Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by kai on vr 09-09-2016 at  8:34:52,37.
Microsoft Windows 8.1 met Bing 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\kai\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

9-9-2016 08:39:05 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\New Folder deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\PROGRA~3\McAfee deleted successfully
C:\Users\kai\AppData\Local\EmieSiteList deleted successfully
C:\Users\kai\AppData\Local\EmieUserList deleted successfully
C:\Users\kai\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-974250824-2886707618-1983489586-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-974250824-2886707618-1983489586-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-974250824-2886707618-1983489586-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-974250824-2886707618-1983489586-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-974250824-2886707618-1983489586-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_USERS\S-1-5-21-974250824-2886707618-1983489586-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_USERS\S-1-5-21-974250824-2886707618-1983489586-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0D371E1C-1921-47B4-A14D-5E17BDF1298D} deleted successfully
HKEY_USERS\S-1-5-21-974250824-2886707618-1983489586-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{234900CB-85E5-4F78-9A0E-3AEE130EFB55} deleted successfully
HKEY_USERS\S-1-5-21-974250824-2886707618-1983489586-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40443740-6E30-467C-A029-4C50F0DFD492} deleted successfully
HKEY_USERS\S-1-5-21-974250824-2886707618-1983489586-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42012753-839A-4CB2-801E-99F5D4595175} deleted successfully
HKEY_USERS\S-1-5-21-974250824-2886707618-1983489586-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EC9D316-B32E-4143-BE62-EF9A6C0BFB9B} deleted successfully
HKEY_USERS\S-1-5-21-974250824-2886707618-1983489586-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7C2FE5C-0148-425E-A689-64C9461073ED} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\oldsearch deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\kai\AppData\Roaming\Mozilla\Firefox\Profiles\2wchg9te.default

user.js not found
---- Lines LVD-SAE removed from prefs.js ----
user_pref("extensions.LVD-SAE.apn_ptnrs", "\"\"");
user_pref("extensions.LVD-SAE.chrome_ext.appid", "107");
user_pref("extensions.LVD-SAE.chrome_ext.clid", "{af9edee9-ddbf-49ea-9a8d-fbffcb9dd89c}");
user_pref("extensions.LVD-SAE.chrome_ext.d", "533-107-0");
user_pref("extensions.LVD-SAE.chrome_ext.first_install_time", "1436974232");
user_pref("extensions.LVD-SAE.chrome_ext.installParams", "<?xml version=\"1.0\" encoding=\"utf-8\"?>\r\n<ext_install_statistics_reply>\r\n    <s2s><//
user_pref("extensions.LVD-SAE.chrome_ext.loginParams", "<?xml version=\"1.0\" encoding=\"utf-8\"?>\r\n<ext_login_statistics_reply>\r\n    <country>NL<
user_pref("extensions.LVD-SAE.chrome_ext.lpid", "4067");
user_pref("extensions.LVD-SAE.chrome_ext.pubid", "0");
user_pref("extensions.LVD-SAE.chrome_ext.sysid", "533");
user_pref("extensions.LVD-SAE.chrome_ext.tgid", "0");
user_pref("extensions.LVD-SAE.d", "\"533-107-0\"");
user_pref("extensions.LVD-SAE.doi", "\"2015-07-15\"");
user_pref("extensions.LVD-SAE.installed", "1");
user_pref("extensions.LVD-SAE.its", "1436974237587");
user_pref("extensions.LVD-SAE.its_ds", "1436974237587");
user_pref("extensions.LVD-SAE.its_nt", "1436974237587");
user_pref("extensions.LVD-SAE.language", "nl");
user_pref("extensions.LVD-SAE.newTabSearchURL", "\"http://dts.search.ask.com/sr?gct=hp&o=APN10644A&sysid=533&qrsc=2871&l=dis&sver=3&t_type=0&dateOfIns
user_pref("extensions.LVD-SAE.newtabUrl", "chrome://LVD-SAE/content/unpackedcrx/newtab/newtab.html");
user_pref("extensions.LVD-SAE.ntConsent", "yes");
user_pref("extensions.LVD-SAE.o_ds", "\"\"");
user_pref("extensions.LVD-SAE.o_hp", "\"\"");
user_pref("extensions.LVD-SAE.prevPhoneHomeTime", "1473256691418");
user_pref("extensions.LVD-SAE.searchURL", "\"http://dts.search.ask.com/sr?gct=ds&o=APN10644&sysid=533&qrsc=2871&l=dis&sver=3&t_type=0&dateOfInstall=20
user_pref("extensions.LVD-SAE.uninstallUrl", "http://lp.ilividnewtab.com/uninstall.php?extid=LVD-SAE@iacsearchandmedia.com&extver=8.5&sysid=533&appid=
user_pref("extensions.LVD-SAE.v", "\"8.5-1194-0\"");
user_pref("extensions.LVD-SAE.wpid_ds", "\"LVD-SAE\"");
user_pref("extensions.LVD-SAE.wpid_nt", "\"LVD-SAE\"");
user_pref("extensions.saeListNT", "[\"BrowserOpenNewTabOrWindow(event);\",\"LVD-SAE@iacsearchandmedia.com\"]");
---- Lines {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} removed from prefs.js ----
user_pref("extensions.xpiState", "{\"app-profile\":{\"firefox-hotfix@mozilla.org\":{\"d\":\"C:\\\\Users\\\\kai\\\\AppData\\\\Roaming\\\\Mozilla\\\\Fir
---- FireFox user.js and prefs.js backups ---- 

prefs_09-09-2016_0915_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\New Folder not found
C:\PROGRA~2\Origin Games not found
C:\ProgramData\McAfee not found
C:\Program Files (x86)\McAfee not found
C:\Program Files\mcafee not found
C:\ProgramData\IObit deleted
C:\ProgramData\ProductData deleted
C:\Program Files (x86)\IObit deleted
C:\Users\kai\AppData\Roaming\IObit deleted
C:\Program Files\Common Files\McAfee deleted
C:\windows\sysWoW64\config\systemprofile\.android deleted
C:\PROGRA~2\FileOpenerPro deleted
C:\PROGRA~2\pandasecuritytb deleted
C:\Users\Public\Pokki deleted
C:\Users\kai\AppData\Roaming\WB.CFG deleted
C:\Users\kai\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PC App Store.lnk deleted
C:\Users\kai\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Start Menu.lnk deleted
C:\windows\SysNative\config\systemprofile\AppData\Roaming\ETDCoInstaller.log deleted
C:\PROGRA~3\Pokki deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\Users\kai\AppData\Local\{25191345-01B1-7FFD-6C29-5A154841A68D} deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileOpenerPro deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk deleted
C:\Users\kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk deleted
C:\Users\kai\AppData\LocalLow\pandasecuritytb deleted
C:\end deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\kai\AppData\Roaming\Mozilla\Firefox\Profiles\2wchg9te.default\pandasecuritytb deleted
C:\Users\Public\Desktop\FileOpenerPro.lnk deleted
C:\Users\kai\AppData\Roaming\Mozilla\Firefox\Profiles\2wchg9te.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}.xpi deleted

==== Files Recently Created / Modified ======================

====== C:\windows ====
2016-09-08 06:42:52	7826082B93262AB6460E77B91C61EA30	128512	----a-w-	C:\windows\splwow64.exe
2016-09-07 18:55:19	B3541A5A20C6264781909B1B7FE54836	2757616	----a-w-	C:\windows\explorer.exe
====== C:\Users\kai\AppData\Local\Temp ====
2016-09-08 13:06:24	560EDC0912BDB68290930E2542823A24	135760	----a-w-	C:\Users\kai\AppData\Local\Temp\ehdrv.sys
====== Java Cache =====
====== C:\windows\SysWOW64 =====
2016-09-08 18:11:22	E07B4B9B53502D0076575D06A5C3ED94	536768	----a-w-	C:\windows\SysWOW64\msvcp120_clr0400.dll
2016-09-08 18:11:22	AA04BD16B9D3D05F18DF41C981A07A1A	875712	----a-w-	C:\windows\SysWOW64\msvcr120_clr0400.dll
2016-09-08 06:52:18	E3925B4D7AE619468031677BC95B0020	164864	----a-w-	C:\windows\SysWOW64\rascfg.dll
2016-09-08 06:50:06	F84359809C17F1F11598AF15C32C6622	868864	----a-w-	C:\windows\SysWOW64\Windows.Globalization.dll
2016-09-08 06:50:06	80582AA01F5BD0FA9DA153630208CD93	513456	----a-w-	C:\windows\SysWOW64\locale.nls
2016-09-08 06:50:03	CAE3F5A31092521F08624F9797ED72EA	200704	----a-w-	C:\windows\SysWOW64\GlobCollationHost.dll
2016-09-08 06:49:58	8F693C83B367F9B04271E9DBC08ADA7D	7168	----a-w-	C:\windows\SysWOW64\KBDAZEL.DLL
2016-09-08 06:49:58	80A137ED266913C13FE4E30FC2D38838	7168	----a-w-	C:\windows\SysWOW64\KBDAZE.DLL
2016-09-08 06:49:57	EC29997928C7453BB25D1A3A3A71665F	7168	----a-w-	C:\windows\SysWOW64\KBDAZST.DLL
2016-09-08 06:49:57	87F4773DE0231F08BB572AC09A98EEE2	7168	----a-w-	C:\windows\SysWOW64\kbdgeoqw.dll
2016-09-08 06:48:08	1ED58A2A65A540827E93706ADC5F402B	498688	----a-w-	C:\windows\SysWOW64\dnsapi.dll
2016-09-08 06:48:07	3901F08EFB0E5BC63F81645FC69B73A7	2539008	----a-w-	C:\windows\SysWOW64\esent.dll
2016-09-08 06:48:04	D8F8046DA2CA5F52F5FD1CB6230E21CC	628736	----a-w-	C:\windows\SysWOW64\rasapi32.dll
2016-09-08 06:48:03	E6B458615508D30B4B3EA01D4B9891FB	319488	----a-w-	C:\windows\SysWOW64\mprddm.dll
2016-09-08 06:48:02	7B72F7997113D413C92F66AD03D78BBE	1212248	----a-w-	C:\windows\SysWOW64\ole32.dll
2016-09-08 06:47:59	8D9F6E1A80642968EB3704C6E7B7E268	187392	----a-w-	C:\windows\SysWOW64\mprdim.dll
2016-09-08 06:47:56	73B4FF7FC30E2D722AC5435CC8EDF55E	157016	----a-w-	C:\windows\SysWOW64\dssenh.dll
2016-09-08 06:47:53	D618055B8F13FFC2061DEA55A4E25053	285184	----a-w-	C:\windows\SysWOW64\iprtrmgr.dll
2016-09-08 06:47:53	C05E8A87B36AE09F12428EB6470B1C18	185856	----a-w-	C:\windows\SysWOW64\rasppp.dll
2016-09-08 06:47:52	E49E9DB05732B27B2E42B524D7950321	145920	----a-w-	C:\windows\SysWOW64\rasman.dll
2016-09-08 06:43:05	94743D320BA649382829A5FE8C12DDF1	801584	----a-w-	C:\windows\SysWOW64\mfplat.dll
2016-09-08 06:43:04	A9957240537BEE1988B03A6B1E135773	885760	----a-w-	C:\windows\SysWOW64\MFMediaEngine.dll
2016-09-08 06:43:03	001E1E3546EA80D1A97E7E2BF6F72969	555520	----a-w-	C:\windows\SysWOW64\WSDApi.dll
2016-09-08 06:43:02	6E9C931731AB16217D3A5472B9B442EB	94208	----a-w-	C:\windows\SysWOW64\QSVRMGMT.DLL
2016-09-08 06:42:58	6F57859B54404D350E525413322F7AA2	169984	----a-w-	C:\windows\SysWOW64\WinSCard.dll
2016-09-08 06:42:56	85D880636B8246BD4EF4061F25D84C18	155648	----a-w-	C:\windows\SysWOW64\QSHVHOST.DLL
2016-09-08 06:42:55	B98F9F25D0CCA83E1CA79D1F8BAA1075	465408	----a-w-	C:\windows\SysWOW64\DevicePairing.dll
2016-09-08 06:42:54	92937F1A41E6EC1D89BC4D89AC99035B	1142272	----a-w-	C:\windows\SysWOW64\vssapi.dll
2016-09-08 06:42:54	29A35A031EC84D7D9E393A59BEE37888	39424	----a-w-	C:\windows\SysWOW64\kmddsp.tsp
2016-09-08 06:42:52	7CC0DD976389300196B2DB4E3F77662C	33280	----a-w-	C:\windows\SysWOW64\rasmxs.dll
2016-09-08 06:42:52	7AB08744F06F0BDC87DC124F4276A08E	15360	----a-w-	C:\windows\SysWOW64\eventcls.dll
2016-09-08 06:42:52	75692538076B0402E7236A314A027299	55296	----a-w-	C:\windows\SysWOW64\vsstrace.dll
2016-09-08 06:42:52	210642D9D287AEDED8BB3123580177D4	22528	----a-w-	C:\windows\SysWOW64\rasser.dll
2016-09-08 06:42:52	017E4B714298435849AC02F32A1C6BDA	61440	----a-w-	C:\windows\SysWOW64\rasdiag.dll
2016-09-08 06:11:44	955DC56DC263DBF2B433829192D88CD9	828408	----a-w-	C:\windows\SysWOW64\FlashPlayerApp.exe
2016-09-08 06:11:44	26144B5C2B08E127298A71BF79D10B48	176632	----a-w-	C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-07 19:38:52	3B26DCAB842C280FA7271FF2B58D3293	28352	----a-w-	C:\windows\SysWOW64\aspnet_counters.dll
2016-09-07 19:11:27	2C052D70B5EE0CD36A443A93B3D4BB61	747520	----a-w-	C:\windows\SysWOW64\rpcrt4.dll
2016-09-07 19:10:21	FFBA16380D7EF0F04269868FCE5441BD	702976	----a-w-	C:\windows\SysWOW64\CPFilters.dll
2016-09-07 19:10:21	43D1E548DF6B92D76EDA39DF70917BC6	443392	----a-w-	C:\windows\SysWOW64\EncDec.dll
2016-09-07 19:10:19	AF9D04B9416E7FFCAA089A66468BAFC2	48640	----a-w-	C:\windows\SysWOW64\cfgbkend.dll
2016-09-07 19:10:18	F098034055C3B1AE2DEC3600E47618E6	115704	----a-w-	C:\windows\SysWOW64\gpapi.dll
2016-09-07 19:10:18	BD5051CAE3AE0CBC402085A6E57B3CA9	291328	----a-w-	C:\windows\SysWOW64\polstore.dll
2016-09-07 19:10:18	789AD6DFEF198B32EBD12646D99CD2A1	50176	----a-w-	C:\windows\SysWOW64\FwRemoteSvr.dll
2016-09-07 19:08:54	DDD98338F1D4B71AAB293CCF98F398DD	503808	----a-w-	C:\windows\SysWOW64\StructuredQuery.dll
2016-09-07 19:08:53	B82BB75B4109CB4E36F2080182C5FB96	561664	----a-w-	C:\windows\SysWOW64\qedit.dll
2016-09-07 19:06:28	B138A527F11849011B695DA251F02F34	64512	----a-w-	C:\windows\SysWOW64\samlib.dll
2016-09-07 19:06:25	92F70A87793C9CE2F8D9B8141B10E2DF	4068352	----a-w-	C:\windows\SysWOW64\d2d1.dll
2016-09-07 19:05:33	DFD28806151F852EE056759968E791AB	1063424	----a-w-	C:\windows\SysWOW64\mispace.dll
2016-09-07 19:04:11	8E7BB0D381C61232C965CB55F654B17F	786152	----a-w-	C:\windows\SysWOW64\mfmp4srcsnk.dll
2016-09-07 19:03:59	F96956BBED66937350B360497AAA4EE2	507392	----a-w-	C:\windows\SysWOW64\untfs.dll
2016-09-07 19:03:31	C9F702A1C979C4DAF192C0A66BD4EB97	375296	----a-w-	C:\windows\SysWOW64\Windows.UI.dll
2016-09-07 19:03:14	77988DF39C0B03ECEC23D983828C551E	1484888	----a-w-	C:\windows\SysWOW64\msmpeg2adec.dll
2016-09-07 19:03:14	4947C613E6A3979B7532784BB1F1FF88	2528784	----a-w-	C:\windows\SysWOW64\WMVDECOD.DLL
2016-09-07 19:03:13	DCAE83B49A2CCB4C8C5AE303E336E5E4	2324744	----a-w-	C:\windows\SysWOW64\mfcore.dll
2016-09-07 19:03:13	D4308B86A037A3F961AD8DC9453D13B0	1115640	----a-w-	C:\windows\SysWOW64\mfnetsrc.dll
2016-09-07 19:03:12	FA9C431BD37D08B3827920AAEC15BB79	1037680	----a-w-	C:\windows\SysWOW64\WMADMOD.DLL
2016-09-07 19:03:12	E8DAB63684F3E835DB238126A9EE7DE6	2447136	----a-w-	C:\windows\SysWOW64\WMVENCOD.DLL
2016-09-07 19:03:12	246FAB0A3797CA09EB2784F56210460B	700360	----a-w-	C:\windows\SysWOW64\mfnetcore.dll
2016-09-07 19:03:11	C2A0E75716AB62945EE7A5424A191A85	399776	----a-w-	C:\windows\SysWOW64\mfsvr.dll
2016-09-07 19:03:11	A5AFCB657F36FEC0D02829FB55CADECC	887296	----a-w-	C:\windows\SysWOW64\WMSPDMOD.DLL
2016-09-07 19:03:11	9F10DB8E9D93D8099D1929C48BED33F5	1501184	----a-w-	C:\windows\SysWOW64\quartz.dll
2016-09-07 19:03:11	7C37B256651C65EF36CDF8654094BB1E	492736	----a-w-	C:\windows\SysWOW64\WMVSDECD.DLL
2016-09-07 19:03:11	7543ADD28E5755173A900BB1E0CFFBC6	584656	----a-w-	C:\windows\SysWOW64\evr.dll
2016-09-07 19:03:10	FB61563FE57A83FD47D106EFB1E0F9A9	183856	----a-w-	C:\windows\SysWOW64\VIDRESZR.DLL
2016-09-07 19:03:10	D7A0EBA50D2614C7B59FE7D66D360E45	229272	----a-w-	C:\windows\SysWOW64\RESAMPLEDMO.DLL
2016-09-07 19:03:10	D6A832C6275332E6AFF9619816EC62BB	184912	----a-w-	C:\windows\SysWOW64\COLORCNV.DLL
2016-09-07 19:03:10	D0812E8C73FF954E8861B32C6189C758	81032	----a-w-	C:\windows\SysWOW64\devenum.dll
2016-09-07 19:03:10	AB783643CC9FC852AF4514C7EC956FB4	275312	----a-w-	C:\windows\SysWOW64\MPG4DECD.DLL
2016-09-07 19:03:10	8F1DF01E797D4ED88AEA48A7318DAA34	110544	----a-w-	C:\windows\SysWOW64\mfps.dll
2016-09-07 19:03:10	8D59116B0DF2C6BBEB77FAE473132E07	463776	----a-w-	C:\windows\SysWOW64\MP4SDECD.DLL
2016-09-07 19:03:10	883785B6448CAEDFD23F243B812F76B6	914672	----a-w-	C:\windows\SysWOW64\WMADMOE.DLL
2016-09-07 19:03:10	46721B442060DFD86AB13DB2C454E291	274280	----a-w-	C:\windows\SysWOW64\MP43DECD.DLL
2016-09-07 19:03:10	25054169C8980C26F1A000FDD89500EF	76936	----a-w-	C:\windows\SysWOW64\mfvdsp.dll
2016-09-07 19:03:10	1C64686C98F54027247B67EA7EFFB6B7	99136	----a-w-	C:\windows\SysWOW64\MP3DMOD.DLL
2016-09-07 19:03:09	E620785DB51AD2B582DEAC1EC4A35621	1411584	----a-w-	C:\windows\SysWOW64\WMSPDMOE.DLL
2016-09-07 19:03:09	9EA85D39C2245DB6DB494BD0D01AC53A	519680	----a-w-	C:\windows\SysWOW64\qdvd.dll
2016-09-07 19:03:09	7AFC278792FA79B55417BAE8BA1C578D	736256	----a-w-	C:\windows\SysWOW64\WMVXENCD.DLL
2016-09-07 19:03:09	635923C4DA0FD32A8AE4BAA6B62454E5	402432	----a-w-	C:\windows\SysWOW64\WMVSENCD.DLL
2016-09-07 19:03:09	4D6C13CA3E4D0869F911D88DE9BF2E3E	743936	----a-w-	C:\windows\SysWOW64\MFWMAAEC.DLL
2016-09-07 19:03:09	1D057D45BDAE173989A8F57CB069BBDA	245760	----a-w-	C:\windows\SysWOW64\ksproxy.ax
2016-09-07 19:02:22	D2FE41F69FF1614553A1D3670111A846	203776	----a-w-	C:\windows\SysWOW64\DafPrintProvider.dll
2016-09-07 19:02:22	550E488CE7A5047E00E7B0C1C85F4B34	167424	----a-w-	C:\windows\SysWOW64\puiapi.dll
2016-09-07 19:02:21	E98EC2883013F7CB849539E1AC61C41D	367104	----a-w-	C:\windows\SysWOW64\puiobj.dll
2016-09-07 19:02:21	E1D043035F94567DD2B78977C898820D	306176	----a-w-	C:\windows\SysWOW64\ntprint.dll
2016-09-07 19:02:09	C68B3DAA18016CCE7787AF528CD9327B	76288	----a-w-	C:\windows\SysWOW64\mshtmled.dll
2016-09-07 19:02:07	586B9F1848F16DC8DD5E706ED1A3F27F	1316352	----a-w-	C:\windows\SysWOW64\urlmon.dll
2016-09-07 19:02:07	0EC9E3CA8AFD25FD2DF1C1051C07C754	692736	----a-w-	C:\windows\SysWOW64\msfeeds.dll
2016-09-07 19:02:07	03753352C11357D2B9B385913F10FC2D	330752	----a-w-	C:\windows\SysWOW64\iedkcs32.dll
2016-09-07 19:02:06	D585572616875B7EFD99E09A144756E8	279040	----a-w-	C:\windows\SysWOW64\dxtrans.dll
2016-09-07 19:02:06	B234B83E0EFCA74F50E9EB6F6F899928	20343808	----a-w-	C:\windows\SysWOW64\mshtml.dll
2016-09-07 19:02:02	8560664EC9AFDB4DB83F32A326509259	2055680	----a-w-	C:\windows\SysWOW64\inetcpl.cpl
2016-09-07 19:02:02	3398621BF58F9A352B01E56FB52C5EEE	2286592	----a-w-	C:\windows\SysWOW64\iertutil.dll
2016-09-07 19:02:01	07162147A9E290509CB32B5FF70653CE	416256	----a-w-	C:\windows\SysWOW64\dxtmsft.dll
2016-09-07 19:02:00	C8DD4301F421E2B5633F86A94F7E2F56	13808128	----a-w-	C:\windows\SysWOW64\ieframe.dll
2016-09-07 19:01:57	616FE9AB9C7A398500CA7D0921F0FF85	4608000	----a-w-	C:\windows\SysWOW64\jscript9.dll
2016-09-07 19:01:57	10D8F6B20CDC95F058446A0A6468BB34	710144	----a-w-	C:\windows\SysWOW64\ieapfltr.dll
2016-09-07 19:01:56	64829F4ED34D8339EC39D32204718ADD	2393088	----a-w-	C:\windows\SysWOW64\wininet.dll
2016-09-07 19:01:48	BBB27A2EE8AB99A045A119972C03B8C3	880128	----a-w-	C:\windows\SysWOW64\inetcomm.dll
2016-09-07 19:01:47	917A2834DD5B0715967C2B570B0F6307	497664	----a-w-	C:\windows\SysWOW64\vbscript.dll
2016-09-07 19:01:46	F1ED865CA8D6223739233576D7C76C1A	476160	----a-w-	C:\windows\SysWOW64\ieui.dll
2016-09-07 19:01:46	29AA0A28C71C3DF34B651C43FCCACC6A	663552	----a-w-	C:\windows\SysWOW64\jscript.dll
2016-09-07 19:01:42	B1E39E53C031843678B32F6EAB27B27E	99328	----a-w-	C:\windows\SysWOW64\hlink.dll
2016-09-07 19:01:42	AE9F719A618BE43CC22A6777A292D072	230400	----a-w-	C:\windows\SysWOW64\webcheck.dll
2016-09-07 19:01:41	8FCBC5F9451CD4E4CDFEE334CB1FBF86	128000	----a-w-	C:\windows\SysWOW64\iepeers.dll
2016-09-07 19:01:41	4EE6E4D61FE42BFA27F7A7BD9AB18655	64000	----a-w-	C:\windows\SysWOW64\MshtmlDac.dll
2016-09-07 18:58:22	E8CEA5719397854CA520A2D5AEFDE2FE	5270016	----a-w-	C:\windows\SysWOW64\glcndFilter.dll
2016-09-07 18:58:21	7B90F2C94EEDA61F3B168204C3D3A27B	5265920	----a-w-	C:\windows\SysWOW64\Windows.Data.Pdf.dll
2016-09-07 18:58:20	94EB788E7BADAF549E3447A07A5CE466	192120	----a-w-	C:\windows\SysWOW64\rsaenh.dll
2016-09-07 18:58:20	422CCE58B99B9CE19B168CD9FBC21098	1489088	----a-w-	C:\windows\SysWOW64\WindowsCodecs.dll
2016-09-07 18:58:16	CDFE0EFBB3247E57EE3C8DFFF344DEDC	696832	----a-w-	C:\windows\SysWOW64\netlogon.dll
2016-09-07 18:58:14	14571A53A8D68CE72AEBAE110D63D3EF	332632	----a-w-	C:\windows\SysWOW64\msv1_0.dll
2016-09-07 18:58:11	7BC113AF92B09D3A63476BC4EF88079F	1556992	----a-w-	C:\windows\SysWOW64\msxml3.dll
2016-09-07 18:57:59	F931707B1619201ED8EA76BFDE4FCB92	144384	----a-w-	C:\windows\SysWOW64\WsmAuto.dll
2016-09-07 18:57:59	AD578BB9B6D5B7E6EFCE4A669C80F55D	2170880	----a-w-	C:\windows\SysWOW64\WsmSvc.dll
2016-09-07 18:57:59	A7C63FCE6FFCA73296525D4897611C48	236032	----a-w-	C:\windows\SysWOW64\WsmWmiPl.dll
2016-09-07 18:57:59	387AE1C533753700D933DFCA3E08A206	26112	----a-w-	C:\windows\SysWOW64\WsmAgent.dll
2016-09-07 18:56:13	23D3AB23F0D22087330483C56EEA7DCC	1491456	----a-w-	C:\windows\SysWOW64\GdiPlus.dll
2016-09-07 18:55:24	48507B2874E3CDBF90BF8FFC72627102	324096	----a-w-	C:\windows\SysWOW64\certcli.dll
2016-09-07 18:55:23	026B0CB0683E48164F43AADBE50E5506	340880	----a-w-	C:\windows\SysWOW64\bcryptprimitives.dll
2016-09-07 18:55:20	97A7A0521E059D242907EFB73A844F29	2412576	----a-w-	C:\windows\SysWOW64\explorer.exe
2016-09-07 18:55:10	17C5D5794D00549C01C8D886F91302F0	2712576	----a-w-	C:\windows\SysWOW64\ExplorerFrame.dll
2016-09-07 18:55:09	887DBBE8CF300A6AE9D0B5D8FF7C0915	143360	----a-w-	C:\windows\SysWOW64\AppxAllUserStore.dll
2016-09-07 18:55:09	53166038F5957488A958AB310163A1C3	667648	----a-w-	C:\windows\SysWOW64\SettingSyncCore.dll
2016-09-07 18:55:09	3F603A1C83F216D8BCF1E307A857CFDC	954880	----a-w-	C:\windows\SysWOW64\twinui.appcore.dll
2016-09-07 18:55:09	16B881B874E3FCE2D4BD1869258E63D9	520192	----a-w-	C:\windows\SysWOW64\SettingSync.dll
2016-09-07 18:55:08	FA3D63AFE7A99B9BE64BC281BBCFFD3E	1197056	----a-w-	C:\windows\SysWOW64\usercpl.dll
2016-09-07 18:55:08	C41BDB3963A03443B76D991E0C6A0CC1	141312	----a-w-	C:\windows\SysWOW64\SettingMonitor.dll
2016-09-07 18:55:08	A19C33C9FBD061AB7CCC9D85FFC27C56	539648	----a-w-	C:\windows\SysWOW64\hgcpl.dll
2016-09-07 18:55:08	842897D3785C0ADE5021263268B59911	524288	----a-w-	C:\windows\SysWOW64\SettingSyncHost.exe
2016-09-07 18:55:08	53180E265985C82FD44F3C9DB66C95C8	2551808	----a-w-	C:\windows\SysWOW64\themecpl.dll
2016-09-07 18:55:08	4CA047ECA771B3F32BDE96626D71BEAD	305152	----a-w-	C:\windows\SysWOW64\stobject.dll
2016-09-07 18:52:38	BC8FB8CA5BD6A993CC5DE53122EB03CE	148752	----a-w-	C:\windows\SysWOW64\wscapi.dll
2016-09-07 18:51:42	B9D7ED658723D078320204109BD916E1	116736	----a-w-	C:\windows\SysWOW64\mtxoci.dll
2016-09-07 18:51:42	4700673999199EFFEF32A3F3A234D246	161280	----a-w-	C:\windows\SysWOW64\msorcl32.dll
2016-09-07 18:51:38	C883C740EFBE6C298FE7EF3882A3A513	1559552	----a-w-	C:\windows\SysWOW64\DWrite.dll
2016-09-07 18:51:38	72DF14DA8F1CC15F7BE4176DE0404D9E	1376256	----a-w-	C:\windows\SysWOW64\user32.dll
2016-09-07 18:50:29	22C35A1912B6352FDFB8EC5E37DC7A10	1124384	----a-w-	C:\windows\SysWOW64\msctf.dll
2016-09-07 18:49:47	437A0D42B9FAC5B2C81F83BB8867A4E8	1482240	----a-w-	C:\windows\SysWOW64\storagewmi.dll
2016-09-07 18:48:41	122615F08619200CF3DE24356F218686	24064	----a-w-	C:\windows\SysWOW64\dsparse.dll
2016-09-07 18:48:40	E3ED5B5BA03A80952DCB253587762DE3	536576	----a-w-	C:\windows\SysWOW64\hhctrl.ocx
2016-09-07 18:47:59	AFFB1E2AD9B84E114BB5E1141C93EA81	142848	----a-w-	C:\windows\SysWOW64\dhcpsapi.dll
2016-09-07 18:47:58	70C0968AB49382522DDBE31B2733F367	35840	----a-w-	C:\windows\SysWOW64\atmlib.dll
2016-09-07 18:47:58	5542F554514612D38958F25B4F2848ED	315224	----a-w-	C:\windows\SysWOW64\atmfd.dll
2016-09-07 18:47:30	D9007D4568AFCFA67DF572E5C0A58F3F	1344512	----a-w-	C:\windows\SysWOW64\comsvcs.dll
2016-09-07 18:47:30	6A0901DD70B669927C62A84F6E834A7A	414208	----a-w-	C:\windows\SysWOW64\catsrvut.dll
2016-09-07 18:47:12	B23936CF83DAC4B64660A88711B5234A	12128	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-09-07 18:47:12	85CEBA9A21CE5D51B35EF2DE9EBFBAC4	12128	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-09-07 18:47:12	6C7F782FDBF9AEFFE7663FA1579A610E	17760	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-09-07 18:47:12	00A0A24BB2E9AADE11494B627EB164C4	12640	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-09-07 18:47:11	CBF3CFC9EE1FD29707D95C63A5E7A78B	19808	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-09-07 18:47:11	C1096DA4634AD3356A10C00B24F53393	22368	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-09-07 18:47:11	9F9FE5F52E9B2AD655C896B849883B1A	12128	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-09-07 18:47:11	9D66FCC681389EC619D4E801F1DDBB2F	17760	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-09-07 18:47:11	94FEB4417CF3E39C8C58A1B73620687E	66400	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-09-07 18:47:11	8E534F49C77D787DB69BABFF931A497A	12640	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-09-07 18:47:11	73CED8B30963E54D262DAE2559116E46	13664	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-09-07 18:47:11	4669249FB01EA369C7FD40A530966FA1	12640	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-09-07 18:47:11	408019E57D3D2DA62A9F28389EED0AC1	16224	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-09-07 18:47:11	39F9D0F1B698D53D78C79576C7C60526	14176	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-09-07 18:47:11	33E8CCBE05123C8146CD16293B688417	15712	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-09-07 18:47:10	3DF1D7DA8C1493A5A00C0474323FEF20	922432	----a-w-	C:\windows\SysWOW64\ucrtbase.dll
2016-09-07 18:45:55	69B6C853389A021181E4A636509C6D3C	148480	----a-w-	C:\windows\SysWOW64\shacct.dll
2016-09-07 18:45:17	463873126358017A07CE8976451759EF	53248	----a-w-	C:\windows\SysWOW64\PCPKsp.dll
2016-09-07 18:45:10	5A3661D21EF0992FE01648CAAD7A59C2	613624	----a-w-	C:\windows\SysWOW64\d3d10level9.dll
2016-09-07 18:44:08	38D0ADAE47F15F76F8B72A315A54367E	13318144	----a-w-	C:\windows\SysWOW64\wmp.dll
2016-09-07 18:44:07	23E3C47E971C5889DD036E8BEE8C3213	243032	----a-w-	C:\windows\SysWOW64\WMASF.DLL
2016-09-07 18:44:01	F595E51368FAEC71AAC9B760D0D855F5	548024	----a-w-	C:\windows\SysWOW64\WinTypes.dll
2016-09-07 18:44:01	D311D7DCBA4A99BA5926F7EA09DCD23A	1564496	----a-w-	C:\windows\SysWOW64\combase.dll
2016-09-07 18:44:00	617FF0BD5DC7C898E586375A877683D4	267776	----a-w-	C:\windows\SysWOW64\wincorlib.dll
2016-09-07 18:40:49	F6BC658320F67F8689A13792B11A9F3A	357376	----a-w-	C:\windows\SysWOW64\schannel.dll
2016-09-07 18:40:49	6658E616E766290B32E703FEA44C077F	272384	----a-w-	C:\windows\SysWOW64\FWPUCLNT.DLL
2016-09-07 18:40:49	4582BB64B2B68D8AD81173CB52BF4B46	561664	----a-w-	C:\windows\SysWOW64\nshwfp.dll
2016-09-07 18:40:49	42F28B3DF34071375AC0BBD953965FB1	2464768	----a-w-	C:\windows\SysWOW64\authui.dll
2016-09-07 18:40:48	9E096DAFF4A3E967C0010CB9FA272C20	1048576	----a-w-	C:\windows\SysWOW64\actxprxy.dll
2016-09-07 18:40:48	30AB8A394D14DC529E15DC5FE8B0CD44	1501488	----a-w-	C:\windows\SysWOW64\ntdll.dll
2016-09-07 18:40:47	8696752284B4F5786BA82ED4BA90F48A	12879872	----a-w-	C:\windows\SysWOW64\twinui.dll
2016-09-07 18:40:46	CAB4F6336C48C0959DB06D0EE46CCAD7	800768	----a-w-	C:\windows\SysWOW64\kerberos.dll
2016-09-07 18:40:43	BFF7119B5E232F36EEFCFF1CC53C0160	19788688	----a-w-	C:\windows\SysWOW64\shell32.dll
2016-09-07 18:40:43	4A9D63560E7753F666E5EEADAD1F6025	862720	----a-w-	C:\windows\SysWOW64\KernelBase.dll
2016-09-07 18:40:30	7FA4D74CC9940BD4FDF248C64FE19F20	15158272	----a-w-	C:\windows\SysWOW64\Windows.UI.Xaml.dll
2016-09-07 18:40:28	8DF6158250D75654F0A95E9486FFD74E	3607040	----a-w-	C:\windows\SysWOW64\msi.dll
2016-09-07 18:40:24	0226079EFADB4BBDF849EC3FBD23C845	91416	----a-w-	C:\windows\SysWOW64\ncryptsslp.dll
2016-09-07 18:40:22	D0DE3C0181F7500068F69AD566D26DB3	29696	----a-w-	C:\windows\SysWOW64\wuapp.exe
2016-09-07 18:40:22	B06DD7654204874D3C807CD1E2EA4051	81920	----a-w-	C:\windows\SysWOW64\wudriver.dll
2016-09-07 18:40:22	8C5DD41EBAC8116DBD935427C5FE4255	727040	----a-w-	C:\windows\SysWOW64\wuapi.dll
2016-09-07 18:40:22	06968346AA40C9778AFD8BA45D153A4E	124928	----a-w-	C:\windows\SysWOW64\wuwebv.dll
2016-09-07 18:40:17	F6B88F20C88E78867FE9C2E8960385A4	1613528	----a-w-	C:\windows\SysWOW64\crypt32.dll
2016-09-07 18:40:15	AC7D7440632FD5F6A9259CE39334E856	626176	----a-w-	C:\windows\SysWOW64\winhttp.dll
2016-09-07 18:40:15	45B32760EE7F74AE0D8657286C2B274C	2317824	----a-w-	C:\windows\SysWOW64\CertEnroll.dll
2016-09-07 18:40:14	8FCB074D10FD42CF34F3E57317A154B4	120384	----a-w-	C:\windows\SysWOW64\ncrypt.dll
2016-09-07 18:40:12	34D7B359AF1BB7FCB9E3786D5CE51773	413184	----a-w-	C:\windows\SysWOW64\webio.dll
2016-09-07 18:40:11	2BF465ADC668730CE14181262FDDE065	3273728	----a-w-	C:\windows\SysWOW64\rdpcore.dll
2016-09-07 18:40:08	5294CF018BF48C3C5C40C073CAD9BC00	99136	----a-w-	C:\windows\SysWOW64\cryptxml.dll
2016-09-07 18:40:08	26B03453376E375C8598F456C2A238D3	218112	----a-w-	C:\windows\SysWOW64\Windows.Devices.Geolocation.dll
2016-09-07 18:40:07	AA5E14276A0AF0BB3D3E6305A24AC02A	30984	----a-w-	C:\windows\SysWOW64\UserAccountBroker.exe
2016-09-07 18:40:07	0F885F103D107B2BADFC0D53036862C0	281088	----a-w-	C:\windows\SysWOW64\LocationApi.dll
2016-09-07 18:40:06	A39157A0B76BF555489CCA3736C73F67	543232	----a-w-	C:\windows\SysWOW64\FirewallAPI.dll
2016-09-07 18:40:06	457EB1E8ACA3D6B0B7D366C8264E60F8	14336	----a-w-	C:\windows\SysWOW64\ntvdm64.dll
2016-09-07 18:40:06	0257B25DAE13FF41CF60261EDC6DF516	59904	----a-w-	C:\windows\SysWOW64\msiexec.exe
2016-09-07 18:40:05	E8CA62A0B12DF8E30551C837F46E3EFC	199168	----a-w-	C:\windows\SysWOW64\WebClnt.dll
2016-09-07 18:40:05	D365B46072B17B6DD3B1E54BF8E1A57F	86016	----a-w-	C:\windows\SysWOW64\olepro32.dll
2016-09-07 18:40:02	CD9FDE5828EDDB4CF0E2144CAA5B0BA1	192512	----a-w-	C:\windows\SysWOW64\gpresult.exe
2016-09-07 18:40:02	95B8C952D389F5CEE49AC55F99C864CB	20480	----a-w-	C:\windows\SysWOW64\wfapigp.dll
2016-09-07 18:40:01	E4B7BA1919B8A9C701DC4CC12FEAF499	1060352	----a-w-	C:\windows\SysWOW64\certutil.exe
2016-09-07 18:40:01	91B5B5CED8DC6C1592522DE33BE2536F	66560	----a-w-	C:\windows\SysWOW64\hbaapi.dll
2016-09-07 18:40:01	1C5410484E6DA6D3D1FAF3FC1F4BF344	77824	----a-w-	C:\windows\SysWOW64\asycfilt.dll
2016-09-07 18:40:01	1AC127FB0FAE1AD2C209981EC68CB384	44032	----a-w-	C:\windows\SysWOW64\certenc.dll
2016-09-07 18:28:34	D52676C1A7D6F864CA859FF4C6EC4399	578048	----a-w-	C:\windows\SysWOW64\WinSync.dll
2016-09-07 18:28:24	9F8CCC693334EABE9AD9C61C8263A84B	121912	----a-w-	C:\windows\SysWOW64\IPHLPAPI.DLL
2016-09-07 18:21:50	F8AE70D8AC17577E29E363D304CA668F	129536	----a-w-	C:\windows\SysWOW64\poqexec.exe
2016-09-07 18:21:41	E67779CDA3275404802CA4FD8E23149A	483328	----a-w-	C:\windows\SysWOW64\mfds.dll
2016-09-07 18:21:32	9EC46A87625EC33C94EB3E2990680F7D	1097216	----a-w-	C:\windows\SysWOW64\gdi32.dll
2016-09-07 18:21:07	F1EEBAFC8DB948A7089CD1B8152548DC	320720	----a-w-	C:\windows\SysWOW64\ws2_32.dll
2016-09-07 18:21:07	5A540777BD31438E397ED863AED1A5B9	286208	----a-w-	C:\windows\SysWOW64\mswsock.dll
2016-09-07 18:21:00	F1D1E449FA396163F46459CF020A9B00	507176	----a-w-	C:\windows\SysWOW64\advapi32.dll
2016-09-07 16:55:20	E52859FCB7A827CACFCE7963184C7D24	1070152	----a-w-	C:\windows\SysWOW64\MSCOMCTL.OCX
2016-09-07 16:55:20	3E62CF18441A03A440B280182E4B6935	129872	----a-w-	C:\windows\SysWOW64\MSSTDFMT.DLL
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
2016-09-08 18:11:22	E3B04040867F7307991574276D95EAF6	869576	----a-w-	C:\windows\Sysnative\msvcr120_clr0400.dll
2016-09-08 18:11:21	006516425F0444265EB5D8DBAAC17302	678600	----a-w-	C:\windows\Sysnative\msvcp120_clr0400.dll
2016-09-08 07:40:34	52C95098F6EA96F4A9780CE64B4DEFFF	175616	----a-w-	C:\windows\Sysnative\TpmTasks.dll
2016-09-08 06:52:18	7954A148CD2D6FDBF31FC9229628AA99	185856	----a-w-	C:\windows\Sysnative\rascfg.dll
2016-09-08 06:50:07	BA4AF0CA2B00001D628DBA4C3AB14168	1200128	----a-w-	C:\windows\Sysnative\Windows.Globalization.dll
2016-09-08 06:50:06	80582AA01F5BD0FA9DA153630208CD93	513456	----a-w-	C:\windows\Sysnative\locale.nls
2016-09-08 06:50:04	48C3652B04833C1D517A4BF751519F65	323072	----a-w-	C:\windows\Sysnative\GlobCollationHost.dll
2016-09-08 06:49:58	B96A7E78FF3DFBB01515103C1D1A709D	7168	----a-w-	C:\windows\Sysnative\KBDAZEL.DLL
2016-09-08 06:49:58	B848BD522613BEFC050115376776142C	7168	----a-w-	C:\windows\Sysnative\KBDAZE.DLL
2016-09-08 06:49:58	50B837542006546DEBE89A9AB8B2A17B	7168	----a-w-	C:\windows\Sysnative\KBDAZST.DLL
2016-09-08 06:49:57	B04F291677C9B91405E84FBCD0437411	7168	----a-w-	C:\windows\Sysnative\kbdgeoqw.dll
2016-09-08 06:48:09	713C5DC6C112C92FA926E8F3BBA99A00	7445856	----a-w-	C:\windows\Sysnative\ntoskrnl.exe
2016-09-08 06:48:08	D835250EE4140AB3306C8296E3F9CC6C	2897920	----a-w-	C:\windows\Sysnative\esent.dll
2016-09-08 06:48:08	9DFB604E2A2B842599CF803B84774B46	657920	----a-w-	C:\windows\Sysnative\dnsapi.dll
2016-09-08 06:48:08	561CBB163EB3C8221D9B1D7D1E5CA477	252416	----a-w-	C:\windows\Sysnative\dnsrslvr.dll
2016-09-08 06:48:06	1A5F011B7C2417C651E43653E9C8C0F4	3547136	----a-w-	C:\windows\Sysnative\rdpcorets.dll
2016-09-08 06:48:05	D1F7620A919F7AB7D0184C7EE618BD21	1661064	----a-w-	C:\windows\Sysnative\ole32.dll
2016-09-08 06:48:05	920C189568561AF1FCEDC91DF730E1CA	704512	----a-w-	C:\windows\Sysnative\rasapi32.dll
2016-09-08 06:48:05	56F1A1BE1B9B3053EE85FB5A1E1346C6	377344	----a-w-	C:\windows\Sysnative\mprddm.dll
2016-09-08 06:48:05	4C6236C131E68FC23713523C8CDB5469	429568	----a-w-	C:\windows\Sysnative\vpnike.dll
2016-09-08 06:48:04	DF78648AC3C8DC9D70E6714AF785382F	233472	----a-w-	C:\windows\Sysnative\mprdim.dll
2016-09-08 06:47:59	15C0034561FE5B03FA376F1A6232478B	542720	----a-w-	C:\windows\Sysnative\rasmans.dll
2016-09-08 06:47:58	F7E47D15A6C00AF4D1A5B5E0F1388E39	197352	----a-w-	C:\windows\Sysnative\dssenh.dll
2016-09-08 06:47:57	DBDCE2378F65F0A07D4644AC103037E7	87040	----a-w-	C:\windows\Sysnative\wpdbusenum.dll
2016-09-08 06:47:56	61C9B6B89EB613F86DE3A2A552CF0425	272896	----a-w-	C:\windows\Sysnative\rasppp.dll
2016-09-08 06:47:54	AFD61C47BD8354FB3E9AF060D0E69ED0	254464	----a-w-	C:\windows\Sysnative\rascustom.dll
2016-09-08 06:47:54	7930EAD9B95144F3AB565B97C470AB5D	173568	----a-w-	C:\windows\Sysnative\rasman.dll
2016-09-08 06:47:54	653D829AA641C0DA8071F49E773852FD	132096	----a-w-	C:\windows\Sysnative\rdpudd.dll
2016-09-08 06:47:54	02ACE47F91FF96665743389D050A0956	360448	----a-w-	C:\windows\Sysnative\rdpclip.exe
2016-09-08 06:47:53	3094E937AE11D2A1B2E7830B55259B8A	323072	----a-w-	C:\windows\Sysnative\iprtrmgr.dll
2016-09-08 06:47:51	F95AC7F370273A92478758CF389B6EF6	713216	----a-w-	C:\windows\Sysnative\nshwfp.dll
2016-09-08 06:47:50	5697FD05EC6915A1E7193D658D8D6E05	1080320	----a-w-	C:\windows\Sysnative\IKEEXT.DLL
2016-09-08 06:47:23	E36BF37396A26C40E40DFF65F4CD4568	463872	----a-w-	C:\windows\Sysnative\SystemSettings.Handlers.dll
2016-09-08 06:47:22	64EEDEF2642AD68A3F3791D7346E8FEC	672984	----a-w-	C:\windows\Sysnative\MDMAgent.exe
2016-09-08 06:43:24	4AABC3D611EEB92FDEDD1C741D63C437	4837376	----a-w-	C:\windows\Sysnative\SyncEngine.dll
2016-09-08 06:43:09	A7F1BC7115123D2F17A4251149984080	962216	----a-w-	C:\windows\Sysnative\mfplat.dll
2016-09-08 06:43:07	69C0304BE8E4C58026A0D162AD04BF10	1154048	----a-w-	C:\windows\Sysnative\SkyDrive.exe
2016-09-08 06:43:06	E66D01726D7B12302CBF3BBF847C9B05	1027584	----a-w-	C:\windows\Sysnative\MFMediaEngine.dll
2016-09-08 06:43:03	2E3976C857D7230EC8D2B2276E688255	827392	----a-w-	C:\windows\Sysnative\spoolsv.exe
2016-09-08 06:43:03	0B07D6E59605DB58B780655192D7387C	128000	----a-w-	C:\windows\Sysnative\QSVRMGMT.DLL
2016-09-08 06:43:02	75B6AD9F2BFDFE7E7C7E38F4FDD2FF1E	658432	----a-w-	C:\windows\Sysnative\WSDApi.dll
2016-09-08 06:43:02	3F0D403D47A27134F490B0951826FC37	242176	----a-w-	C:\windows\Sysnative\WinSCard.dll
2016-09-08 06:43:01	2DA3DF504868C941D7EFAE6099B73A65	309760	----a-w-	C:\windows\Sysnative\WSDMon.dll
2016-09-08 06:42:56	F0FD2757C9975EC62C3AFF9DE3415830	514048	----a-w-	C:\windows\Sysnative\DevicePairing.dll
2016-09-08 06:42:56	9B1133CA54B4A3E852756EA174682EC8	211968	----a-w-	C:\windows\Sysnative\QSHVHOST.DLL
2016-09-08 06:42:55	CCB7FDAA07F104128D5332CD6EF04D97	48128	----a-w-	C:\windows\Sysnative\kmddsp.tsp
2016-09-08 06:42:55	591FB3A6559C393235F6D8A573E4E1B3	1574400	----a-w-	C:\windows\Sysnative\vssapi.dll
2016-09-08 06:42:55	2C67494BD2CB71CEE84E3DA4B9DEE979	733696	----a-w-	C:\windows\Sysnative\SkyDriveTelemetry.dll
2016-09-08 06:42:53	A5F199F33C2A919AE9A15997FA7A07FD	77824	----a-w-	C:\windows\Sysnative\rasdiag.dll
2016-09-08 06:42:53	25AE2DD8E6F6BBD922C5F6971F124BBD	74752	----a-w-	C:\windows\Sysnative\vsstrace.dll
2016-09-08 06:42:52	D64719E25966885AA991513A66A1A20F	16896	----a-w-	C:\windows\Sysnative\eventcls.dll
2016-09-08 06:42:52	9FAF67CE7452215ACEDDB517A663454F	43008	----a-w-	C:\windows\Sysnative\rasmxs.dll
2016-09-08 06:42:52	3C4FF4AD2F023865F63017F0E6A9C649	30208	----a-w-	C:\windows\Sysnative\rasser.dll
2016-09-07 19:38:57	9BC00C5608BF75BEAE893814A3AEC2AD	29888	----a-w-	C:\windows\Sysnative\aspnet_counters.dll
2016-09-07 19:34:34	D506921989872994B9C5615D4761882C	128288	----a-w-	C:\windows\Sysnative\IObitSmartDefragExtension.dll
2016-09-07 19:34:30	C5655AED885C56265CA429A9E0D868EA	36288	----a-w-	C:\windows\Sysnative\SmartDefragBootTime.exe
2016-09-07 19:11:27	2522D170C08F370A208D1305DD580909	1307328	----a-w-	C:\windows\Sysnative\rpcrt4.dll
2016-09-07 19:10:21	CE796CD6AE31935582D0D73CAF00B3E7	898048	----a-w-	C:\windows\Sysnative\CPFilters.dll
2016-09-07 19:10:21	164A9C7B031FFDEA44E8D74F63B30EE2	532480	----a-w-	C:\windows\Sysnative\EncDec.dll
2016-09-07 19:10:19	2C8ABF1E898B87638A348A270A21F192	62464	----a-w-	C:\windows\Sysnative\cfgbkend.dll
2016-09-07 19:10:18	A4435F095929480018210E80EA9EFE4F	135336	----a-w-	C:\windows\Sysnative\gpapi.dll
2016-09-07 19:10:18	9678FD4747A4F2E2318245EE6099482E	1360896	----a-w-	C:\windows\Sysnative\gpsvc.dll
2016-09-07 19:10:18	36A8E751D0AE732D6387A9E5E2491D70	92160	----a-w-	C:\windows\Sysnative\FwRemoteSvr.dll
2016-09-07 19:10:18	244CF999D9D04E83388BCFE1242C18CE	331776	----a-w-	C:\windows\Sysnative\polstore.dll
2016-09-07 19:10:18	0FF8507A8B901B904E98EB36B9E347EE	398848	----a-w-	C:\windows\Sysnative\IPSECSVC.DLL
2016-09-07 19:08:54	C48274ADC82BF1C1D8C3483FF13A8894	4169216	----a-w-	C:\windows\Sysnative\win32k.sys
2016-09-07 19:08:54	B4BB66E7418C9A406D7DF34ADB1829D6	748544	----a-w-	C:\windows\Sysnative\StructuredQuery.dll
2016-09-07 19:08:53	6CB2E641D5287ECB1AD661F94269244F	670208	----a-w-	C:\windows\Sysnative\qedit.dll
2016-09-07 19:06:28	E70C8C07B6B33522D8DEE7BE7B2EEF69	111616	----a-w-	C:\windows\Sysnative\samlib.dll
2016-09-07 19:06:28	31B19B4B96D8F6D1ED0DEFAB0A6583EF	833024	----a-w-	C:\windows\Sysnative\samsrv.dll
2016-09-07 19:06:25	7E573742DFD7452474D8113DD2BB8C47	4710400	----a-w-	C:\windows\Sysnative\d2d1.dll
2016-09-07 19:05:33	49110C342E220205C71831987AF7B480	1335296	----a-w-	C:\windows\Sysnative\mispace.dll
2016-09-07 19:04:11	A954355BC773A1581BE80DB1CB68FBEB	952928	----a-w-	C:\windows\Sysnative\mfmp4srcsnk.dll
2016-09-07 19:03:59	57C10952ED978E2BF24D904B291C8C0C	558080	----a-w-	C:\windows\Sysnative\untfs.dll
2016-09-07 19:03:31	D0CBA7B3531CCF2ADB985856D5F92434	1455104	----a-w-	C:\windows\Sysnative\VSSVC.exe
2016-09-07 19:03:31	5A6747C670FC0C6AA6E94A042EEF0F35	534016	----a-w-	C:\windows\Sysnative\Windows.UI.dll
2016-09-07 19:03:14	EDBCF020312B0A666D573F17E6C8F36E	1877504	----a-w-	C:\windows\Sysnative\msmpeg2adec.dll
2016-09-07 19:03:14	E57FA5C2293F9B68B8EE3F3347A8E467	2745184	----a-w-	C:\windows\Sysnative\WMVDECOD.DLL
2016-09-07 19:03:13	E4A9005FDC43AB809745727DFD8B9733	1288128	----a-w-	C:\windows\Sysnative\mfnetsrc.dll
2016-09-07 19:03:13	49C90B7CA335B88256301BD7EC71922D	2334104	----a-w-	C:\windows\Sysnative\mfcore.dll
2016-09-07 19:03:13	394AD52DCAD308ABD78E41D24FCEC274	1210200	----a-w-	C:\windows\Sysnative\WMADMOD.DLL
2016-09-07 19:03:12	CF43BD59243814D6C40906A0D958C13B	2450240	----a-w-	C:\windows\Sysnative\WMVENCOD.DLL
2016-09-07 19:03:12	B8ED24CF601BBF02542A447E786C62CC	735496	----a-w-	C:\windows\Sysnative\evr.dll
2016-09-07 19:03:12	73F79CFF87CCB6E05CC381A705A22ACF	850680	----a-w-	C:\windows\Sysnative\mfnetcore.dll
2016-09-07 19:03:12	16409B63D29D0D5B9764D17DA6986EAC	1010688	----a-w-	C:\windows\Sysnative\WMSPDMOD.DLL
2016-09-07 19:03:12	0971A106909DD24FC95B64B466964D21	1697792	----a-w-	C:\windows\Sysnative\quartz.dll
2016-09-07 19:03:11	EB766AA7CA9736E8730DBCC5E24A11A8	299080	----a-w-	C:\windows\Sysnative\VIDRESZR.DLL
2016-09-07 19:03:11	C4EB5199371188D73B6398BA9DA9336F	1664000	----a-w-	C:\windows\Sysnative\WMSPDMOE.DLL
2016-09-07 19:03:11	9F3F1690779AF925EF27E5AB3DC98971	557856	----a-w-	C:\windows\Sysnative\WMVSDECD.DLL
2016-09-07 19:03:11	895C3C13EA0B2D1749C7E196BF4291A7	1798480	----a-w-	C:\windows\Sysnative\WMALFXGFXDSP.dll
2016-09-07 19:03:11	4DE477B2C0E8C192F7E6081DDCF7E80E	498472	----a-w-	C:\windows\Sysnative\mfsvr.dll
2016-09-07 19:03:11	25A14A22A07E0CB798B64EEC4CCCADF5	629600	----a-w-	C:\windows\Sysnative\MP4SDECD.DLL
2016-09-07 19:03:11	12C3FD470C9563378F617EDC5C452B60	203016	----a-w-	C:\windows\Sysnative\COLORCNV.DLL
2016-09-07 19:03:10	FFED8E82FACEA3A98495AA51DAD39E47	246856	----a-w-	C:\windows\Sysnative\RESAMPLEDMO.DLL
2016-09-07 19:03:10	CA5F2EBE9A37612EA870C9DABFA9322B	116720	----a-w-	C:\windows\Sysnative\MP3DMOD.DLL
2016-09-07 19:03:10	958BBFEC04E21D21E12FE942288CB62E	1150232	----a-w-	C:\windows\Sysnative\WMADMOE.DLL
2016-09-07 19:03:10	89B8BD9C6EC007F8B676523C64646019	90392	----a-w-	C:\windows\Sysnative\mfvdsp.dll
2016-09-07 19:03:10	74A9FAB8E52E574328167C954C291158	248432	----a-w-	C:\windows\Sysnative\MP43DECD.DLL
2016-09-07 19:03:10	6546BB2387558FC0B8A8960C6E64812B	250520	----a-w-	C:\windows\Sysnative\MPG4DECD.DLL
2016-09-07 19:03:10	37F68076C560C0FE274F63573945F3E5	90904	----a-w-	C:\windows\Sysnative\devenum.dll
2016-09-07 19:03:10	1E96347787177BE61A5B0E11D114ED41	244296	----a-w-	C:\windows\Sysnative\mfps.dll
2016-09-07 19:03:09	B6F66E58C282D8EBE679E79CF758246D	468480	----a-w-	C:\windows\Sysnative\MFWMAAEC.DLL
2016-09-07 19:03:09	AF86B829240BB1C86B729FF19523C405	451072	----a-w-	C:\windows\Sysnative\WMVSENCD.DLL
2016-09-07 19:03:09	AC0793654FDA191356F976F90020D442	289792	----a-w-	C:\windows\Sysnative\ksproxy.ax
2016-09-07 19:03:09	9BD541409D98319F47A47E0EDDA0CD16	644608	----a-w-	C:\windows\Sysnative\WMVXENCD.DLL
2016-09-07 19:03:09	512B361A9AAC27E32B49F4A853555127	340992	----a-w-	C:\windows\Sysnative\qdvd.dll
2016-09-07 19:03:09	2217E415DDFACE74E60801533106A233	378880	----a-w-	C:\windows\Sysnative\SysFxUI.dll
2016-09-07 19:02:50	1708E23F8FC2DDE8560A6EC60D942935	183368	----a-w-	C:\windows\Sysnative\AuthHost.exe
2016-09-07 19:02:22	BABF71B367F49CDD4F437E39A58E711C	477184	----a-w-	C:\windows\Sysnative\puiobj.dll
2016-09-07 19:02:22	B583934BF2E5ABFB70FF859280875FE7	864256	----a-w-	C:\windows\Sysnative\win32spl.dll
2016-09-07 19:02:22	8A1358519D027B90974D9D4F2D86EC3A	1094656	----a-w-	C:\windows\Sysnative\localspl.dll
2016-09-07 19:02:21	F70B5BC857A190FC938DFC9F030CE746	269312	----a-w-	C:\windows\Sysnative\DafPrintProvider.dll
2016-09-07 19:02:21	93D4756E90433DE2BBFB0C49317B912F	192512	----a-w-	C:\windows\Sysnative\puiapi.dll
2016-09-07 19:02:21	6D6E7211529BD0F454CFB37F15716661	165376	----a-w-	C:\windows\Sysnative\inetpp.dll
2016-09-07 19:02:21	49050254706660F345FE1C60FAA6BC67	345600	----a-w-	C:\windows\Sysnative\ntprint.dll
2016-09-07 19:02:08	F34FCCD107EEE8F32E973B88B1B6879F	724992	----a-w-	C:\windows\Sysnative\ie4uinit.exe
2016-09-07 19:02:03	AA2FC1FC080EBD74C25F6C379CBDCE48	378880	----a-w-	C:\windows\Sysnative\iedkcs32.dll
2016-09-07 19:02:02	3E154893570038A59F73A8F7418DCF75	1550848	----a-w-	C:\windows\Sysnative\urlmon.dll
2016-09-07 19:02:01	F685AC29447B34F623D85C973E028287	572416	----a-w-	C:\windows\Sysnative\vbscript.dll
2016-09-07 19:02:01	7EE91314F7FFC8A566ADDCD13DD51242	806400	----a-w-	C:\windows\Sysnative\msfeeds.dll
2016-09-07 19:02:01	6F66F0FBA5829731340723EDE7FAD0E6	315392	----a-w-	C:\windows\Sysnative\dxtrans.dll
2016-09-07 19:01:59	50828D61E8A3205B337DC49A7C3FFF38	2131456	----a-w-	C:\windows\Sysnative\inetcpl.cpl
2016-09-07 19:01:58	C7C7C333FDBECF16C29A39635B84A1EA	2894336	----a-w-	C:\windows\Sysnative\iertutil.dll
2016-09-07 19:01:56	7CA39F793BB3D0D0F823DE3BFB1B6711	108544	----a-w-	C:\windows\Sysnative\hlink.dll
2016-09-07 19:01:56	429E72773966866CE5F6BBA9E07B750D	817664	----a-w-	C:\windows\Sysnative\jscript.dll
2016-09-07 19:01:55	8DC455C2D19B8D832F6AA5C614149D19	489984	----a-w-	C:\windows\Sysnative\dxtmsft.dll
2016-09-07 19:01:55	311416EBB1CFB6F39D0AE6176E79D2C2	15412224	----a-w-	C:\windows\Sysnative\ieframe.dll
2016-09-07 19:01:54	CA73619BE9ADCEB3934551C223F6ADD0	92160	----a-w-	C:\windows\Sysnative\mshtmled.dll
2016-09-07 19:01:53	8BE7C72DB66A760B2DC57DE1D99EDCA1	6047744	----a-w-	C:\windows\Sysnative\jscript9.dll
2016-09-07 19:01:53	22336934420C6862F0847DED6C437B76	800768	----a-w-	C:\windows\Sysnative\ieapfltr.dll
2016-09-07 19:01:52	DCD5F6070FCB8139AC7257714C3E6CCA	88064	----a-w-	C:\windows\Sysnative\MshtmlDac.dll
2016-09-07 19:01:52	679442D0595FBF5A6D91705D364784A3	615936	----a-w-	C:\windows\Sysnative\ieui.dll
2016-09-07 19:01:51	67DF76F8C1B70A2183EC0D9729D26F5D	1032704	----a-w-	C:\windows\Sysnative\inetcomm.dll
2016-09-07 19:01:51	33821B684222F236711F7F8C78AA9247	2868224	----a-w-	C:\windows\Sysnative\wininet.dll
2016-09-07 19:01:50	E3E3B1226692DB497226CCD7F43AD7DF	25808384	----a-w-	C:\windows\Sysnative\mshtml.dll
2016-09-07 19:01:46	76A937F27F14BE9AB31901319335CED6	262144	----a-w-	C:\windows\Sysnative\webcheck.dll
2016-09-07 19:01:42	556EF487D6BD1AA63EBF39D915E0E71F	145408	----a-w-	C:\windows\Sysnative\iepeers.dll
2016-09-07 18:58:24	B1A8E0BE0157A5AF507C197DC72D67C7	7793152	----a-w-	C:\windows\Sysnative\Windows.Data.Pdf.dll
2016-09-07 18:58:23	6F58E0A4FE3AD1AD95CF4AD349433100	7075328	----a-w-	C:\windows\Sysnative\glcndFilter.dll
2016-09-07 18:58:20	798EBF3B914E9D9CEC93347737A203B0	1763376	----a-w-	C:\windows\Sysnative\WindowsCodecs.dll
2016-09-07 18:58:20	2AF8CC92021895BF323B69AE8D9B1DA9	218448	----a-w-	C:\windows\Sysnative\rsaenh.dll
2016-09-07 18:58:15	CFD130F7BF843AF713F12A51A89ECD97	442712	----a-w-	C:\windows\Sysnative\msv1_0.dll
2016-09-07 18:58:15	A684BDABBC62B8EC08F30DCD7663BA93	840704	----a-w-	C:\windows\Sysnative\netlogon.dll
2016-09-07 18:58:12	E74CB10B3C0B7C2B6E1A36DCA7E36DFE	2345472	----a-w-	C:\windows\Sysnative\msxml3.dll
2016-09-07 18:57:59	6FF1E914D60B5DBECA5E135F5997ED6A	31744	----a-w-	C:\windows\Sysnative\WsmAgent.dll
2016-09-07 18:57:59	427873F889F2F508BE8BE982219CE578	2609152	----a-w-	C:\windows\Sysnative\WsmSvc.dll
2016-09-07 18:57:59	22079FC5D8B31634AAD2463F699D9EA0	162304	----a-w-	C:\windows\Sysnative\WsmAuto.dll
2016-09-07 18:57:58	7912E6936C9335A66B5110350C68E629	285184	----a-w-	C:\windows\Sysnative\WsmWmiPl.dll
2016-09-07 18:56:14	31B0E7083616454BE6D9DDF5EAA800F4	1753600	----a-w-	C:\windows\Sysnative\GdiPlus.dll
2016-09-07 18:56:12	EFC3821B41A7DF6ED6201B9474220A9B	268800	----a-w-	C:\windows\Sysnative\centel.dll
2016-09-07 18:56:12	C9A83882E068FA0E04FCFD2F86300FF2	1490432	----a-w-	C:\windows\Sysnative\appraiser.dll
2016-09-07 18:56:12	B9485CE6BD18E05533DB6C9807BAE722	50368	----a-w-	C:\windows\Sysnative\CompatTelRunner.exe
2016-09-07 18:56:12	6CFF18A010A5F103BB37562A69CDFEFF	571904	----a-w-	C:\windows\Sysnative\generaltel.dll
2016-09-07 18:56:11	8E2B8DDF27C083373519EB32E65DA39F	544256	----a-w-	C:\windows\Sysnative\devinv.dll
2016-09-07 18:56:11	83A5F89896E625650148CEFCABD8418D	219136	----a-w-	C:\windows\Sysnative\aepic.dll
2016-09-07 18:56:11	37D627234C5BE75D0E83C131C1EB2FBC	294912	----a-w-	C:\windows\Sysnative\invagent.dll
2016-09-07 18:56:11	245D481194733BC8B46CA721F18371BF	1208320	----a-w-	C:\windows\Sysnative\aeinv.dll
2016-09-07 18:56:11	0A2DF1055FEEA30DFF73DAC0DA45FDE4	472576	----a-w-	C:\windows\Sysnative\pcasvc.dll
2016-09-07 18:56:11	01171FCE8FEB8F1BD1BBA60F25EE2E42	76800	----a-w-	C:\windows\Sysnative\acmigration.dll
2016-09-07 18:55:24	9D2E095CD9B1EC23B5F75A6E7C00A2C6	1445376	----a-w-	C:\windows\Sysnative\lsasrv.dll
2016-09-07 18:55:24	6872A6AD0612105A50CB8BF43A587BBC	445440	----a-w-	C:\windows\Sysnative\certcli.dll
2016-09-07 18:55:23	480AA477D0FE00F3966BDF8870E1E53E	397232	----a-w-	C:\windows\Sysnative\bcryptprimitives.dll
2016-09-07 18:55:19	894BD81C81FD1E6A712042E72B739808	2171904	----a-w-	C:\windows\Sysnative\SystemSettingsAdminFlowUI.dll
2016-09-07 18:55:11	0DEA27D0A9693EC4E3FEC5982F5E7669	3120640	----a-w-	C:\windows\Sysnative\ExplorerFrame.dll
2016-09-07 18:55:10	FC60724EA1DA491695F2BCE9E716EA71	2819584	----a-w-	C:\windows\Sysnative\SettingsHandlers.dll
2016-09-07 18:55:10	B63F655E50AF21D82403247095DB00D5	273264	----a-w-	C:\windows\Sysnative\SystemSettingsAdminFlows.exe
2016-09-07 18:55:10	ABCBE39A48BFAC43B70FB2889B1C5B44	1220096	----a-w-	C:\windows\Sysnative\twinui.appcore.dll
2016-09-07 18:55:09	E8F017472DAB8350583526184F8FE478	166912	----a-w-	C:\windows\Sysnative\AppxAllUserStore.dll
2016-09-07 18:55:09	E4480E60A7952A655D0EE25E73651ED3	655872	----a-w-	C:\windows\Sysnative\SettingSync.dll
2016-09-07 18:55:09	D31D49D5E21FFF52D3140080F675D331	2592256	----a-w-	C:\windows\Sysnative\themecpl.dll
2016-09-07 18:55:09	9A7C59794E0E2CABE953FE4501BA3C11	599552	----a-w-	C:\windows\Sysnative\hgcpl.dll
2016-09-07 18:55:09	636A4DEC0F508AA667895BC975EB0851	1278464	----a-w-	C:\windows\Sysnative\usercpl.dll
2016-09-07 18:55:09	5E68D8846A89943285ADC5D416F77FE8	653824	----a-w-	C:\windows\Sysnative\SettingSyncHost.exe
2016-09-07 18:55:09	2B687F77C7B18454E8297F2CA2ADFC9D	841728	----a-w-	C:\windows\Sysnative\SettingSyncCore.dll
2016-09-07 18:55:09	0C9E38D94527F52C45767565211C3561	955392	----a-w-	C:\windows\Sysnative\AppXDeploymentExtensions.dll
2016-09-07 18:55:08	E0F846ADE7DED88981D0908DE56FF160	1348096	----a-w-	C:\windows\Sysnative\AppXDeploymentServer.dll
2016-09-07 18:55:08	73672397196FF76D2550B7DDC9A39EA6	336384	----a-w-	C:\windows\Sysnative\stobject.dll
2016-09-07 18:55:08	459957A61331236C92A6D8768EC38967	173056	----a-w-	C:\windows\Sysnative\SettingMonitor.dll
2016-09-07 18:53:05	EDFA5CEDBE174FAAA4A09A6B297AEA42	1673728	----a-w-	C:\windows\Sysnative\workfolderssvc.dll
2016-09-07 18:53:05	144D07F144D0E19AB8451ABC69075727	787456	----a-w-	C:\windows\Sysnative\WorkfoldersControl.dll
2016-09-07 18:52:38	C5D3070BC274E27828703B410FCE505C	177712	----a-w-	C:\windows\Sysnative\wscapi.dll
2016-09-07 18:52:38	501D5EFAB9711039479AE48401386D2B	146944	----a-w-	C:\windows\Sysnative\wscsvc.dll
2016-09-07 18:51:42	EC3490D1B1ED0A3F32DAE01AA26CC447	166400	----a-w-	C:\windows\Sysnative\mtxoci.dll
2016-09-07 18:51:39	33094E2182C451BCFCFD60F734B1C4EF	1540728	----a-w-	C:\windows\Sysnative\user32.dll
2016-09-07 18:51:39	3250C161812B3A98ADABBAB19E8CB98B	1994752	----a-w-	C:\windows\Sysnative\DWrite.dll
2016-09-07 18:51:39	2F225BC85B84C04EA01BAB8D8DACFA83	1383936	----a-w-	C:\windows\Sysnative\FntCache.dll
2016-09-07 18:50:29	12CEF192F55EC60A9BCA37F4B2E7729B	1385280	----a-w-	C:\windows\Sysnative\msctf.dll
2016-09-07 18:49:48	24D35B8BA7E9A17CB0BD1B59B56880F1	2487296	----a-w-	C:\windows\Sysnative\storagewmi.dll
2016-09-07 18:48:41	D617C4C865117619E13242F8B4152A8E	30208	----a-w-	C:\windows\Sysnative\dsparse.dll
2016-09-07 18:48:41	0ADF17C3A81FDB3DE666B872349C4CCE	669184	----a-w-	C:\windows\Sysnative\hhctrl.ocx
2016-09-07 18:47:59	5EF843033E3D4A6AEA46E337FE6CEF69	222720	----a-w-	C:\windows\Sysnative\dhcpsapi.dll
2016-09-07 18:47:58	D2FEB42A4D02D8DCC483E42EEFFAA582	44032	----a-w-	C:\windows\Sysnative\atmlib.dll
2016-09-07 18:47:58	1C0B0B5635A462AA5088C238BD0A9010	372568	----a-w-	C:\windows\Sysnative\atmfd.dll
2016-09-07 18:47:30	CBE0AABE046EE31A7EDADC0CE5C59221	1707008	----a-w-	C:\windows\Sysnative\comsvcs.dll
2016-09-07 18:47:30	258FCB4843397FE4008CC0B7041F16F7	522240	----a-w-	C:\windows\Sysnative\catsrvut.dll
2016-09-07 18:47:12	F97E7878A2B372291B1269D80327BBF6	12640	----a-w-	C:\windows\Sysnative\api-ms-win-crt-heap-l1-1-0.dll
2016-09-07 18:47:12	ED14B64C94F543974B7FDC592FA0594B	12640	----a-w-	C:\windows\Sysnative\api-ms-win-crt-conio-l1-1-0.dll
2016-09-07 18:47:12	ECCF5973B80D771A79643732017CEA9A	17760	----a-w-	C:\windows\Sysnative\api-ms-win-crt-string-l1-1-0.dll
2016-09-07 18:47:12	E9F6D776545843A9817D8ACF38D06D09	19808	----a-w-	C:\windows\Sysnative\api-ms-win-crt-multibyte-l1-1-0.dll
2016-09-07 18:47:12	53E9526AF1FDCE39F799BFE9217397A8	17760	----a-w-	C:\windows\Sysnative\api-ms-win-crt-stdio-l1-1-0.dll
2016-09-07 18:47:12	0F143310FADE4DE116070A3917A79C18	13664	----a-w-	C:\windows\Sysnative\api-ms-win-crt-filesystem-l1-1-0.dll
2016-09-07 18:47:12	090DD0BB2BDDEE3EAAE5B6FF15FAE209	14176	----a-w-	C:\windows\Sysnative\api-ms-win-crt-time-l1-1-0.dll
2016-09-07 18:47:11	CC337898E64D9078CB697AC19F995C7F	12128	----a-w-	C:\windows\Sysnative\api-ms-win-crt-utility-l1-1-0.dll
2016-09-07 18:47:11	BBAE7B5436D6D1B0FC967FF67E35415F	16224	----a-w-	C:\windows\Sysnative\api-ms-win-crt-runtime-l1-1-0.dll
2016-09-07 18:47:11	AF851DFD0D9FECB76FF2B403F3C30F5B	12128	----a-w-	C:\windows\Sysnative\api-ms-win-crt-environment-l1-1-0.dll
2016-09-07 18:47:11	761DDD8669A661D57D9CF9C335949C06	12128	----a-w-	C:\windows\Sysnative\api-ms-win-crt-locale-l1-1-0.dll
2016-09-07 18:47:11	6631C212F79350458589A5281374B38B	12640	----a-w-	C:\windows\Sysnative\api-ms-win-crt-process-l1-1-0.dll
2016-09-07 18:47:11	653CB5DF3CEC6A4A0E402B33D8AA5C08	63840	----a-w-	C:\windows\Sysnative\api-ms-win-crt-private-l1-1-0.dll
2016-09-07 18:47:11	56556659C691DD043DBE24B0A195D64C	20832	----a-w-	C:\windows\Sysnative\api-ms-win-crt-math-l1-1-0.dll
2016-09-07 18:47:11	1EB17F650462EEA820F4CD727D2D3AB1	994760	----a-w-	C:\windows\Sysnative\ucrtbase.dll
2016-09-07 18:47:11	1908861649E67CDC20C563C234A89914	15712	----a-w-	C:\windows\Sysnative\api-ms-win-crt-convert-l1-1-0.dll
2016-09-07 18:46:35	DC27203F6D9CFC66E4331D6413ED8F50	779264	----a-w-	C:\windows\Sysnative\WindowsAnytimeUpgradeui.exe
2016-09-07 18:46:35	6627154693B6C2B8A59727F5B38728E8	31744	----a-w-	C:\windows\Sysnative\seclogon.dll
2016-09-07 18:45:56	139D842E5FB75A1E2F0212FBD7B0E457	1574912	----a-w-	C:\windows\Sysnative\wbengine.exe
2016-09-07 18:45:55	45769B22A8EB51DB984DB6758AF1237B	192512	----a-w-	C:\windows\Sysnative\shacct.dll
2016-09-07 18:45:17	B1613F8E78ACA385EC652437482AC4DC	60928	----a-w-	C:\windows\Sysnative\PCPKsp.dll
2016-09-07 18:45:10	1C96B7607E6E4BF21C591A6E6F0C1009	738096	----a-w-	C:\windows\Sysnative\d3d10level9.dll
2016-09-07 18:44:09	B368DAA78ADE4C466B425F6025D0EC66	15432704	----a-w-	C:\windows\Sysnative\wmp.dll
2016-09-07 18:44:07	B8C5844D4576612F286E9E55BFBAE73B	292696	----a-w-	C:\windows\Sysnative\WMASF.DLL
2016-09-07 18:44:02	8FA553FDB706E0DCBA7A3883B3C0C13E	2175008	----a-w-	C:\windows\Sysnative\combase.dll
2016-09-07 18:44:01	452880B7F8B9F670066F8C26EF2A49AE	1063464	----a-w-	C:\windows\Sysnative\WinTypes.dll
2016-09-07 18:40:50	9F0C4323E23ACDA82C46377DAC589411	52224	----a-w-	C:\windows\Sysnative\wups2.dll
2016-09-07 18:40:49	4A04E33E7B5F3F1D9C2F54F8400E149D	2880000	----a-w-	C:\windows\Sysnative\actxprxy.dll
2016-09-07 18:40:49	1986D762FB04C1E768B1F33C917AE199	246784	----a-w-	C:\windows\Sysnative\microsoft-windows-system-events.dll
2016-09-07 18:40:46	BD6CDB467A0D5B1F9ECD9ABA837BD462	422400	----a-w-	C:\windows\Sysnative\FWPUCLNT.DLL
2016-09-07 18:40:46	A784ADB74CE02D7BF236FBDC2CD5EA92	35840	----a-w-	C:\windows\Sysnative\wuapp.exe
2016-09-07 18:40:46	08EBC23D6118A3364407BBFC17D441BE	2778624	----a-w-	C:\windows\Sysnative\authui.dll
2016-09-07 18:40:44	EDBAFA8E4AB9AE3CBC02AA60937EF6DA	1737088	----a-w-	C:\windows\Sysnative\ntdll.dll
2016-09-07 18:40:42	60CA12F17FBFCF2ABCBA36D126F52156	14467584	----a-w-	C:\windows\Sysnative\twinui.dll
2016-09-07 18:40:41	5059D93764340D4EAEDF49C47133118F	845312	----a-w-	C:\windows\Sysnative\BFE.DLL
2016-09-07 18:40:40	F3F60C88A6BBC8D0C68FE5B1C91181AF	3667968	----a-w-	C:\windows\Sysnative\wuaueng.dll
2016-09-07 18:40:40	D628F8470F5D8008736270F5B02B5311	136904	----a-w-	C:\windows\Sysnative\wuauclt.exe
2016-09-07 18:40:40	600D506FEA867E0BAEAFFEFCE54F35B3	118624	----a-w-	C:\windows\Sysnative\consent.exe
2016-09-07 18:40:39	89C6173374214448BF38E513B36313EA	432128	----a-w-	C:\windows\Sysnative\schannel.dll
2016-09-07 18:40:39	734622FBA766DBD65B1803549B24A04A	110080	----a-w-	C:\windows\Sysnative\appinfo.dll
2016-09-07 18:40:39	628D62A47D2722FEDAE0451B799AAE76	987136	----a-w-	C:\windows\Sysnative\kerberos.dll
2016-09-07 18:40:38	944CCF13CB8C8A2ED3CFD1464807EE77	16896	----a-w-	C:\windows\Sysnative\ntvdm64.dll
2016-09-07 18:40:38	88D8A63BBB3F6DB76D315D2E730CD0C4	3320832	----a-w-	C:\windows\Sysnative\msi.dll
2016-09-07 18:40:37	F1DA9359F0D6DC973A2C5E581C6B0102	137976	----a-w-	C:\windows\Sysnative\ncrypt.dll
2016-09-07 18:40:36	EFCCB19AFEEE2109EFB02C7BF53C82D7	1134768	----a-w-	C:\windows\Sysnative\KernelBase.dll
2016-09-07 18:40:35	6E3782BE7D6BAF9105BAE32D0BF376F1	22361344	----a-w-	C:\windows\Sysnative\shell32.dll
2016-09-07 18:40:34	F264662C057A54AA2DE41B3C7551712F	6521800	----a-w-	C:\windows\Sysnative\sppsvc.exe
2016-09-07 18:40:32	10231E6C0208C02B18F80F52917DB49A	18825216	----a-w-	C:\windows\Sysnative\Windows.UI.Xaml.dll
2016-09-07 18:40:24	68E97FBD0733F7990CD0054CC03A245A	1358952	----a-w-	C:\windows\Sysnative\winresume.exe
2016-09-07 18:40:23	E5757AFDDF3D4A308D50CB478A08EFBB	1490120	----a-w-	C:\windows\Sysnative\winresume.efi
2016-09-07 18:40:23	55EFDBA65774A8A6DC2B21B3593F645D	1523208	----a-w-	C:\windows\Sysnative\winload.exe
2016-09-07 18:40:23	3C91A6E3469C26D81107409CEA6305AD	107984	----a-w-	C:\windows\Sysnative\ncryptsslp.dll
2016-09-07 18:40:23	22CD72E4DED83171DA7CD232B7799F06	1663184	----a-w-	C:\windows\Sysnative\winload.efi
2016-09-07 18:40:22	EF12AB4D0F764B2393673B86AA73EC29	2230784	----a-w-	C:\windows\Sysnative\wucltux.dll
2016-09-07 18:40:22	CC052D7666EBCD73E06471157AE32AF0	409088	----a-w-	C:\windows\Sysnative\WUSettingsProvider.dll
2016-09-07 18:40:22	9E51190D36AFD8443F11D1CAF51F3B83	897024	----a-w-	C:\windows\Sysnative\wuapi.dll
2016-09-07 18:40:22	7E7ABD8687D4BEC20A95E5F15C954D4D	140288	----a-w-	C:\windows\Sysnative\wuwebv.dll
2016-09-07 18:40:22	1B52CBE104E10DD392A78F7932A1ACEE	95744	----a-w-	C:\windows\Sysnative\wudriver.dll
2016-09-07 18:40:21	FAA6C62D571B195977CE4B4756C542E9	1487992	----a-w-	C:\windows\Sysnative\sppobjs.dll
2016-09-07 18:40:19	795DF565EE288691436C5C8B6FA425A8	1970968	----a-w-	C:\windows\Sysnative\crypt32.dll
2016-09-07 18:40:17	F8BFE5788C36737A2DAC8AFCA2D4BEC3	2635264	----a-w-	C:\windows\Sysnative\CertEnroll.dll
2016-09-07 18:40:16	C0C38B16E805C0D9429010E8197DBB9D	261376	----a-w-	C:\windows\Sysnative\sppwinob.dll
2016-09-07 18:40:16	0E70990EC2E5D2331AA5E88DB0CFB826	796672	----a-w-	C:\windows\Sysnative\winhttp.dll
2016-09-07 18:40:15	7830CEA509693DE0817DF2F3F2D80E89	816128	----a-w-	C:\windows\Sysnative\rpcss.dll
2016-09-07 18:40:13	E02FC70CEC1524033085ECAB7CA24D0F	3820544	----a-w-	C:\windows\Sysnative\rdpcore.dll
2016-09-07 18:40:13	306F94640CEDDDD0530BA322E1C6A55C	509440	----a-w-	C:\windows\Sysnative\webio.dll
2016-09-07 18:40:12	D1418745A5472F3930A288E05B9E2C05	881152	----a-w-	C:\windows\Sysnative\MPSSVC.dll
2016-09-07 18:40:12	B452623C1DE60544054E784D94A7AA47	927744	----a-w-	C:\windows\Sysnative\iphlpsvc.dll
2016-09-07 18:40:11	C19EB92E4595E65633C8ED0E3E44DD34	482304	----a-w-	C:\windows\Sysnative\tpmvsc.dll
2016-09-07 18:40:11	678AC77833B3C2BC83640C17CCF75C09	306176	----a-w-	C:\windows\Sysnative\Windows.Devices.Geolocation.dll
2016-09-07 18:40:10	7696A58F8CECF246FD6C6D4AEEE9DD93	1291776	----a-w-	C:\windows\Sysnative\certutil.exe
2016-09-07 18:40:08	B4121C79FEB8A9A7D9ABA60F8F8ED404	216576	----a-w-	C:\windows\Sysnative\gpresult.exe
2016-09-07 18:40:08	50B9ADE67C5B9E0C6F4D989FE5503E94	125024	----a-w-	C:\windows\Sysnative\cryptxml.dll
2016-09-07 18:40:08	0E1CF052693E178C561BE82A7FEE9175	346112	----a-w-	C:\windows\Sysnative\LocationApi.dll
2016-09-07 18:40:07	666154E6F1C38B5CE7E5624127A0817E	34600	----a-w-	C:\windows\Sysnative\UserAccountBroker.exe
2016-09-07 18:40:06	A70CAF5EA36CBA5FCA24244306D4D5C6	228864	----a-w-	C:\windows\Sysnative\WebClnt.dll
2016-09-07 18:40:06	26C47F054F740413C965F69FB3A04689	65024	----a-w-	C:\windows\Sysnative\msiexec.exe
2016-09-07 18:40:05	D995BA4297D24814C2CFDA1D7981D618	26112	----a-w-	C:\windows\Sysnative\wfapigp.dll
2016-09-07 18:40:05	CCFB52A0CBCA72AF991600E7B5D7EBC8	754176	----a-w-	C:\windows\Sysnative\FirewallAPI.dll
2016-09-07 18:40:05	9FA3832668F7E9886D154C143E5ACC1E	108032	----a-w-	C:\windows\Sysnative\BdeHdCfgLib.dll
2016-09-07 18:40:03	EC8C9B46310D93B09CCC9EE74648C3A2	737280	----a-w-	C:\windows\Sysnative\fveapi.dll
2016-09-07 18:40:03	9E52BB399666BA43D267577FE8E40A5A	91136	----a-w-	C:\windows\Sysnative\asycfilt.dll
2016-09-07 18:40:03	91223E065C114F470140C427CD9ADFFC	83456	----a-w-	C:\windows\Sysnative\hbaapi.dll
2016-09-07 18:40:02	174394F4EF93C117BF7BE3878046A1B1	348672	----a-w-	C:\windows\Sysnative\bdesvc.dll
2016-09-07 18:40:01	A4005F7621C409ADB8E5DE1B807768B4	77824	----a-w-	C:\windows\Sysnative\adhsvc.dll
2016-09-07 18:40:01	A3A4CCD28306A67BF1E0DC2662C650FD	125440	----a-w-	C:\windows\Sysnative\httpprxm.dll
2016-09-07 18:40:01	0AB5E2073DC87AEBD35F783BC5A6B150	53248	----a-w-	C:\windows\Sysnative\certenc.dll
2016-09-07 18:40:00	7E3D1C99C6DF74DEC1050481536C2830	322048	----a-w-	C:\windows\Sysnative\fvecpl.dll
2016-09-07 18:40:00	653B9F9BFB9F7CDC506A4A6ABE49E362	18944	----a-w-	C:\windows\Sysnative\httpprxp.dll
2016-09-07 18:28:35	092706F5B39565DA1E4784B19B06B02C	713216	----a-w-	C:\windows\Sysnative\WinSync.dll
2016-09-07 18:28:24	4179C792BF1A10DD1197DA56FF8A0380	160160	----a-w-	C:\windows\Sysnative\IPHLPAPI.DLL
2016-09-07 18:23:20	B1102BBDDD9C87B3D609D6C08F7A3DBD	570880	----a-w-	C:\windows\Sysnative\winlogon.exe
2016-09-07 18:23:17	EC302D06155F8E3C383750993FCB6B27	146432	----a-w-	C:\windows\Sysnative\wininit.exe
2016-09-07 18:23:10	5BF98144739F81C1F40BBE63E6E6A2A5	186880	----a-w-	C:\windows\Sysnative\dpapisrv.dll
2016-09-07 18:22:18	314D4C69B18702C6E08628430D095EF6	616960	----a-w-	C:\windows\Sysnative\msra.exe
2016-09-07 18:21:51	A99672960E5B6EA8A5130A881BE0270F	146432	----a-w-	C:\windows\Sysnative\poqexec.exe
2016-09-07 18:21:42	13FA5D25FA04E28966B2F795DA66B6B1	603648	----a-w-	C:\windows\Sysnative\mfds.dll
2016-09-07 18:21:32	9CA977C6DF8750CDA61892E268F01AC0	1379040	----a-w-	C:\windows\Sysnative\gdi32.dll
2016-09-07 18:21:18	3500AF0BA2EF095BF313EEB75D2366C6	59392	----a-w-	C:\windows\Sysnative\basesrv.dll
2016-09-07 18:21:07	D3901AE5309630F4981D093AE2EF8A83	339456	----a-w-	C:\windows\Sysnative\mswsock.dll
2016-09-07 18:21:07	B9274FE20F2DA0A92A4B0B3E3CBE1C4C	363104	----a-w-	C:\windows\Sysnative\ws2_32.dll
2016-09-07 18:21:06	0813B71EAF097208DC76CE0605B48AF0	74752	----a-w-	C:\windows\Sysnative\NcdAutoSetup.dll
2016-09-07 18:21:00	1A3350C4ECB93F15839F5799E60E32FD	685432	----a-w-	C:\windows\Sysnative\advapi32.dll
2016-09-07 16:58:34	82446D358A9FB51CB9DA32A5C901D7A0	21040	----a-w-	C:\windows\Sysnative\sdnclean64.exe
2016-09-07 14:28:57	926C753C058B5E589CF38AAC72166702	414559	----a-w-	C:\windows\Sysnative\ApnDatabase.xml
====== C:\windows\Sysnative\drivers =====
2016-09-08 06:52:18	B8F36CBC72FC5C8B8A30AD850165EA8E	72192	----a-w-	C:\windows\Sysnative\drivers\ndproxy.sys
2016-09-08 06:52:18	23006D660C0E54BF1CE8253E15F5E995	80896	----a-w-	C:\windows\Sysnative\drivers\wanarp.sys
2016-09-08 06:47:59	24DABC0A77FAFDC0E379AB3B30F61BB6	101208	----a-w-	C:\windows\Sysnative\drivers\mountmgr.sys
2016-09-08 06:47:57	D5ECE7E7F349EB3C4B152AFF3577280D	95744	----a-w-	C:\windows\Sysnative\drivers\agilevpn.sys
2016-09-08 06:47:55	EC0F07CBBF5D9F171B5A2A32A727BC7F	416768	----a-w-	C:\windows\Sysnative\drivers\srv.sys
2016-09-08 06:47:55	0E109555E6624756A5FABE2F95C48A45	675328	----a-w-	C:\windows\Sysnative\drivers\srv2.sys
2016-09-08 06:47:52	9A97015A06271EEFC124A540A777CB8B	243712	----a-w-	C:\windows\Sysnative\drivers\srvnet.sys
2016-09-08 06:43:01	389C998C64319CD97625B0550E52ECFA	58176	----a-w-	C:\windows\Sysnative\drivers\dam.sys
2016-09-08 06:42:59	ED54A75050211DC77F9B98C41E026858	86336	----a-w-	C:\windows\Sysnative\drivers\pdc.sys
2016-09-08 06:42:59	7AA01AB1C110916825E6E1389F1B9AF2	39744	----a-w-	C:\windows\Sysnative\drivers\intelpep.sys
2016-09-08 06:42:55	DC1D9F692C2AD84C214584C28501C1F7	24576	----a-w-	C:\windows\Sysnative\drivers\ndistapi.sys
2016-09-08 06:38:52	B810B2B39CCA90DC6BF42AF1658AE0D1	1201664	----a-w-	C:\windows\Sysnative\drivers\bthport.sys
2016-09-08 06:38:52	52A1B7ECAB4C9EF70FD41241691E09D3	81920	----a-w-	C:\windows\Sysnative\drivers\BTHUSB.SYS
2016-09-08 06:38:52	12418846B057E4F92FC621F5C6CF737D	53248	----a-w-	C:\windows\Sysnative\drivers\bthenum.sys
2016-09-07 19:34:30	306EE29C824E85BB28D4579B23EFA55A	21360	----a-w-	C:\windows\Sysnative\drivers\SmartDefragDriver.sys
2016-09-07 19:11:25	9980B262DBE439AE6BDC91AA985F19EE	2017624	----a-w-	C:\windows\Sysnative\drivers\ntfs.sys
2016-09-07 19:08:15	A7D51169CA28B0AA9B5DE2B7EFB5C3C9	145408	----a-w-	C:\windows\Sysnative\drivers\rmcast.sys
2016-09-07 19:08:15	80A2FC1A089A71F2DBE5D8394FFB009F	155480	----a-w-	C:\windows\Sysnative\drivers\tpm.sys
2016-09-07 19:08:14	235624C147E3CB4C288D5D3D8E8D64A2	112640	----a-w-	C:\windows\Sysnative\drivers\rasl2tp.sys
2016-09-07 19:07:14	C996CBEF922B5653A01E3F50DDCE2F86	91992	----a-w-	C:\windows\Sysnative\drivers\usbehci.sys
2016-09-07 19:05:33	B45AE0970B2D66CCE756DE6989E23EEC	419160	----a-w-	C:\windows\Sysnative\drivers\spaceport.sys
2016-09-07 19:05:19	E85916632CD3B9E9B546968DB950BF42	154112	----a-w-	C:\windows\Sysnative\drivers\tunnel.sys
2016-09-07 18:56:14	C800DCD904016B2BF6AB541083770A3A	80896	----a-w-	C:\windows\Sysnative\drivers\IPMIDrv.sys
2016-09-07 18:55:24	4065615E836BF8C61AF6278EB2A9D1D6	201728	----a-w-	C:\windows\Sysnative\drivers\mrxsmb20.sys
2016-09-07 18:55:23	5CBF8B3E27D824D2AA2A34AFB406F1D0	563024	----a-w-	C:\windows\Sysnative\drivers\cng.sys
2016-09-07 18:55:23	3D4AE520CD6F6FFE549DD195C1F515BE	178016	----a-w-	C:\windows\Sysnative\drivers\ksecpkg.sys
2016-09-07 18:51:22	8B1E62881D5AC68E673CD94B136B34AC	99672	----a-w-	C:\windows\Sysnative\drivers\disk.sys
2016-09-07 18:50:30	DAC438FB5FF85A9E72806E2341D5D732	72024	----a-w-	C:\windows\Sysnative\drivers\vpci.sys
2016-09-07 18:45:55	CECD84D511DEF9759D834FA0AF010400	470360	----a-w-	C:\windows\Sysnative\drivers\netio.sys
2016-09-07 18:44:12	D2AC8F07995CE6CD18848C129435B481	140800	----a-w-	C:\windows\Sysnative\drivers\mrxdav.sys
2016-09-07 18:44:11	D25F0093A71FFB355160358DD70B0373	443224	----a-w-	C:\windows\Sysnative\drivers\usbport.sys
2016-09-07 18:44:11	CD81683F4553677B9BF5163A922153EB	462168	----a-w-	C:\windows\Sysnative\drivers\usbhub.sys
2016-09-07 18:44:11	5C90D5379B53590FBB24BBAD4FA682EE	468824	----a-w-	C:\windows\Sysnative\drivers\USBHUB3.SYS
2016-09-07 18:44:10	FC974B03C8B87455F44F734C8F31A3C8	37376	----a-w-	C:\windows\Sysnative\drivers\usbuhci.sys
2016-09-07 18:44:10	A0F0484C97D6441ED6A75D7426ECCC9E	30208	----a-w-	C:\windows\Sysnative\drivers\usbohci.sys
2016-09-07 18:44:10	9A2B3A98D7982372CA36A823F673EFB8	27992	----a-w-	C:\windows\Sysnative\drivers\usbd.sys
2016-09-07 18:41:19	9D168BFA334D47BE404367EB58D4E130	148832	----a-w-	C:\windows\Sysnative\drivers\USBSTOR.SYS
2016-09-07 18:40:48	5DCD41F62F71519D2A46D41F60C69B0C	401920	----a-w-	C:\windows\Sysnative\drivers\mrxsmb.sys
2016-09-07 18:40:45	D7C9BC4D37BF08C7DD436A0A5F321668	284672	----a-w-	C:\windows\Sysnative\drivers\mrxsmb10.sys
2016-09-07 18:40:45	715ABA3DD164D06457A2A3C92F6EA9D5	136512	----a-w-	C:\windows\Sysnative\drivers\wfplwfs.sys
2016-09-07 18:40:45	5408A71E47FF21E357192FD4126B3002	138240	----a-w-	C:\windows\Sysnative\drivers\dfsc.sys
2016-09-07 18:40:39	5BC3C5C66EBF939128B0EC7CA66C0EAB	379232	----a-w-	C:\windows\Sysnative\drivers\storport.sys
2016-09-07 18:40:23	5DB4AFA10A488EC4DDB3DA09B0425BE5	551256	----a-w-	C:\windows\Sysnative\drivers\vhdmp.sys
2016-09-07 18:40:18	D67ED4AB59D1EF66B05AD1A81AC28B26	402432	----a-w-	C:\windows\Sysnative\drivers\rdbss.sys
2016-09-07 18:40:17	D4AB6EE3D715BC44C00277FD934FAACF	590688	----a-w-	C:\windows\Sysnative\drivers\fvevol.sys
2016-09-07 18:40:15	F9ED4FFE6EBAC59F564323848974C3B4	331608	----a-w-	C:\windows\Sysnative\drivers\Classpnp.sys
2016-09-07 18:40:14	438EA7A2D8D4F9B8AFB64748ACA70BA8	114528	----a-w-	C:\windows\Sysnative\drivers\mup.sys
2016-09-07 18:40:13	C3755FCF9A0B5C6FE8ED9E873B85D3CE	205824	----a-w-	C:\windows\Sysnative\drivers\ndiswan.sys
2016-09-07 18:40:10	C5196B53CA2F8FC637D20DEC386CFBE2	72408	----a-w-	C:\windows\Sysnative\drivers\dumpfve.sys
2016-09-07 18:40:10	177D76B32D417537FAADFF90237A508B	111616	----a-w-	C:\windows\Sysnative\drivers\hidclass.sys
2016-09-07 18:40:09	49676FEC898AB2A11B157F848269A56E	32768	----a-w-	C:\windows\Sysnative\drivers\hidusb.sys
2016-09-07 18:40:08	0EDD1F4D470C775740625B06A60C9DD5	57184	----a-w-	C:\windows\Sysnative\drivers\stornvme.sys
2016-09-07 18:40:00	24E6C1F418BACEE4E7D18266F48FF2EA	32512	----a-w-	C:\windows\Sysnative\drivers\hidparse.sys
2016-09-07 18:28:25	1C8560E3A37A9D4F25B7769C3E3D4163	2466136	----a-w-	C:\windows\Sysnative\drivers\tcpip.sys
2016-09-07 18:23:23	F74B839FA0F4E6060CA1DA6B8DA17941	1549144	----a-w-	C:\windows\Sysnative\drivers\dxgkrnl.sys
2016-09-07 18:22:20	436E1A724E7E683F6B612D3D58F04241	74584	----a-w-	C:\windows\Sysnative\drivers\volmgr.sys
2016-09-07 18:21:34	17F7B0F2298D97F4B6C7A69511033D3D	316760	----a-w-	C:\windows\Sysnative\drivers\volsnap.sys
2016-09-07 18:21:08	9DC17B7D9D84C37C102D379FCC7D4942	281088	----a-w-	C:\windows\Sysnative\drivers\netbt.sys
2016-09-07 15:42:31	78488AF2AB2111D67B3C4044707A519B	192216	----a-w-	C:\windows\Sysnative\drivers\MBAMSwissArmy.sys
2016-09-07 15:41:55	1239597BAB7EED2BB16D035AF87E65D9	140672	----a-w-	C:\windows\Sysnative\drivers\mbamchameleon.sys
2016-09-07 15:41:54	898415AC0B5F1D2A9A48ABCB68A6DC4B	65408	----a-w-	C:\windows\Sysnative\drivers\mwac.sys
2016-09-07 15:41:54	78BFF5425E044086E74E78650A359FBB	27008	----a-w-	C:\windows\Sysnative\drivers\mbam.sys
2016-09-07 14:38:30	E0BD2D83875464FEEEB242CBA8B7E073	108032	----a-w-	C:\windows\Sysnative\drivers\tdx.sys
2016-09-07 14:38:30	A460C3AF3755A2A79A3C8EFE72E147B5	559616	----a-w-	C:\windows\Sysnative\drivers\afd.sys
2016-09-07 14:23:18	7A0DB69C5FAE330BD9F492A817B9AA8E	70360	----a-w-	C:\windows\Sysnative\drivers\PSKMAD.sys
====== C:\windows\Tasks ======
2016-09-07 19:34:31	62EDA7D716573AD551225A30721634BA	3008	----a-w-	C:\windows\Sysnative\Tasks\SmartDefrag_Update
2016-09-07 16:59:11	--------	d-----w-	C:\windows\Sysnative\Tasks\Safer-Networking
2016-09-07 14:52:47	AFF8660187C19401B45A178373B8DFDA	3828	----a-w-	C:\windows\Sysnative\Tasks\Adobe Flash Player Updater
2016-09-07 14:51:11	777ABF1FB0462BD796E496154236ACB1	3596	----a-w-	C:\windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-974250824-2886707618-1983489586-1002
====== C:\windows\Temp ======
======= C:\Program Files =====
2016-09-08 18:09:12	--------	d-----w-	C:\Program Files\trend micro
2016-09-07 15:06:50	--------	d-----w-	C:\Program Files\VS Revo Group
2016-09-07 14:36:34	--------	d-----w-	C:\Program Files\Classic Shell
======= C:\PROGRA~2 =====
2016-09-07 19:35:18	--------	d-----w-	C:\PROGRA~2\COMMON~1\IObit
2016-09-07 16:55:19	--------	d-----w-	C:\PROGRA~2\SpywareBlaster
======= C: =====
====== C:\Users\kai\AppData\Roaming ======
2016-09-08 08:11:39	--------	d-----w-	C:\Users\kai\AppData\Local\ESET
2016-09-07 19:33:56	--------	d-----w-	C:\Users\kai\AppData\Locallow\IObit
2016-09-07 17:01:13	--------	d-----w-	C:\windows\sysWoW64\config\systemprofile\AppData\Local\Programs
2016-09-07 13:53:05	--------	d-----w-	C:\Users\kai\AppData\Roaming\googleico
====== C:\Users\kai ======
2016-09-08 18:06:56	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\kai\Desktop\RSITx64.exe
2016-09-08 10:06:08	FB9A539E59CF43040644DA0A44234507	6761600	----a-w-	C:\Users\kai\Downloads\esetonlinescanner_enu(1).exe
2016-09-08 08:11:08	FB9A539E59CF43040644DA0A44234507	6761600	----a-w-	C:\Users\kai\Downloads\esetonlinescanner_enu.exe
2016-09-08 06:47:17	209298BEDB944459D4C9E72E8D6499E0	8227032	----a-w-	C:\Users\kai\Downloads\ccsetup521.exe
2016-09-07 19:34:25	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2016-09-07 16:55:28	--------	d-----w-	C:\ProgramData\Licenses
2016-09-07 16:55:21	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2016-09-07 16:39:56	54B1296B9E6D647B590D3BA92682FE2A	11383216	----a-w-	C:\Users\kai\Downloads\smart-defrag-setup.exe
2016-09-07 16:37:42	7793999D940065E8F827841BC5B8098A	4291320	----a-w-	C:\Users\kai\Downloads\spywareblastersetup55.exe
2016-09-07 15:40:00	52F4695C53B02ADA7D648F95F2E2F8B4	22851472	----a-w-	C:\Users\kai\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe
2016-09-07 15:06:56	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-09-07 15:04:38	46CE49F4B389F956E3F4400F1C6977D4	7093624	----a-w-	C:\Users\kai\Downloads\revosetup.exe
2016-09-07 14:57:50	63B148154570D8BC763C77575FD856A5	11374528	----a-w-	C:\Users\kai\Downloads\RevoUninProSetup.exe
2016-09-07 14:49:51	DD137481A399F78165195ECFB5E76A41	1198800	----a-w-	C:\Users\kai\Downloads\flashplayer22au_d_install.exe
2016-09-07 14:36:34	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2016-09-07 14:30:30	DA0177B7A18ECCF97E1C179BE4ECBA3C	8437760	----a-w-	C:\Users\kai\Downloads\ClassicShellSetup_3_6_8.exe
2016-09-07 14:22:56	--------	d-----w-	C:\ProgramData\panda_url_filtering
2016-09-07 14:19:47	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2016-09-07 14:12:39	71CF4B286F3D39327298DF3B66C8904C	2342176	----a-w-	C:\Users\kai\Downloads\PANDAFREEAV.exe

====== C: exe-files ==
2016-09-08 18:09:24	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\kai.exe
2016-09-08 18:06:56	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\kai\Desktop\RSITx64.exe
2016-09-08 10:06:08	FB9A539E59CF43040644DA0A44234507	6761600	----a-w-	C:\Users\kai\Downloads\esetonlinescanner_enu(1).exe
2016-09-08 08:11:08	FB9A539E59CF43040644DA0A44234507	6761600	----a-w-	C:\Users\kai\Downloads\esetonlinescanner_enu.exe
2016-09-08 06:50:07	824BE6BA21FF7764638A18C48B26FB74	372424	----a-w-	C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
2016-09-08 06:50:03	5C38A0D79BAD6648632897387C7D423A	21720	----a-w-	C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
2016-09-08 06:47:17	209298BEDB944459D4C9E72E8D6499E0	8227032	----a-w-	C:\Users\kai\Downloads\ccsetup521.exe
2016-09-07 19:10:48	DD406280623B406D3CB843AF223C7F1D	310960	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe
2016-09-07 19:10:48	DD406280623B406D3CB843AF223C7F1D	310960	----a-w-	C:\Program Files (x86)\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe
2016-09-07 19:10:48	DAF8F03453EA88F81872B74A9B18D607	389808	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
2016-09-07 19:10:48	D42E9C5D1947F54199AF2B2ED9FD552E	62464	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe
2016-09-07 19:10:48	B9DE3EA1B3AF9213E50756361A7755EC	362672	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
2016-09-07 19:02:03	D41FFBC03E046425C434740345A89D3B	474112	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2016-09-07 19:02:02	E3DA77B534D7DFF8A2AE6A577A44703B	815280	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2016-09-07 19:01:59	7ABF69D5BB45C519BBE75125DD9C8727	491008	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2016-09-07 19:01:58	F601CDE5F262BFFD0F56569AF53C91DE	814256	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2016-09-07 16:55:20	2AF5DBE3A4C6E04698B1E929AE92DDC7	2134152	----a-w-	C:\Program Files (x86)\SpywareBlaster\sbautoupdate.exe
2016-09-07 16:55:20	1F74DB84649CE3222FF50ABBCF6C690D	127064	----a-w-	C:\Program Files (x86)\SpywareBlaster\sburlhelper.exe
2016-09-07 16:55:19	AE13FB6BD8086465217F6A063EC3FCC3	715038	----a-w-	C:\Program Files (x86)\SpywareBlaster\unins000.exe
2016-09-07 16:55:19	430F52E6F90343EA26AB73B32C818DF6	2580576	----a-w-	C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
2016-09-07 15:40:00	52F4695C53B02ADA7D648F95F2E2F8B4	22851472	----a-w-	C:\Users\kai\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe
2016-09-07 15:06:53	082A2969D2C3173EBC160E2A63468AFE	14797088	----a-w-	C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe
2016-09-07 15:06:51	D792D26EDC3AB4301F21EF8EB4DAEB93	1349871	----a-w-	C:\Program Files\VS Revo Group\Revo Uninstaller\unins000.exe
2016-09-07 15:04:38	46CE49F4B389F956E3F4400F1C6977D4	7093624	----a-w-	C:\Users\kai\Downloads\revosetup.exe
2016-09-07 14:51:43	1115BE7832A7FA6005CB06AA20CDBB5C	77312	----a-w-	C:\Users\kai\AppData\Local\Adobe\2FE5F6E4-B7A5-4B44-9077-0B3071D486EF\gtcheck.exe
2016-09-07 14:51:40	AD6274FC24DF32A8433FDC7969CD5AD3	121856	----a-w-	C:\Users\kai\AppData\Local\Adobe\2FE5F6E4-B7A5-4B44-9077-0B3071D486EF\gccheck_small.exe
2016-09-07 14:49:51	DD137481A399F78165195ECFB5E76A41	1198800	----a-w-	C:\Users\kai\Downloads\flashplayer22au_d_install.exe
2016-09-07 14:30:30	DA0177B7A18ECCF97E1C179BE4ECBA3C	8437760	----a-w-	C:\Users\kai\Downloads\ClassicShellSetup_3_6_8.exe
2016-09-07 14:12:39	71CF4B286F3D39327298DF3B66C8904C	2342176	----a-w-	C:\Users\kai\Downloads\PANDAFREEAV.exe
2016-09-07 13:58:11	0BC652CF576F29A3009E432DC32D41BB	252920	----a-w-	C:\Program Files (x86)\Origin\UpdateTool.exe
2016-09-07 13:52:54	A60EA3A8CF68586D737570F340CB6E09	1758488	----a-w-	C:\Program Files (x86)\Maxthon\Modules\Service\Update\Mxmsg.exe
=== C: other files ==
2016-09-08 13:06:24	560EDC0912BDB68290930E2542823A24	135760	----a-w-	C:\Users\kai\AppData\Local\Temp\ehdrv.sys
2016-09-08 06:52:18	B8F36CBC72FC5C8B8A30AD850165EA8E	72192	----a-w-	C:\Windows\System32\drivers\ndproxy.sys
2016-09-08 06:52:18	23006D660C0E54BF1CE8253E15F5E995	80896	----a-w-	C:\Windows\System32\drivers\wanarp.sys
2016-09-08 06:47:59	24DABC0A77FAFDC0E379AB3B30F61BB6	101208	----a-w-	C:\Windows\System32\drivers\mountmgr.sys
2016-09-08 06:47:57	D5ECE7E7F349EB3C4B152AFF3577280D	95744	----a-w-	C:\Windows\System32\drivers\agilevpn.sys
2016-09-08 06:47:55	EC0F07CBBF5D9F171B5A2A32A727BC7F	416768	----a-w-	C:\Windows\System32\drivers\srv.sys
2016-09-08 06:47:55	0E109555E6624756A5FABE2F95C48A45	675328	----a-w-	C:\Windows\System32\drivers\srv2.sys
2016-09-08 06:47:52	9A97015A06271EEFC124A540A777CB8B	243712	----a-w-	C:\Windows\System32\drivers\srvnet.sys
2016-09-08 06:43:01	389C998C64319CD97625B0550E52ECFA	58176	----a-w-	C:\Windows\System32\drivers\dam.sys
2016-09-08 06:42:59	ED54A75050211DC77F9B98C41E026858	86336	----a-w-	C:\Windows\System32\drivers\pdc.sys
2016-09-08 06:42:59	7AA01AB1C110916825E6E1389F1B9AF2	39744	----a-w-	C:\Windows\System32\drivers\intelpep.sys
2016-09-08 06:42:55	DC1D9F692C2AD84C214584C28501C1F7	24576	----a-w-	C:\Windows\System32\drivers\ndistapi.sys
2016-09-08 06:38:52	B810B2B39CCA90DC6BF42AF1658AE0D1	1201664	----a-w-	C:\Windows\System32\drivers\bthport.sys
2016-09-08 06:38:52	52A1B7ECAB4C9EF70FD41241691E09D3	81920	----a-w-	C:\Windows\System32\drivers\BTHUSB.SYS
2016-09-08 06:38:52	12418846B057E4F92FC621F5C6CF737D	53248	----a-w-	C:\Windows\System32\drivers\bthenum.sys
2016-09-07 19:34:30	306EE29C824E85BB28D4579B23EFA55A	21360	----a-w-	C:\Windows\System32\drivers\SmartDefragDriver.sys
2016-09-07 19:11:25	9980B262DBE439AE6BDC91AA985F19EE	2017624	----a-w-	C:\Windows\System32\drivers\ntfs.sys
2016-09-07 19:08:54	C48274ADC82BF1C1D8C3483FF13A8894	4169216	----a-w-	C:\Windows\System32\win32k.sys
2016-09-07 19:08:15	A7D51169CA28B0AA9B5DE2B7EFB5C3C9	145408	----a-w-	C:\Windows\System32\drivers\rmcast.sys
2016-09-07 19:08:15	80A2FC1A089A71F2DBE5D8394FFB009F	155480	----a-w-	C:\Windows\System32\drivers\tpm.sys
2016-09-07 19:08:14	235624C147E3CB4C288D5D3D8E8D64A2	112640	----a-w-	C:\Windows\System32\drivers\rasl2tp.sys
2016-09-07 19:07:14	C996CBEF922B5653A01E3F50DDCE2F86	91992	----a-w-	C:\Windows\System32\drivers\usbehci.sys
2016-09-07 19:05:33	B45AE0970B2D66CCE756DE6989E23EEC	419160	----a-w-	C:\Windows\System32\drivers\spaceport.sys
2016-09-07 19:05:19	E85916632CD3B9E9B546968DB950BF42	154112	----a-w-	C:\Windows\System32\drivers\tunnel.sys
2016-09-07 18:56:14	C800DCD904016B2BF6AB541083770A3A	80896	----a-w-	C:\Windows\System32\drivers\IPMIDrv.sys
2016-09-07 18:55:24	4065615E836BF8C61AF6278EB2A9D1D6	201728	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2016-09-07 18:55:23	5CBF8B3E27D824D2AA2A34AFB406F1D0	563024	----a-w-	C:\Windows\System32\drivers\cng.sys
2016-09-07 18:55:23	3D4AE520CD6F6FFE549DD195C1F515BE	178016	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2016-09-07 18:51:22	8B1E62881D5AC68E673CD94B136B34AC	99672	----a-w-	C:\Windows\System32\drivers\disk.sys
2016-09-07 18:50:30	DAC438FB5FF85A9E72806E2341D5D732	72024	----a-w-	C:\Windows\System32\drivers\vpci.sys
2016-09-07 18:45:55	CECD84D511DEF9759D834FA0AF010400	470360	----a-w-	C:\Windows\System32\drivers\netio.sys
2016-09-07 18:44:12	D2AC8F07995CE6CD18848C129435B481	140800	----a-w-	C:\Windows\System32\drivers\mrxdav.sys
2016-09-07 18:44:11	D25F0093A71FFB355160358DD70B0373	443224	----a-w-	C:\Windows\System32\drivers\usbport.sys
2016-09-07 18:44:11	CD81683F4553677B9BF5163A922153EB	462168	----a-w-	C:\Windows\System32\drivers\usbhub.sys
2016-09-07 18:44:11	5C90D5379B53590FBB24BBAD4FA682EE	468824	----a-w-	C:\Windows\System32\drivers\USBHUB3.SYS
2016-09-07 18:44:10	FC974B03C8B87455F44F734C8F31A3C8	37376	----a-w-	C:\Windows\System32\drivers\usbuhci.sys
2016-09-07 18:44:10	A0F0484C97D6441ED6A75D7426ECCC9E	30208	----a-w-	C:\Windows\System32\drivers\usbohci.sys
2016-09-07 18:44:10	9A2B3A98D7982372CA36A823F673EFB8	27992	----a-w-	C:\Windows\System32\drivers\usbd.sys
2016-09-07 18:41:19	9D168BFA334D47BE404367EB58D4E130	148832	----a-w-	C:\Windows\System32\drivers\USBSTOR.SYS
2016-09-07 18:40:48	5DCD41F62F71519D2A46D41F60C69B0C	401920	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2016-09-07 18:40:45	D7C9BC4D37BF08C7DD436A0A5F321668	284672	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2016-09-07 18:40:45	715ABA3DD164D06457A2A3C92F6EA9D5	136512	----a-w-	C:\Windows\System32\drivers\wfplwfs.sys
2016-09-07 18:40:45	5408A71E47FF21E357192FD4126B3002	138240	----a-w-	C:\Windows\System32\drivers\dfsc.sys
2016-09-07 18:40:39	5BC3C5C66EBF939128B0EC7CA66C0EAB	379232	----a-w-	C:\Windows\System32\drivers\storport.sys
2016-09-07 18:40:23	5DB4AFA10A488EC4DDB3DA09B0425BE5	551256	----a-w-	C:\Windows\System32\drivers\vhdmp.sys
2016-09-07 18:40:18	D67ED4AB59D1EF66B05AD1A81AC28B26	402432	----a-w-	C:\Windows\System32\drivers\rdbss.sys
2016-09-07 18:40:17	D4AB6EE3D715BC44C00277FD934FAACF	590688	----a-w-	C:\Windows\System32\drivers\fvevol.sys
2016-09-07 18:40:15	F9ED4FFE6EBAC59F564323848974C3B4	331608	----a-w-	C:\Windows\System32\drivers\Classpnp.sys
2016-09-07 18:40:14	438EA7A2D8D4F9B8AFB64748ACA70BA8	114528	----a-w-	C:\Windows\System32\drivers\mup.sys
2016-09-07 18:40:13	C3755FCF9A0B5C6FE8ED9E873B85D3CE	205824	----a-w-	C:\Windows\System32\drivers\ndiswan.sys
2016-09-07 18:40:10	C5196B53CA2F8FC637D20DEC386CFBE2	72408	----a-w-	C:\Windows\System32\drivers\dumpfve.sys
2016-09-07 18:40:10	177D76B32D417537FAADFF90237A508B	111616	----a-w-	C:\Windows\System32\drivers\hidclass.sys
2016-09-07 18:40:09	49676FEC898AB2A11B157F848269A56E	32768	----a-w-	C:\Windows\System32\drivers\hidusb.sys
2016-09-07 18:40:08	0EDD1F4D470C775740625B06A60C9DD5	57184	----a-w-	C:\Windows\System32\drivers\stornvme.sys
2016-09-07 18:40:00	24E6C1F418BACEE4E7D18266F48FF2EA	32512	----a-w-	C:\Windows\System32\drivers\hidparse.sys
2016-09-07 18:28:25	1C8560E3A37A9D4F25B7769C3E3D4163	2466136	----a-w-	C:\Windows\System32\drivers\tcpip.sys
2016-09-07 18:23:23	F74B839FA0F4E6060CA1DA6B8DA17941	1549144	----a-w-	C:\Windows\System32\drivers\dxgkrnl.sys
2016-09-07 18:22:20	436E1A724E7E683F6B612D3D58F04241	74584	----a-w-	C:\Windows\System32\drivers\volmgr.sys
2016-09-07 18:21:34	17F7B0F2298D97F4B6C7A69511033D3D	316760	----a-w-	C:\Windows\System32\drivers\volsnap.sys
2016-09-07 18:21:08	9DC17B7D9D84C37C102D379FCC7D4942	281088	----a-w-	C:\Windows\System32\drivers\netbt.sys
2016-09-07 15:42:31	78488AF2AB2111D67B3C4044707A519B	192216	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-09-07 15:41:55	1239597BAB7EED2BB16D035AF87E65D9	140672	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2016-09-07 15:41:54	898415AC0B5F1D2A9A48ABCB68A6DC4B	65408	----a-w-	C:\Windows\System32\drivers\mwac.sys
2016-09-07 15:41:54	78BFF5425E044086E74E78650A359FBB	27008	----a-w-	C:\Windows\System32\drivers\mbam.sys
2016-09-07 14:38:30	E0BD2D83875464FEEEB242CBA8B7E073	108032	----a-w-	C:\Windows\System32\drivers\tdx.sys
2016-09-07 14:38:30	A460C3AF3755A2A79A3C8EFE72E147B5	559616	----a-w-	C:\Windows\System32\drivers\afd.sys
2016-09-07 14:30:35	2CC7CB51551F1F03AE356E07593E970E	23373	----a-w-	C:\Users\kai\AppData\Roaming\Mozilla\Firefox\Profiles\2wchg9te.default\extensions\firefox-hotfix@mozilla.org.xpi
2016-09-07 14:23:18	7A0DB69C5FAE330BD9F492A817B9AA8E	70360	----a-w-	C:\Windows\System32\drivers\PSKMAD.sys

==== Orphaned Tasks deleted from Registry ======================

DolbySelectorTask deleted
Lenovo\StartLenovoMessenger deleted
Maxthon Update deleted
OFFICE2013ACT deleted
Optimize Start Menu Cache Files-S-1-5-21-974250824-2886707618-1983489586-500 deleted
PDVDServ Task deleted
Pokki deleted
SoftwareInformerService deleted
User_Feed_Synchronization-{A06F2C40-E105-4BBF-9ACF-F9D8A8067E7F} deleted
{9E157899-1BC5-4FF0-A678-DA8BC7EDF806} deleted

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-974250824-2886707618-1983489586-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"Software Informer"="C:\Program Files\Software Informer\softinfo.exe -autorun"
"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"CLMLServer_For_P2G8"="C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
"CLVirtualDrive"="C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe /R"
"PSUAMain"="C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray"
"SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"Software Informer"="C:\Program Files\Software Informer\softinfo.exe -autorun"
"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"="RTFTrack.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4"
"RtHDVBg_LENOVO_DOLBYDRAGON"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_DOLBYDRAGON"
"RtHDVBg_LENOVO_MICPKEY"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_MICPKEY"
"PasswordManager"="C:\Program Files\Lenovo\Password Manager\password_manager.exe"
"PhoneCompanion"="C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"Energy Manager"="C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"Lenovo Utility"="C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a-------- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [07-09-2016 16:52]

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\windows\SysNative\tasks\SmartDefrag_Update" [C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe]
"C:\windows\SysNative\tasks\Lenovo\Dependency Package Auto Update" [C:\Program Files\Lenovo\iMController\AutoUpdate.exe]
"C:\windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program" ["%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"]
"C:\windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"]
"C:\windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64 35" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"]
"C:\windows\SysNative\tasks\Lenovo\Lenovo Solution Center Launcher" [%programfiles%\lenovo\lenovo solution center\App\LSCService.exe]
"C:\windows\SysNative\tasks\Lenovo\LSC\Lenovo Solution Center Notifications" [%programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe]
"C:\windows\SysNative\tasks\Lenovo\LSC\LSCHardwareScan" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan]
"C:\windows\SysNative\tasks\Lenovo\LSC\LSCHardwareScanPostpone" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan]
"C:\windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe"]
"C:\windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe"]
"C:\windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe"]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\kai\AppData\Roaming\Mozilla\Firefox\Profiles\2wchg9te.default
user_pref("browser.startup.homepage", "www.google.nl");
user_pref("browser.search.selectedEngine", "Default");

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{F74D5734-46F5-4B16-96F0-1E7FBF41B750}"="C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12" [07-12-2014 02:18]

==== Firefox Extensions ======================

ProfilePath: C:\Users\kai\AppData\Roaming\Mozilla\Firefox\Profiles\2wchg9te.default
- Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\kai\AppData\Roaming\Mozilla\Firefox\Profiles\2wchg9te.default
62D98B286C805E193568037B70D936D2	- C:\windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll -	Shockwave Flash
22B9829CA869E42CE828697B6EEF43AC	- C:\Users\kai\AppData\Local\Roblox\Versions\version-80d6e12d52f3422b\NPRobloxProxy.dll -	Roblox Launcher Plugin
531EC40976FD562099C000734916FDAC	- C:\Users\kai\AppData\Local\Roblox\Versions\version-80d6e12d52f3422b\NPRobloxProxy64.dll -	Roblox Launcher Plugin


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
geempcnjhccnoepfmahaeemnnfnignab - C:\Program Files (x86)\Lenovo\Password Manager\chrome_npapi_extension.crx[10-01-2014 00:44]

Lenovo Password Manager - kai\AppData\Local\Chromium\User Data\Default\Extensions\geempcnjhccnoepfmahaeemnnfnignab
Chrome Web Store Payments - kai\AppData\Local\Chromium\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Fix ======================

C:\Users\kai\AppData\Local\Chromium\User Data\Default\Local Storage\https_cateredtoyou-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\kai\AppData\Local\Chromium\User Data\Default\Local Storage\https_cateredtoyou-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\kai\AppData\Local\Chromium\User Data\Default\Local Storage\https_powersaves3ds.maximummemory.com_0.localstorage deleted successfully
C:\Users\kai\AppData\Local\Chromium\User Data\Default\Local Storage\https_powersaves3ds.maximummemory.com_0.localstorage-journal deleted successfully
C:\Users\kai\AppData\Local\Chromium\User Data\Default\Local Storage\http_static.reklaam00.reklaam.co_0.localstorage deleted successfully
C:\Users\kai\AppData\Local\Chromium\User Data\Default\Local Storage\http_static.reklaam00.reklaam.co_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{DEC0CB9A-7910-4627-B8F2-19D36D3D787C}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - https://nl.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_15_50_csp_tight14_15_43&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dnl%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1Qzu0FtDyByCtC0CyDyDtDtA0E0CyDyBtByCtN0D0Tzu0StCyEtAyCtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1M1Q1CtCyDtN1L1G1B1V1N2Y1L1Qzu2SyEyE0F0EzyyBtAzztGyE0EyDzytGzz0AtCyCtGtBtC0E0EtG0BtDtD0EtAtD0EyE0E0AyEzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0C0A0B0EtCyEtAyCtGyCyBzytAtGyEyCyDyCtGzy0DtDyDtGtAyE0EyEtDyEyEyC0A0AyE0A2QtN0A0LzuyE%26cr%3D1175410946%26a%3Dhdr_s_15_50_csp_tight14_15_43%26os%3DWindows%2B8.1%2BConnected&p={searchTerms}
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{DEC0CB9A-7910-4627-B8F2-19D36D3D787C}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\Wow6432Node\SearchScopes\{DEC0CB9A-7910-4627-B8F2-19D36D3D787C} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
HKCU\SearchScopes\{1b31c9d2-7135-442b-bb93-7c002172adc6} - http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
HKCU\SearchScopes\{DEC0CB9A-7910-4627-B8F2-19D36D3D787C} - No_Url_Value

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\fileopenerpro deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\kai\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\kai\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\kai\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\kai\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\kai\AppData\Local\Mozilla\Firefox\Profiles\2wchg9te.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\kai\AppData\Local\Chromium\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=6345 folders=252 360994826 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\kai\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\kai\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on vr 09-09-2016 at  9:35:27,91 ======================