 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2017-07-13 03:48:05 A4BF8BE9D1F7D563C7868AC7B2561545 35840 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys 2017-07-13 03:39:05 DDCE686D76C2B4DB435A3AF5BD0E691D 133056 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\ataport.sys 2017-07-13 03:39:05 DDCE686D76C2B4DB435A3AF5BD0E691D 133056 ----a-w- C:\Windows\System32\drivers\ataport.sys 2017-07-13 03:37:47 F0E99E1982E78251A564159EB1D22CBE 123328 ----a-w- C:\Windows\System32\DriverStore\FileRepository\tpm.inf_x86_neutral_56b145ccbfca752c\tpm.sys 2017-07-11 13:59:05 7DAE5EBCC80E45D3253F4923DC424D05 19824 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2017-07-11 04:30:54 0C997B061E3C66BD9E927C1288EB1CC7 24688 ----a-w- C:\Windows\System32\drivers\TrueSight.sys 2017-07-11 03:16:55 144DA53294922A84FFAA3D90B1453745 76288 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_x86_neutral_de27b3e85e2c60fc\USBSTOR.SYS 2017-07-11 03:16:55 144DA53294922A84FFAA3D90B1453745 76288 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2017-07-11 03:05:24 007C0C8D5B01D82ACEB70431D15083F6 28160 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mdmcpq.inf_x86_neutral_1965855805a8e768\usbser.sys 2017-07-11 02:52:42 01341F82086E017423ED5D014C9CD603 282367 ----a-w- C:\Users\RANO\AppData\Roaming\Opera Software\Opera Stable\dictionaries\fr.zip 2017-07-11 02:40:20 EE337A0E80C2554D42487E29C4E41E24 311808 ----a-w- C:\Windows\System32\drivers\srv.sys 2017-07-11 02:40:19 722EDCF256AFD35538E69A933A908CA2 313856 ----a-w- C:\Windows\System32\drivers\srv2.sys 2017-07-11 02:40:18 0C941A3F148B4228867908F98F394461 593920 ----a-w- C:\Windows\System32\drivers\PEAuth.sys 2017-07-11 02:40:17 F582FC7976F1248AC5FBD6875C626B41 338944 ----a-w- C:\Windows\System32\drivers\afd.sys 2017-07-11 02:40:16 06AC0310138E4B2C35AF7344D18BC686 117248 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2017-07-11 02:40:15 EA9DBD76CE9254C77BAAB4339DD4C4FB 81408 ----a-w- C:\Windows\System32\drivers\dfsc.sys 2017-07-11 02:40:15 7F7D4B16389CEF932950F6B2604D2601 373896 ----a-w- C:\Windows\System32\drivers\cng.sys 2017-07-11 02:40:14 BDF998A504EED01787CCA371980EAEDE 116224 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2017-07-11 02:40:13 9664F55623B43FD85D5642A202976AEE 78568 ----a-w- C:\Windows\System32\drivers\mountmgr.sys 2017-07-11 02:40:12 53E8732CC70CC0991839DF9FC8996E4A 142336 ----a-w- C:\Windows\System32\drivers\exfat.sys 2017-07-11 02:40:12 28AF7D4427868B7CE4C00CAB1864C7F6 68608 ----a-w- C:\Windows\System32\drivers\bowser.sys 2017-07-11 02:40:12 24F422E5D7517FEBDA2324116F1A7BE6 148992 ----a-w- C:\Windows\System32\drivers\fastfat.sys 2017-07-11 02:40:08 20ED6F310B7C56389D97B3BC435A466D 50688 ----a-w- C:\Windows\System32\drivers\appid.sys 2017-07-11 02:40:08 01743A8A62F2C0488F9C4F6D25C21B2C 74752 ----a-w- C:\Windows\System32\drivers\tdx.sys 2017-07-11 02:34:37 AFA8CCAFC4A0983B09AC386E643F8F81 117760 ----a-w- C:\Windows\System32\drivers\rmcast.sys 2017-07-11 02:33:45 3F34A1B4C5F6475F320C275E63AFCE9B 56176 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2017-07-11 02:31:09 CD9214A6AE17D188D17C3CF8CB9CC693 184320 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2017-07-11 02:31:08 6C5139E4283249518F7743D7043775B3 31232 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2017-07-11 02:29:18 DE014425522610BEDCA3821BB8C0F1D5 146816 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbvideo.inf_x86_neutral_b63436395ec126b7\usbvideo.sys 2017-07-11 02:29:18 DE014425522610BEDCA3821BB8C0F1D5 146816 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2017-07-11 02:29:18 A1977C315BF5691DA99235AA4A6907AF 80896 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdma_usb.inf_x86_neutral_8583111d879ac65d\USBAUDIO.sys 2017-07-11 02:29:18 2352AB5F9F8F097BF9D41D5A4718A041 86016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbcir.inf_x86_neutral_1a7503cad201feda\usbcir.sys 2017-07-11 02:29:18 2352AB5F9F8F097BF9D41D5A4718A041 86016 ----a-w- C:\Windows\System32\drivers\usbcir.sys 2017-07-11 02:28:03 A00996C9BFEF29A93B9F21DBE1DC502D 188928 ----a-w- C:\Windows\System32\drivers\netbt.sys 2017-07-11 02:27:55 A3F684B866A7D89AE396276CE7AFD416 5120 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_cb5a5ee8949608a3\drmkaud.sys 2017-07-11 02:27:55 A3F684B866A7D89AE396276CE7AFD416 5120 ----a-w- C:\Windows\System32\drivers\drmkaud.sys 2017-07-11 02:27:55 53F70F2B5ED939C0013D625F6444F5C7 81408 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_cb5a5ee8949608a3\drmk.sys 2017-07-11 02:27:55 53F70F2B5ED939C0013D625F6444F5C7 81408 ----a-w- C:\Windows\System32\drivers\drmk.sys 2017-07-11 02:27:55 1F3096B1725382912803B6027AF4B94A 177152 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_cb5a5ee8949608a3\portcls.sys 2017-07-11 02:27:55 1F3096B1725382912803B6027AF4B94A 177152 ----a-w- C:\Windows\System32\drivers\portcls.sys 2017-07-11 02:27:50 48704647CD2E9DAA2EB81BDE6D029EDB 47720 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2017-07-11 02:27:50 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2017-07-11 02:26:32 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbhub.sys 2017-07-11 02:26:32 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbhub.sys 2017-07-11 02:26:32 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbport.sys 2017-07-11 02:26:32 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbehci.sys 2017-07-11 02:26:32 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbccgp.sys 2017-07-11 02:26:31 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbohci.sys 2017-07-11 02:26:31 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbuhci.sys 2017-07-11 02:26:31 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbd.sys 2017-07-11 00:58:55 E957DA63610A587836EAB9F9B6284A52 839696 ----a-w- C:\Windows\System32\DriverStore\FileRepository\iusb3xhc.inf_x86_neutral_53dab0f65d0de79a\iusb3xhc.sys 2017-07-11 00:58:55 E957DA63610A587836EAB9F9B6284A52 839696 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys 2017-07-11 00:58:44 8C57F78CC0280C2A665747454B9F2398 44954 ----a-w- C:\Users\RANO\AppData\Roaming\Mozilla\Firefox\Profiles\dev2qup0.default\features\{64efcc56-ae7d-42ae-be08-9a3c72aebb07}\shield-recipe-client@mozilla.org.xpi 2017-07-11 00:58:44 37C4985636A53567CAF1E6AFB7E4A1C0 9974 ----a-w- C:\Users\RANO\AppData\Roaming\Mozilla\Firefox\Profiles\dev2qup0.default\features\{64efcc56-ae7d-42ae-be08-9a3c72aebb07}\followonsearch@mozilla.com.xpi 2017-07-11 00:54:51 AE73880E4D74693C3B90530EA4458410 794608 ----a-w- C:\Windows\System32\DriverStore\FileRepository\rt86win7.inf_x86_neutral_3a7cd5bd549edd58\Rt86win7.sys 2017-07-11 00:54:51 AE73880E4D74693C3B90530EA4458410 794608 ----a-w- C:\Windows\System32\drivers\Rt86win7.sys 2017-07-11 00:53:36 84275D83036315EDBBE63428CD1F5D2F 308192 ----a-w- C:\Windows\System32\DriverStore\FileRepository\rtsuerx.inf_x86_neutral_284602da434001db\RtsUer.sys 2017-07-11 00:53:36 84275D83036315EDBBE63428CD1F5D2F 308192 ----a-w- C:\Windows\System32\drivers\RtsUer.sys 2017-07-10 23:48:56 2C2C5AFE7EE4F620D69C23C0617651A8 24576 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2017-07-10 23:40:38 CB136B267569A62EF63D798BC90ABD5A 144 ----a-w- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-07-10 19:52:35 08D17BD45932F65EE3198BE58F6EA173 162240 ----a-w- C:\Windows\System32\drivers\MBAMChameleon.sys 2017-07-10 19:52:27 601BF49A35D62E1783F328877434ECAF 65824 ----a-w- C:\Windows\System32\drivers\mwac.sys 2017-07-10 19:52:27 1CA8869650513B5F11EBBC9D30B6C372 85400 ----a-w- C:\Windows\System32\drivers\farflt.sys 2017-07-10 19:52:16 EA8012B28C87359AB0AB89FF057DB168 40352 ----a-w- C:\Windows\System32\drivers\mbam.sys 2017-07-10 19:52:09 B72EBB5C4727E67BAFDBC7FEA5A8D49F 221600 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2017-07-10 19:51:59 C00BBCAEDCC2A3503D0FC27DD96D97C8 59936 ----a-w- C:\Windows\System32\drivers\mbae.sys 2017-07-10 18:44:46 9F45771914360A925252A1B7226EC7EC 451 ----a-w- C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2017-07-10 18:38:25 94EB9C6A0C07D5329E9EA69C9AA8929F 2094612 ----a-w- C:\Windows\System32\drivers\rtkhdasetting.zip 2017-07-10 18:37:15 6163A2BDD002147DA9481F09E3EAB445 4298792 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_1c408d9bb290dd58\RTKVHDA.sys 2017-07-10 18:37:15 6163A2BDD002147DA9481F09E3EAB445 4298792 ----a-w- C:\Windows\System32\drivers\RTKVHDA.sys 2017-07-10 18:35:37 298502582B0D74CAC3085C2428F92995 2060 ----a-w- C:\Users\RANO\AppData\Roaming\Opera Software\Opera Stable\themes_backup\default_theme.zip 2017-07-10 18:34:40 CDAEA264A9D8E43C872530D2BE586BC8 3031504 ----a-w- C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_955f2097c5cf7896\igdkmd32.sys 2017-07-10 18:34:40 CDAEA264A9D8E43C872530D2BE586BC8 3031504 ----a-w- C:\Windows\System32\drivers\igdkmd32.sys 2017-07-10 18:34:01 16086445D89EE0E650B4789C1AC66DA2 3365624 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netathr.inf_x86_neutral_64a24c355a6bf36a\athr.sys 2017-07-10 18:34:01 16086445D89EE0E650B4789C1AC66DA2 3365624 ----a-w- C:\Windows\System32\drivers\athr.sys 2017-07-10 18:33:51 298502582B0D74CAC3085C2428F92995 2060 ----a-w- C:\Program Files\Opera\46.0.2597.39\resources\standard_themes\default_theme.zip 2017-07-10 18:33:40 132DB251AEC9210B8CD46D17DDB3F01C 47504 ----a-w- C:\Windows\System32\DriverStore\FileRepository\btcusb.inf_x86_neutral_1613be8e72f3fd26\btcusb.sys 2017-07-10 18:33:40 132DB251AEC9210B8CD46D17DDB3F01C 47504 ----a-w- C:\Windows\System32\drivers\btcusb.sys 2017-07-10 18:32:31 D01C750421277EDAD729CDE1FA3BF36C 379128 ----a-w- C:\Windows\System32\DriverStore\FileRepository\intcdaud.inf_x86_neutral_c45d90304da5079a\IntcDAud.sys 2017-07-10 18:32:31 D01C750421277EDAD729CDE1FA3BF36C 379128 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys 2017-07-10 18:00:13 4004657E385E6C714825EB9031ED2062 23840 ----a-w- C:\Windows\System32\drivers\HWiNFO32.SYS 2017-07-10 17:56:11 3215C388BB0A8AFB6A62794BD032E8C4 3310592 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netathr.inf_x86_neutral_863199798353aa50\athr.sys 2017-07-10 17:56:11 3215C388BB0A8AFB6A62794BD032E8C4 3310592 ------w- C:\Windows\System32\athr.sys 2017-07-10 17:56:11 29E2B95F8E4C5D8B0782E5AC1B5D08C7 3247104 ------w- C:\Windows\System32\athwb.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2607330059-3759797209-600835816-1000\Software\Microsoft\Windows\CurrentVersion\Run] "IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe /onboot" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Malwarebytes TrayApp"="C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe /onboot" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IDMan] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IDMan" "hkey"="HKCU" "command"="C:\\Program Files\\Internet Download Manager\\IDMan.exe /onboot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Malwarebytes TrayApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Malwarebytes TrayApp" "hkey"="HKLM" "command"="C:\\PROGRAM FILES\\MALWAREBYTES\\ANTI-MALWARE\\mbamtray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RTHDVCPL" "hkey"="HKLM" "command"="\"C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe\" -s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Screenpresso] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Screenpresso" "hkey"="HKCU" "command"="\"C:\\Users\\RANO\\AppData\\Local\\Learnpulse\\Screenpresso\\Screenpresso.exe\" -startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UnlockerAssistant] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UnlockerAssistant" "hkey"="HKLM" "command"="\"C:\\Program Files\\Unlocker\\UnlockerAssistant.exe\"" ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player PPAPI Notifier" [C:\Windows\system32\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\Opera scheduled Autoupdate 1499711631" [C:\Program Files\Opera\launcher.exe] "C:\Windows\system32\tasks\Uninstaller_SkipUac_RANO" [C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe] ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "mozilla_cc3@internetdownloadmanager.com"="C:\Program Files\Internet Download Manager\idmmzcc3.xpi" [16/05/2017 18:04] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\RANO\AppData\Roaming\Mozilla\Firefox\Profiles\dev2qup0.default B7CA365E7F1BECCE849FF6D390F16DCE - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin ==== Chromium Look ====================== IDM Integration Module - RANO\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngpampappnmepgilojfohadhhmbhlaek ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\Users\RANO\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully C:\Users\RANO\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully C:\Users\RANO\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\RANO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\RANO\AppData\Local\Mozilla\Firefox\Profiles\dev2qup0.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\RANO\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3 folders=1 406 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\RANO\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\RANO\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\RANO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on 15/07/2017 at 22:02:11,91 ======================