Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Help removing ADCHOICES
Message
<blockquote data-quote="Shuggie" data-source="post: 438132" data-attributes="member: 43034"><p>Zoek.exe v5.0.0.1 Updated 30-09-2015</p><p>Tool run by Shukhrat on Sat 10/03/2015 at 11:22:18.05.</p><p>Microsoft Windows 10 Pro 10.0.10240 x64</p><p>Running in: Normal Mode Internet Access Detected</p><p>Launched: C:\Users\Shukhrat\Desktop\zoek.exe [Scan all users] [Quick Scan] </p><p></p><p>==== System Restore Info ======================</p><p></p><p>10/3/2015 11:23:22 AM Zoek.exe System Restore Point Created Successfully.</p><p></p><p>==== Files Recently Created / Modified ======================</p><p></p><p>====== C:\WINDOWS ====</p><p>====== C:\Users\Shukhrat\AppData\Local\Temp ====</p><p>====== Java Cache =====</p><p>====== C:\WINDOWS\SysWOW64 =====</p><p>2015-10-02 21:14:48 D5B3690D367EC7EF2AC7FC48B854D1CC 178152 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl</p><p>2015-10-02 21:14:48 5BACD68B116CAA67B71F4F9DB500A47B 812008 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe</p><p>2015-10-01 05:39:04 96CC96E8D16E315148047DFEB31EEEE9 13027840 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll</p><p>2015-10-01 05:39:04 5780FAC582AF72AF39D461336E23D39C 18806272 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll</p><p>2015-10-01 05:39:03 00A63F21DCEF7D6D58BB73C594C6C75F 19325440 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll</p><p>2015-10-01 05:39:01 3277E503E6EA72D19CDC16501FD151BA 5120056 ----a-w- C:\WINDOWS\SysWOW64\windows.storage.dll</p><p>2015-10-01 05:38:59 2DA15A53E965A27A3D5CF99E3CCC430A 6101504 ----a-w- C:\WINDOWS\SysWOW64\mos.dll</p><p>2015-10-01 05:38:58 08D6065A1D6D007C77A688271D915B00 5079552 ----a-w- C:\WINDOWS\SysWOW64\BingMaps.dll</p><p>2015-10-01 05:38:55 8E2D23AB73A5276FC7CDE134B06F0C03 5454848 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll</p><p>2015-10-01 05:38:54 19DFBB25AB67A2F4D23F08A7D765E802 2154808 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll</p><p>2015-10-01 05:38:53 A66B5D22B883373A44764C003078A828 2646528 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll</p><p>2015-10-01 05:38:52 EB7E8B15015C784D8852292206EF1461 1918464 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll</p><p>2015-10-01 05:38:51 BCCB55B18CE7054BA288FFEB27BA6F54 1766952 ----a-w- C:\WINDOWS\SysWOW64\CoreUIComponents.dll</p><p>2015-10-01 05:38:51 73FC0143E518D8DB7AFE9675F4AF8063 2207232 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll</p><p>2015-10-01 05:38:48 F28E047EF8A68C586F177A3DD625831C 3579904 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll</p><p>2015-10-01 05:38:46 2570B5FA73B119C16E0E721265126C3A 2446648 ----a-w- C:\WINDOWS\SysWOW64\msmpeg2vdec.dll</p><p>2015-10-01 05:38:45 47F3B89782076037F328AEC18245D4B1 962400 ----a-w- C:\WINDOWS\SysWOW64\LicenseManager.dll</p><p>2015-10-01 05:38:44 DFAE92F5EF58FF29E81D951B2BDF45B8 1104384 ----a-w- C:\WINDOWS\SysWOW64\UIAutomationCore.dll</p><p>2015-10-01 05:38:43 EE8FDC90138DD93AA6B1ECA831D9D3CE 1162240 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll</p><p>2015-10-01 05:38:43 C637D94084069A10759E53F79D5DC4C5 899584 ----a-w- C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll</p><p>2015-10-01 05:38:43 776339B81E632F579AB1EC6EE503A9C0 58368 ----a-w- C:\WINDOWS\SysWOW64\usoapi.dll</p><p>2015-10-01 05:38:43 6FA73C45D51E7909C68FE5A113D5585F 928256 ----a-w- C:\WINDOWS\SysWOW64\Unistore.dll</p><p>2015-10-01 05:38:42 DAFFF5B7F43F88907A21996E71812D0C 764416 ----a-w- C:\WINDOWS\SysWOW64\twinapi.appcore.dll</p><p>2015-10-01 05:38:42 BE36E4024EABE75FEF529553E023AEF8 646672 ----a-w- C:\WINDOWS\SysWOW64\mfsvr.dll</p><p>2015-10-01 05:38:41 F69835A120E9627327ECE984D2AC87EA 828928 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll</p><p>2015-10-01 05:38:40 001D3D691DD268165A3EE49C69078054 658528 ----a-w- C:\WINDOWS\SysWOW64\mfds.dll</p><p>2015-10-01 05:38:39 E03EC1BA7B6061620367F19249705D1F 625152 ----a-w- C:\WINDOWS\SysWOW64\ContactApis.dll</p><p>2015-10-01 05:38:39 807178C85CF6375FAB2FE42395FE94D7 677888 ----a-w- C:\WINDOWS\SysWOW64\MapControlCore.dll</p><p>2015-10-01 05:38:38 F65307E09D4807EDE95D1016CAF42DAD 587264 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll</p><p>2015-10-01 05:38:38 4B5286A021D8CA64BABB07D7B9739AF4 512000 ----a-w- C:\WINDOWS\SysWOW64\CoreMessaging.dll</p><p>2015-10-01 05:38:37 F38B52333E0C93A1C55323719103783B 1357888 ----a-w- C:\WINDOWS\SysWOW64\winmde.dll</p><p>2015-10-01 05:38:37 E0F11A1D1C7482BBD76448E6FD3AA327 454512 ----a-w- C:\WINDOWS\SysWOW64\directmanipulation.dll</p><p>2015-10-01 05:38:37 A5F48E7E55B076996B67F8F32C9D6D33 2639872 ----a-w- C:\WINDOWS\SysWOW64\esent.dll</p><p>2015-10-01 05:38:37 78FBC37D02A39402B685B7E95A83EFE8 428128 ----a-w- C:\WINDOWS\SysWOW64\WWanAPI.dll</p><p>2015-10-01 05:38:36 60242DBD3FCFA6D4163B6C29D76295B7 336384 ----a-w- C:\WINDOWS\SysWOW64\CredProvDataModel.dll</p><p>2015-10-01 05:38:35 D124F89BBDCFC24A04F159D913852DDC 701952 ----a-w- C:\WINDOWS\SysWOW64\JpMapControl.dll</p><p>2015-10-01 05:38:35 6740B4C8B8B3474F086B8AEBDE4861D8 217088 ----a-w- C:\WINDOWS\SysWOW64\VEEventDispatcher.dll</p><p>2015-10-01 05:38:35 258A4F9A2C91C6C6E36775CDCCB4AFE1 441168 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncHost.exe</p><p>2015-10-01 05:38:35 00682184457B97EDA4C0C157331A7495 454656 ----a-w- C:\WINDOWS\SysWOW64\MbaeApi.dll</p><p>2015-10-01 05:38:34 F4E25F21AC509AEE3617E9DBA086318E 434376 ----a-w- C:\WINDOWS\SysWOW64\MFCaptureEngine.dll</p><p>2015-10-01 05:38:34 53FC0EFBE44591CA16BE1A4309F689DC 253440 ----a-w- C:\WINDOWS\SysWOW64\SensorsApi.dll</p><p>2015-10-01 05:38:34 1BFDE0B4AC3E0EB180FBC32A22B8A8B4 464896 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.dll</p><p>2015-10-01 05:38:34 1B102F53BD7209D712BBE96E9FAA32CA 313856 ----a-w- C:\WINDOWS\SysWOW64\LockAppBroker.dll</p><p>2015-10-01 05:38:33 FFCE532A61DD7518BE997267940D7AE4 466432 ----a-w- C:\WINDOWS\SysWOW64\MessagingDataModel2.dll</p><p>2015-10-01 05:38:32 DC7C56F01B96CA5FDB99D241D4E067FC 311808 ----a-w- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll</p><p>2015-10-01 05:38:31 99CEBD54809E76C9CD1839B0492CCF5E 1895568 ----a-w- C:\WINDOWS\SysWOW64\hevcdecoder.dll</p><p>2015-10-01 05:38:31 63900F897A025DDFE83737A260C250A5 371712 ----a-w- C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll</p><p>2015-10-01 05:38:31 037908D9C8C689490978BFF72532A361 195072 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll</p><p>2015-10-01 05:38:30 1253135EC3029F79601EDCFF55ADC9FC 508248 ----a-w- C:\WINDOWS\SysWOW64\mf.dll</p><p>2015-10-01 05:38:29 535DCD92E0C7D52A0F1237AF3DCFAAA9 613376 ----a-w- C:\WINDOWS\SysWOW64\TokenBroker.dll</p><p>2015-10-01 05:38:27 3C9FDBB0963B18C9D60B54F8AF81DF11 268800 ----a-w- C:\WINDOWS\SysWOW64\ncryptprov.dll</p><p>2015-10-01 05:38:26 E856065895D1133F5457BCDB4452A8D3 74880 ----a-w- C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll</p><p>2015-10-01 05:38:25 DBAAA86B138D2F8B7EDF7A3ED7ADF8B3 557568 ----a-w- C:\WINDOWS\SysWOW64\ChatApis.dll</p><p>2015-10-01 05:38:25 399BED6CD8A3AA7C7CF48A8E55FB4463 579584 ----a-w- C:\WINDOWS\SysWOW64\AppointmentApis.dll</p><p>2015-10-01 05:38:24 F2BCE0CF75943E18852148B2875F632B 41472 ----a-w- C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll</p><p>2015-10-01 05:38:24 1A917EA73F9B46F31F8E0BA3B44FDD8F 525312 ----a-w- C:\WINDOWS\SysWOW64\EmailApis.dll</p><p>2015-10-01 05:38:20 80D2AE15F53154CEE71C9E3C131FBB9B 407608 ----a-w- C:\WINDOWS\SysWOW64\AudioSes.dll</p><p>2015-10-01 05:38:19 C5FBD8DDCD35F7F1242F3587681A2654 193024 ----a-w- C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll</p><p>2015-10-01 05:38:19 8B4E59B0B71ECE3CF6234DFAAE0A05DF 172032 ----a-w- C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll</p><p>2015-10-01 05:38:19 6C8012BEB3FF973020E9429CBB6C1696 195584 ----a-w- C:\WINDOWS\SysWOW64\UserDataAccountApis.dll</p><p>2015-10-01 05:38:19 54DB5459A808BB03FDEA98325530B946 145920 ----a-w- C:\WINDOWS\SysWOW64\mdmregistration.dll</p><p>2015-10-01 05:38:18 D0A5D8270FF8606D2B445C4359A8FCEB 328704 ----a-w- C:\WINDOWS\SysWOW64\MapConfiguration.dll</p><p>2015-10-01 05:38:18 C45DE57A004A5BD637923BB2EF410E19 131072 ----a-w- C:\WINDOWS\SysWOW64\CallHistoryClient.dll</p><p>2015-10-01 05:38:18 9E8E29389AD2E2C31E65400C5BBC06EC 574464 ----a-w- C:\WINDOWS\SysWOW64\Chakradiag.dll</p><p>2015-10-01 05:38:17 FB3B46B0FFCEDEED7BB5E74D82895118 1171456 ----a-w- C:\WINDOWS\SysWOW64\netcenter.dll</p><p>2015-10-01 05:38:17 638747E5050BEB4F5DF9DDE8AC418296 473088 ----a-w- C:\WINDOWS\SysWOW64\wpnapps.dll</p><p>2015-09-23 11:31:21 C2CD362B3DEE0B032166BB2F92078434 574256 ----a-w- C:\WINDOWS\SysWOW64\nvStreaming.exe</p><p>2015-09-23 11:30:25 D72F5D8790B61EE22674D880467EE028 339760 ----a-w- C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll</p><p>2015-09-23 11:30:25 B3E2B6237F7EE550BD3BC34246C170C1 364152 ----a-w- C:\WINDOWS\SysWOW64\NvIFROpenGL.dll</p><p>2015-09-23 11:30:25 748579DD24812A3EFE566BD3595460E9 2105976 ----a-w- C:\WINDOWS\SysWOW64\nvcuvid.dll</p><p>2015-09-23 11:30:25 740A0D02D74CA5FE975F55E4675AB6CB 37819000 ----a-w- C:\WINDOWS\SysWOW64\nvcompiler.dll</p><p>2015-09-23 11:30:25 6DDE5669624CF97A2010AC82B8F2BE3D 18569848 ----a-w- C:\WINDOWS\SysWOW64\nvoglv32.dll</p><p>2015-09-23 11:30:25 649616F2C4BE2840AE43020F26D30230 632664 ----a-w- C:\WINDOWS\SysWOW64\nvEncMFTH264.dll</p><p>2015-09-23 11:30:25 524DCC47002DE4EEA0B53C7896233326 986416 ----a-w- C:\WINDOWS\SysWOW64\NvIFR.dll</p><p>2015-09-23 11:30:25 47408EE7297192C00A174712D97876CA 1001440 ----a-w- C:\WINDOWS\SysWOW64\nvumdshim.dll</p><p>2015-09-23 11:30:25 22B152296997AA779935E5DFECE07E4D 128696 ----a-w- C:\WINDOWS\SysWOW64\nvoglshim32.dll</p><p>2015-09-23 11:30:25 1860A8CCA7BB2A36576CCD16E6D2E335 155792 ----a-w- C:\WINDOWS\SysWOW64\nvinit.dll</p><p>2015-09-23 11:30:25 12EF54F8C0D676B3506B415FCEAAD128 316120 ----a-w- C:\WINDOWS\SysWOW64\nvEncodeAPI.dll</p><p>2015-09-23 11:30:25 11677A28EB9D180114A56676D27B5AB4 945272 ----a-w- C:\WINDOWS\SysWOW64\NvFBC.dll</p><p>2015-09-23 11:30:25 10FCE28C6162C9F4C492A9A19457E29F 13666840 ----a-w- C:\WINDOWS\SysWOW64\nvopencl.dll</p><p>2015-09-23 11:30:25 00C36389D9C821DC4745D5FB81F3C35E 12191856 ----a-w- C:\WINDOWS\SysWOW64\nvcuda.dll</p><p>====== C:\WINDOWS\SysWOW64\drivers =====</p><p>====== C:\WINDOWS\Sysnative =====</p><p>2015-10-03 15:20:14 1A8FA886D7B2905F74108354732BF0AE 16148 ----a-w- C:\WINDOWS\Sysnative\MACHINE_Shukhrat_HistoryPrediction.bin</p><p>2015-10-01 05:39:06 CD8169F2DE6AFF7CC56A596BCC2326E8 24595456 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll</p><p>2015-10-01 05:39:06 35DAE99CA54E05DE5EE404EC20DD073F 16708608 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll</p><p>2015-10-01 05:39:05 B91D329CB2EF570B6A7CEB409625DD32 21875712 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll</p><p>2015-10-01 05:39:00 DE82BD1C35547D04241DB1DB3D4808E0 6487248 ----a-w- C:\WINDOWS\Sysnative\windows.storage.dll</p><p>2015-10-01 05:39:00 7ED8EF17B3A6C69DA6A0EC90CFBB4ABB 7055872 ----a-w- C:\WINDOWS\Sysnative\BingMaps.dll</p><p>2015-10-01 05:38:59 537826436B921256BA9055F65A97ED91 7569408 ----a-w- C:\WINDOWS\Sysnative\mos.dll</p><p>2015-10-01 05:38:57 E130DF660C8E4C6ED1255F2276CC2802 7523328 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll</p><p>2015-10-01 05:38:57 9D4A09AB97C2F0EC6BFA6B54AA2BA239 3781120 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll</p><p>2015-10-01 05:38:55 C9C6D1C3171A866F10C7D58777E9638A 2417664 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll</p><p>2015-10-01 05:38:55 78ECC7FEDA1790706A8ED7D864F754FC 2464216 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll</p><p>2015-10-01 05:38:55 6D6E7210CBD7C0AA2130F3F3F14D32A5 2824248 ----a-w- C:\WINDOWS\Sysnative\msmpeg2vdec.dll</p><p>2015-10-01 05:38:54 6FA4BB1AA0C18F5CFB96F228376BD249 2494712 ----a-w- C:\WINDOWS\Sysnative\CoreUIComponents.dll</p><p>2015-10-01 05:38:54 33F308FD702D507A7BB28BF2E80C2717 3248640 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll</p><p>2015-10-01 05:38:53 E5D86250453B33900666D92ED1A92ABE 2740224 ----a-w- C:\WINDOWS\Sysnative\wininet.dll</p><p>2015-10-01 05:38:48 3C096082A9232B7CEE4653B9C9031769 2228736 ----a-w- C:\WINDOWS\Sysnative\wlansvc.dll</p><p>2015-10-01 05:38:47 68DE1997977CD3A86D5F8D0FD23056EA 1563392 ----a-w- C:\WINDOWS\Sysnative\winmde.dll</p><p>2015-10-01 05:38:47 223A5048FE554992D8E7D0195D57AA19 1397088 ----a-w- C:\WINDOWS\Sysnative\LicenseManager.dll</p><p>2015-10-01 05:38:47 11AE1E4065376FCD89C0A37C5953164E 4791296 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll</p><p>2015-10-01 05:38:46 87E5D206DCDD7E8DB7A597DA59FB9A07 1423872 ----a-w- C:\WINDOWS\Sysnative\UserDataService.dll</p><p>2015-10-01 05:38:46 52C3440B5098BFB99D91E869A26ECB30 1213440 ----a-w- C:\WINDOWS\Sysnative\RemoteNaturalLanguage.dll</p><p>2015-10-01 05:38:46 5252CE15DB06AB5A796EBC361EAC1528 8020816 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe</p><p>2015-10-01 05:38:46 390EAAB81E5C1DB0FD4920796C74AB48 1290240 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll</p><p>2015-10-01 05:38:45 E41C778D6208A51F57557523E2B479B5 1205248 ----a-w- C:\WINDOWS\Sysnative\Unistore.dll</p><p>2015-10-01 05:38:45 85AC4CA67BECC08CBC655A8D8919B23B 1331200 ----a-w- C:\WINDOWS\Sysnative\UIAutomationCore.dll</p><p>2015-10-01 05:38:45 0968D575D9108497A6DC37749D4A6C4F 2093056 ----a-w- C:\WINDOWS\Sysnative\wlidsvc.dll</p><p>2015-10-01 05:38:45 031080A610C302B0279A267411EDB7E3 2226688 ----a-w- C:\WINDOWS\Sysnative\NetworkMobileSettings.dll</p><p>2015-10-01 05:38:44 D23F211E1AA0787EFEC373D172D4A1C2 1181696 ----a-w- C:\WINDOWS\Sysnative\wwansvc.dll</p><p>2015-10-01 05:38:44 C5E2FBB19641860794CEE2B580192732 966416 ----a-w- C:\WINDOWS\Sysnative\twinapi.appcore.dll</p><p>2015-10-01 05:38:44 8AFDD74F2DC5BAD9B2215FB19DB65240 809352 ----a-w- C:\WINDOWS\Sysnative\CoreMessaging.dll</p><p>2015-10-01 05:38:44 10FC981B716CCC25CDD5D306EBBC022D 1276416 ----a-w- C:\WINDOWS\Sysnative\wifinetworkmanager.dll</p><p>2015-10-01 05:38:43 B70FF53144AC4B3C7D98BFB7D7C239BD 2236416 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll</p><p>2015-10-01 05:38:43 AF34122A1B595218036B4049D802B470 1203712 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Bluetooth.dll</p><p>2015-10-01 05:38:43 444016D88142B82366EC516C3CF714E0 2178560 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll</p><p>2015-10-01 05:38:43 405BD80834094E297664CE0A7EE70EF9 2987520 ----a-w- C:\WINDOWS\Sysnative\esent.dll</p><p>2015-10-01 05:38:43 36E46F26B5291A7D324466602A88947B 784136 ----a-w- C:\WINDOWS\Sysnative\mfsvr.dll</p><p>2015-10-01 05:38:42 DE8B9EE2E86532686497FE5A1E44E90D 467968 ----a-w- C:\WINDOWS\Sysnative\MBMediaManager.dll</p><p>2015-10-01 05:38:42 A51AC21B1F31FD7F4EC2811E33572AFC 859136 ----a-w- C:\WINDOWS\Sysnative\modernexecserver.dll</p><p>2015-10-01 05:38:42 974C92640A3DAA475E15E3C79299B690 1795072 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll</p><p>2015-10-01 05:38:42 891C83BE8BA62B7547B9A6576A360C71 1010176 ----a-w- C:\WINDOWS\Sysnative\RDXService.dll</p><p>2015-10-01 05:38:42 7505ACFD9362DA74FEB623F21FE3B391 1601536 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Speech.dll</p><p>2015-10-01 05:38:41 DDCBE4B09287CF224B63015F9C6BD31F 1295712 ----a-w- C:\WINDOWS\Sysnative\wpx.dll</p><p>2015-10-01 05:38:41 7BCC113B00736AA930DAA49CA7858808 856576 ----a-w- C:\WINDOWS\Sysnative\ContactApis.dll</p><p>2015-10-01 05:38:41 3478670E8646CC536E1EF21F077F4DD6 2156400 ----a-w- C:\WINDOWS\Sysnative\hevcdecoder.dll</p><p>2015-10-01 05:38:40 B82363129E8554D58B95A6935B83891D 781976 ----a-w- C:\WINDOWS\Sysnative\mfds.dll</p><p>2015-10-01 05:38:40 B7927A1D40BD17BC963E9353DBB36CD7 869376 ----a-w- C:\WINDOWS\Sysnative\MapControlCore.dll</p><p>2015-10-01 05:38:40 3A4A543F135DE9A06ABA9DF982D79DD7 526336 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll</p><p>2015-10-01 05:38:40 2C82D9E55432915A68A609008BDEF41A 1563472 ----a-w- C:\WINDOWS\Sysnative\wmpmde.dll</p><p>2015-10-01 05:38:39 F9BD360A4799BB54A01692940C46CA2B 537080 ----a-w- C:\WINDOWS\Sysnative\WWanAPI.dll</p><p>2015-10-01 05:38:39 C8C5DFF028EA28D7846E95D8E5461794 570880 ----a-w- C:\WINDOWS\Sysnative\MbaeApi.dll</p><p>2015-10-01 05:38:39 311F4D131C28DA12595132A35124E955 910848 ----a-w- C:\WINDOWS\Sysnative\SharedStartModel.dll</p><p>2015-10-01 05:38:38 D4E92C0C0F9C5054B03D67A3C0B41961 555768 ----a-w- C:\WINDOWS\Sysnative\directmanipulation.dll</p><p>2015-10-01 05:38:38 9C2B0E3A21CECD14E20A848F0DE94B24 517632 ----a-w- C:\WINDOWS\Sysnative\NotificationController.dll</p><p>2015-10-01 05:38:38 754BC3E56FF301B9EE8A764932D02124 513536 ----a-w- C:\WINDOWS\Sysnative\ngcsvc.dll</p><p>2015-10-01 05:38:38 684F1E1B5D07451B600EA3C3D728A534 281600 ----a-w- C:\WINDOWS\Sysnative\VEEventDispatcher.dll</p><p>2015-10-01 05:38:38 33FF0B7585F54C0F33C38F5DCAB1DA01 3586560 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys</p><p>2015-10-01 05:38:37 D5AAA188C70146977CFEE8D128599F3F 378368 ----a-w- C:\WINDOWS\Sysnative\SystemEventsBrokerServer.dll</p><p>2015-10-01 05:38:37 B3CD8B2CBC6E48B194116B28F72CDA67 408064 ----a-w- C:\WINDOWS\Sysnative\CredProvDataModel.dll</p><p>2015-10-01 05:38:37 913E47FCD3B43EC27215F90884915CAF 780288 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll</p><p>2015-10-01 05:38:37 5E010B486F7FB28D9B79AAC471FE484F 476760 ----a-w- C:\WINDOWS\Sysnative\MFCaptureEngine.dll</p><p>2015-10-01 05:38:36 A40484AC27EE08DBE7F8DA5E1F6651ED 591360 ----a-w- C:\WINDOWS\Sysnative\wcmsvc.dll</p><p>2015-10-01 05:38:36 8D23F0819A00C547814409B734DD3747 503808 ----a-w- C:\WINDOWS\Sysnative\tileobjserver.dll</p><p>2015-10-01 05:38:36 5424E49F79EB68E5F10439405101A09B 627712 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.dll</p><p>2015-10-01 05:38:35 7614E6E6B53E8FE6E6B8A6D6D3CC2018 1067520 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll</p><p>2015-10-01 05:38:35 363F3F99863C2BB8612C9133E45BF3E6 387584 ----a-w- C:\WINDOWS\Sysnative\LockAppBroker.dll</p><p>2015-10-01 05:38:34 D907DFF972354542D5B0B4414B308B75 312832 ----a-w- C:\WINDOWS\Sysnative\SensorsApi.dll</p><p>2015-10-01 05:38:34 AE8B34FB5B54025E9C6895A45947A515 796160 ----a-w- C:\WINDOWS\Sysnative\TokenBroker.dll</p><p>2015-10-01 05:38:34 509FF13E5C4FD63846FCA01A5ED912DB 521728 ----a-w- C:\WINDOWS\Sysnative\PsmServiceExtHost.dll</p><p>2015-10-01 05:38:34 37B5ECB8C390D9FD5A5BB2FFB7294B9E 553808 ----a-w- C:\WINDOWS\Sysnative\SettingSyncHost.exe</p><p>2015-10-01 05:38:34 1CD8BB41436524A2748A77005E5DEB8A 579072 ----a-w- C:\WINDOWS\Sysnative\winlogon.exe</p><p>2015-10-01 05:38:33 B9FC9E9B55C74557FEC004BF8B1184F4 359936 ----a-w- C:\WINDOWS\Sysnative\ncsi.dll</p><p>2015-10-01 05:38:33 09247D43F19CAFEEFEBF6A32F3A1225F 118272 ----a-w- C:\WINDOWS\Sysnative\KnobsCsp.dll</p><p>2015-10-01 05:38:32 EA8B28FFF774F7C7862C8746E1FDECF6 273920 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.LockScreen.dll</p><p>2015-10-01 05:38:32 D1AA97B30A9ED6F89DC3848C8BF53513 224256 ----a-w- C:\WINDOWS\Sysnative\KnobsCore.dll</p><p>2015-10-01 05:38:32 C7503A49364DB2AF7A7DE177B233081F 1844736 ----a-w- C:\WINDOWS\Sysnative\workfolderssvc.dll</p><p>2015-10-01 05:38:32 86C0DEE6940878A1496CBBA856FF4E5B 584656 ----a-w- C:\WINDOWS\Sysnative\mf.dll</p><p>2015-10-01 05:38:32 506F9F526D42BB4C0A579CB78F923A48 483328 ----a-w- C:\WINDOWS\Sysnative\OneDriveSettingSyncProvider.dll</p><p>2015-10-01 05:38:32 49B00A59043431804A5BCB5E48F735B3 414208 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentClient.dll</p><p>2015-10-01 05:38:32 157B1CABAF5201237EECA4FB0F34D822 403456 ----a-w- C:\WINDOWS\Sysnative\dmenrollengine.dll</p><p>2015-10-01 05:38:31 DAFEABE69E915A2374E13C6B24EF331F 690688 ----a-w- C:\WINDOWS\Sysnative\CellularAPI.dll</p><p>2015-10-01 05:38:31 887065722784FD70B880B0D900E4884D 185344 ----a-w- C:\WINDOWS\Sysnative\psmsrv.dll</p><p>2015-10-01 05:38:31 7910232E31799A576F2509DA92CB8813 928256 ----a-w- C:\WINDOWS\Sysnative\JpMapControl.dll</p><p>2015-10-01 05:38:31 2C144777278ECD6DFF4B5A90F742C1AA 346112 ----a-w- C:\WINDOWS\Sysnative\ngccredprov.dll</p><p>2015-10-01 05:38:31 194239DA484C7DB62E6773ABB5DD4463 269312 ----a-w- C:\WINDOWS\Sysnative\provengine.dll</p><p>2015-10-01 05:38:30 D7B28BF9E08128C5A8B89FFD5BEB6B88 465920 ----a-w- C:\WINDOWS\Sysnative\wwanconn.dll</p><p>2015-10-01 05:38:30 B31569B0E7A467D4050FA49CFCBFCEFA 204800 ----a-w- C:\WINDOWS\Sysnative\wcmcsp.dll</p><p>2015-10-01 05:38:30 65A0B3477231CE37B09A719DBBB9FCF1 671232 ----a-w- C:\WINDOWS\Sysnative\WUDFx02000.dll</p><p>2015-10-01 05:38:30 41C0EC5B11375F9CA045AFEF1EB75D5F 366592 ----a-w- C:\WINDOWS\Sysnative\wuuhext.dll</p><p>2015-10-01 05:38:29 D37063C5B492B7B4F26D24C62167C8BE 137728 ----a-w- C:\WINDOWS\Sysnative\VEStoreEventHandlers.dll</p><p>2015-10-01 05:38:29 CF2B0ADDBA61B3B9FA339118FC742032 1812480 ----a-w- C:\WINDOWS\Sysnative\pnidui.dll</p><p>2015-10-01 05:38:29 95EC1A9A6926F5091957F6CA52A34F21 162304 ----a-w- C:\WINDOWS\Sysnative\SubscriptionMgr.dll</p><p>2015-10-01 05:38:29 88E6A429944544346EC3AE1FD7D24BCC 149504 ----a-w- C:\WINDOWS\Sysnative\tetheringservice.dll</p><p>2015-10-01 05:38:29 85146ABCB1EF298D1FF6EE4D5541788C 832512 ----a-w- C:\WINDOWS\Sysnative\MapsStore.dll</p><p>2015-10-01 05:38:29 327DA4A4DE4E9BECF2C16967366C74E2 186880 ----a-w- C:\WINDOWS\Sysnative\cloudAP.dll</p><p>2015-10-01 05:38:28 99E14B1011FC214DA89D9559AD816B3A 243760 ----a-w- C:\WINDOWS\Sysnative\mfps.dll</p><p>2015-10-01 05:38:28 7D2165B4B27E11B3E557DB26CAA2BAFF 1382400 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys</p><p>2015-10-01 05:38:28 65F1F4DBB4A6FA971BF9F00129F452A0 494592 ----a-w- C:\WINDOWS\Sysnative\StoreAgent.dll</p><p>2015-10-01 05:38:28 38F08B82ADEEA1003B4A5177BB5366B3 347136 ----a-w- C:\WINDOWS\Sysnative\ncryptprov.dll</p><p>2015-10-01 05:38:28 1547E4F51567E522CA96BC367CC9D295 590336 ----a-w- C:\WINDOWS\Sysnative\MessagingDataModel2.dll</p><p>2015-10-01 05:38:27 D61C3ED7C5F0D1B5BD9B351FEC381D57 120832 ----a-w- C:\WINDOWS\Sysnative\omadmclient.exe</p><p>2015-10-01 05:38:27 B8401703E619E7BD7B5A659306A9BFE6 84480 ----a-w- C:\WINDOWS\Sysnative\MDMAppInstaller.exe</p><p>2015-10-01 05:38:27 9BD143B8F803AC81F701BA0B8486212D 752640 ----a-w- C:\WINDOWS\Sysnative\ChatApis.dll</p><p>2015-10-01 05:38:27 7DDB731AD3E9F9F91D62E991BD52814F 79872 ----a-w- C:\WINDOWS\Sysnative\HttpsDataSource.dll</p><p>2015-10-01 05:38:26 B171608F20705895726DE86B34D1FBAC 95744 ----a-w- C:\WINDOWS\Sysnative\LocationWiFiAdapter.dll</p><p>2015-10-01 05:38:26 888513B8C53C7574A9CC14195F5BFCA3 81488 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll</p><p>2015-10-01 05:38:26 71107775BE0E612150F032CE21DD9C7C 88384 ----a-w- C:\WINDOWS\Sysnative\remoteaudioendpoint.dll</p><p>2015-10-01 05:38:26 2481E9E8858AD0A223FA3110916EF0C1 6572032 ----a-w- C:\WINDOWS\Sysnative\wwanmm.dll</p><p>2015-10-01 05:38:26 02077F66F8CF2F1FD58403D371482B01 106496 ----a-w- C:\WINDOWS\Sysnative\KeywordDetectorMsftSidAdapter.dll</p><p>2015-10-01 05:38:25 C1E6FBEBD285CABA0985533A56144F5F 288256 ----a-w- C:\WINDOWS\Sysnative\PimIndexMaintenance.dll</p><p>2015-10-01 05:38:25 4A54273338073939384A14BF0D7AFC14 88064 ----a-w- C:\WINDOWS\Sysnative\ngckeyenum.dll</p><p>2015-10-01 05:38:25 334206DD8DA94B0AEBC46A3196888031 83968 ----a-w- C:\WINDOWS\Sysnative\DeviceEnroller.exe</p><p>2015-10-01 05:38:25 02707CF32272B726BB410E6717BBB7E8 446976 ----a-w- C:\WINDOWS\Sysnative\MapConfiguration.dll</p><p>2015-10-01 05:38:24 F1A6A22A63F380DFF28C55B11D688B0C 102304 ----a-w- C:\WINDOWS\Sysnative\omadmapi.dll</p><p>2015-10-01 05:38:24 EF3BBA8739757B470D0E49C8619A31C0 53760 ----a-w- C:\WINDOWS\Sysnative\Windows.Speech.Pal.dll</p><p>2015-10-01 05:38:23 EBD5F0FDD3EBB6EE6F6EE524206AD0AE 26624 ----a-w- C:\WINDOWS\Sysnative\LicenseManagerShellext.exe</p><p>2015-10-01 05:38:23 C92EBECB1E30E7E6006C0D8B4040C3F6 274944 ----a-w- C:\WINDOWS\Sysnative\syncutil.dll</p><p>2015-10-01 05:38:23 AA38E0578EBAD030D4CB098A9F5E650B 720896 ----a-w- C:\WINDOWS\Sysnative\EmailApis.dll</p><p>2015-10-01 05:38:23 A5B7CAFA0327BCBC2FC6F1C9F95191CA 342016 ----a-w- C:\WINDOWS\Sysnative\LocationGeofences.dll</p><p>2015-10-01 05:38:22 D88952BD78157D66A0921B63F5DD0EC5 439296 ----a-w- C:\WINDOWS\Sysnative\LocationWebproxy.dll</p><p>2015-10-01 05:38:21 DBA8FE1EAA344106C334E193D3D57B66 73728 ----a-w- C:\WINDOWS\Sysnative\wwancfg.dll</p><p>2015-10-01 05:38:21 14503C58C1528D83FB2328840784EC78 621056 ----a-w- C:\WINDOWS\Sysnative\enterprisecsps.dll</p><p>2015-10-01 05:38:20 F57FE0BD8BD7E1F8088FE18D0FD7BEE9 501008 ----a-w- C:\WINDOWS\Sysnative\AudioEng.dll</p><p>2015-10-01 05:38:20 AC180D981BD23443793F7AA71BBE344A 599552 ----a-w- C:\WINDOWS\Sysnative\wpnapps.dll</p><p>2015-10-01 05:38:20 959695FD137FF0DEFC6152AAB03AA3D6 1216512 ----a-w- C:\WINDOWS\Sysnative\netcenter.dll</p><p>2015-10-01 05:38:20 77C8CD0AACC1D059EDF6E91920D11550 421888 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Bluetooth.dll</p><p>2015-10-01 05:38:20 6C9DDD0611379864596D2A8DE7B1870C 504320 ----a-w- C:\WINDOWS\Sysnative\DataSenseHandlers.dll</p><p>2015-10-01 05:38:20 43A1B8B43CA4E213E0FD920F2FD6BCBA 267776 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Management.dll</p><p>2015-10-01 05:38:20 109F35CCD84FE9AD1E3B6A2953CF2C9D 685568 ----a-w- C:\WINDOWS\Sysnative\AppointmentApis.dll</p><p>2015-10-01 05:38:19 E6337423BD19DD12EB6777934B57E0F4 176640 ----a-w- C:\WINDOWS\Sysnative\LocationPeIP.dll</p><p>2015-10-01 05:38:19 3B397ED55AE652520503CCE0996B0D25 160256 ----a-w- C:\WINDOWS\Sysnative\enrollmentapi.dll</p><p>2015-10-01 05:38:19 07B5710393558DD734647D5F2F020647 215552 ----a-w- C:\WINDOWS\Sysnative\LocationCrowdsource.dll</p><p>2015-10-01 05:38:19 02954F6B3389EF56088EF1C99B6105BA 202240 ----a-w- C:\WINDOWS\Sysnative\accountaccessor.dll</p><p>2015-10-01 05:38:18 A0DBB9386BEA8DA1A159C2A2E07081A3 856576 ----a-w- C:\WINDOWS\Sysnative\MPSSVC.dll</p><p>2015-10-01 05:38:18 9170F95C48D44BABB9546CBDC2D4CEBA 257024 ----a-w- C:\WINDOWS\Sysnative\UserDataAccountApis.dll</p><p>2015-10-01 05:38:18 5BA872CD68B18193FC82DFE125A15FC4 163840 ----a-w- C:\WINDOWS\Sysnative\CallHistoryClient.dll</p><p>2015-10-01 05:38:18 52E7F6343A99747CE5772B04FFCE00A3 771072 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll</p><p>2015-10-01 05:38:18 3AED81953A08DA52C64F3D92D4A21CD8 223232 ----a-w- C:\WINDOWS\Sysnative\PhoneCallHistoryApis.dll</p><p>2015-10-01 05:38:17 63D8A023148D8436D6CBA65E2B9ED56A 143360 ----a-w- C:\WINDOWS\Sysnative\provops.dll</p><p>2015-10-01 05:38:17 49213BF8E7EEE157F128C58D75043B09 68096 ----a-w- C:\WINDOWS\Sysnative\EnterpriseDesktopAppMgmtCSP.dll</p><p>2015-10-01 05:38:16 EA1C2DAB8A63712B94897A58557B086C 371712 ----a-w- C:\WINDOWS\Sysnative\nlasvc.dll</p><p>2015-10-01 05:38:15 ECA28C8F0FF34A2BD8311CBA2D35B143 121856 ----a-w- C:\WINDOWS\Sysnative\dmcsps.dll</p><p>2015-10-01 05:38:15 BBA571F40F08F967531573109F7FA95E 169984 ----a-w- C:\WINDOWS\Sysnative\mdmregistration.dll</p><p>2015-10-01 05:38:15 98986780B8D494326D28DCAB6D601450 154624 ----a-w- C:\WINDOWS\Sysnative\dmcertinst.exe</p><p>2015-10-01 05:38:15 5793FBBB1F120D1815A8348434ED236C 221184 ----a-w- C:\WINDOWS\Sysnative\LocationPeWiFi.dll</p><p>2015-10-01 05:38:15 562078FF6ED0C2B1C09078343437D03E 168960 ----a-w- C:\WINDOWS\Sysnative\mdmmigrator.dll</p><p>2015-10-01 05:38:14 F0B43C550BD519423FB79A58A860CE0B 204288 ----a-w- C:\WINDOWS\Sysnative\LocationPeCell.dll</p><p>2015-10-01 05:38:13 F01743062DA74A24A0E7836289E33731 187904 ----a-w- C:\WINDOWS\Sysnative\provisioningcsp.dll</p><p>2015-10-01 05:38:13 E2AE190B76C27430E4E8258D0C44C79B 317440 ----a-w- C:\WINDOWS\Sysnative\configmanager2.dll</p><p>2015-10-01 05:38:13 C66E058599A44E0EEA95B3E0547345D2 30208 ----a-w- C:\WINDOWS\Sysnative\syncmlhook.dll</p><p>2015-09-23 11:30:25 F116C77FE2249302494FB74CF140C981 42840184 ----a-w- C:\WINDOWS\Sysnative\nvcompiler.dll</p><p>2015-09-23 11:30:25 E0983DB12BEDCEBC680B64D22716F613 1064056 ----a-w- C:\WINDOWS\Sysnative\NvIFR64.dll</p><p>2015-09-23 11:30:25 CE822DB2ADA8392C7E949E6D6D9F004B 16646112 ----a-w- C:\WINDOWS\Sysnative\nvopencl.dll</p><p>2015-09-23 11:30:25 CB5941ECF51485CF8E564EF81590C1E2 177088 ----a-w- C:\WINDOWS\Sysnative\nvinitx.dll</p><p>2015-09-23 11:30:25 C7F9946561C18CB45E4470EBBFA30875 2354808 ----a-w- C:\WINDOWS\Sysnative\nvcuvid.dll</p><p>2015-09-23 11:30:25 B04F24E51FFC70295A53C16205D555DA 1558832 ----a-w- C:\WINDOWS\Sysnative\nvdispgenco6435598.dll</p><p>2015-09-23 11:30:25 944C5EB57AF8766D84EE0688EF0006B9 787384 ----a-w- C:\WINDOWS\Sysnative\nvEncMFTH264.dll</p><p>2015-09-23 11:30:25 943D95A9EA7E3C3ADA3B018F9BEE7106 1898104 ----a-w- C:\WINDOWS\Sysnative\nvdispco6435598.dll</p><p>2015-09-23 11:30:25 5C7EA9E8409F39B9C5EA195CFFEA4B21 387720 ----a-w- C:\WINDOWS\Sysnative\nvEncodeAPI64.dll</p><p>2015-09-23 11:30:25 598F940C16324ED4F7CE7E9D5786551F 376440 ----a-w- C:\WINDOWS\Sysnative\nvDecMFTMjpeg.dll</p><p>2015-09-23 11:30:25 57B21A028503F3408FFDC304FE98BD38 1178248 ----a-w- C:\WINDOWS\Sysnative\nvumdshimx.dll</p><p>2015-09-23 11:30:25 48FAEF8DD71EB672DAB92710E6849183 150648 ----a-w- C:\WINDOWS\Sysnative\nvoglshim64.dll</p><p>2015-09-23 11:30:25 29DF0DC7371CF4F49C01C6E56AC7AE6C 22559352 ----a-w- C:\WINDOWS\Sysnative\nvoglv64.dll</p><p>2015-09-23 11:30:25 22039F08C1BC08CFFAE882CD246A6E4C 408184 ----a-w- C:\WINDOWS\Sysnative\NvIFROpenGL.dll</p><p>2015-09-23 10:48:11 56AC2C830231640229EE2BD61D207889 110616 ----a-w- C:\WINDOWS\Sysnative\NvRtmpStreamer64.dll</p><p>====== C:\WINDOWS\Sysnative\drivers =====</p><p>2015-10-01 05:38:51 89C9C3745F270EF93988DA57BC6AA62B 1983824 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys</p><p>2015-10-01 05:38:48 7EBD20284AC9BF9F0A020B86769BB074 2432336 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys</p><p>2015-10-01 05:38:39 927AD29D7F91B9A0C5294932374DA15E 894256 ----a-w- C:\WINDOWS\Sysnative\drivers\Wdf01000.sys</p><p>2015-10-01 05:38:33 FDB239DBE2A14B572D21ABCEDC7BB5D0 505696 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys</p><p>2015-10-01 05:38:33 FCC211B0F46D831506D0D76539203899 929280 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys</p><p>2015-10-01 05:38:33 C08449092043601887A1743350888635 516448 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS</p><p>2015-10-01 05:38:33 5A1C6AFFF6946C5C21A27AE05084C0D1 332624 ----a-w- C:\WINDOWS\Sysnative\drivers\fastfat.sys</p><p>2015-10-01 05:38:30 B6A33DCEBE437F909615E89BA5FB1385 395088 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys</p><p>2015-10-01 05:38:27 70469C8AC4AD367295E70CFDD81B754C 99664 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys</p><p>2015-10-01 05:38:26 FA5C94FB36625787063D04CF2F24E890 320000 ----a-w- C:\WINDOWS\Sysnative\drivers\portcls.sys</p><p>2015-10-01 05:38:26 854AF190F55E6D70EC65A85798F896E2 36352 ----a-w- C:\WINDOWS\Sysnative\drivers\buttonconverter.sys</p><p>2015-10-01 05:38:23 616F40B897DA651221F86A1741E9609B 1168736 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys</p><p>2015-10-01 05:38:21 1434CA8A224655AD096D57DB24D3AA85 406864 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS</p><p>2015-10-01 05:38:21 004C66464D8FE76D5DA78BE6777D61AF 278352 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys</p><p>====== C:\WINDOWS\Tasks ======</p><p>2015-09-09 17:51:20 985D7F00BCCE074FB44B73E65D079863 3816 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player Updater</p><p>2015-09-09 17:51:20 8DA57A02D5BDB225B18E6AF9A585C05B 830 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job</p><p>====== C:\WINDOWS\Temp ======</p><p>======= C:\Program Files =====</p><p>2015-09-11 19:06:44 -------- d-----w- C:\Program Files\Microsoft Silverlight</p><p>2015-09-09 16:56:40 -------- d-----w- C:\Program Files\Envelope Manager</p><p>======= C:\PROGRA~2 =====</p><p>2015-09-11 19:06:44 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight</p><p>2015-09-09 18:11:41 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype</p><p>2015-09-09 16:57:16 -------- d-----w- C:\PROGRA~2\Endicia</p><p>======= C: =====</p><p>====== C:\Users\Shukhrat\AppData\Roaming ======</p><p>2015-09-14 15:15:11 -------- d-----w- C:\Users\Shukhrat\AppData\Local\LogMeIn Rescue Applet</p><p>2015-09-14 10:43:59 -------- d-----w- C:\Users\Shukhrat\AppData\Local\CEF</p><p>2015-09-11 19:01:42 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\PeerDistRepub</p><p>2015-09-09 16:57:02 -------- d-----w- C:\Users\Shukhrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZzle</p><p>====== C:\Users\Shukhrat ======</p><p>2015-10-02 10:13:13 2DDAF1B28DD5B82A75C973CC263B1012 2192384 ----a-w- C:\Users\Shukhrat\Desktop\frst64.exe</p><p>2015-09-16 04:01:19 -------- d-----r- C:\Users\Shukhrat\3D Objects</p><p>2015-09-11 19:06:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight</p><p>2015-09-09 18:11:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype</p><p>2015-09-09 16:57:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Endicia</p><p></p><p>====== C: exe-files ==</p><p>2015-10-03 15:21:02 8259E9D39B76FC64BA8B3C009D9ACD16 70239 ----a-w- C:\Users\Shukhrat\AppData\Local\Temp\ocrFB09.tmp\bin\rubyw.exe</p><p>2015-10-03 15:20:17 8259E9D39B76FC64BA8B3C009D9ACD16 70239 ----a-w- C:\Users\Shukhrat\AppData\Local\Temp\ocr6B6C.tmp\bin\rubyw.exe</p><p>2015-10-02 21:14:48 5BACD68B116CAA67B71F4F9DB500A47B 812008 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe</p><p>2015-10-02 12:38:54 C73B06E7D0063713CDEE6C160B692603 6376136 ----a-w- C:\Users\Shukhrat\AppData\Local\NVIDIA\NvBackend\Packages\00007f71\DAO.20019059.exe</p><p>2015-10-02 10:13:13 2DDAF1B28DD5B82A75C973CC263B1012 2192384 ----a-w- C:\Users\Shukhrat\Desktop\frst64.exe</p><p>2015-10-02 09:48:46 B27D83D274BFECEF8F79DB8366A8A5A2 630200 ----a-w- C:\Users\Shukhrat\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe</p><p>2015-10-02 09:48:42 371AE2919C35094233EE40BA01FD02EF 172984 ----a-w- C:\Users\Shukhrat\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe</p><p>2015-10-01 12:37:52 2C32056CB8E5C4F7A2CE7FF4588098B6 528632 ----a-w- C:\Users\Shukhrat\AppData\Local\NVIDIA\NvBackend\Packages\00007f6a\CoProc update.20014793.exe</p><p>2015-10-01 05:39:02 695DFBE0357DB32E4475F74053D021BC 7455056 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe</p><p>2015-10-01 05:39:01 4A6E77B420F384AA8CB429904F7BF088 6263152 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe</p><p>2015-10-01 05:38:53 E19833B3E69A5B829AB97D5CBD3BF356 1876832 ----a-w- C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe</p><p>2015-10-01 05:38:46 5252CE15DB06AB5A796EBC361EAC1528 8020816 ----a-w- C:\Windows\System32\ntoskrnl.exe</p><p>2015-10-01 05:38:44 5275394FE00E85B13DC535C67961DFEB 1907536 ----a-w- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe</p><p>2015-10-01 05:38:40 F55E9DF5284E75728CBED4EC3228A536 624480 ----a-w- C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe</p><p>2015-10-01 05:38:35 258A4F9A2C91C6C6E36775CDCCB4AFE1 441168 ----a-w- C:\Windows\SysWOW64\SettingSyncHost.exe</p><p>2015-10-01 05:38:34 37B5ECB8C390D9FD5A5BB2FFB7294B9E 553808 ----a-w- C:\Windows\System32\SettingSyncHost.exe</p><p>2015-10-01 05:38:34 1CD8BB41436524A2748A77005E5DEB8A 579072 ----a-w- C:\Windows\System32\winlogon.exe</p><p>2015-10-01 05:38:31 E1DB432B3147F70BF684846439ADE38B 136192 ----a-w- C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe</p><p>2015-10-01 05:38:30 948BD4AC1C7C572312048A284D6C9A7F 562688 ----a-w- C:\Windows\System32\Speech\SpeechUX\SpeechUXWiz.exe</p><p>2015-10-01 05:38:27 D61C3ED7C5F0D1B5BD9B351FEC381D57 120832 ----a-w- C:\Windows\System32\omadmclient.exe</p><p>2015-10-01 05:38:27 B8401703E619E7BD7B5A659306A9BFE6 84480 ----a-w- C:\Windows\System32\MDMAppInstaller.exe</p><p>2015-10-01 05:38:25 334206DD8DA94B0AEBC46A3196888031 83968 ----a-w- C:\Windows\System32\DeviceEnroller.exe</p><p>2015-10-01 05:38:23 EBD5F0FDD3EBB6EE6F6EE524206AD0AE 26624 ----a-w- C:\Windows\System32\LicenseManagerShellext.exe</p><p>2015-10-01 05:38:22 ACF279AB64D406EDB223543E5A113939 220160 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe</p><p>2015-10-01 05:38:15 98986780B8D494326D28DCAB6D601450 154624 ----a-w- C:\Windows\System32\dmcertinst.exe</p><p>2015-10-01 05:38:14 9853C2A9EF7FBC341C65EF89908CA052 482816 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe</p><p>2015-10-01 01:21:25 07D733DAB53FD7E2E7C8442216073379 873800 ----a-w- C:\Users\Shukhrat\AppData\Local\Google\Chrome\User Data\SwReporter\4.30.2\software_reporter_tool.exe</p><p>2015-09-30 01:33:01 B6C8B1928AC45478B6E93D1FE137C6B2 20002936 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamUserAgent.exe</p><p>2015-09-30 01:33:01 B4B94730DD0A773BEEE0D04C03831ED1 413816 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe</p><p>2015-09-30 01:33:01 0A5AED155856E5577C8459C342B281C8 196216 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\WLMerger.exe</p><p>2015-09-30 01:33:00 E96B799CB869D44EF1E9B86E6CF4C2E1 6753912 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe</p><p>2015-09-30 01:33:00 DF8AD79792E1497931078DA1F4ABFD3D 5568632 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamService.exe</p><p>2015-09-30 01:33:00 DB28739CEC33A99C8305FB3227551554 4325496 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamService.exe</p><p>2015-09-30 01:33:00 D0799048CB088A40C197D7A853A22BCA 7575160 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamNetworkService.exe</p><p>2015-09-30 01:33:00 CF1D8A04AEA4430AED399784A59B2181 21982840 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamUserAgent.exe</p><p>2015-09-30 01:33:00 8F8DEF7B1603DFFEA9B637F2D89B6485 5832824 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamNetworkService.exe</p><p>2015-09-30 01:33:00 3273C4A12363EB9C4B8012F14D5EFD9D 6536824 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps.exe</p><p>2015-09-30 01:33:00 2ED3B8015B64B7C16D8284345EAF9BDA 7521400 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps64.exe</p><p>2015-09-30 01:33:00 0B8B200882805714946A71BC48E8E8D8 5375608 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe</p><p>2015-09-30 01:32:59 F8B89E1C3481A0913C4907E0049B1C33 1872504 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Network.Service\NVNetworkService.exe</p><p>2015-09-30 01:32:59 E2CEFE9EC6FC9F026560E114E0B65BB3 126768 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedVisualizer.exe</p><p>2015-09-30 01:32:59 BFB4CF2C38D128E98A17C1B3F63E19A5 921208 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService32.exe</p><p>2015-09-30 01:32:59 8179F1373AC4D314D5DB635A7D229CFA 637560 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe</p><p>2015-09-30 01:32:59 7B94B2EEBC6598855A3BC3DC514BD4E7 967168 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\OSC\OSC\nvosc.exe</p><p>2015-09-30 01:32:59 779ED81CF4B582FDEA8640748DBEE505 4724856 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\GFExperience.exe</p><p>2015-09-30 01:32:59 70B5A5DDC391A2D49A6B547D0E4C2D74 519800 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\DXSETUP.exe</p><p>2015-09-30 01:32:59 5CD29B38F63BC347CB1EB145F762B035 1058424 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\LaunchGFExperience.exe</p><p>2015-09-30 01:32:59 556AB278B0F33E7B3C6552E0E47E8B40 1872504 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVNetworkService.exe</p><p>2015-09-30 01:32:59 1DBBA035AF2C44D1D512FC55DB57D3BB 1155192 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService64.exe</p><p>2015-09-30 01:32:59 196866BCDAAC49240DF9B8975D0652F9 87344 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedServiceHost.exe</p><p>2015-09-30 01:32:59 182ACCC286FF1F9A1B37DB2B04F65586 595576 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\7z.exe</p><p>2015-09-30 01:32:59 08CB3177A4FFCD0B5C22863B3D982709 2730616 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\NvBackend.exe</p><p>2015-09-30 01:32:50 A694CA5B8A120B12DFD8AF0E07099C1D 39990160 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\9ed0ae25-7d50-410f-b34b-016b5b2a9d77\GeForce_Experience_Beta_Update_v2.6.1.10.exe</p><p>=== C: other files ==</p><p>2015-10-03 15:20:28 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Shukhrat\AppData\Local\Temp\_MEI95322\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx</p><p>2015-10-03 15:20:28 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Shukhrat\AppData\Local\Temp\_MEI95322\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx</p><p>2015-10-01 05:38:51 89C9C3745F270EF93988DA57BC6AA62B 1983824 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys</p><p>2015-10-01 05:38:48 7EBD20284AC9BF9F0A020B86769BB074 2432336 ----a-w- C:\Windows\System32\drivers\tcpip.sys</p><p>2015-10-01 05:38:39 927AD29D7F91B9A0C5294932374DA15E 894256 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys</p><p>2015-10-01 05:38:38 33FF0B7585F54C0F33C38F5DCAB1DA01 3586560 ----a-w- C:\Windows\System32\win32kfull.sys</p><p>2015-10-01 05:38:33 FDB239DBE2A14B572D21ABCEDC7BB5D0 505696 ----a-w- C:\Windows\System32\drivers\dxgmms2.sys</p><p>2015-10-01 05:38:33 FCC211B0F46D831506D0D76539203899 929280 ----a-w- C:\Windows\System32\drivers\bthport.sys</p><p>2015-10-01 05:38:33 C08449092043601887A1743350888635 516448 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS</p><p>2015-10-01 05:38:33 5A1C6AFFF6946C5C21A27AE05084C0D1 332624 ----a-w- C:\Windows\System32\drivers\fastfat.sys</p><p>2015-10-01 05:38:30 B6A33DCEBE437F909615E89BA5FB1385 395088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys</p><p>2015-10-01 05:38:28 7D2165B4B27E11B3E557DB26CAA2BAFF 1382400 ----a-w- C:\Windows\System32\win32kbase.sys</p><p>2015-10-01 05:38:27 70469C8AC4AD367295E70CFDD81B754C 99664 ----a-w- C:\Windows\System32\drivers\pdc.sys</p><p>2015-10-01 05:38:26 FA5C94FB36625787063D04CF2F24E890 320000 ----a-w- C:\Windows\System32\drivers\portcls.sys</p><p>2015-10-01 05:38:26 854AF190F55E6D70EC65A85798F896E2 36352 ----a-w- C:\Windows\System32\drivers\buttonconverter.sys</p><p>2015-10-01 05:38:23 616F40B897DA651221F86A1741E9609B 1168736 ----a-w- C:\Windows\System32\drivers\ndis.sys</p><p>2015-10-01 05:38:21 1434CA8A224655AD096D57DB24D3AA85 406864 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS</p><p>2015-10-01 05:38:21 004C66464D8FE76D5DA78BE6777D61AF 278352 ----a-w- C:\Windows\System32\drivers\sdbus.sys</p><p>2015-09-30 01:33:25 CD7C434AA2949DD5ABD3713A9CD91ACD 19576 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys</p><p>2015-09-30 01:33:25 C2A9985C97DF5946AEAE7C001625410C 44840 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad32v.sys</p><p>2015-09-30 01:33:25 ADAFEE18602E1DE25C1EBC5C8695B5EC 14456 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService32.sys</p><p>2015-09-30 01:33:25 9D9CAD70EA640AB8D3EB77BFAE6CABE2 28344 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter64.sys</p><p>2015-09-30 01:33:25 950A55DD6B337EA7720802F6711099CE 15480 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService64.sys</p><p>2015-09-30 01:33:25 7ABD081BB7A1A8CF7E3B1E64183AB812 24760 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter32.sys</p><p>2015-09-30 01:33:25 6585F2637E7A845D030372B30AA61F2D 18552 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys</p><p>2015-09-30 01:33:25 35DFC12FD7E44B7CB8CCD7E5A2B3975A 50472 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad64v.sys</p><p></p><p>==== Startup Registry Enabled ======================</p><p></p><p>[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"</p><p></p><p>[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"</p><p></p><p>[HKEY_USERS\S-1-5-21-3881268226-3317070643-463687028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"DAEMON Tools Pro Agent"="C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe -autorun"</p><p>"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"</p><p>"Spotify Web Helper"="C:\Users\Shukhrat\AppData\Roaming\Spotify\SpotifyWebHelper.exe"</p><p>"Plex Media Server"="C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"</p><p>"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"</p><p>"OzLINK for UPS Startup"="C:\Users\Shukhrat\AppData\Local\Oz Development\OzLINK for UPS\App\OzLINK for UPS Startup.exe"</p><p>"OneDrive"="C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"</p><p>"Lync"="C:\Program Files\Microsoft Office\Office15\lync.exe /fromrunkey"</p><p>"Spotify"="C:\Users\Shukhrat\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"</p><p></p><p>[HKEY_USERS\S-1-5-21-3881268226-3317070643-463687028-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"</p><p></p><p>[HKEY_USERS\S-1-5-21-3881268226-3317070643-463687028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]</p><p>"Uninstall C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"</p><p>"Uninstall C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"</p><p>"Uninstall C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"</p><p></p><p>[HKEY_USERS\S-1-5-21-3881268226-3317070643-463687028-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]</p><p>"WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade"</p><p></p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe"</p><p>"ControlCenterCount"="C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe"</p><p>"Corsair K95"="C:\Program Files (x86)\Corsair\K95 Keyboard\K95Hid.exe"</p><p>"PivotSoftware"="C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"</p><p>"DT HPC"="C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPC"</p><p>"PowerPanel Personal Edition User Interaction"="C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe"</p><p>"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"</p><p>"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"</p><p>"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"</p><p>"Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"</p><p>"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"</p><p>"DLSService"="C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe"</p><p>"Intuit SyncManager"="C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup"</p><p>"ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun"</p><p>"BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN"</p><p>"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"</p><p>"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"</p><p>"Fast Boot"="C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe"</p><p>"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"</p><p>"Corsair Utility Engine"="C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe --autorun"</p><p>"Super Charger"="C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe"</p><p>"Command Center"="C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe"</p><p>"Live Update"="C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER"</p><p></p><p>[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]</p><p>"DAEMON Tools Pro Agent"="C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe -autorun"</p><p>"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"</p><p>"Spotify Web Helper"="C:\Users\Shukhrat\AppData\Roaming\Spotify\SpotifyWebHelper.exe"</p><p>"Plex Media Server"="C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"</p><p>"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"</p><p>"OzLINK for UPS Startup"="C:\Users\Shukhrat\AppData\Local\Oz Development\OzLINK for UPS\App\OzLINK for UPS Startup.exe"</p><p>"OneDrive"="C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"</p><p>"Lync"="C:\Program Files\Microsoft Office\Office15\lync.exe /fromrunkey"</p><p>"Spotify"="C:\Users\Shukhrat\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"</p><p></p><p>[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]</p><p>"Uninstall C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"</p><p>"Uninstall C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"</p><p>"Uninstall C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"</p><p></p><p>==== Startup Registry Enabled x64 ======================</p><p></p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"</p><p>"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"</p><p>"ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart"</p><p>"Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized"</p><p>"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"</p><p></p><p>==== Task Scheduler Jobs ======================</p><p></p><p>C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/22/2015 01:52 AM]</p><p>C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/28/2015 12:20 AM]</p><p>C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/28/2015 12:20 AM]</p><p></p><p>==== Other Scheduled Tasks ======================</p><p></p><p>"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]</p><p>"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]</p><p>"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]</p><p>"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3881268226-3317070643-463687028-1001UA" [C:\Users\Shukhrat\AppData\Local\Google\Update\GoogleUpdate.exe]</p><p>"C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\WSCStub.exe"]</p><p>"C:\WINDOWS\SysNative\tasks\Private Internet Access Startup" ["C:\Program Files\pia_manager\pia_manager.exe"]</p><p>"C:\WINDOWS\SysNative\tasks\SpyHunter4Startup" ["C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"]</p><p>"C:\WINDOWS\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe]</p><p>"C:\WINDOWS\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe]</p><p>"C:\WINDOWS\SysNative\tasks\Norton Security with Backup\Norton Autofix" [C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\SymErr.exe]</p><p>"C:\WINDOWS\SysNative\tasks\Norton Security with Backup\Norton Error Analyzer" [C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\SymErr.exe]</p><p>"C:\WINDOWS\SysNative\tasks\Norton Security with Backup\Norton Error Processor" [C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\SymErr.exe]</p><p></p><p>==== Firefox Start and Search pages ======================</p><p></p><p>ProfilePath: C:\Users\Shukhrat\AppData\Roaming\Mozilla\Firefox\Profiles\60j4u87l.default</p><p>user_pref("browser.startup.homepage", "about:home");</p><p>user_pref("browser.search.defaultenginename.US", "Google");</p><p></p><p>==== Firefox Extensions Registry ======================</p><p></p><p>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]</p><p>"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.1.0.9\coFFPlgn" [10/03/2015 11:20 AM]</p><p></p><p>==== Firefox Extensions ======================</p><p></p><p>ProfilePath: C:\Users\Shukhrat\AppData\Roaming\Mozilla\Firefox\Profiles\60j4u87l.default</p><p>- Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.1.0.9\coFFPlgn</p><p></p><p>AppDir: C:\Program Files (x86)\Mozilla Firefox</p><p>- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}</p><p>- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi</p><p></p><p>==== Firefox Plugins ======================</p><p></p><p>Profilepath: C:\Users\Shukhrat\AppData\Roaming\Mozilla\Firefox\Profiles\60j4u87l.default</p><p>1A62BB86D17B8DC0D4339BACC8D60635 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll - Shockwave Flash</p><p></p><p></p><p>==== Chromium Look ======================</p><p></p><p>Google Chrome Version: 45.0.2454.101</p><p></p><p>HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions</p><p>cjabmdjcfcfdmffimndhafhblfmpjdpe - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\Exts\Chrome.crx[07/10/2015 12:03 AM]</p><p>iikflkcanblccfahdhdonehdalibjnif - No path found[]</p><p>lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[07/14/2014 06:22 PM]</p><p></p><p>HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions</p><p>lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]</p><p></p><p>Floorplanner - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag</p><p>Google Drive - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf</p><p>YouTube - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo</p><p>Firebug Lite for Google Chrome™ - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench</p><p>Google Cast - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd</p><p>Videostream for Google Chromecast™ - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl</p><p>Google Search - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf</p><p>Tab Manager - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coonecdghnepgiblpccbbihiahajndda</p><p>Calculator Widget - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpplagdendnkjkiaiaijfphiflaflinc</p><p>Google Calendar - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn</p><p>Postman - REST Client - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdmmgilgnpjigdojojpjoooidkmcomcm</p><p>Compare International Prices - AMADIFF.com - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkgjaeeajfkgjmmpdgcocokcfgbfcoc</p><p>Google Docs Offline - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi</p><p>The Camelizer - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo</p><p>AdBlock - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom</p><p>Amazonia Right Click Search - Amazon Co UK - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpmkacpkcakamljkjdjfgmncbpfjacjl</p><p>XPath Helper - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgimnogjllphhhkhlmebbmlgjoejdpjl</p><p>Google Keep - notes and lists - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki</p><p>DS Amazon Quick View mx - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\iphjnmlnfhakpddieemnfolejgbpjmcd</p><p>Google Forms - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg</p><p>DS Amazon Quick View - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkompbllimaoekaogchhkmkdogpkhojg</p><p>Hangouts - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl</p><p>Chrome Hotword Shared Module - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg</p><p>Linkclump - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj</p><p>InvisibleHand - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lghjfnfolmcikomdjmoiemllfnlmmoko</p><p>JSON Editor - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhkmoheomjbkfloacpgllgjcamhihfaj</p><p>ASIN Helper - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lknlnfochnodlbdhbakjjgelgomhjigk</p><p>Google Drive App Launcher - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh</p><p>Google Maps - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh</p><p>Session Manager - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghenlmbmjcpehccoangkdpagbcbkdpc</p><p>Keepa - Amazon Price Tracker - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo</p><p>Please enter the name of the session - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmidkjogcjnnlfimjcedenagjfacpobb</p><p>Chrome Web Store Payments - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda</p><p>Context Menu Search - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga</p><p>Chrome Apps & Extensions Developer Tool - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc</p><p>The Tracktor - Price History Tracker - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\onajjgekdldckfgodnmoallcmdmfcfom</p><p>Amazon 1Button App for Chrome - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam</p><p>Extract Asin Universal - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pidkhbhaankobmkallidpgihcdcjdefn</p><p>Gmail - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia</p><p>Amazonia Right Click Search - Amazon.com - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkngfjindjkdikklhiiofondocdmdeep</p><p></p><p>==== C:\zoek_backup content ======================</p><p></p><p>C:\zoek_backup (files=0 folders=0 0 bytes)</p><p></p><p>==== EOF on Sat 10/03/2015 at 11:25:46.92 ======================</p></blockquote><p></p>
[QUOTE="Shuggie, post: 438132, member: 43034"] Zoek.exe v5.0.0.1 Updated 30-09-2015 Tool run by Shukhrat on Sat 10/03/2015 at 11:22:18.05. Microsoft Windows 10 Pro 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Shukhrat\Desktop\zoek.exe [Scan all users] [Quick Scan] ==== System Restore Info ====================== 10/3/2015 11:23:22 AM Zoek.exe System Restore Point Created Successfully. ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Shukhrat\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-10-02 21:14:48 D5B3690D367EC7EF2AC7FC48B854D1CC 178152 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-02 21:14:48 5BACD68B116CAA67B71F4F9DB500A47B 812008 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-10-01 05:39:04 96CC96E8D16E315148047DFEB31EEEE9 13027840 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-10-01 05:39:04 5780FAC582AF72AF39D461336E23D39C 18806272 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2015-10-01 05:39:03 00A63F21DCEF7D6D58BB73C594C6C75F 19325440 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2015-10-01 05:39:01 3277E503E6EA72D19CDC16501FD151BA 5120056 ----a-w- C:\WINDOWS\SysWOW64\windows.storage.dll 2015-10-01 05:38:59 2DA15A53E965A27A3D5CF99E3CCC430A 6101504 ----a-w- C:\WINDOWS\SysWOW64\mos.dll 2015-10-01 05:38:58 08D6065A1D6D007C77A688271D915B00 5079552 ----a-w- C:\WINDOWS\SysWOW64\BingMaps.dll 2015-10-01 05:38:55 8E2D23AB73A5276FC7CDE134B06F0C03 5454848 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2015-10-01 05:38:54 19DFBB25AB67A2F4D23F08A7D765E802 2154808 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll 2015-10-01 05:38:53 A66B5D22B883373A44764C003078A828 2646528 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-10-01 05:38:52 EB7E8B15015C784D8852292206EF1461 1918464 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-10-01 05:38:51 BCCB55B18CE7054BA288FFEB27BA6F54 1766952 ----a-w- C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-10-01 05:38:51 73FC0143E518D8DB7AFE9675F4AF8063 2207232 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2015-10-01 05:38:48 F28E047EF8A68C586F177A3DD625831C 3579904 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2015-10-01 05:38:46 2570B5FA73B119C16E0E721265126C3A 2446648 ----a-w- C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2015-10-01 05:38:45 47F3B89782076037F328AEC18245D4B1 962400 ----a-w- C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-10-01 05:38:44 DFAE92F5EF58FF29E81D951B2BDF45B8 1104384 ----a-w- C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-10-01 05:38:43 EE8FDC90138DD93AA6B1ECA831D9D3CE 1162240 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2015-10-01 05:38:43 C637D94084069A10759E53F79D5DC4C5 899584 ----a-w- C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2015-10-01 05:38:43 776339B81E632F579AB1EC6EE503A9C0 58368 ----a-w- C:\WINDOWS\SysWOW64\usoapi.dll 2015-10-01 05:38:43 6FA73C45D51E7909C68FE5A113D5585F 928256 ----a-w- C:\WINDOWS\SysWOW64\Unistore.dll 2015-10-01 05:38:42 DAFFF5B7F43F88907A21996E71812D0C 764416 ----a-w- C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2015-10-01 05:38:42 BE36E4024EABE75FEF529553E023AEF8 646672 ----a-w- C:\WINDOWS\SysWOW64\mfsvr.dll 2015-10-01 05:38:41 F69835A120E9627327ECE984D2AC87EA 828928 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2015-10-01 05:38:40 001D3D691DD268165A3EE49C69078054 658528 ----a-w- C:\WINDOWS\SysWOW64\mfds.dll 2015-10-01 05:38:39 E03EC1BA7B6061620367F19249705D1F 625152 ----a-w- C:\WINDOWS\SysWOW64\ContactApis.dll 2015-10-01 05:38:39 807178C85CF6375FAB2FE42395FE94D7 677888 ----a-w- C:\WINDOWS\SysWOW64\MapControlCore.dll 2015-10-01 05:38:38 F65307E09D4807EDE95D1016CAF42DAD 587264 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2015-10-01 05:38:38 4B5286A021D8CA64BABB07D7B9739AF4 512000 ----a-w- C:\WINDOWS\SysWOW64\CoreMessaging.dll 2015-10-01 05:38:37 F38B52333E0C93A1C55323719103783B 1357888 ----a-w- C:\WINDOWS\SysWOW64\winmde.dll 2015-10-01 05:38:37 E0F11A1D1C7482BBD76448E6FD3AA327 454512 ----a-w- C:\WINDOWS\SysWOW64\directmanipulation.dll 2015-10-01 05:38:37 A5F48E7E55B076996B67F8F32C9D6D33 2639872 ----a-w- C:\WINDOWS\SysWOW64\esent.dll 2015-10-01 05:38:37 78FBC37D02A39402B685B7E95A83EFE8 428128 ----a-w- C:\WINDOWS\SysWOW64\WWanAPI.dll 2015-10-01 05:38:36 60242DBD3FCFA6D4163B6C29D76295B7 336384 ----a-w- C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2015-10-01 05:38:35 D124F89BBDCFC24A04F159D913852DDC 701952 ----a-w- C:\WINDOWS\SysWOW64\JpMapControl.dll 2015-10-01 05:38:35 6740B4C8B8B3474F086B8AEBDE4861D8 217088 ----a-w- C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2015-10-01 05:38:35 258A4F9A2C91C6C6E36775CDCCB4AFE1 441168 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2015-10-01 05:38:35 00682184457B97EDA4C0C157331A7495 454656 ----a-w- C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-10-01 05:38:34 F4E25F21AC509AEE3617E9DBA086318E 434376 ----a-w- C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2015-10-01 05:38:34 53FC0EFBE44591CA16BE1A4309F689DC 253440 ----a-w- C:\WINDOWS\SysWOW64\SensorsApi.dll 2015-10-01 05:38:34 1BFDE0B4AC3E0EB180FBC32A22B8A8B4 464896 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-10-01 05:38:34 1B102F53BD7209D712BBE96E9FAA32CA 313856 ----a-w- C:\WINDOWS\SysWOW64\LockAppBroker.dll 2015-10-01 05:38:33 FFCE532A61DD7518BE997267940D7AE4 466432 ----a-w- C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2015-10-01 05:38:32 DC7C56F01B96CA5FDB99D241D4E067FC 311808 ----a-w- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2015-10-01 05:38:31 99CEBD54809E76C9CD1839B0492CCF5E 1895568 ----a-w- C:\WINDOWS\SysWOW64\hevcdecoder.dll 2015-10-01 05:38:31 63900F897A025DDFE83737A260C250A5 371712 ----a-w- C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2015-10-01 05:38:31 037908D9C8C689490978BFF72532A361 195072 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2015-10-01 05:38:30 1253135EC3029F79601EDCFF55ADC9FC 508248 ----a-w- C:\WINDOWS\SysWOW64\mf.dll 2015-10-01 05:38:29 535DCD92E0C7D52A0F1237AF3DCFAAA9 613376 ----a-w- C:\WINDOWS\SysWOW64\TokenBroker.dll 2015-10-01 05:38:27 3C9FDBB0963B18C9D60B54F8AF81DF11 268800 ----a-w- C:\WINDOWS\SysWOW64\ncryptprov.dll 2015-10-01 05:38:26 E856065895D1133F5457BCDB4452A8D3 74880 ----a-w- C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2015-10-01 05:38:25 DBAAA86B138D2F8B7EDF7A3ED7ADF8B3 557568 ----a-w- C:\WINDOWS\SysWOW64\ChatApis.dll 2015-10-01 05:38:25 399BED6CD8A3AA7C7CF48A8E55FB4463 579584 ----a-w- C:\WINDOWS\SysWOW64\AppointmentApis.dll 2015-10-01 05:38:24 F2BCE0CF75943E18852148B2875F632B 41472 ----a-w- C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll 2015-10-01 05:38:24 1A917EA73F9B46F31F8E0BA3B44FDD8F 525312 ----a-w- C:\WINDOWS\SysWOW64\EmailApis.dll 2015-10-01 05:38:20 80D2AE15F53154CEE71C9E3C131FBB9B 407608 ----a-w- C:\WINDOWS\SysWOW64\AudioSes.dll 2015-10-01 05:38:19 C5FBD8DDCD35F7F1242F3587681A2654 193024 ----a-w- C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2015-10-01 05:38:19 8B4E59B0B71ECE3CF6234DFAAE0A05DF 172032 ----a-w- C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2015-10-01 05:38:19 6C8012BEB3FF973020E9429CBB6C1696 195584 ----a-w- C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2015-10-01 05:38:19 54DB5459A808BB03FDEA98325530B946 145920 ----a-w- C:\WINDOWS\SysWOW64\mdmregistration.dll 2015-10-01 05:38:18 D0A5D8270FF8606D2B445C4359A8FCEB 328704 ----a-w- C:\WINDOWS\SysWOW64\MapConfiguration.dll 2015-10-01 05:38:18 C45DE57A004A5BD637923BB2EF410E19 131072 ----a-w- C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2015-10-01 05:38:18 9E8E29389AD2E2C31E65400C5BBC06EC 574464 ----a-w- C:\WINDOWS\SysWOW64\Chakradiag.dll 2015-10-01 05:38:17 FB3B46B0FFCEDEED7BB5E74D82895118 1171456 ----a-w- C:\WINDOWS\SysWOW64\netcenter.dll 2015-10-01 05:38:17 638747E5050BEB4F5DF9DDE8AC418296 473088 ----a-w- C:\WINDOWS\SysWOW64\wpnapps.dll 2015-09-23 11:31:21 C2CD362B3DEE0B032166BB2F92078434 574256 ----a-w- C:\WINDOWS\SysWOW64\nvStreaming.exe 2015-09-23 11:30:25 D72F5D8790B61EE22674D880467EE028 339760 ----a-w- C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2015-09-23 11:30:25 B3E2B6237F7EE550BD3BC34246C170C1 364152 ----a-w- C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2015-09-23 11:30:25 748579DD24812A3EFE566BD3595460E9 2105976 ----a-w- C:\WINDOWS\SysWOW64\nvcuvid.dll 2015-09-23 11:30:25 740A0D02D74CA5FE975F55E4675AB6CB 37819000 ----a-w- C:\WINDOWS\SysWOW64\nvcompiler.dll 2015-09-23 11:30:25 6DDE5669624CF97A2010AC82B8F2BE3D 18569848 ----a-w- C:\WINDOWS\SysWOW64\nvoglv32.dll 2015-09-23 11:30:25 649616F2C4BE2840AE43020F26D30230 632664 ----a-w- C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2015-09-23 11:30:25 524DCC47002DE4EEA0B53C7896233326 986416 ----a-w- C:\WINDOWS\SysWOW64\NvIFR.dll 2015-09-23 11:30:25 47408EE7297192C00A174712D97876CA 1001440 ----a-w- C:\WINDOWS\SysWOW64\nvumdshim.dll 2015-09-23 11:30:25 22B152296997AA779935E5DFECE07E4D 128696 ----a-w- C:\WINDOWS\SysWOW64\nvoglshim32.dll 2015-09-23 11:30:25 1860A8CCA7BB2A36576CCD16E6D2E335 155792 ----a-w- C:\WINDOWS\SysWOW64\nvinit.dll 2015-09-23 11:30:25 12EF54F8C0D676B3506B415FCEAAD128 316120 ----a-w- C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2015-09-23 11:30:25 11677A28EB9D180114A56676D27B5AB4 945272 ----a-w- C:\WINDOWS\SysWOW64\NvFBC.dll 2015-09-23 11:30:25 10FCE28C6162C9F4C492A9A19457E29F 13666840 ----a-w- C:\WINDOWS\SysWOW64\nvopencl.dll 2015-09-23 11:30:25 00C36389D9C821DC4745D5FB81F3C35E 12191856 ----a-w- C:\WINDOWS\SysWOW64\nvcuda.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-10-03 15:20:14 1A8FA886D7B2905F74108354732BF0AE 16148 ----a-w- C:\WINDOWS\Sysnative\MACHINE_Shukhrat_HistoryPrediction.bin 2015-10-01 05:39:06 CD8169F2DE6AFF7CC56A596BCC2326E8 24595456 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2015-10-01 05:39:06 35DAE99CA54E05DE5EE404EC20DD073F 16708608 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2015-10-01 05:39:05 B91D329CB2EF570B6A7CEB409625DD32 21875712 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2015-10-01 05:39:00 DE82BD1C35547D04241DB1DB3D4808E0 6487248 ----a-w- C:\WINDOWS\Sysnative\windows.storage.dll 2015-10-01 05:39:00 7ED8EF17B3A6C69DA6A0EC90CFBB4ABB 7055872 ----a-w- C:\WINDOWS\Sysnative\BingMaps.dll 2015-10-01 05:38:59 537826436B921256BA9055F65A97ED91 7569408 ----a-w- C:\WINDOWS\Sysnative\mos.dll 2015-10-01 05:38:57 E130DF660C8E4C6ED1255F2276CC2802 7523328 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2015-10-01 05:38:57 9D4A09AB97C2F0EC6BFA6B54AA2BA239 3781120 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll 2015-10-01 05:38:55 C9C6D1C3171A866F10C7D58777E9638A 2417664 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2015-10-01 05:38:55 78ECC7FEDA1790706A8ED7D864F754FC 2464216 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll 2015-10-01 05:38:55 6D6E7210CBD7C0AA2130F3F3F14D32A5 2824248 ----a-w- C:\WINDOWS\Sysnative\msmpeg2vdec.dll 2015-10-01 05:38:54 6FA4BB1AA0C18F5CFB96F228376BD249 2494712 ----a-w- C:\WINDOWS\Sysnative\CoreUIComponents.dll 2015-10-01 05:38:54 33F308FD702D507A7BB28BF2E80C2717 3248640 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll 2015-10-01 05:38:53 E5D86250453B33900666D92ED1A92ABE 2740224 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2015-10-01 05:38:48 3C096082A9232B7CEE4653B9C9031769 2228736 ----a-w- C:\WINDOWS\Sysnative\wlansvc.dll 2015-10-01 05:38:47 68DE1997977CD3A86D5F8D0FD23056EA 1563392 ----a-w- C:\WINDOWS\Sysnative\winmde.dll 2015-10-01 05:38:47 223A5048FE554992D8E7D0195D57AA19 1397088 ----a-w- C:\WINDOWS\Sysnative\LicenseManager.dll 2015-10-01 05:38:47 11AE1E4065376FCD89C0A37C5953164E 4791296 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2015-10-01 05:38:46 87E5D206DCDD7E8DB7A597DA59FB9A07 1423872 ----a-w- C:\WINDOWS\Sysnative\UserDataService.dll 2015-10-01 05:38:46 52C3440B5098BFB99D91E869A26ECB30 1213440 ----a-w- C:\WINDOWS\Sysnative\RemoteNaturalLanguage.dll 2015-10-01 05:38:46 5252CE15DB06AB5A796EBC361EAC1528 8020816 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2015-10-01 05:38:46 390EAAB81E5C1DB0FD4920796C74AB48 1290240 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll 2015-10-01 05:38:45 E41C778D6208A51F57557523E2B479B5 1205248 ----a-w- C:\WINDOWS\Sysnative\Unistore.dll 2015-10-01 05:38:45 85AC4CA67BECC08CBC655A8D8919B23B 1331200 ----a-w- C:\WINDOWS\Sysnative\UIAutomationCore.dll 2015-10-01 05:38:45 0968D575D9108497A6DC37749D4A6C4F 2093056 ----a-w- C:\WINDOWS\Sysnative\wlidsvc.dll 2015-10-01 05:38:45 031080A610C302B0279A267411EDB7E3 2226688 ----a-w- C:\WINDOWS\Sysnative\NetworkMobileSettings.dll 2015-10-01 05:38:44 D23F211E1AA0787EFEC373D172D4A1C2 1181696 ----a-w- C:\WINDOWS\Sysnative\wwansvc.dll 2015-10-01 05:38:44 C5E2FBB19641860794CEE2B580192732 966416 ----a-w- C:\WINDOWS\Sysnative\twinapi.appcore.dll 2015-10-01 05:38:44 8AFDD74F2DC5BAD9B2215FB19DB65240 809352 ----a-w- C:\WINDOWS\Sysnative\CoreMessaging.dll 2015-10-01 05:38:44 10FC981B716CCC25CDD5D306EBBC022D 1276416 ----a-w- C:\WINDOWS\Sysnative\wifinetworkmanager.dll 2015-10-01 05:38:43 B70FF53144AC4B3C7D98BFB7D7C239BD 2236416 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2015-10-01 05:38:43 AF34122A1B595218036B4049D802B470 1203712 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Bluetooth.dll 2015-10-01 05:38:43 444016D88142B82366EC516C3CF714E0 2178560 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2015-10-01 05:38:43 405BD80834094E297664CE0A7EE70EF9 2987520 ----a-w- C:\WINDOWS\Sysnative\esent.dll 2015-10-01 05:38:43 36E46F26B5291A7D324466602A88947B 784136 ----a-w- C:\WINDOWS\Sysnative\mfsvr.dll 2015-10-01 05:38:42 DE8B9EE2E86532686497FE5A1E44E90D 467968 ----a-w- C:\WINDOWS\Sysnative\MBMediaManager.dll 2015-10-01 05:38:42 A51AC21B1F31FD7F4EC2811E33572AFC 859136 ----a-w- C:\WINDOWS\Sysnative\modernexecserver.dll 2015-10-01 05:38:42 974C92640A3DAA475E15E3C79299B690 1795072 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2015-10-01 05:38:42 891C83BE8BA62B7547B9A6576A360C71 1010176 ----a-w- C:\WINDOWS\Sysnative\RDXService.dll 2015-10-01 05:38:42 7505ACFD9362DA74FEB623F21FE3B391 1601536 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Speech.dll 2015-10-01 05:38:41 DDCBE4B09287CF224B63015F9C6BD31F 1295712 ----a-w- C:\WINDOWS\Sysnative\wpx.dll 2015-10-01 05:38:41 7BCC113B00736AA930DAA49CA7858808 856576 ----a-w- C:\WINDOWS\Sysnative\ContactApis.dll 2015-10-01 05:38:41 3478670E8646CC536E1EF21F077F4DD6 2156400 ----a-w- C:\WINDOWS\Sysnative\hevcdecoder.dll 2015-10-01 05:38:40 B82363129E8554D58B95A6935B83891D 781976 ----a-w- C:\WINDOWS\Sysnative\mfds.dll 2015-10-01 05:38:40 B7927A1D40BD17BC963E9353DBB36CD7 869376 ----a-w- C:\WINDOWS\Sysnative\MapControlCore.dll 2015-10-01 05:38:40 3A4A543F135DE9A06ABA9DF982D79DD7 526336 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll 2015-10-01 05:38:40 2C82D9E55432915A68A609008BDEF41A 1563472 ----a-w- C:\WINDOWS\Sysnative\wmpmde.dll 2015-10-01 05:38:39 F9BD360A4799BB54A01692940C46CA2B 537080 ----a-w- C:\WINDOWS\Sysnative\WWanAPI.dll 2015-10-01 05:38:39 C8C5DFF028EA28D7846E95D8E5461794 570880 ----a-w- C:\WINDOWS\Sysnative\MbaeApi.dll 2015-10-01 05:38:39 311F4D131C28DA12595132A35124E955 910848 ----a-w- C:\WINDOWS\Sysnative\SharedStartModel.dll 2015-10-01 05:38:38 D4E92C0C0F9C5054B03D67A3C0B41961 555768 ----a-w- C:\WINDOWS\Sysnative\directmanipulation.dll 2015-10-01 05:38:38 9C2B0E3A21CECD14E20A848F0DE94B24 517632 ----a-w- C:\WINDOWS\Sysnative\NotificationController.dll 2015-10-01 05:38:38 754BC3E56FF301B9EE8A764932D02124 513536 ----a-w- C:\WINDOWS\Sysnative\ngcsvc.dll 2015-10-01 05:38:38 684F1E1B5D07451B600EA3C3D728A534 281600 ----a-w- C:\WINDOWS\Sysnative\VEEventDispatcher.dll 2015-10-01 05:38:38 33FF0B7585F54C0F33C38F5DCAB1DA01 3586560 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2015-10-01 05:38:37 D5AAA188C70146977CFEE8D128599F3F 378368 ----a-w- C:\WINDOWS\Sysnative\SystemEventsBrokerServer.dll 2015-10-01 05:38:37 B3CD8B2CBC6E48B194116B28F72CDA67 408064 ----a-w- C:\WINDOWS\Sysnative\CredProvDataModel.dll 2015-10-01 05:38:37 913E47FCD3B43EC27215F90884915CAF 780288 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll 2015-10-01 05:38:37 5E010B486F7FB28D9B79AAC471FE484F 476760 ----a-w- C:\WINDOWS\Sysnative\MFCaptureEngine.dll 2015-10-01 05:38:36 A40484AC27EE08DBE7F8DA5E1F6651ED 591360 ----a-w- C:\WINDOWS\Sysnative\wcmsvc.dll 2015-10-01 05:38:36 8D23F0819A00C547814409B734DD3747 503808 ----a-w- C:\WINDOWS\Sysnative\tileobjserver.dll 2015-10-01 05:38:36 5424E49F79EB68E5F10439405101A09B 627712 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.dll 2015-10-01 05:38:35 7614E6E6B53E8FE6E6B8A6D6D3CC2018 1067520 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2015-10-01 05:38:35 363F3F99863C2BB8612C9133E45BF3E6 387584 ----a-w- C:\WINDOWS\Sysnative\LockAppBroker.dll 2015-10-01 05:38:34 D907DFF972354542D5B0B4414B308B75 312832 ----a-w- C:\WINDOWS\Sysnative\SensorsApi.dll 2015-10-01 05:38:34 AE8B34FB5B54025E9C6895A45947A515 796160 ----a-w- C:\WINDOWS\Sysnative\TokenBroker.dll 2015-10-01 05:38:34 509FF13E5C4FD63846FCA01A5ED912DB 521728 ----a-w- C:\WINDOWS\Sysnative\PsmServiceExtHost.dll 2015-10-01 05:38:34 37B5ECB8C390D9FD5A5BB2FFB7294B9E 553808 ----a-w- C:\WINDOWS\Sysnative\SettingSyncHost.exe 2015-10-01 05:38:34 1CD8BB41436524A2748A77005E5DEB8A 579072 ----a-w- C:\WINDOWS\Sysnative\winlogon.exe 2015-10-01 05:38:33 B9FC9E9B55C74557FEC004BF8B1184F4 359936 ----a-w- C:\WINDOWS\Sysnative\ncsi.dll 2015-10-01 05:38:33 09247D43F19CAFEEFEBF6A32F3A1225F 118272 ----a-w- C:\WINDOWS\Sysnative\KnobsCsp.dll 2015-10-01 05:38:32 EA8B28FFF774F7C7862C8746E1FDECF6 273920 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.LockScreen.dll 2015-10-01 05:38:32 D1AA97B30A9ED6F89DC3848C8BF53513 224256 ----a-w- C:\WINDOWS\Sysnative\KnobsCore.dll 2015-10-01 05:38:32 C7503A49364DB2AF7A7DE177B233081F 1844736 ----a-w- C:\WINDOWS\Sysnative\workfolderssvc.dll 2015-10-01 05:38:32 86C0DEE6940878A1496CBBA856FF4E5B 584656 ----a-w- C:\WINDOWS\Sysnative\mf.dll 2015-10-01 05:38:32 506F9F526D42BB4C0A579CB78F923A48 483328 ----a-w- C:\WINDOWS\Sysnative\OneDriveSettingSyncProvider.dll 2015-10-01 05:38:32 49B00A59043431804A5BCB5E48F735B3 414208 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentClient.dll 2015-10-01 05:38:32 157B1CABAF5201237EECA4FB0F34D822 403456 ----a-w- C:\WINDOWS\Sysnative\dmenrollengine.dll 2015-10-01 05:38:31 DAFEABE69E915A2374E13C6B24EF331F 690688 ----a-w- C:\WINDOWS\Sysnative\CellularAPI.dll 2015-10-01 05:38:31 887065722784FD70B880B0D900E4884D 185344 ----a-w- C:\WINDOWS\Sysnative\psmsrv.dll 2015-10-01 05:38:31 7910232E31799A576F2509DA92CB8813 928256 ----a-w- C:\WINDOWS\Sysnative\JpMapControl.dll 2015-10-01 05:38:31 2C144777278ECD6DFF4B5A90F742C1AA 346112 ----a-w- C:\WINDOWS\Sysnative\ngccredprov.dll 2015-10-01 05:38:31 194239DA484C7DB62E6773ABB5DD4463 269312 ----a-w- C:\WINDOWS\Sysnative\provengine.dll 2015-10-01 05:38:30 D7B28BF9E08128C5A8B89FFD5BEB6B88 465920 ----a-w- C:\WINDOWS\Sysnative\wwanconn.dll 2015-10-01 05:38:30 B31569B0E7A467D4050FA49CFCBFCEFA 204800 ----a-w- C:\WINDOWS\Sysnative\wcmcsp.dll 2015-10-01 05:38:30 65A0B3477231CE37B09A719DBBB9FCF1 671232 ----a-w- C:\WINDOWS\Sysnative\WUDFx02000.dll 2015-10-01 05:38:30 41C0EC5B11375F9CA045AFEF1EB75D5F 366592 ----a-w- C:\WINDOWS\Sysnative\wuuhext.dll 2015-10-01 05:38:29 D37063C5B492B7B4F26D24C62167C8BE 137728 ----a-w- C:\WINDOWS\Sysnative\VEStoreEventHandlers.dll 2015-10-01 05:38:29 CF2B0ADDBA61B3B9FA339118FC742032 1812480 ----a-w- C:\WINDOWS\Sysnative\pnidui.dll 2015-10-01 05:38:29 95EC1A9A6926F5091957F6CA52A34F21 162304 ----a-w- C:\WINDOWS\Sysnative\SubscriptionMgr.dll 2015-10-01 05:38:29 88E6A429944544346EC3AE1FD7D24BCC 149504 ----a-w- C:\WINDOWS\Sysnative\tetheringservice.dll 2015-10-01 05:38:29 85146ABCB1EF298D1FF6EE4D5541788C 832512 ----a-w- C:\WINDOWS\Sysnative\MapsStore.dll 2015-10-01 05:38:29 327DA4A4DE4E9BECF2C16967366C74E2 186880 ----a-w- C:\WINDOWS\Sysnative\cloudAP.dll 2015-10-01 05:38:28 99E14B1011FC214DA89D9559AD816B3A 243760 ----a-w- C:\WINDOWS\Sysnative\mfps.dll 2015-10-01 05:38:28 7D2165B4B27E11B3E557DB26CAA2BAFF 1382400 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2015-10-01 05:38:28 65F1F4DBB4A6FA971BF9F00129F452A0 494592 ----a-w- C:\WINDOWS\Sysnative\StoreAgent.dll 2015-10-01 05:38:28 38F08B82ADEEA1003B4A5177BB5366B3 347136 ----a-w- C:\WINDOWS\Sysnative\ncryptprov.dll 2015-10-01 05:38:28 1547E4F51567E522CA96BC367CC9D295 590336 ----a-w- C:\WINDOWS\Sysnative\MessagingDataModel2.dll 2015-10-01 05:38:27 D61C3ED7C5F0D1B5BD9B351FEC381D57 120832 ----a-w- C:\WINDOWS\Sysnative\omadmclient.exe 2015-10-01 05:38:27 B8401703E619E7BD7B5A659306A9BFE6 84480 ----a-w- C:\WINDOWS\Sysnative\MDMAppInstaller.exe 2015-10-01 05:38:27 9BD143B8F803AC81F701BA0B8486212D 752640 ----a-w- C:\WINDOWS\Sysnative\ChatApis.dll 2015-10-01 05:38:27 7DDB731AD3E9F9F91D62E991BD52814F 79872 ----a-w- C:\WINDOWS\Sysnative\HttpsDataSource.dll 2015-10-01 05:38:26 B171608F20705895726DE86B34D1FBAC 95744 ----a-w- C:\WINDOWS\Sysnative\LocationWiFiAdapter.dll 2015-10-01 05:38:26 888513B8C53C7574A9CC14195F5BFCA3 81488 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll 2015-10-01 05:38:26 71107775BE0E612150F032CE21DD9C7C 88384 ----a-w- C:\WINDOWS\Sysnative\remoteaudioendpoint.dll 2015-10-01 05:38:26 2481E9E8858AD0A223FA3110916EF0C1 6572032 ----a-w- C:\WINDOWS\Sysnative\wwanmm.dll 2015-10-01 05:38:26 02077F66F8CF2F1FD58403D371482B01 106496 ----a-w- C:\WINDOWS\Sysnative\KeywordDetectorMsftSidAdapter.dll 2015-10-01 05:38:25 C1E6FBEBD285CABA0985533A56144F5F 288256 ----a-w- C:\WINDOWS\Sysnative\PimIndexMaintenance.dll 2015-10-01 05:38:25 4A54273338073939384A14BF0D7AFC14 88064 ----a-w- C:\WINDOWS\Sysnative\ngckeyenum.dll 2015-10-01 05:38:25 334206DD8DA94B0AEBC46A3196888031 83968 ----a-w- C:\WINDOWS\Sysnative\DeviceEnroller.exe 2015-10-01 05:38:25 02707CF32272B726BB410E6717BBB7E8 446976 ----a-w- C:\WINDOWS\Sysnative\MapConfiguration.dll 2015-10-01 05:38:24 F1A6A22A63F380DFF28C55B11D688B0C 102304 ----a-w- C:\WINDOWS\Sysnative\omadmapi.dll 2015-10-01 05:38:24 EF3BBA8739757B470D0E49C8619A31C0 53760 ----a-w- C:\WINDOWS\Sysnative\Windows.Speech.Pal.dll 2015-10-01 05:38:23 EBD5F0FDD3EBB6EE6F6EE524206AD0AE 26624 ----a-w- C:\WINDOWS\Sysnative\LicenseManagerShellext.exe 2015-10-01 05:38:23 C92EBECB1E30E7E6006C0D8B4040C3F6 274944 ----a-w- C:\WINDOWS\Sysnative\syncutil.dll 2015-10-01 05:38:23 AA38E0578EBAD030D4CB098A9F5E650B 720896 ----a-w- C:\WINDOWS\Sysnative\EmailApis.dll 2015-10-01 05:38:23 A5B7CAFA0327BCBC2FC6F1C9F95191CA 342016 ----a-w- C:\WINDOWS\Sysnative\LocationGeofences.dll 2015-10-01 05:38:22 D88952BD78157D66A0921B63F5DD0EC5 439296 ----a-w- C:\WINDOWS\Sysnative\LocationWebproxy.dll 2015-10-01 05:38:21 DBA8FE1EAA344106C334E193D3D57B66 73728 ----a-w- C:\WINDOWS\Sysnative\wwancfg.dll 2015-10-01 05:38:21 14503C58C1528D83FB2328840784EC78 621056 ----a-w- C:\WINDOWS\Sysnative\enterprisecsps.dll 2015-10-01 05:38:20 F57FE0BD8BD7E1F8088FE18D0FD7BEE9 501008 ----a-w- C:\WINDOWS\Sysnative\AudioEng.dll 2015-10-01 05:38:20 AC180D981BD23443793F7AA71BBE344A 599552 ----a-w- C:\WINDOWS\Sysnative\wpnapps.dll 2015-10-01 05:38:20 959695FD137FF0DEFC6152AAB03AA3D6 1216512 ----a-w- C:\WINDOWS\Sysnative\netcenter.dll 2015-10-01 05:38:20 77C8CD0AACC1D059EDF6E91920D11550 421888 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Bluetooth.dll 2015-10-01 05:38:20 6C9DDD0611379864596D2A8DE7B1870C 504320 ----a-w- C:\WINDOWS\Sysnative\DataSenseHandlers.dll 2015-10-01 05:38:20 43A1B8B43CA4E213E0FD920F2FD6BCBA 267776 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Management.dll 2015-10-01 05:38:20 109F35CCD84FE9AD1E3B6A2953CF2C9D 685568 ----a-w- C:\WINDOWS\Sysnative\AppointmentApis.dll 2015-10-01 05:38:19 E6337423BD19DD12EB6777934B57E0F4 176640 ----a-w- C:\WINDOWS\Sysnative\LocationPeIP.dll 2015-10-01 05:38:19 3B397ED55AE652520503CCE0996B0D25 160256 ----a-w- C:\WINDOWS\Sysnative\enrollmentapi.dll 2015-10-01 05:38:19 07B5710393558DD734647D5F2F020647 215552 ----a-w- C:\WINDOWS\Sysnative\LocationCrowdsource.dll 2015-10-01 05:38:19 02954F6B3389EF56088EF1C99B6105BA 202240 ----a-w- C:\WINDOWS\Sysnative\accountaccessor.dll 2015-10-01 05:38:18 A0DBB9386BEA8DA1A159C2A2E07081A3 856576 ----a-w- C:\WINDOWS\Sysnative\MPSSVC.dll 2015-10-01 05:38:18 9170F95C48D44BABB9546CBDC2D4CEBA 257024 ----a-w- C:\WINDOWS\Sysnative\UserDataAccountApis.dll 2015-10-01 05:38:18 5BA872CD68B18193FC82DFE125A15FC4 163840 ----a-w- C:\WINDOWS\Sysnative\CallHistoryClient.dll 2015-10-01 05:38:18 52E7F6343A99747CE5772B04FFCE00A3 771072 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2015-10-01 05:38:18 3AED81953A08DA52C64F3D92D4A21CD8 223232 ----a-w- C:\WINDOWS\Sysnative\PhoneCallHistoryApis.dll 2015-10-01 05:38:17 63D8A023148D8436D6CBA65E2B9ED56A 143360 ----a-w- C:\WINDOWS\Sysnative\provops.dll 2015-10-01 05:38:17 49213BF8E7EEE157F128C58D75043B09 68096 ----a-w- C:\WINDOWS\Sysnative\EnterpriseDesktopAppMgmtCSP.dll 2015-10-01 05:38:16 EA1C2DAB8A63712B94897A58557B086C 371712 ----a-w- C:\WINDOWS\Sysnative\nlasvc.dll 2015-10-01 05:38:15 ECA28C8F0FF34A2BD8311CBA2D35B143 121856 ----a-w- C:\WINDOWS\Sysnative\dmcsps.dll 2015-10-01 05:38:15 BBA571F40F08F967531573109F7FA95E 169984 ----a-w- C:\WINDOWS\Sysnative\mdmregistration.dll 2015-10-01 05:38:15 98986780B8D494326D28DCAB6D601450 154624 ----a-w- C:\WINDOWS\Sysnative\dmcertinst.exe 2015-10-01 05:38:15 5793FBBB1F120D1815A8348434ED236C 221184 ----a-w- C:\WINDOWS\Sysnative\LocationPeWiFi.dll 2015-10-01 05:38:15 562078FF6ED0C2B1C09078343437D03E 168960 ----a-w- C:\WINDOWS\Sysnative\mdmmigrator.dll 2015-10-01 05:38:14 F0B43C550BD519423FB79A58A860CE0B 204288 ----a-w- C:\WINDOWS\Sysnative\LocationPeCell.dll 2015-10-01 05:38:13 F01743062DA74A24A0E7836289E33731 187904 ----a-w- C:\WINDOWS\Sysnative\provisioningcsp.dll 2015-10-01 05:38:13 E2AE190B76C27430E4E8258D0C44C79B 317440 ----a-w- C:\WINDOWS\Sysnative\configmanager2.dll 2015-10-01 05:38:13 C66E058599A44E0EEA95B3E0547345D2 30208 ----a-w- C:\WINDOWS\Sysnative\syncmlhook.dll 2015-09-23 11:30:25 F116C77FE2249302494FB74CF140C981 42840184 ----a-w- C:\WINDOWS\Sysnative\nvcompiler.dll 2015-09-23 11:30:25 E0983DB12BEDCEBC680B64D22716F613 1064056 ----a-w- C:\WINDOWS\Sysnative\NvIFR64.dll 2015-09-23 11:30:25 CE822DB2ADA8392C7E949E6D6D9F004B 16646112 ----a-w- C:\WINDOWS\Sysnative\nvopencl.dll 2015-09-23 11:30:25 CB5941ECF51485CF8E564EF81590C1E2 177088 ----a-w- C:\WINDOWS\Sysnative\nvinitx.dll 2015-09-23 11:30:25 C7F9946561C18CB45E4470EBBFA30875 2354808 ----a-w- C:\WINDOWS\Sysnative\nvcuvid.dll 2015-09-23 11:30:25 B04F24E51FFC70295A53C16205D555DA 1558832 ----a-w- C:\WINDOWS\Sysnative\nvdispgenco6435598.dll 2015-09-23 11:30:25 944C5EB57AF8766D84EE0688EF0006B9 787384 ----a-w- C:\WINDOWS\Sysnative\nvEncMFTH264.dll 2015-09-23 11:30:25 943D95A9EA7E3C3ADA3B018F9BEE7106 1898104 ----a-w- C:\WINDOWS\Sysnative\nvdispco6435598.dll 2015-09-23 11:30:25 5C7EA9E8409F39B9C5EA195CFFEA4B21 387720 ----a-w- C:\WINDOWS\Sysnative\nvEncodeAPI64.dll 2015-09-23 11:30:25 598F940C16324ED4F7CE7E9D5786551F 376440 ----a-w- C:\WINDOWS\Sysnative\nvDecMFTMjpeg.dll 2015-09-23 11:30:25 57B21A028503F3408FFDC304FE98BD38 1178248 ----a-w- C:\WINDOWS\Sysnative\nvumdshimx.dll 2015-09-23 11:30:25 48FAEF8DD71EB672DAB92710E6849183 150648 ----a-w- C:\WINDOWS\Sysnative\nvoglshim64.dll 2015-09-23 11:30:25 29DF0DC7371CF4F49C01C6E56AC7AE6C 22559352 ----a-w- C:\WINDOWS\Sysnative\nvoglv64.dll 2015-09-23 11:30:25 22039F08C1BC08CFFAE882CD246A6E4C 408184 ----a-w- C:\WINDOWS\Sysnative\NvIFROpenGL.dll 2015-09-23 10:48:11 56AC2C830231640229EE2BD61D207889 110616 ----a-w- C:\WINDOWS\Sysnative\NvRtmpStreamer64.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2015-10-01 05:38:51 89C9C3745F270EF93988DA57BC6AA62B 1983824 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2015-10-01 05:38:48 7EBD20284AC9BF9F0A020B86769BB074 2432336 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2015-10-01 05:38:39 927AD29D7F91B9A0C5294932374DA15E 894256 ----a-w- C:\WINDOWS\Sysnative\drivers\Wdf01000.sys 2015-10-01 05:38:33 FDB239DBE2A14B572D21ABCEDC7BB5D0 505696 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2015-10-01 05:38:33 FCC211B0F46D831506D0D76539203899 929280 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2015-10-01 05:38:33 C08449092043601887A1743350888635 516448 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2015-10-01 05:38:33 5A1C6AFFF6946C5C21A27AE05084C0D1 332624 ----a-w- C:\WINDOWS\Sysnative\drivers\fastfat.sys 2015-10-01 05:38:30 B6A33DCEBE437F909615E89BA5FB1385 395088 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2015-10-01 05:38:27 70469C8AC4AD367295E70CFDD81B754C 99664 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys 2015-10-01 05:38:26 FA5C94FB36625787063D04CF2F24E890 320000 ----a-w- C:\WINDOWS\Sysnative\drivers\portcls.sys 2015-10-01 05:38:26 854AF190F55E6D70EC65A85798F896E2 36352 ----a-w- C:\WINDOWS\Sysnative\drivers\buttonconverter.sys 2015-10-01 05:38:23 616F40B897DA651221F86A1741E9609B 1168736 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2015-10-01 05:38:21 1434CA8A224655AD096D57DB24D3AA85 406864 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS 2015-10-01 05:38:21 004C66464D8FE76D5DA78BE6777D61AF 278352 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys ====== C:\WINDOWS\Tasks ====== 2015-09-09 17:51:20 985D7F00BCCE074FB44B73E65D079863 3816 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player Updater 2015-09-09 17:51:20 8DA57A02D5BDB225B18E6AF9A585C05B 830 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-09-11 19:06:44 -------- d-----w- C:\Program Files\Microsoft Silverlight 2015-09-09 16:56:40 -------- d-----w- C:\Program Files\Envelope Manager ======= C:\PROGRA~2 ===== 2015-09-11 19:06:44 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2015-09-09 18:11:41 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2015-09-09 16:57:16 -------- d-----w- C:\PROGRA~2\Endicia ======= C: ===== ====== C:\Users\Shukhrat\AppData\Roaming ====== 2015-09-14 15:15:11 -------- d-----w- C:\Users\Shukhrat\AppData\Local\LogMeIn Rescue Applet 2015-09-14 10:43:59 -------- d-----w- C:\Users\Shukhrat\AppData\Local\CEF 2015-09-11 19:01:42 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\PeerDistRepub 2015-09-09 16:57:02 -------- d-----w- C:\Users\Shukhrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZzle ====== C:\Users\Shukhrat ====== 2015-10-02 10:13:13 2DDAF1B28DD5B82A75C973CC263B1012 2192384 ----a-w- C:\Users\Shukhrat\Desktop\frst64.exe 2015-09-16 04:01:19 -------- d-----r- C:\Users\Shukhrat\3D Objects 2015-09-11 19:06:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-09-09 18:11:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-09-09 16:57:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Endicia ====== C: exe-files == 2015-10-03 15:21:02 8259E9D39B76FC64BA8B3C009D9ACD16 70239 ----a-w- C:\Users\Shukhrat\AppData\Local\Temp\ocrFB09.tmp\bin\rubyw.exe 2015-10-03 15:20:17 8259E9D39B76FC64BA8B3C009D9ACD16 70239 ----a-w- C:\Users\Shukhrat\AppData\Local\Temp\ocr6B6C.tmp\bin\rubyw.exe 2015-10-02 21:14:48 5BACD68B116CAA67B71F4F9DB500A47B 812008 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-10-02 12:38:54 C73B06E7D0063713CDEE6C160B692603 6376136 ----a-w- C:\Users\Shukhrat\AppData\Local\NVIDIA\NvBackend\Packages\00007f71\DAO.20019059.exe 2015-10-02 10:13:13 2DDAF1B28DD5B82A75C973CC263B1012 2192384 ----a-w- C:\Users\Shukhrat\Desktop\frst64.exe 2015-10-02 09:48:46 B27D83D274BFECEF8F79DB8366A8A5A2 630200 ----a-w- C:\Users\Shukhrat\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2015-10-02 09:48:42 371AE2919C35094233EE40BA01FD02EF 172984 ----a-w- C:\Users\Shukhrat\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2015-10-01 12:37:52 2C32056CB8E5C4F7A2CE7FF4588098B6 528632 ----a-w- C:\Users\Shukhrat\AppData\Local\NVIDIA\NvBackend\Packages\00007f6a\CoProc update.20014793.exe 2015-10-01 05:39:02 695DFBE0357DB32E4475F74053D021BC 7455056 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 2015-10-01 05:39:01 4A6E77B420F384AA8CB429904F7BF088 6263152 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 2015-10-01 05:38:53 E19833B3E69A5B829AB97D5CBD3BF356 1876832 ----a-w- C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe 2015-10-01 05:38:46 5252CE15DB06AB5A796EBC361EAC1528 8020816 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-10-01 05:38:44 5275394FE00E85B13DC535C67961DFEB 1907536 ----a-w- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe 2015-10-01 05:38:40 F55E9DF5284E75728CBED4EC3228A536 624480 ----a-w- C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe 2015-10-01 05:38:35 258A4F9A2C91C6C6E36775CDCCB4AFE1 441168 ----a-w- C:\Windows\SysWOW64\SettingSyncHost.exe 2015-10-01 05:38:34 37B5ECB8C390D9FD5A5BB2FFB7294B9E 553808 ----a-w- C:\Windows\System32\SettingSyncHost.exe 2015-10-01 05:38:34 1CD8BB41436524A2748A77005E5DEB8A 579072 ----a-w- C:\Windows\System32\winlogon.exe 2015-10-01 05:38:31 E1DB432B3147F70BF684846439ADE38B 136192 ----a-w- C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe 2015-10-01 05:38:30 948BD4AC1C7C572312048A284D6C9A7F 562688 ----a-w- C:\Windows\System32\Speech\SpeechUX\SpeechUXWiz.exe 2015-10-01 05:38:27 D61C3ED7C5F0D1B5BD9B351FEC381D57 120832 ----a-w- C:\Windows\System32\omadmclient.exe 2015-10-01 05:38:27 B8401703E619E7BD7B5A659306A9BFE6 84480 ----a-w- C:\Windows\System32\MDMAppInstaller.exe 2015-10-01 05:38:25 334206DD8DA94B0AEBC46A3196888031 83968 ----a-w- C:\Windows\System32\DeviceEnroller.exe 2015-10-01 05:38:23 EBD5F0FDD3EBB6EE6F6EE524206AD0AE 26624 ----a-w- C:\Windows\System32\LicenseManagerShellext.exe 2015-10-01 05:38:22 ACF279AB64D406EDB223543E5A113939 220160 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe 2015-10-01 05:38:15 98986780B8D494326D28DCAB6D601450 154624 ----a-w- C:\Windows\System32\dmcertinst.exe 2015-10-01 05:38:14 9853C2A9EF7FBC341C65EF89908CA052 482816 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe 2015-10-01 01:21:25 07D733DAB53FD7E2E7C8442216073379 873800 ----a-w- C:\Users\Shukhrat\AppData\Local\Google\Chrome\User Data\SwReporter\4.30.2\software_reporter_tool.exe 2015-09-30 01:33:01 B6C8B1928AC45478B6E93D1FE137C6B2 20002936 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamUserAgent.exe 2015-09-30 01:33:01 B4B94730DD0A773BEEE0D04C03831ED1 413816 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe 2015-09-30 01:33:01 0A5AED155856E5577C8459C342B281C8 196216 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\WLMerger.exe 2015-09-30 01:33:00 E96B799CB869D44EF1E9B86E6CF4C2E1 6753912 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe 2015-09-30 01:33:00 DF8AD79792E1497931078DA1F4ABFD3D 5568632 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamService.exe 2015-09-30 01:33:00 DB28739CEC33A99C8305FB3227551554 4325496 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamService.exe 2015-09-30 01:33:00 D0799048CB088A40C197D7A853A22BCA 7575160 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamNetworkService.exe 2015-09-30 01:33:00 CF1D8A04AEA4430AED399784A59B2181 21982840 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamUserAgent.exe 2015-09-30 01:33:00 8F8DEF7B1603DFFEA9B637F2D89B6485 5832824 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamNetworkService.exe 2015-09-30 01:33:00 3273C4A12363EB9C4B8012F14D5EFD9D 6536824 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps.exe 2015-09-30 01:33:00 2ED3B8015B64B7C16D8284345EAF9BDA 7521400 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps64.exe 2015-09-30 01:33:00 0B8B200882805714946A71BC48E8E8D8 5375608 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe 2015-09-30 01:32:59 F8B89E1C3481A0913C4907E0049B1C33 1872504 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Network.Service\NVNetworkService.exe 2015-09-30 01:32:59 E2CEFE9EC6FC9F026560E114E0B65BB3 126768 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedVisualizer.exe 2015-09-30 01:32:59 BFB4CF2C38D128E98A17C1B3F63E19A5 921208 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService32.exe 2015-09-30 01:32:59 8179F1373AC4D314D5DB635A7D229CFA 637560 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe 2015-09-30 01:32:59 7B94B2EEBC6598855A3BC3DC514BD4E7 967168 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\OSC\OSC\nvosc.exe 2015-09-30 01:32:59 779ED81CF4B582FDEA8640748DBEE505 4724856 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\GFExperience.exe 2015-09-30 01:32:59 70B5A5DDC391A2D49A6B547D0E4C2D74 519800 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\DXSETUP.exe 2015-09-30 01:32:59 5CD29B38F63BC347CB1EB145F762B035 1058424 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\LaunchGFExperience.exe 2015-09-30 01:32:59 556AB278B0F33E7B3C6552E0E47E8B40 1872504 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVNetworkService.exe 2015-09-30 01:32:59 1DBBA035AF2C44D1D512FC55DB57D3BB 1155192 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService64.exe 2015-09-30 01:32:59 196866BCDAAC49240DF9B8975D0652F9 87344 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedServiceHost.exe 2015-09-30 01:32:59 182ACCC286FF1F9A1B37DB2B04F65586 595576 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\7z.exe 2015-09-30 01:32:59 08CB3177A4FFCD0B5C22863B3D982709 2730616 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\NvBackend.exe 2015-09-30 01:32:50 A694CA5B8A120B12DFD8AF0E07099C1D 39990160 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\9ed0ae25-7d50-410f-b34b-016b5b2a9d77\GeForce_Experience_Beta_Update_v2.6.1.10.exe === C: other files == 2015-10-03 15:20:28 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Shukhrat\AppData\Local\Temp\_MEI95322\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-10-03 15:20:28 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Shukhrat\AppData\Local\Temp\_MEI95322\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-10-01 05:38:51 89C9C3745F270EF93988DA57BC6AA62B 1983824 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2015-10-01 05:38:48 7EBD20284AC9BF9F0A020B86769BB074 2432336 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2015-10-01 05:38:39 927AD29D7F91B9A0C5294932374DA15E 894256 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2015-10-01 05:38:38 33FF0B7585F54C0F33C38F5DCAB1DA01 3586560 ----a-w- C:\Windows\System32\win32kfull.sys 2015-10-01 05:38:33 FDB239DBE2A14B572D21ABCEDC7BB5D0 505696 ----a-w- C:\Windows\System32\drivers\dxgmms2.sys 2015-10-01 05:38:33 FCC211B0F46D831506D0D76539203899 929280 ----a-w- C:\Windows\System32\drivers\bthport.sys 2015-10-01 05:38:33 C08449092043601887A1743350888635 516448 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS 2015-10-01 05:38:33 5A1C6AFFF6946C5C21A27AE05084C0D1 332624 ----a-w- C:\Windows\System32\drivers\fastfat.sys 2015-10-01 05:38:30 B6A33DCEBE437F909615E89BA5FB1385 395088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2015-10-01 05:38:28 7D2165B4B27E11B3E557DB26CAA2BAFF 1382400 ----a-w- C:\Windows\System32\win32kbase.sys 2015-10-01 05:38:27 70469C8AC4AD367295E70CFDD81B754C 99664 ----a-w- C:\Windows\System32\drivers\pdc.sys 2015-10-01 05:38:26 FA5C94FB36625787063D04CF2F24E890 320000 ----a-w- C:\Windows\System32\drivers\portcls.sys 2015-10-01 05:38:26 854AF190F55E6D70EC65A85798F896E2 36352 ----a-w- C:\Windows\System32\drivers\buttonconverter.sys 2015-10-01 05:38:23 616F40B897DA651221F86A1741E9609B 1168736 ----a-w- C:\Windows\System32\drivers\ndis.sys 2015-10-01 05:38:21 1434CA8A224655AD096D57DB24D3AA85 406864 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2015-10-01 05:38:21 004C66464D8FE76D5DA78BE6777D61AF 278352 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2015-09-30 01:33:25 CD7C434AA2949DD5ABD3713A9CD91ACD 19576 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys 2015-09-30 01:33:25 C2A9985C97DF5946AEAE7C001625410C 44840 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad32v.sys 2015-09-30 01:33:25 ADAFEE18602E1DE25C1EBC5C8695B5EC 14456 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService32.sys 2015-09-30 01:33:25 9D9CAD70EA640AB8D3EB77BFAE6CABE2 28344 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter64.sys 2015-09-30 01:33:25 950A55DD6B337EA7720802F6711099CE 15480 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService64.sys 2015-09-30 01:33:25 7ABD081BB7A1A8CF7E3B1E64183AB812 24760 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter32.sys 2015-09-30 01:33:25 6585F2637E7A845D030372B30AA61F2D 18552 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys 2015-09-30 01:33:25 35DFC12FD7E44B7CB8CCD7E5A2B3975A 50472 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad64v.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3881268226-3317070643-463687028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Pro Agent"="C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe -autorun" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "Spotify Web Helper"="C:\Users\Shukhrat\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Plex Media Server"="C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "OzLINK for UPS Startup"="C:\Users\Shukhrat\AppData\Local\Oz Development\OzLINK for UPS\App\OzLINK for UPS Startup.exe" "OneDrive"="C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Lync"="C:\Program Files\Microsoft Office\Office15\lync.exe /fromrunkey" "Spotify"="C:\Users\Shukhrat\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_USERS\S-1-5-21-3881268226-3317070643-463687028-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3881268226-3317070643-463687028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" "Uninstall C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64" "Uninstall C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" [HKEY_USERS\S-1-5-21-3881268226-3317070643-463687028-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe" "ControlCenterCount"="C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe" "Corsair K95"="C:\Program Files (x86)\Corsair\K95 Keyboard\K95Hid.exe" "PivotSoftware"="C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe" "DT HPC"="C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPC" "PowerPanel Personal Edition User Interaction"="C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" "DLSService"="C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe" "Intuit SyncManager"="C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup" "ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun" "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "Fast Boot"="C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Corsair Utility Engine"="C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe --autorun" "Super Charger"="C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe" "Command Center"="C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe" "Live Update"="C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Pro Agent"="C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe -autorun" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "Spotify Web Helper"="C:\Users\Shukhrat\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Plex Media Server"="C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "OzLINK for UPS Startup"="C:\Users\Shukhrat\AppData\Local\Oz Development\OzLINK for UPS\App\OzLINK for UPS Startup.exe" "OneDrive"="C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Lync"="C:\Program Files\Microsoft Office\Office15\lync.exe /fromrunkey" "Spotify"="C:\Users\Shukhrat\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" "Uninstall C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64" "Uninstall C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Shukhrat\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/22/2015 01:52 AM] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/28/2015 12:20 AM] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/28/2015 12:20 AM] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3881268226-3317070643-463687028-1001UA" [C:\Users\Shukhrat\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\WSCStub.exe"] "C:\WINDOWS\SysNative\tasks\Private Internet Access Startup" ["C:\Program Files\pia_manager\pia_manager.exe"] "C:\WINDOWS\SysNative\tasks\SpyHunter4Startup" ["C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"] "C:\WINDOWS\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton Security with Backup\Norton Autofix" [C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton Security with Backup\Norton Error Analyzer" [C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton Security with Backup\Norton Error Processor" [C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\SymErr.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Shukhrat\AppData\Roaming\Mozilla\Firefox\Profiles\60j4u87l.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.search.defaultenginename.US", "Google"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.1.0.9\coFFPlgn" [10/03/2015 11:20 AM] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Shukhrat\AppData\Roaming\Mozilla\Firefox\Profiles\60j4u87l.default - Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.1.0.9\coFFPlgn AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Shukhrat\AppData\Roaming\Mozilla\Firefox\Profiles\60j4u87l.default 1A62BB86D17B8DC0D4339BACC8D60635 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 45.0.2454.101 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjabmdjcfcfdmffimndhafhblfmpjdpe - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\Exts\Chrome.crx[07/10/2015 12:03 AM] iikflkcanblccfahdhdonehdalibjnif - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[07/14/2014 06:22 PM] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Floorplanner - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag Google Drive - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Firebug Lite for Google Chrome™ - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench Google Cast - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd Videostream for Google Chromecast™ - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl Google Search - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Tab Manager - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coonecdghnepgiblpccbbihiahajndda Calculator Widget - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpplagdendnkjkiaiaijfphiflaflinc Google Calendar - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn Postman - REST Client - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdmmgilgnpjigdojojpjoooidkmcomcm Compare International Prices - AMADIFF.com - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkgjaeeajfkgjmmpdgcocokcfgbfcoc Google Docs Offline - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi The Camelizer - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo AdBlock - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Amazonia Right Click Search - Amazon Co UK - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpmkacpkcakamljkjdjfgmncbpfjacjl XPath Helper - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgimnogjllphhhkhlmebbmlgjoejdpjl Google Keep - notes and lists - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki DS Amazon Quick View mx - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\iphjnmlnfhakpddieemnfolejgbpjmcd Google Forms - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg DS Amazon Quick View - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkompbllimaoekaogchhkmkdogpkhojg Hangouts - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl Chrome Hotword Shared Module - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg Linkclump - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj InvisibleHand - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lghjfnfolmcikomdjmoiemllfnlmmoko JSON Editor - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhkmoheomjbkfloacpgllgjcamhihfaj ASIN Helper - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lknlnfochnodlbdhbakjjgelgomhjigk Google Drive App Launcher - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Google Maps - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh Session Manager - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghenlmbmjcpehccoangkdpagbcbkdpc Keepa - Amazon Price Tracker - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo Please enter the name of the session - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmidkjogcjnnlfimjcedenagjfacpobb Chrome Web Store Payments - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Context Menu Search - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga Chrome Apps & Extensions Developer Tool - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc The Tracktor - Price History Tracker - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\onajjgekdldckfgodnmoallcmdmfcfom Amazon 1Button App for Chrome - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam Extract Asin Universal - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pidkhbhaankobmkallidpgihcdcjdefn Gmail - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Amazonia Right Click Search - Amazon.com - Shukhrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkngfjindjkdikklhiiofondocdmdeep ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on Sat 10/03/2015 at 11:25:46.92 ====================== [/QUOTE]
Insert quotes…
Verification
Post reply
Top