Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version) Tool run by allon on di 19/06/2018 at 17:51:55,45. Microsoft Windows 10 Home 10.0.17134 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\allon\OneDrive\Bureaublad\zoek (2).exe [Scan all users] [Quick Scan] [Auto Clean] ==== System Restore Info ====================== 19/06/2018 17:54:08 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\allon\AppData\Local\DBG deleted successfully C:\Users\allon\AppData\Local\icsxml deleted successfully C:\Users\allon\AppData\Local\PackageStaging deleted successfully C:\Users\allon\AppData\Local\PlaceholderTileLogoFolder deleted successfully C:\Users\allon\AppData\Local\VirtualStore deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2018-05-22 19:37:15 99F5D5BBD351694638DF3C0CC4A919A3 7623 ----a-w- C:\WINDOWS\diagwrn.xml 2018-05-22 19:37:15 99F5D5BBD351694638DF3C0CC4A919A3 7623 ----a-w- C:\WINDOWS\diagerr.xml 2018-05-22 16:49:25 3624C492AFDE8E7C9ADE30BCD2433FC6 67584 --s-a-w- C:\WINDOWS\bootstat.dat ====== C:\Users\allon\AppData\Local\Temp ==== 2018-06-19 15:39:29 75375C22C72F1BEB76BEA39C22A1ED68 167936 ----a-w- C:\Users\allon\AppData\Local\Temp\unzip.exe 2018-06-19 15:39:29 1A3F82F420340222F13C5633AEB716D6 533851 ----a-w- C:\Users\allon\AppData\Local\Temp\sr.exe 2018-06-19 15:39:28 8377C99BF813BE986D07730F5C433382 68096 ----a-w- C:\Users\allon\AppData\Local\Temp\ZAScan.exe ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2018-06-13 13:22:28 EEC9E744942FE3C02FB6BB78E497E39F 6569960 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2018-06-13 13:22:22 F8D93F6741FC06E2A06B7C7B344F6DF0 6661120 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2018-06-13 13:22:22 0953FDA9137CF94F977E5B632F7D2222 22005760 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2018-06-13 13:22:21 3CD170188E009F697BD4CD45511470FD 19404288 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2018-06-13 13:22:20 E6FEBAD91447B3C61B99DA18B6D370A6 11903488 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2018-06-13 13:22:20 AA04E94A8DD84DECDFFCDD39BDA1BE88 861616 ----a-w- C:\WINDOWS\SysWOW64\msmpeg2adec.dll 2018-06-13 13:22:20 6808D2BD8928973B9E09FF035A48F07C 2331584 ----a-w- C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2018-06-13 13:22:19 FD57118DDC22B8F63B6320B1172AEB72 20383712 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2018-06-13 13:22:19 4AD80DFD6D7BBFEC7E0933D9DEADB9A7 13873152 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2018-06-13 13:22:19 3E0F19EF81855374B4FE59AEB31D9AF1 1380200 ----a-w- C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2018-06-13 13:22:19 2EA99351B7C0F48F7B3E300A076148EA 1665920 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2018-06-13 13:22:18 EFFD8021F787427A8F65720C5424DBF5 5780992 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2018-06-13 13:22:18 A350A1EEF7C899E9452F75F9B58DCC53 6527064 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll 2018-06-13 13:22:18 2B53F6124C08252B29F868BDFBA55592 4788512 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll 2018-06-13 13:22:17 E119415A4AA51527F2244DC4B9EBDF47 1005568 ----a-w- C:\WINDOWS\SysWOW64\wpnapps.dll 2018-06-13 13:22:17 54903E9AD35E30E8BA224151CBDC1FB5 1709720 ----a-w- C:\WINDOWS\SysWOW64\mfnetsrc.dll 2018-06-13 13:22:17 211212EF07D5F8582D20F4866A99711D 6044104 ----a-w- C:\WINDOWS\SysWOW64\windows.storage.dll 2018-06-13 13:22:16 FF74BFC4554614E26C78E37D71FF6259 1020168 ----a-w- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2018-06-13 13:22:16 8C48AAD2F7056BB519F1E12FF8DF826C 864768 ----a-w- C:\WINDOWS\SysWOW64\mmsys.cpl 2018-06-13 13:22:16 4EE2FCDE421F829019FC8B64F40E8F4A 2699776 ----a-w- C:\WINDOWS\SysWOW64\tquery.dll 2018-06-13 13:22:16 4227596FDAD0FA662695B5B97658B878 2417840 ----a-w- C:\WINDOWS\SysWOW64\d3d11.dll 2018-06-13 13:22:16 215BDA791F9BC240EFD4BE5310F86B78 2479272 ----a-w- C:\WINDOWS\SysWOW64\combase.dll 2018-06-13 13:22:16 0CB08D130D8E931F0937ACEB883CD68A 4469832 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2018-06-13 13:22:15 FA3E2E881F9375E06B3A927BFCEF40BE 2841312 ----a-w- C:\WINDOWS\SysWOW64\Windows.Mirage.dll 2018-06-13 13:22:15 E1FAC3E9A5CA4126DE7B091E7759852A 3016192 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2018-06-13 13:22:15 B815E04D463D56A04828AF6589FBF4B9 1980872 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2018-06-13 13:22:15 B07246C80E142675BB66DA4BB8303CE7 2242216 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2018-06-13 13:22:15 8BDC360CDFFAE408B985E75EF1516566 1988072 ----a-w- C:\WINDOWS\SysWOW64\msxml6.dll 2018-06-13 13:22:15 7DB8AD2DBE8BF04EA3B5112D21B1BA4E 5821544 ----a-w- C:\WINDOWS\SysWOW64\d3d10warp.dll 2018-06-13 13:22:15 6340BB0A1375345AA8EA7EF1C989902A 457152 ----a-w- C:\WINDOWS\SysWOW64\MSAudDecMFT.dll 2018-06-13 13:22:15 5E2DACED5422AB34E6EC13878F6D0620 3712512 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2018-06-13 13:22:15 5872B3F18BBC19FDA9836A1EE1E05FE2 2900480 ----a-w- C:\WINDOWS\SysWOW64\dwmcore.dll 2018-06-13 13:22:15 5118880243C9051C13F46B46A4C9E473 1620880 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2018-06-13 13:22:15 3B167342CC8AD60208E1A15D7E59F0F8 5307392 ----a-w- C:\WINDOWS\SysWOW64\d2d1.dll 2018-06-13 13:22:15 3439A29049D9AA82E7E41DA606747D8A 1627136 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2018-06-13 13:22:14 9843151015C205C35E00871889D8681F 4336128 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2018-06-13 13:22:14 7F8B3CE8BE6CB1270C0727BC249A653D 2535552 ----a-w- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2018-06-13 13:22:14 7C9C55B38B8168B912F7D79E4D3B28FF 1461744 ----a-w- C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2018-06-13 13:22:14 21A90458A93624604A3196D269E805AD 2486992 ----a-w- C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2018-06-13 13:22:14 16EFC8EA2866A57F7900DBB099AF4E9D 3492864 ----a-w- C:\WINDOWS\SysWOW64\UIRibbon.dll 2018-06-13 13:22:14 0D9B3CB6A10C5137373B23F4A595B10B 1295360 ----a-w- C:\WINDOWS\SysWOW64\MSVPXENC.dll 2018-06-13 13:22:13 F7992ED91D945ACE62448E0EA80333D1 2961408 ----a-w- C:\WINDOWS\SysWOW64\cdp.dll 2018-06-13 13:22:13 F2A4C16ADAC0534096DE22FB6E1140FF 1034096 ----a-w- C:\WINDOWS\SysWOW64\mfreadwrite.dll 2018-06-13 13:22:13 F13239B8A66DAA2499E468136EC5E257 669696 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2018-06-13 13:22:13 EA5D8839D905E32A71D653C92F3A3CCE 2789376 ----a-w- C:\WINDOWS\SysWOW64\msftedit.dll 2018-06-13 13:22:13 C1BE6E24AA137E75CA4FD0405F46E50D 1299056 ----a-w- C:\WINDOWS\SysWOW64\D3D12.dll 2018-06-13 13:22:13 C1952AE1EE5F8D9FE0607B5941E3F61A 1011992 ----a-w- C:\WINDOWS\SysWOW64\AudioSes.dll 2018-06-13 13:22:13 BB13B05FFDE3F2F1449A1FADAEDB134B 1490144 ----a-w- C:\WINDOWS\SysWOW64\d3d9.dll 2018-06-13 13:22:13 A237D5C1E95631C1815904D473B188D1 1584128 ----a-w- C:\WINDOWS\SysWOW64\propsys.dll 2018-06-13 13:22:13 9A60576014D6D72819D5413E3C631E5F 2895872 ----a-w- C:\WINDOWS\SysWOW64\win32kfull.sys 2018-06-13 13:22:13 0A4620A864C9AA9A708FD96164CB826B 747520 ----a-w- C:\WINDOWS\SysWOW64\SndVolSSO.dll 2018-06-13 13:22:12 CC708F1C9A445105D0705F041A038DCE 950272 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2018-06-13 13:22:12 C9AF7D20C08655D96CAC26177A71B128 550616 ----a-w- C:\WINDOWS\SysWOW64\mf.dll 2018-06-13 13:22:12 7C00FF45C26497DB1D09D7E4D1C4DB19 1805776 ----a-w- C:\WINDOWS\SysWOW64\AudioEng.dll 2018-06-13 13:22:12 58A83F4F590827B6EC17A94D234B67AA 2401280 ----a-w- C:\WINDOWS\SysWOW64\AcGenral.dll 2018-06-13 13:22:12 5544103AD7109E201A1084B74D76E512 2206544 ----a-w- C:\WINDOWS\SysWOW64\WMVCORE.DLL 2018-06-13 13:22:12 40D266A601D9EB90CEC8A5190F233030 1192448 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2018-06-13 13:22:12 28EC38A58316CF2F5DC348D3E99D4102 1675264 ----a-w- C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2018-06-13 13:22:11 F69DAC46744A090573B1D5CF3BF7B935 703488 ----a-w- C:\WINDOWS\SysWOW64\CPFilters.dll 2018-06-13 13:22:11 E89CF605264B491C7B5040D94291F915 613144 ----a-w- C:\WINDOWS\SysWOW64\dxgi.dll 2018-06-13 13:22:11 BB15112B5B54CD9B9CDC1B6B5704ED8F 389632 ----a-w- C:\WINDOWS\SysWOW64\daxexec.dll 2018-06-13 13:22:11 A7A9F233464A914E11FCF8F4DDB2D759 553248 ----a-w- C:\WINDOWS\SysWOW64\SHCore.dll 2018-06-13 13:22:11 933C911A3B29617FDA37807A6AE2DC68 988136 ----a-w- C:\WINDOWS\SysWOW64\mfsvr.dll 2018-06-13 13:22:11 8B99A08F24E0C863744F283BF112BB33 786176 ----a-w- C:\WINDOWS\SysWOW64\rpcrt4.dll 2018-06-13 13:22:11 88B11A0A4E708EBDD8F3082F53CC7BE7 560488 ----a-w- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2018-06-13 13:22:11 817B09AF8DD45F72DDC09190E57AB785 1077504 ----a-w- C:\WINDOWS\SysWOW64\webservices.dll 2018-06-13 13:22:11 7714B9470817C1A5F5B4AAAB35AF2038 1454024 ----a-w- C:\WINDOWS\SysWOW64\gdi32full.dll 2018-06-13 13:22:11 6D00BD12DC0C74903F2EB2410FEFD034 770160 ----a-w- C:\WINDOWS\SysWOW64\mfds.dll 2018-06-13 13:22:11 4F90094A85B7A4D8682D9B6E17A87B9C 1462784 ----a-w- C:\WINDOWS\SysWOW64\dui70.dll 2018-06-13 13:22:11 4E16E2E29DBAEF70D3AFA5FCA866191C 861096 ----a-w- C:\WINDOWS\SysWOW64\DolbyDecMFT.dll 2018-06-13 13:22:11 36ABC925C2D3FD9775E53B9A7D817218 999936 ----a-w- C:\WINDOWS\SysWOW64\TokenBroker.dll 2018-06-13 13:22:11 201641E3E46779837B92DBB710B854E1 2307336 ----a-w- C:\WINDOWS\SysWOW64\WMVDECOD.DLL 2018-06-13 13:22:11 1D7A5C72E879B525A59E74B65FD622D1 286200 ----a-w- C:\WINDOWS\SysWOW64\wintrust.dll 2018-06-13 13:22:11 08DF4B22F3E4566C189127CE33749341 880152 ----a-w- C:\WINDOWS\SysWOW64\WinTypes.dll 2018-06-13 13:22:10 FE7A4CFDE6EB59CA68415F5A82BB1BFB 1129648 ----a-w- C:\WINDOWS\SysWOW64\msvproc.dll 2018-06-13 13:22:10 F4AC659D7F9A62400D233D1121882956 1397200 ----a-w- C:\WINDOWS\SysWOW64\MSVP9DEC.dll 2018-06-13 13:22:10 F03440B1BB1F018E4F76E0034E20019E 331264 ----a-w- C:\WINDOWS\SysWOW64\edgeIso.dll 2018-06-13 13:22:10 E0D014C9FA27206F5362E561C1DA996E 860160 ----a-w- C:\WINDOWS\SysWOW64\rasapi32.dll 2018-06-13 13:22:10 DAA96F276C9B4531D41A4168C445C10C 356960 ----a-w- C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2018-06-13 13:22:10 D5047A7B74AC61A17902FC303919AD4A 593408 ----a-w- C:\WINDOWS\SysWOW64\Windows.Web.dll 2018-06-13 13:22:10 B569C85B308B7050C2D22945BBD63AE0 94720 ----a-w- C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2018-06-13 13:22:10 A9369EDFBBA34989BE7D082C0E497670 619520 ----a-w- C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2018-06-13 13:22:10 9F585BE2E935DEA26B37F32B3EC630AE 873472 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2018-06-13 13:22:10 76527ACEF910CF8F5F04F7A3324FA16D 615424 ----a-w- C:\WINDOWS\SysWOW64\EdgeManager.dll 2018-06-13 13:22:10 5D17E47E0A8F2305076B78045B0A9476 64648 ----a-w- C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll 2018-06-13 13:22:10 47062EE8AFCE44AFEC99DAC52E453B61 578560 ----a-w- C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2018-06-13 13:22:10 32B65DB0113EDA4D1F78BA752CE4CA63 264704 ----a-w- C:\WINDOWS\SysWOW64\credprovs.dll 2018-06-13 13:22:10 269BAC9C896DE511040C16D0043466DF 917408 ----a-w- C:\WINDOWS\SysWOW64\ReAgent.dll 2018-06-13 13:22:10 2444491B02A7EF515ECA909DB8EDDD0C 992768 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll 2018-06-13 13:22:10 2082DEBC3D014238033D19104BBE7CDE 50208 ----a-w- C:\WINDOWS\SysWOW64\kernel.appcore.dll 2018-06-13 13:22:10 1174993ADD83C70B75E84B193F653EB5 658432 ----a-w- C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2018-06-13 13:22:10 0DB6D9D035FFDC27774F2B5BDDB4AB58 1108992 ----a-w- C:\WINDOWS\SysWOW64\InstallService.dll 2018-06-13 13:22:09 FD54264B8DBCA58AE9E84C74E95CFB4D 842240 ----a-w- C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2018-06-13 13:22:09 F8FF23DACA3FA677023815735CFC8ED7 567144 ----a-w- C:\WINDOWS\SysWOW64\CoreMessaging.dll 2018-06-13 13:22:09 F80279F688F3C69CB23BF2065933173F 1032704 ----a-w- C:\WINDOWS\SysWOW64\XpsPrint.dll 2018-06-13 13:22:09 F1FF2764FBF5B8A7C7CA753AFB97C3D3 101288 ----a-w- C:\WINDOWS\SysWOW64\rmclient.dll 2018-06-13 13:22:09 F147A76C500476F446CF36895CA42ED4 317440 ----a-w- C:\WINDOWS\SysWOW64\Phoneutil.dll 2018-06-13 13:22:09 EE18E5CEC785C7F1C4B8A9E9D197F9FE 568720 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll 2018-06-13 13:22:09 ADD863CDD17B4C4181B21F1FAEFF84FC 653208 ----a-w- C:\WINDOWS\SysWOW64\LicensingWinRT.dll 2018-06-13 13:22:09 A6626F874906105DE6C30884A76F2AC1 646656 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2018-06-13 13:22:09 8F7E2D5A1339D1AB05DF10393E1C2292 1466368 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2018-06-13 13:22:09 64F30EDA0B46C7A2E2E015C763A5E2EF 1559368 ----a-w- C:\WINDOWS\SysWOW64\mfplat.dll 2018-06-13 13:22:09 3A794F68606624312E600AD4A5687340 607648 ----a-w- C:\WINDOWS\SysWOW64\wimgapi.dll 2018-06-13 13:22:09 367B9D2B97E5010F598C41274D362168 528384 ----a-w- C:\WINDOWS\SysWOW64\ActivationManager.dll 2018-06-13 13:22:09 1F73D52590D1EDF803FD49EAF32ADC2E 3444224 ----a-w- C:\WINDOWS\SysWOW64\mstsc.exe 2018-06-13 13:22:09 1909A768A9C86D12DC96311244E6AD93 375808 ----a-w- C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2018-06-13 13:22:09 0E6AAEA276D7B02879628E0B4F9856D4 97176 ----a-w- C:\WINDOWS\SysWOW64\bcrypt.dll 2018-06-13 13:22:08 FC6D8B2998A4E9F8AA80DC1E3E4F8E76 863232 ----a-w- C:\WINDOWS\SysWOW64\rasdlg.dll 2018-06-13 13:22:08 F217C21D81B8060954C425794AF3E615 239104 ----a-w- C:\WINDOWS\SysWOW64\FSClient.dll 2018-06-13 13:22:08 EA762E5D133F414FECCD6F4F430FC127 77040 ----a-w- C:\WINDOWS\SysWOW64\CompPkgSup.dll 2018-06-13 13:22:08 E9281ECD0E90BA244808BDB44A7F559D 729088 ----a-w- C:\WINDOWS\SysWOW64\FlightSettings.dll 2018-06-13 13:22:08 DAAC86D7DFE85E1DDBF5333BEF0172FE 208384 ----a-w- C:\WINDOWS\SysWOW64\MSAC3ENC.DLL 2018-06-13 13:22:08 C5C86F20FBEBCC8DE9E53E11B22E6DCA 648192 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2018-06-13 13:22:08 C57DE80D077D90275E4B1D19C4811C94 344064 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll 2018-06-13 13:22:08 B5A92930902B5D834689463E7553FEFF 668672 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2018-06-13 13:22:08 B29BF52BA6E0C59A4BB7207094269C1F 630784 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2018-06-13 13:22:08 AE023E1A8599B9AB1F75C01CB6BFB39D 908288 ----a-w- C:\WINDOWS\SysWOW64\TSWorkspace.dll 2018-06-13 13:22:08 970E38BDF3288EE3C6F0A6413B96E9A7 868864 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll 2018-06-13 13:22:08 813DED17F6CF9E1A6042BA80A92FB4FE 142848 ----a-w- C:\WINDOWS\SysWOW64\InstallServiceTasks.dll 2018-06-13 13:22:08 56A7CCF5566400408C39F51F025FE68A 231936 ----a-w- C:\WINDOWS\SysWOW64\wlidcredprov.dll 2018-06-13 13:22:08 2E00E08420875FAE0B173C6A34C2A575 18716 ----a-w- C:\WINDOWS\SysWOW64\srms-apr.dat 2018-06-13 13:22:08 279B9165D8A0515DDA1E85597C390913 150016 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll 2018-06-13 13:22:08 1D7EFFA5EDE72D3FC1CF20DE998259C6 340480 ----a-w- C:\WINDOWS\SysWOW64\msexcl40.dll 2018-06-13 13:22:08 1C5866C98BFBF190E4D6F45C216ADEB1 857088 ----a-w- C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL 2018-06-13 13:22:08 1B7AA8F3B42EFDCEC5A745E2727170C6 4929024 ----a-w- C:\WINDOWS\SysWOW64\dbgeng.dll 2018-06-13 13:22:08 1639EC199172F0ADAD06B8F4ECB80C03 1361408 ----a-w- C:\WINDOWS\SysWOW64\MSPhotography.dll 2018-06-13 13:22:08 1101CCDC6D2B8C8E3EEBC08AF7AFD1A6 167936 ----a-w- C:\WINDOWS\SysWOW64\wevtutil.exe 2018-06-13 13:22:08 109CFBECF192C55136FD7CC5513B6738 251904 ----a-w- C:\WINDOWS\SysWOW64\msIso.dll 2018-06-13 13:22:08 03492023F1209A285A6EEA9B469DA305 461312 ----a-w- C:\WINDOWS\SysWOW64\rasplap.dll 2018-06-13 13:22:07 FCE3369B3E6A4224B38ACE473C01F34E 310272 ----a-w- C:\WINDOWS\SysWOW64\wincorlib.dll 2018-06-13 13:22:07 ECDA9EF7C9AD6A2A1F980087E3D29D33 38400 ----a-w- C:\WINDOWS\SysWOW64\tbauth.dll 2018-06-13 13:22:07 E03016DC7E333B75073150CF49367EAF 26112 ----a-w- C:\WINDOWS\SysWOW64\MSHEIF.dll 2018-06-13 13:22:07 DA7E110F2030F57E24DB6769B9F87D38 81920 ----a-w- C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll 2018-06-13 13:22:07 AC6983F9415DB5A0721D42B151916ADB 1348096 ----a-w- C:\WINDOWS\SysWOW64\OpcServices.dll 2018-06-13 13:22:07 A5A65A8CB92361BAE30C68CBB75B98F3 184320 ----a-w- C:\WINDOWS\SysWOW64\HoloShellRuntime.dll 2018-06-13 13:22:07 88204BBA35712968A86B1701CC7DDD2B 2016256 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2018-06-13 13:22:07 74F403CC413DDE05500FC2BC9A4387E6 29184 ----a-w- C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe 2018-06-13 13:22:07 7369B7AB78051FE0C02B332324ECD313 2560 ----a-w- C:\WINDOWS\SysWOW64\tzres.dll 2018-06-13 13:22:07 45DB9D98DDBFEE0792D7E382D2EC13AC 1508352 ----a-w- C:\WINDOWS\SysWOW64\msdt.exe 2018-06-13 13:22:07 3A9D6C5D11D349CC22BE7F14321FB253 1036288 ----a-w- C:\WINDOWS\SysWOW64\aadtb.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2018-06-13 13:22:28 1F6D0F28141D1B6DC056615FF4A9751B 7520000 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Protection.PlayReady.dll 2018-06-13 13:22:26 D42ACA6432B59B7AEC67A518D8C6E0F4 25846784 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2018-06-13 13:22:26 747B6C400D00D63A0ABF7E0D168A076F 22713856 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2018-06-13 13:22:25 D5DCBC07AF0BDA7622C6DE13B6F4587D 23862784 ----a-w- C:\WINDOWS\Sysnative\Hydrogen.dll 2018-06-13 13:22:24 5CE75B4120BEB4C1CC2148A5C8E851D4 16592384 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2018-06-13 13:22:23 D912E74113E11C2159A1085028EF2518 21389360 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2018-06-13 13:22:23 CC8EBF3960B5ECCB63E17D15624BF034 7436632 ----a-w- C:\WINDOWS\Sysnative\windows.storage.dll 2018-06-13 13:22:23 95EBCA251177AD13238FF0DC15C3202C 4527680 ----a-w- C:\WINDOWS\Sysnative\sppsvc.exe 2018-06-13 13:22:23 7E0C3E9184EA752115ED6299C62CBA9E 8188928 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll 2018-06-13 13:22:21 C93B2D0DF82F3E7E9B12FCA91725A83C 7581696 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2018-06-13 13:22:21 422ACB8D3DF9F5F93BBE1C4757AF07C1 3392512 ----a-w- C:\WINDOWS\Sysnative\tquery.dll 2018-06-13 13:22:21 132B8D6D6450A0EB0F81E5A3D0221892 7900984 ----a-w- C:\WINDOWS\Sysnative\d3d10warp.dll 2018-06-13 13:22:21 1323EFD8DC0008E92C098713F669D179 4706816 ----a-w- C:\WINDOWS\Sysnative\cdp.dll 2018-06-13 13:22:20 E3BB0BC0073D21D2022CB074D98FDEA4 4867072 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2018-06-13 13:22:20 D63F34CDC1C7B4CD8AEB7DF4244687DD 12712448 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2018-06-13 13:22:20 C4E7DC83F31BECF1C35F9DBF95F4BFB2 2371392 ----a-w- C:\WINDOWS\Sysnative\msmpeg2vdec.dll 2018-06-13 13:22:20 C10DD0035627E445D79F182E57E9D23E 4372992 ----a-w- C:\WINDOWS\Sysnative\EdgeContent.dll 2018-06-13 13:22:20 87A3B83911AB49033802D4425A635165 9148320 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2018-06-13 13:22:20 7B8DE657BC907A3D66CA41D0DE0CFA0B 2366976 ----a-w- C:\WINDOWS\Sysnative\WebRuntimeManager.dll 2018-06-13 13:22:20 4A3F4EC69CBD4433570689ADD13AC260 3392512 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2018-06-13 13:22:20 42B0949BFEC279C30A11701FD8BF7893 1017080 ----a-w- C:\WINDOWS\Sysnative\msmpeg2adec.dll 2018-06-13 13:22:19 CCA28F80F315933B621745F532DCE1B4 4392448 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll 2018-06-13 13:22:19 C5CC5FC8A43AB40DFB1E7226F2508B39 1611592 ----a-w- C:\WINDOWS\Sysnative\mfnetsrc.dll 2018-06-13 13:22:19 B21A559384055A9E3251EA1C73469C4D 6817384 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll 2018-06-13 13:22:19 5FA5C25D6583786CEE9BFDD002461049 3733320 ----a-w- C:\WINDOWS\Sysnative\Windows.Mirage.dll 2018-06-13 13:22:19 31ACF595FBEF160BA19B6A3842A13BC6 2178136 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll 2018-06-13 13:22:18 F8F0A1F77E02FD398003D59CDBB35AB2 4403280 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll 2018-06-13 13:22:18 B52200505767CD0819034CF220977439 3296896 ----a-w- C:\WINDOWS\Sysnative\combase.dll 2018-06-13 13:22:18 B32F96173D14CF4B3455E449B95C2C1B 1784584 ----a-w- C:\WINDOWS\Sysnative\mfasfsrcsnk.dll 2018-06-13 13:22:18 8511DA8C78E46132FF5B3F415E98D6E1 2364928 ----a-w- C:\WINDOWS\Sysnative\OpcServices.dll 2018-06-13 13:22:18 68E337DFE50308F8C58362D6ED3CDFB7 3653120 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2018-06-13 13:22:18 28A32E1F7A46A833DE104EF43E389F5F 2248192 ----a-w- C:\WINDOWS\Sysnative\wlidsvc.dll 2018-06-13 13:22:18 193A6337BD40FFE8AE2192BAA9EAADFF 3283408 ----a-w- C:\WINDOWS\Sysnative\CoreUIComponents.dll 2018-06-13 13:22:17 E6DFF1EAB9645B11FF7EF13FC1A12902 1798552 ----a-w- C:\WINDOWS\Sysnative\twinapi.appcore.dll 2018-06-13 13:22:17 E68A2E3101398EF874CBEC3C39461084 3180176 ----a-w- C:\WINDOWS\Sysnative\d3d11.dll 2018-06-13 13:22:17 DBC582FA1FF490F95CCC9CF8CD95A9D7 947712 ----a-w- C:\WINDOWS\Sysnative\mmsys.cpl 2018-06-13 13:22:17 C25914606BF6306E0C7F102D1F9DD55F 1210880 ----a-w- C:\WINDOWS\Sysnative\wpnapps.dll 2018-06-13 13:22:17 B9E4174DFBDCA9979A92D17C2E67890E 4970360 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepository.dll 2018-06-13 13:22:17 B79D93A744ED25A48C59FD5AD1E9EB34 1012408 ----a-w- C:\WINDOWS\Sysnative\mfreadwrite.dll 2018-06-13 13:22:17 7DAFBD8F8FA38A8CC2FA841C87E3A734 847360 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll 2018-06-13 13:22:17 5BFDF15A8EA196A41B397439B2AFC8DE 1676800 ----a-w- C:\WINDOWS\Sysnative\CoreShell.dll 2018-06-13 13:22:17 305B801D5C165E9E3D5CE27CD9B1CE2C 1665024 ----a-w- C:\WINDOWS\Sysnative\comsvcs.dll 2018-06-13 13:22:17 1A054F9374141F3584C217961E5A2117 2395056 ----a-w- C:\WINDOWS\Sysnative\WMVCORE.DLL 2018-06-13 13:22:16 F960D6D88505549229F1AEF01C6D8229 2753048 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2018-06-13 13:22:16 F00D8B6C6A4C09392A680A4CEFD18408 3320320 ----a-w- C:\WINDOWS\Sysnative\dwmcore.dll 2018-06-13 13:22:16 BE49CD1AD569678D26BC9585499A5B00 1034632 ----a-w- C:\WINDOWS\Sysnative\ApplyTrustOffline.exe 2018-06-13 13:22:16 B3C6F10B7C19C819AD290E2631DAF4B0 6032384 ----a-w- C:\WINDOWS\Sysnative\d2d1.dll 2018-06-13 13:22:16 85F903B98812FB03EB79200BD975729D 2462272 ----a-w- C:\WINDOWS\Sysnative\msxml6.dll 2018-06-13 13:22:16 7A96727BFD9588811DDD641C1CA19E11 1649760 ----a-w- C:\WINDOWS\Sysnative\d3d9.dll 2018-06-13 13:22:16 6310565886F36122B8BD044F502A26DE 1271296 ----a-w- C:\WINDOWS\Sysnative\HoloSI.PCShell.dll 2018-06-13 13:22:16 58DA02D34C964C00AF9140C07CCFF8F0 1456640 ----a-w- C:\WINDOWS\Sysnative\WpcDesktopMonSvc.dll 2018-06-13 13:22:16 3B24CE6CA62A04B42D4730F0805E992C 2570712 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2018-06-13 13:22:16 305ECBE6AEDAD1AA398467E039AC6D06 899072 ----a-w- C:\WINDOWS\Sysnative\uDWM.dll 2018-06-13 13:22:16 0DC176CFCEEB5F9147CA016DC6A074FE 4563456 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2018-06-13 13:22:16 05AF5CB1E6DC42049432B227FF8FA13D 735560 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentClient.dll 2018-06-13 13:22:16 05934E377D6EE957BFDC7D05FA0DE3DE 3441152 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2018-06-13 13:22:15 CF0C25B75B6338AD9580A02E66B0A673 804352 ----a-w- C:\WINDOWS\Sysnative\SndVolSSO.dll 2018-06-13 13:22:15 C66EE86393C3B52DC7BCEF8DB0D46B5B 1303040 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.Vpn.dll 2018-06-13 13:22:15 94FDED20ADCEFE953AE5067D0C716C83 625152 ----a-w- C:\WINDOWS\Sysnative\PsmServiceExtHost.dll 2018-06-13 13:22:15 8A5F267ECDF8C60C7D24EEBD87EC04BD 2061824 ----a-w- C:\WINDOWS\Sysnative\UIAutomationCore.dll 2018-06-13 13:22:15 83D4F9F5428E5C0EAE2ADF504EE06122 1767936 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2018-06-13 13:22:15 7C681B201667D18C1AD02CBB191DB740 1804288 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2018-06-13 13:22:15 5D68847C86FC3DC1DB19EDA9DBD4420D 1854976 ----a-w- C:\WINDOWS\Sysnative\wevtsvc.dll 2018-06-13 13:22:15 340B3DDAEA3AFED429AD28DB1FCD0B31 416144 ----a-w- C:\WINDOWS\Sysnative\MSAudDecMFT.dll 2018-06-13 13:22:14 CB7B2AFEE9DD4AE60D9FC29CE3A2238F 894464 ----a-w- C:\WINDOWS\Sysnative\webplatstorageserver.dll 2018-06-13 13:22:14 CB3A863FC3A7542F9E5A2D90C2EFC853 3999232 ----a-w- C:\WINDOWS\Sysnative\UIRibbon.dll 2018-06-13 13:22:14 C44D7591E9AFE7647A9843C8EA88E7CC 933376 ----a-w- C:\WINDOWS\Sysnative\rasapi32.dll 2018-06-13 13:22:14 B2279253A9DE0F46B4D06CA72F68E5F5 1017088 ----a-w- C:\WINDOWS\Sysnative\DolbyDecMFT.dll 2018-06-13 13:22:14 B05369AD02CEB6F2F4EF7072B67A7E49 1209800 ----a-w- C:\WINDOWS\Sysnative\AudioSes.dll 2018-06-13 13:22:14 9D380FB0FE000DF1C22C2E31C4DA3163 1395200 ----a-w- C:\WINDOWS\Sysnative\TokenBroker.dll 2018-06-13 13:22:14 7C4CC6E5C98BB7B360E13974718245F3 3348992 ----a-w- C:\WINDOWS\Sysnative\msftedit.dll 2018-06-13 13:22:14 710425B907B6161C2094935FD040FBEB 2546592 ----a-w- C:\WINDOWS\Sysnative\UpdateAgent.dll 2018-06-13 13:22:14 688FDF7D26B638490DD85F922BD17540 2564984 ----a-w- C:\WINDOWS\Sysnative\mfmp4srcsnk.dll 2018-06-13 13:22:14 5C3BD8FFD971DC823DF0FA2887C2DF91 1485312 ----a-w- C:\WINDOWS\Sysnative\InstallService.dll 2018-06-13 13:22:14 4D5E6604CE4794E3CAFC6A8C59E502B0 1371648 ----a-w- C:\WINDOWS\Sysnative\usocore.dll 2018-06-13 13:22:14 37394E0332471A79644F7D2F26D7254B 1364992 ----a-w- C:\WINDOWS\Sysnative\bcastdvruserservice.dll 2018-06-13 13:22:14 2C4ED5EA6829B8F4DEB708DEC6FE3471 813568 ----a-w- C:\WINDOWS\Sysnative\EdgeManager.dll 2018-06-13 13:22:14 26BC766AE92B85E423AFB7F6E55AABBD 1946328 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2018-06-13 13:22:14 1E7E58DA013EDF715347FA6F58A4987E 1613200 ----a-w- C:\WINDOWS\Sysnative\D3D12.dll 2018-06-13 13:22:14 1CB14C76F967E5279779C19BDCC2C3A2 748512 ----a-w- C:\WINDOWS\Sysnative\dxgi.dll 2018-06-13 13:22:14 18C682299974E81113721E0D2CB7ECA7 2172416 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.onecore.dll 2018-06-13 13:22:14 1113B8FB6DD4A15F331B688D06D8A3C3 1318400 ----a-w- C:\WINDOWS\Sysnative\ISM.dll 2018-06-13 13:22:14 09A9F427AE93AE563A93CA0541359F65 491328 ----a-w- C:\WINDOWS\Sysnative\mf.dll 2018-06-13 13:22:13 F85A54EF8C33283A67C708D132ED285E 1190152 ----a-w- C:\WINDOWS\Sysnative\rpcrt4.dll 2018-06-13 13:22:13 F14C5774F22AE901234B5358CA91BD20 1128448 ----a-w- C:\WINDOWS\Sysnative\MbaeApiPublic.dll 2018-06-13 13:22:13 F0CFE3C53219A07237BC4398F572F0F5 783360 ----a-w- C:\WINDOWS\Sysnative\DolbyHrtfEnc.dll 2018-06-13 13:22:13 B275C9F9D9C2F72BDC08ACA022BF6AC3 776192 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2018-06-13 13:22:13 A3B2600FE0A5C2C287796D5131495963 1934400 ----a-w- C:\WINDOWS\Sysnative\AudioEng.dll 2018-06-13 13:22:13 A2C96CBC93B9CC62DA73947ECF52F1D1 1171968 ----a-w- C:\WINDOWS\Sysnative\SettingSyncCore.dll 2018-06-13 13:22:13 917527AC54909BA5F88D547662D7007B 1148808 ----a-w- C:\WINDOWS\Sysnative\mfsvr.dll 2018-06-13 13:22:13 8E2DB353FBAC1DF497CDC40888495D21 2236928 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2018-06-13 13:22:13 636575088044E7271088BB8CFA382B45 667648 ----a-w- C:\WINDOWS\Sysnative\AppReadiness.dll 2018-06-13 13:22:13 556830F88CDDFA418875ED4CFB2461F4 684544 ----a-w- C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll 2018-06-13 13:22:13 48C269BA0B847DC23D410B31E91E45CC 1285120 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.Maps.dll 2018-06-13 13:22:13 467643A495E3027F7D78F1ECA12FC099 594128 ----a-w- C:\WINDOWS\Sysnative\audiodg.exe 2018-06-13 13:22:13 381900C1B6023A792C7B5EFFB6667F62 564736 ----a-w- C:\WINDOWS\Sysnative\daxexec.dll 2018-06-13 13:22:13 3052B1089E87EA2A6061B8DF45264F71 944640 ----a-w- C:\WINDOWS\Sysnative\Windows.Mirage.Internal.dll 2018-06-13 13:22:13 2B2B427C1C334B1BC0AD5409CB9DFBEE 1457136 ----a-w- C:\WINDOWS\Sysnative\winload.efi 2018-06-13 13:22:13 1E8F332EBA870C440B2B039D7757C003 1792808 ----a-w- C:\WINDOWS\Sysnative\propsys.dll 2018-06-13 13:22:13 107661923943E9DC06ED2713AC5F7753 1160192 ----a-w- C:\WINDOWS\Sysnative\rpcss.dll 2018-06-13 13:22:13 0638EC5EA4825525169BB9531E1E34BF 1634808 ----a-w- C:\WINDOWS\Sysnative\gdi32full.dll 2018-06-13 13:22:12 E5A50C84BBCB733A323D905A4502E621 652800 ----a-w- C:\WINDOWS\Sysnative\ActivationManager.dll 2018-06-13 13:22:12 E4D14C338D9381C91C3550901654B131 347704 ----a-w- C:\WINDOWS\Sysnative\wintrust.dll 2018-06-13 13:22:12 DEA7BB6D3724F2FD9E61ED085E69DFA7 960512 ----a-w- C:\WINDOWS\Sysnative\StorSvc.dll 2018-06-13 13:22:12 DB87F09E40F75C310F8E08C45970824E 1550848 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.desktop.dll 2018-06-13 13:22:12 C02EE44412CCF4E6FAB1D5829899057B 505344 ----a-w- C:\WINDOWS\Sysnative\edgeIso.dll 2018-06-13 13:22:12 BF6B1AAA89766E744DECAD80DBC0873A 1363632 ----a-w- C:\WINDOWS\Sysnative\WinTypes.dll 2018-06-13 13:22:12 BDDB6E2E2C83FA1F5289BA7000E69544 1112608 ----a-w- C:\WINDOWS\Sysnative\mfds.dll 2018-06-13 13:22:12 923706CCE2EB713FA7CC04DB93C52DA3 1719808 ----a-w- C:\WINDOWS\Sysnative\dui70.dll 2018-06-13 13:22:12 8F0AE3AFC53B4E03C06E3208DF2CE51B 3293696 ----a-w- C:\WINDOWS\Sysnative\esent.dll 2018-06-13 13:22:12 80BAC4F76D7BB6ED46A687B3C7B4109D 2902016 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2018-06-13 13:22:12 52A4B8C04C345434C974B9A949521BAE 976384 ----a-w- C:\WINDOWS\Sysnative\Spectrum.exe 2018-06-13 13:22:12 422D099368894D7429A0565B1500E1F5 1659904 ----a-w- C:\WINDOWS\Sysnative\XpsPrint.dll 2018-06-13 13:22:12 3EB5AF321DFE4B8DAFD9139AF0B1E4C3 340992 ----a-w- C:\WINDOWS\Sysnative\AcGenral.dll 2018-06-13 13:22:12 388EE3617F2AB099290155F6F107AC65 234496 ----a-w- C:\WINDOWS\Sysnative\DolbyMATEnc.dll 2018-06-13 13:22:12 15B064E7C954D77E3B090A774EC62440 1070080 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Streaming.dll 2018-06-13 13:22:12 0EBB8AFD32DAC40D5F77D4E766C0B290 1150416 ----a-w- C:\WINDOWS\Sysnative\MSVP9DEC.dll 2018-06-13 13:22:11 FE7C741969F830BCA55151546EDB6D22 722808 ----a-w- C:\WINDOWS\Sysnative\ci.dll 2018-06-13 13:22:11 FCC7B6ADBD65643441EC2C04CA44377D 1307648 ----a-w- C:\WINDOWS\Sysnative\MSVPXENC.dll 2018-06-13 13:22:11 F9184C5742832DED1854E4D6232BE611 111616 ----a-w- C:\WINDOWS\Sysnative\AppHostRegistrationVerifier.exe 2018-06-13 13:22:11 EDE8C992801FE519CF56378D44262190 1543680 ----a-w- C:\WINDOWS\Sysnative\msdtctm.dll 2018-06-13 13:22:11 E6CF8D4953D0C4D948C7D923BBB35142 98816 ----a-w- C:\WINDOWS\Sysnative\TelephonyInteractiveUser.dll 2018-06-13 13:22:11 E50FD926BF7F934687A57FA8575EDF87 567184 ----a-w- C:\WINDOWS\Sysnative\tcblaunch.exe 2018-06-13 13:22:11 DAC2E951B16B69DA780807F18827A7AC 577024 ----a-w- C:\WINDOWS\Sysnative\SppExtComObj.Exe 2018-06-13 13:22:11 C1BB41239EDA0DBAD4B342C279F40E8B 1174432 ----a-w- C:\WINDOWS\Sysnative\hvix64.exe 2018-06-13 13:22:11 C11C1C025CBFE86323A76B90493E67BE 1586176 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2018-06-13 13:22:11 AF01295764D7620961C6AC290F4CD7B7 1140576 ----a-w- C:\WINDOWS\Sysnative\winresume.efi 2018-06-13 13:22:11 AC2EFBE78E1ECCE24277E58F4625B759 1364184 ----a-w- C:\WINDOWS\Sysnative\webservices.dll 2018-06-13 13:22:11 ABD2D1BFF86224008161FB6225BD9C51 898560 ----a-w- C:\WINDOWS\Sysnative\WpcWebFilter.dll 2018-06-13 13:22:11 A9D53B89771CA1DA88A57602F3E05C57 266656 ----a-w- C:\WINDOWS\Sysnative\browserbroker.dll 2018-06-13 13:22:11 A9695525E299115691726EDD66316C4F 1046944 ----a-w- C:\WINDOWS\Sysnative\ReAgent.dll 2018-06-13 13:22:11 A393644BCEAC0FAEB1B0BE9DED3A3D6A 356352 ----a-w- C:\WINDOWS\Sysnative\dafWfdProvider.dll 2018-06-13 13:22:11 9586E9DB1B741BD40131385D390212BA 678840 ----a-w- C:\WINDOWS\Sysnative\SHCore.dll 2018-06-13 13:22:11 8E5174DB9330357A7B88F0FAFF930BB7 908800 ----a-w- C:\WINDOWS\Sysnative\MSMPEG2ENC.DLL 2018-06-13 13:22:11 6C0C20C456BE40415B0A0AFD4EBB8008 878080 ----a-w- C:\WINDOWS\Sysnative\CPFilters.dll 2018-06-13 13:22:11 4C20AC1A11567711F515CEC2632C9D35 1121792 ----a-w- C:\WINDOWS\Sysnative\TSWorkspace.dll 2018-06-13 13:22:11 41D89D20C92A9854B293110FDB394647 483328 ----a-w- C:\WINDOWS\Sysnative\RTMediaFrame.dll 2018-06-13 13:22:11 3DED2A93C5FBCD3FBBF2DF892D369A82 677376 ----a-w- C:\WINDOWS\Sysnative\HeadTrackerStorage.dll 2018-06-13 13:22:11 3A64BD77C5BD6F5CCE16CDC33194A4D1 329216 ----a-w- C:\WINDOWS\Sysnative\credprovs.dll 2018-06-13 13:22:11 37E2D897D9B4DE0922374ADC7D261790 759192 ----a-w- C:\WINDOWS\Sysnative\LicensingWinRT.dll 2018-06-13 13:22:11 2D9731839D260CE22D73C5A6EAE0B97E 506184 ----a-w- C:\WINDOWS\Sysnative\systemreset.exe 2018-06-13 13:22:11 2AFE335460D85A958C97A465BD3A38B7 983016 ----a-w- C:\WINDOWS\Sysnative\winresume.exe 2018-06-13 13:22:11 22DCF6C0FA7DDCF7516CC1E9F1003037 1258288 ----a-w- C:\WINDOWS\Sysnative\winload.exe 2018-06-13 13:22:11 110C984D2FC27ED8134B654EA80771DE 308408 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll 2018-06-13 13:22:11 07DD2D2EEFC96C9E25DCE22E93E43EA2 1097648 ----a-w- C:\WINDOWS\Sysnative\msvproc.dll 2018-06-13 13:22:11 0578BF1F8D8299924B08E6D1F8E604B5 1012640 ----a-w- C:\WINDOWS\Sysnative\hvax64.exe 2018-06-13 13:22:11 02B920F98BE685C7A8F8CD403FE89142 1288816 ----a-w- C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll 2018-06-13 13:22:11 0269064AA2DD91125F13635FB194F499 236032 ----a-w- C:\WINDOWS\Sysnative\wevtutil.exe 2018-06-13 13:22:11 0158CC47668FA7954911339CD0106D50 1033728 ----a-w- C:\WINDOWS\Sysnative\modernexecserver.dll 2018-06-13 13:22:10 FE3A63D95668A0A2F12481CC2E84DD8C 313592 ----a-w- C:\WINDOWS\Sysnative\mfsensorgroup.dll 2018-06-13 13:22:10 FD0D038B32A72654A754679ECA323896 723360 ----a-w- C:\WINDOWS\Sysnative\wimgapi.dll 2018-06-13 13:22:10 EC58D3A7F0DABE62104AB16F1923F214 84288 ----a-w- C:\WINDOWS\Sysnative\LanguageOverlayUtil.dll 2018-06-13 13:22:10 D8DF6300F402282A2E60D330C543DBDE 238592 ----a-w- C:\WINDOWS\Sysnative\HoloShellRuntime.dll 2018-06-13 13:22:10 C92947B7F3049A70AF014A7A9EB997C9 1180672 ----a-w- C:\WINDOWS\Sysnative\reseteng.dll 2018-06-13 13:22:10 B6EF70D62E73BCB19435405CCFDB4E69 465920 ----a-w- C:\WINDOWS\Sysnative\DXP.dll 2018-06-13 13:22:10 B6BC6E6731FB1E02F0B3C73A87E1C35E 673792 ----a-w- C:\WINDOWS\Sysnative\FrameServer.dll 2018-06-13 13:22:10 90901840B61DEA2AD7085BDD0C8E9B3A 1708544 ----a-w- C:\WINDOWS\Sysnative\MSPhotography.dll 2018-06-13 13:22:10 865A089BD7D797E24F02745B9E2D0067 758272 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2018-06-13 13:22:10 6AB8B205725369F252BC4D6F414F1AFB 1605632 ----a-w- C:\WINDOWS\Sysnative\rdpcorets.dll 2018-06-13 13:22:10 51E940608A78A627D5231F32E518F745 57960 ----a-w- C:\WINDOWS\Sysnative\kernel.appcore.dll 2018-06-13 13:22:10 48FB54BDC615B2D185BDC402C9602F3B 527264 ----a-w- C:\WINDOWS\Sysnative\wimserv.exe 2018-06-13 13:22:10 48199491844BA922C20A32B9754D8A0D 194456 ----a-w- C:\WINDOWS\Sysnative\skci.dll 2018-06-13 13:22:10 46C2B3E331B7F707A8604D6343D096BA 260896 ----a-w- C:\WINDOWS\Sysnative\mfps.dll 2018-06-13 13:22:10 3B4DB9868322301225E476BF47B937CB 158720 ----a-w- C:\WINDOWS\Sysnative\vertdll.dll 2018-06-13 13:22:10 1AAC4F897D67A0771B9DF11B92836686 486912 ----a-w- C:\WINDOWS\Sysnative\rasplap.dll 2018-06-13 13:22:10 0BB393667D5FA2AD4A33AABCACF1A4C5 1063328 ----a-w- C:\WINDOWS\Sysnative\SecConfig.efi 2018-06-13 13:22:10 08BEB7851B4B8AA07325C23A657233F1 858112 ----a-w- C:\WINDOWS\Sysnative\FlightSettings.dll 2018-06-13 13:22:09 F052D37554D07C5F756B59E85AA44366 869376 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Playback.BackgroundMediaPlayer.dll 2018-06-13 13:22:09 D65440FC64AE2D7BF1F54A7DD2AA8F1C 384000 ----a-w- C:\WINDOWS\Sysnative\Phoneutil.dll 2018-06-13 13:22:09 C06FB803C2C52810F1138C6A6C6F2108 413824 ----a-w- C:\WINDOWS\Sysnative\AUDIOKSE.dll 2018-06-13 13:22:09 B335628675473DB975A6AE13C1BCF65F 661160 ----a-w- C:\WINDOWS\Sysnative\GenValObj.exe 2018-06-13 13:22:09 ACD6384BF9EC243B10CF2A36B4DC88C1 269224 ----a-w- C:\WINDOWS\Sysnative\SgrmEnclave_secure.dll 2018-06-13 13:22:09 AC7D00AD5D1EE75A83664E4DC808526F 134584 ----a-w- C:\WINDOWS\Sysnative\hvloader.dll 2018-06-13 13:22:09 AAF05249DB7565E98F44858BB94338E3 625152 ----a-w- C:\WINDOWS\Sysnative\BootMenuUX.dll 2018-06-13 13:22:09 8DFFB820A8D317C6139D37608A8EE99F 715776 ----a-w- C:\WINDOWS\Sysnative\Windows.Web.dll 2018-06-13 13:22:09 8B2B8EF9C11895383154F6804CA0CAAA 131232 ----a-w- C:\WINDOWS\Sysnative\rmclient.dll 2018-06-13 13:22:09 81B145578FB9ACE1655EBD51BDF0B0D6 659096 ----a-w- C:\WINDOWS\Sysnative\StateRepository.Core.dll 2018-06-13 13:22:09 7E2A9E733DE309EF598DE44DBD056609 94112 ----a-w- C:\WINDOWS\Sysnative\rdpudd.dll 2018-06-13 13:22:09 7BAB54AC2F062D1843DC7BA0B4AF2B35 137568 ----a-w- C:\WINDOWS\Sysnative\bcrypt.dll 2018-06-13 13:22:09 5FF04F97C32CD350F936D4CD268CB4F8 3640832 ----a-w- C:\WINDOWS\Sysnative\mstsc.exe 2018-06-13 13:22:09 5FDDDEE01BCC349D8A089B177CF11483 2590400 ----a-w- C:\WINDOWS\Sysnative\WMVDECOD.DLL 2018-06-13 13:22:09 4C834BA7123D8F8BAE16200B69302287 1242112 ----a-w- C:\WINDOWS\Sysnative\mfmkvsrcsnk.dll 2018-06-13 13:22:09 38CA9BB7B255115F19C96B1867A6C157 1213368 ----a-w- C:\WINDOWS\Sysnative\ClipUp.exe 2018-06-13 13:22:09 377DFC64BB1C11F5400BEEE8E155841A 89984 ----a-w- C:\WINDOWS\Sysnative\CompPkgSup.dll 2018-06-13 13:22:09 23A4D7B68D04D426C9639863798BDFCF 272296 ----a-w- C:\WINDOWS\Sysnative\SgrmEnclave.dll 2018-06-13 13:22:09 1EE42E77200B39B5E18785550C822140 713376 ----a-w- C:\WINDOWS\Sysnative\MSVideoDSP.dll 2018-06-13 13:22:09 0DFE950608883835F72C2BE08663F8D2 1947808 ----a-w- C:\WINDOWS\Sysnative\mfplat.dll 2018-06-13 13:22:09 0A179136898017FC0117434E0FAB5F7D 871424 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.BackgroundMediaPlayback.dll 2018-06-13 13:22:09 09307C23E72D044B8F3042D75584AA72 885880 ----a-w- C:\WINDOWS\Sysnative\CoreMessaging.dll 2018-06-13 13:22:09 032D13E37743DA2559E586D5BBDCB895 932352 ----a-w- C:\WINDOWS\Sysnative\rasmans.dll 2018-06-13 13:22:08 F5ACCC5242564276F684949F2664E227 466432 ----a-w- C:\WINDOWS\Sysnative\wuuhext.dll 2018-06-13 13:22:08 E48C681AD92DC20C85FD668779143C4E 119296 ----a-w- C:\WINDOWS\Sysnative\UserDataTimeUtil.dll 2018-06-13 13:22:08 DACF0514A1AFB072E81C79EFF0B4C0E4 906752 ----a-w- C:\WINDOWS\Sysnative\Windows.Globalization.PhoneNumberFormatting.dll 2018-06-13 13:22:08 CB3A11E3C83B0F64E09AFF7BC055E433 456704 ----a-w- C:\WINDOWS\Sysnative\MDEServer.exe 2018-06-13 13:22:08 BEFAEB69B4390D27327E1775BBF10C5E 1008640 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.MixedRealityCapture.dll 2018-06-13 13:22:08 BEECA549837A9B0B5D08C5FEDDF38941 941056 ----a-w- C:\WINDOWS\Sysnative\rasdlg.dll 2018-06-13 13:22:08 BA78B8B3A4007C6C09FC9398C96854E1 294912 ----a-w- C:\WINDOWS\Sysnative\TDLMigration.dll 2018-06-13 13:22:08 AED172A70A66357248268967D332384B 849408 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Playback.MediaPlayer.dll 2018-06-13 13:22:08 9F46840758431946CA096F8096B016B4 808960 ----a-w- C:\WINDOWS\Sysnative\MBR2GPT.EXE 2018-06-13 13:22:08 8BE3F15F91FA4A9993322A2E576B71E9 1825792 ----a-w- C:\WINDOWS\Sysnative\Windows.CloudStore.dll 2018-06-13 13:22:08 8811118A9406001E6FFCFC128C87A01A 2084864 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2018-06-13 13:22:08 86435CADD9B46E2B2BA50BFF49B73C2D 209408 ----a-w- C:\WINDOWS\Sysnative\AppXApplicabilityBlob.dll 2018-06-13 13:22:08 776FD76FFE03BBDF5E96793905AE28B4 342528 ----a-w- C:\WINDOWS\Sysnative\browserexport.exe 2018-06-13 13:22:08 676B98B320874BEDE31B67243E17AAB7 185344 ----a-w- C:\WINDOWS\Sysnative\InstallServiceTasks.dll 2018-06-13 13:22:08 5E4A430677C629E542F10EB63AA6C3C7 174080 ----a-w- C:\WINDOWS\Sysnative\wuuhosdeployment.dll 2018-06-13 13:22:08 5A244AB45B88F7E5EEDEE35B190DF0CC 503296 ----a-w- C:\WINDOWS\Sysnative\sppcext.dll 2018-06-13 13:22:08 54A8F9D3851BF0E6649B630B49F4904F 5951488 ----a-w- C:\WINDOWS\Sysnative\dbgeng.dll 2018-06-13 13:22:08 4A9F35F16FDC5FEED34E10F02697CA1F 983040 ----a-w- C:\WINDOWS\Sysnative\wbiosrvc.dll 2018-06-13 13:22:08 3DC1077103772D3E4D4956CC0BD5105B 295424 ----a-w- C:\WINDOWS\Sysnative\FSClient.dll 2018-06-13 13:22:08 2E00E08420875FAE0B173C6A34C2A575 18716 ----a-w- C:\WINDOWS\Sysnative\srms-apr.dat 2018-06-13 13:22:08 20D7C0C9AF902D27FA32A0099356E638 182272 ----a-w- C:\WINDOWS\Sysnative\easwrt.dll 2018-06-13 13:22:07 FD9291C759E18DB926A1BC6D55ABA62C 154112 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2018-06-13 13:22:07 FC26FDB36A8ADF007DD05183E99C5738 38400 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepositoryCore.dll 2018-06-13 13:22:07 E700ED8859588D2FE1913AE07ECA601C 1560576 ----a-w- C:\WINDOWS\Sysnative\msdt.exe 2018-06-13 13:22:07 DF02EFB45EE90E2D84B7C8BD601B341D 392192 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2018-06-13 13:22:07 DDC8AE913407D568A20C3936E63F3141 266752 ----a-w- C:\WINDOWS\Sysnative\CapabilityAccessManager.dll 2018-06-13 13:22:07 DBEBDDE5D21EF1B20F7D3C3FFA547A41 33792 ----a-w- C:\WINDOWS\Sysnative\MSHEIF.dll 2018-06-13 13:22:07 D0F04B1A950F29FBEDD25C52B46181DE 109568 ----a-w- C:\WINDOWS\Sysnative\ApiSetHost.AppExecutionAlias.dll 2018-06-13 13:22:07 C5C0B1E82185E1BE0705B3BB07D83838 401920 ----a-w- C:\WINDOWS\Sysnative\rascustom.dll 2018-06-13 13:22:07 BE2063C71780A68572D66321759CA22F 64000 ----a-w- C:\WINDOWS\Sysnative\iemigplugin.dll 2018-06-13 13:22:07 BBC69094EDBC05D2B0CF6CF70A4F96F8 285184 ----a-w- C:\WINDOWS\Sysnative\wlidcredprov.dll 2018-06-13 13:22:07 B5D4615239480AA3465EF2B8D8F693AA 35840 ----a-w- C:\WINDOWS\Sysnative\TokenBrokerCookies.exe 2018-06-13 13:22:07 AC93563260977C91AF35B44B498FC346 344576 ----a-w- C:\WINDOWS\Sysnative\RasMediaManager.dll 2018-06-13 13:22:07 A56B8E63B7CAD52B29D7B1FE549D7024 275456 ----a-w- C:\WINDOWS\Sysnative\SIHClient.exe 2018-06-13 13:22:07 A566F725064D42ED968AD31A587DFEBC 2019840 ----a-w- C:\WINDOWS\Sysnative\ResetEngine.dll 2018-06-13 13:22:07 9EEC03EC7A9CD4A219A99B0DDA7C2463 1371136 ----a-w- C:\WINDOWS\Sysnative\aadtb.dll 2018-06-13 13:22:07 9D800CC0FB70DFD44AA20C06B0C1DA90 59904 ----a-w- C:\WINDOWS\Sysnative\edpnotify.exe 2018-06-13 13:22:07 78C487A90232F5CEAD28CAF32A39161C 100864 ----a-w- C:\WINDOWS\Sysnative\CapabilityAccessManagerClient.dll 2018-06-13 13:22:07 74D059376BBA1EC688E8A0386353F387 46080 ----a-w- C:\WINDOWS\Sysnative\tbauth.dll 2018-06-13 13:22:07 71A25F5901A58354EDA73A500FABA9FF 4070400 ----a-w- C:\WINDOWS\Sysnative\msi.dll 2018-06-13 13:22:07 6136C1E209F3EEC3E1D9DDB1DDB51DE5 1292288 ----a-w- C:\WINDOWS\Sysnative\GamePanel.exe 2018-06-13 13:22:07 59926B69DC95584316AA585C6AB82744 96768 ----a-w- C:\WINDOWS\Sysnative\usoapi.dll 2018-06-13 13:22:07 4323DDFF8CB51FD74B241810CFA6CDBB 149504 ----a-w- C:\WINDOWS\Sysnative\dssvc.dll 2018-06-13 13:22:07 2AD146DEE4235A3530D6C94C77DB178A 788480 ----a-w- C:\WINDOWS\Sysnative\DHolographicDisplay.dll 2018-06-13 13:22:07 25918349BA7C190FE24FA8050103268C 726528 ----a-w- C:\WINDOWS\Sysnative\jscript9diag.dll 2018-06-13 13:22:07 1C72A12766A5EE7B09DEFBEDE5C9DE4A 1310 ----a-w- C:\WINDOWS\Sysnative\tcbres.wim 2018-06-13 13:22:07 1206779B445417A29B33FCC7230CD28C 835584 ----a-w- C:\WINDOWS\Sysnative\PhoneService.dll 2018-06-13 13:22:07 0F17AC7E533B27F00C100C58587953EA 2560 ----a-w- C:\WINDOWS\Sysnative\tzres.dll 2018-06-13 13:22:07 0B9B6D7A2F31FBD63301D19B1B08238E 778752 ----a-w- C:\WINDOWS\Sysnative\BFE.DLL 2018-06-13 13:22:07 0A0E2A66132161D323C1E04A8A690742 177152 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepositoryUpgrade.dll 2018-06-13 13:22:07 0964FC3E5C71A62ACC53C3998BDC1033 584192 ----a-w- C:\WINDOWS\Sysnative\UIRibbonRes.dll 2018-06-13 13:22:07 0735930F0516A068F5B936DFEB1365D3 182272 ----a-w- C:\WINDOWS\Sysnative\BitLockerCsp.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2018-06-13 13:22:14 E99FACCC3100E15B1520A67EDFF37231 2836384 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2018-06-13 13:22:12 71E9A27EE90D45174AECE1F37BAC6EAA 266752 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2018-06-13 13:22:11 FFADF87E4B64A99EDCF1B027F1B8C3E6 88472 ----a-w- C:\WINDOWS\Sysnative\drivers\crashdmp.sys 2018-06-13 13:22:11 60B42947B51D1C6D2DD7250295DF4161 2422688 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2018-06-13 13:22:10 EB0B154F12F78DE232F38EF61BCDEEA2 164768 ----a-w- C:\WINDOWS\Sysnative\drivers\wfplwfs.sys 2018-06-13 13:22:10 D1F6348F41DFCE25AA918E38F02E80FD 565152 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2018-06-13 13:22:10 999433544A4136A9B879C98049821EE6 375712 ----a-w- C:\WINDOWS\Sysnative\drivers\msrpc.sys 2018-06-13 13:22:10 744428491FA6BB37EC8070886C49CB12 1026976 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2018-06-13 13:22:10 701078F20919BD635EA25F691880F651 105368 ----a-w- C:\WINDOWS\Sysnative\drivers\stornvme.sys 2018-06-13 13:22:09 FA757EB9DEFEDB2F13FE2FC99834C58B 1921952 ----a-w- C:\WINDOWS\Sysnative\drivers\refs.sys 2018-06-13 13:22:09 EE62D07172014C8BBE7C80A3AAF56E8F 226720 ----a-w- C:\WINDOWS\Sysnative\drivers\Ucx01000.sys 2018-06-13 13:22:09 E8E5F722A699EF037891D735CB588F8D 705440 ----a-w- C:\WINDOWS\Sysnative\drivers\vhdmp.sys 2018-06-13 13:22:09 D30AF38971B6670C222250AC2CBB6227 29600 ----a-w- C:\WINDOWS\Sysnative\drivers\uefi.sys 2018-06-13 13:22:09 B772B6645004D1CEBD924CA5CD1B5767 130456 ----a-w- C:\WINDOWS\Sysnative\drivers\hvsocket.sys 2018-06-13 13:22:09 ADA07C58B1983B5C28CF167E03B9D43B 792992 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2018-06-13 13:22:09 9779FAC96B0337F257CA843FD2ADFBFF 945568 ----a-w- C:\WINDOWS\Sysnative\drivers\refsv1.sys 2018-06-13 13:22:09 8C309A23F86F5B0E8E6B738754EE448F 709824 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2018-06-13 13:22:09 5E5486E4F5278C09C6E9E1FD7001AE1A 401920 ----a-w- C:\WINDOWS\Sysnative\drivers\ks.sys 2018-06-13 13:22:09 5A90888D3D1B8E0C5DD0643C1FBBD53F 170912 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2018-06-13 13:22:09 2F3B9A23F8DEE9C3AD58CB3D966D83DD 32256 ----a-w- C:\WINDOWS\Sysnative\drivers\mskssrv.sys 2018-06-13 13:22:09 0ECF08953571A2E18814449CE418F601 413088 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2018-06-13 13:22:08 CB05373229E47EA590BBD9094954ECD0 46080 ----a-w- C:\WINDOWS\Sysnative\drivers\hidparse.sys 2018-06-13 13:22:08 C12373EC998C6F17C0FE2D6C3CBB9C04 144384 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxdav.sys 2018-06-13 13:22:08 5DDA2C4B9AAED51E73DD6D580406F07A 781824 ----a-w- C:\WINDOWS\Sysnative\drivers\WdiWiFi.sys 2018-06-13 13:22:07 11B4962A359DCE5F80C4D5F9E492EE93 75776 ----a-w- C:\WINDOWS\Sysnative\drivers\mpsdrv.sys 2018-05-22 16:52:38 BC193D9066B2BA4F22A42829290A9D9A 99920 ----a-w- C:\WINDOWS\Sysnative\drivers\SYMEVENT64x86.SYS 2018-05-22 16:52:38 B55F77B4AA7B08EBCA34459B1C388E32 10396 ----a-w- C:\WINDOWS\Sysnative\drivers\SYMEVENT64x86.CAT 2018-05-22 16:52:38 9FA3A7A2AACB1D6D24502D21906591D9 873 ----a-w- C:\WINDOWS\Sysnative\drivers\SYMEVENT64x86.INF 2018-05-22 16:42:10 DB26170CF6555B9AFF76CFA067ABCF90 382872 ----a-w- C:\WINDOWS\Sysnative\drivers\clfs.sys ====== C:\WINDOWS\Tasks ====== 2018-06-17 20:27:15 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Remediation 2018-06-14 13:50:47 D93660B2EFFECD7BB94E8DF956A4D3CC 3736 ----a-w- C:\WINDOWS\Sysnative\Tasks\G2MUpdateTask-S-1-5-21-1785666316-1713290431-1149740947-1001 2018-06-14 13:50:47 B811D87313AE482C4E5044933F485CA1 566 ----a-w- C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1785666316-1713290431-1149740947-1001.job 2018-06-14 13:50:47 8C8E104107284C66F6A4BFB8ADD0FEE5 662 ----a-w- C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1785666316-1713290431-1149740947-1001.job 2018-06-14 13:50:47 1BC309845E497F9F9A0885F02FFA4EE9 3832 ----a-w- C:\WINDOWS\Sysnative\Tasks\G2MUploadTask-S-1-5-21-1785666316-1713290431-1149740947-1001 2018-05-22 19:35:03 B6A303E50ADAA23A9A52AFE5D63581D3 2770 ----a-w- C:\WINDOWS\Sysnative\Tasks\OneDrive Standalone Update Task v2 2018-05-22 19:35:03 B3044BD17C597C1EE8185B2B38A388CD 2440 ----a-w- C:\WINDOWS\Sysnative\Tasks\HPAudioSwitch 2018-05-22 19:35:03 80887B8F121D8F72A55820F4F401FC50 2146 ----a-w- C:\WINDOWS\Sysnative\Tasks\StartCN 2018-05-22 19:35:03 4E8D5DA8180A781B4CBEB1FF1EAC7BEF 2856 ----a-w- C:\WINDOWS\Sysnative\Tasks\HPJumpStartLaunch 2018-05-22 19:35:03 4A2B2AABED559B0F6E90D3615975D7CA 3256 ----a-w- C:\WINDOWS\Sysnative\Tasks\HPCeeScheduleForallon 2018-05-22 19:35:03 2AB1C47517557114AA134911C3D352EE 2860 ----a-w- C:\WINDOWS\Sysnative\Tasks\OneDrive Standalone Update Task-S-1-5-21-1785666316-1713290431-1149740947-1001 2018-05-22 19:35:03 1CD5CBC041ADB42C525671D9A80F063E 3504 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2018-05-22 19:35:03 0C77C2E6F32E9FA5A5292753E911E671 2502 ----a-w- C:\WINDOWS\Sysnative\Tasks\HPEA3JOBS 2018-05-22 19:35:03 07DB584EDB44639E8BFEC01FEBF8EFE3 3280 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2018-05-22 19:35:03 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\HP 2018-05-22 19:35:03 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Hewlett-Packard ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2018-05-22 15:41:43 -------- d-----w- C:\Program Files\Reference Assemblies 2018-05-22 15:41:43 -------- d-----w- C:\Program Files\MSBuild ======= C:\PROGRA~2 ===== 2018-06-15 14:59:58 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2018-05-22 15:41:43 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2018-05-22 15:41:43 -------- d-----w- C:\PROGRA~2\MSBuild ======= C: ===== ====== C:\Users\allon\AppData\Roaming ====== 2018-06-17 18:34:31 -------- d-----w- C:\Users\allon\AppData\Roaming\ZHP 2018-06-17 18:34:31 -------- d-----w- C:\Users\allon\AppData\Local\ZHP 2018-06-14 13:50:46 -------- d-----w- C:\Users\allon\AppData\Local\GoToMeeting 2018-06-14 13:50:40 -------- d-----w- C:\Users\allon\AppData\Local\GoTo Opener 2018-05-27 18:20:21 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\hpqLog 2018-05-27 18:19:55 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\HP 2018-05-27 18:19:55 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Hewlett-Packard 2018-05-26 12:59:34 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DBG 2018-05-26 12:59:34 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CrashDumps 2018-05-23 20:13:20 -------- d-s---w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Locallow\Microsoft 2018-05-23 20:13:19 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing 2018-05-22 19:38:16 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\hpqLog 2018-05-22 19:38:02 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\D3DSCache 2018-05-22 19:37:45 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\AMD 2018-05-22 19:35:59 -------- d-s---w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Locallow\Microsoft 2018-05-22 19:35:58 -------- d-s---w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft 2018-05-22 19:35:56 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2018-05-22 19:35:11 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Adobe 2018-05-22 19:35:11 -------- d-----r- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2018-05-22 19:32:21 -------- d-s---w- C:\Users\allon\AppData\Roaming\Microsoft 2018-05-22 19:32:21 -------- d-----w- C:\Users\allon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2018-05-22 19:32:21 -------- d-----w- C:\Users\allon\AppData\Local\Temp 2018-05-22 19:32:21 -------- d-----w- C:\Users\allon\AppData\Local\Microsoft 2018-05-22 19:32:21 -------- d-----r- C:\Users\allon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2018-05-22 19:32:21 -------- d-----r- C:\Users\allon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2018-05-22 19:32:21 -------- d-----r- C:\Users\allon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2018-05-22 19:32:21 -------- d-----r- C:\Users\allon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2018-05-22 19:31:14 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache 2018-05-22 19:30:39 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2018-05-22 19:30:39 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2018-05-22 19:30:39 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp 2018-05-22 19:30:39 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2018-05-22 19:30:39 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2018-05-22 19:30:39 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2018-05-22 19:30:39 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2018-05-22 19:30:38 -------- d-s---w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming\Microsoft 2018-05-22 19:30:38 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages 2018-05-22 19:30:38 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2018-05-22 19:30:38 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2018-05-22 19:30:38 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp 2018-05-22 19:30:38 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft 2018-05-22 19:30:38 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2018-05-22 19:30:38 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2018-05-22 19:30:38 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2018-05-22 19:30:38 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2018-05-22 16:50:54 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft 2018-05-22 16:47:04 -------- d-s---w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\Microsoft 2018-05-22 16:47:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Microsoft 2018-05-22 16:47:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft ====== C:\Users\allon ====== 2018-06-19 15:28:56 608F5EC0167CF97FB273D2920AFF5F3E 3061760 ----a-w- C:\Users\allon\Downloads\ZHPFix.exe 2018-06-17 14:30:36 E3A5B4DAE2B5FCF5923C7B47382279CE 3136384 ----a-w- C:\Users\allon\Downloads\ZHPDiag3.exe 2018-06-15 10:57:06 72C2B18751A40BEC4211B64352310011 2413056 ----a-w- C:\Users\allon\Downloads\FRST64.exe 2018-05-29 07:48:24 5F3A51B70DDFDFBD273277FB6E05B4B9 115 ----a-w- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 2018-05-27 22:33:39 893A49E51B6FBD3D548EDAE193C56965 113 ----a-w- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc 2018-05-23 07:51:17 -------- d-----w- C:\ProgramData\Microsoft OneDrive 2018-05-22 19:37:45 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\allon\ntuser.ini 2018-05-22 19:33:16 -------- d-----w- C:\ProgramData\USOShared 2018-05-22 19:32:21 -------- d--h--w- C:\Users\allon\AppData 2018-05-22 16:47:04 -------- d--h--w- C:\WINDOWS\serviceprofiles\Localservice\AppData ====== C: exe-files == 2018-06-19 15:39:29 75375C22C72F1BEB76BEA39C22A1ED68 167936 ----a-w- C:\Users\allon\AppData\Local\Temp\unzip.exe 2018-06-19 15:39:29 1A3F82F420340222F13C5633AEB716D6 533851 ----a-w- C:\Users\allon\AppData\Local\Temp\sr.exe 2018-06-19 15:39:28 8377C99BF813BE986D07730F5C433382 68096 ----a-w- C:\Users\allon\AppData\Local\Temp\ZAScan.exe 2018-06-19 15:29:19 608F5EC0167CF97FB273D2920AFF5F3E 3061760 ----a-w- C:\Users\allon\OneDrive\Bureaublad\ZHPFix.exe 2018-06-19 15:28:56 608F5EC0167CF97FB273D2920AFF5F3E 3061760 ----a-w- C:\Users\allon\Downloads\ZHPFix.exe 2018-06-17 18:34:31 E3A5B4DAE2B5FCF5923C7B47382279CE 3136384 ----a-w- C:\Users\allon\AppData\Roaming\ZHP\ZHPDiag3.exe 2018-06-17 14:31:08 E3A5B4DAE2B5FCF5923C7B47382279CE 3136384 ----a-w- C:\Users\allon\OneDrive\Bureaublad\ZHPDiag3.exe 2018-06-17 14:30:36 E3A5B4DAE2B5FCF5923C7B47382279CE 3136384 ----a-w- C:\Users\allon\Downloads\ZHPDiag3.exe 2018-06-15 16:26:26 DA9BB941FE33BD18AB2C9BAD8F06B1A1 32320 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8953\g2mtranscoder.exe 2018-06-15 16:26:26 CFA6C3DEB57C9FF5B4F2B6032299CED3 1335352 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8953\scrutil.exe 2018-06-15 16:26:26 83AFE8CC638B63096B9389DE10C136D7 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8953\g2mvideoconference.exe 2018-06-15 16:26:26 83AFE8CC638B63096B9389DE10C136D7 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8953\g2mupload.exe 2018-06-15 16:26:26 83AFE8CC638B63096B9389DE10C136D7 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8953\g2mupdate.exe 2018-06-15 16:26:26 83AFE8CC638B63096B9389DE10C136D7 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8953\g2mstart.exe 2018-06-15 16:26:26 83AFE8CC638B63096B9389DE10C136D7 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8953\G2MInstaller.exe 2018-06-15 16:26:26 6C7E7601A8309DD7DD2EF7E7E61850AD 32320 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8953\g2mlauncher.exe 2018-06-15 16:26:26 6A6F4F1D93B2FC77AC661E4968987CA3 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8953\G2MUninstall.exe 2018-06-15 16:26:26 6A6F4F1D93B2FC77AC661E4968987CA3 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8953\G2MInstHigh.exe 2018-06-15 16:26:26 59CB1DAE1311F5473DA901F9A66890A3 32320 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8953\g2mcomm.exe 2018-06-15 16:26:26 139E383DD9AC04639E54B703547CD090 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8953\g2mui.exe 2018-06-15 16:26:15 EFD0FABBE37C878D6073AC9A7E843F6B 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8625\g2mvideoconference.exe 2018-06-15 16:26:15 EFD0FABBE37C878D6073AC9A7E843F6B 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8625\g2mupload.exe 2018-06-15 16:26:15 EFD0FABBE37C878D6073AC9A7E843F6B 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8625\g2mupdate.exe 2018-06-15 16:26:15 EFD0FABBE37C878D6073AC9A7E843F6B 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8625\g2mstart.exe 2018-06-15 16:26:15 EFD0FABBE37C878D6073AC9A7E843F6B 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8625\G2MInstaller.exe 2018-06-15 16:26:15 EEE75E6C54774F06043B374E8A4DC64A 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8625\g2mui.exe 2018-06-15 16:26:15 EB91399EA33EEA8BD809FBD0DD96AD21 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8625\G2MUninstall.exe 2018-06-15 16:26:15 EB91399EA33EEA8BD809FBD0DD96AD21 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8625\G2MInstHigh.exe 2018-06-15 16:26:15 899D71D777E0982F82295A9732F056DB 32320 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8625\g2mcomm.exe 2018-06-15 16:26:15 795DB94A14BF2DD7CBBBC8149AE73BFC 32320 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8625\g2mtranscoder.exe 2018-06-15 16:26:15 4BC21A7160701087E57245B6BD452130 32320 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8625\g2mlauncher.exe 2018-06-15 16:26:15 1157A7B60CC5146D0E4B55765CB169DA 450104 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8625\scrutil.exe 2018-06-15 10:57:06 72C2B18751A40BEC4211B64352310011 2413056 ----a-w- C:\Users\allon\Downloads\FRST64.exe 2018-06-14 21:16:12 3F78EEC4B3917BABB54328764ECFB4FD 13632120 ----a-w- C:\Users\allon\AppData\Local\Google\Chrome\User Data\SwReporter\30.159.200\software_reporter_tool.exe 2018-06-14 13:50:46 F5813004A0115790B1577FF2296FEA39 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8847\G2MUninstall.exe 2018-06-14 13:50:46 F5813004A0115790B1577FF2296FEA39 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8847\G2MInstHigh.exe 2018-06-14 13:50:46 EE52EA62C0BC7112D3E8AE07E041FCF7 32320 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8847\g2mlauncher.exe 2018-06-14 13:50:46 EAF3374419C775702A4F6D973B38953C 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8847\g2mui.exe 2018-06-14 13:50:46 B55C93AE410874AC14125984F8DC7FD8 32320 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8847\g2mcomm.exe 2018-06-14 13:50:46 A51D52EC663E705A5613E80076E5F970 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8847\g2mvideoconference.exe 2018-06-14 13:50:46 A51D52EC663E705A5613E80076E5F970 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8847\g2mupload.exe 2018-06-14 13:50:46 A51D52EC663E705A5613E80076E5F970 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8847\g2mupdate.exe 2018-06-14 13:50:46 A51D52EC663E705A5613E80076E5F970 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8847\g2mstart.exe 2018-06-14 13:50:46 A51D52EC663E705A5613E80076E5F970 31808 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8847\G2MInstaller.exe 2018-06-14 13:50:46 9B0DDC2252ACA53A53427CFEB132ECD0 32320 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8847\g2mtranscoder.exe 2018-06-14 13:50:46 007BC4C34547D78654956C2E849019A5 1332792 ----a-w- C:\Users\allon\AppData\Local\GoToMeeting\8847\scrutil.exe 2018-06-14 13:50:38 D7D6657D674B55121187EFC1B5DBDBE8 300984 ----a-w- C:\Users\allon\AppData\Local\GoTo Opener\GoTo Opener.exe 2018-06-13 13:22:24 E9443A7112A79F02E587DF7319D39F97 14956464 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 2018-06-13 13:22:23 B047F60A8E079A0A0D166F353762B378 13606304 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 2018-06-13 13:22:23 95EBCA251177AD13238FF0DC15C3202C 4527680 ----a-w- C:\Windows\System32\sppsvc.exe 2018-06-13 13:22:20 87A3B83911AB49033802D4425A635165 9148320 ----a-w- C:\Windows\System32\ntoskrnl.exe 2018-06-13 13:22:18 709859FD7FA5EAB1095499D68D72E076 4399008 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.HolographicFirstRun_cw5n1h2txyewy\MixedRealityPortal.exe 2018-06-13 13:22:16 BE49CD1AD569678D26BC9585499A5B00 1034632 ----a-w- C:\Windows\System32\ApplyTrustOffline.exe 2018-06-13 13:22:14 2CE4A7623FFB2FC1E55CE6E0EDFFA4AA 3239856 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe 2018-06-13 13:22:13 467643A495E3027F7D78F1ECA12FC099 594128 ----a-w- C:\Windows\System32\audiodg.exe 2018-06-13 13:22:13 26DEBBB3433078E876832AC8CBBA18A2 1826208 ----a-w- C:\Windows\SystemApps\Microsoft.PPIProjection_cw5n1h2txyewy\Receiver.exe 2018-06-13 13:22:12 F1925286C3D5CAE85EF63AFA908A4DB8 598016 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.HolographicFirstRun_cw5n1h2txyewy\MixedRealityPortal.Brokered.exe 2018-06-13 13:22:12 5B5B764F2F0E4B42572E14E2C3444D65 803328 ----a-w- C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe 2018-06-13 13:22:12 52A4B8C04C345434C974B9A949521BAE 976384 ----a-w- C:\Windows\System32\Spectrum.exe 2018-06-13 13:22:12 148FF94E845D69C15D7448B7DDD0AE4E 1009568 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.FilePicker_cw5n1h2txyewy\FilePicker.exe 2018-06-13 13:22:11 F9184C5742832DED1854E4D6232BE611 111616 ----a-w- C:\Windows\System32\AppHostRegistrationVerifier.exe 2018-06-13 13:22:11 E50FD926BF7F934687A57FA8575EDF87 567184 ----a-w- C:\Windows\System32\tcblaunch.exe 2018-06-13 13:22:11 DAC2E951B16B69DA780807F18827A7AC 577024 ----a-w- C:\Windows\System32\SppExtComObj.Exe 2018-06-13 13:22:11 C1BB41239EDA0DBAD4B342C279F40E8B 1174432 ----a-w- C:\Windows\System32\hvix64.exe 2018-06-13 13:22:11 689E2C5F66A36B941EA602C1A2BDDBF5 552960 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe 2018-06-13 13:22:11 2D9731839D260CE22D73C5A6EAE0B97E 506184 ----a-w- C:\Windows\System32\systemreset.exe 2018-06-13 13:22:11 2AFE335460D85A958C97A465BD3A38B7 983016 ----a-w- C:\Windows\System32\winresume.exe 2018-06-13 13:22:11 2AFE335460D85A958C97A465BD3A38B7 983016 ----a-w- C:\Windows\System32\Boot\winresume.exe 2018-06-13 13:22:11 22DCF6C0FA7DDCF7516CC1E9F1003037 1258288 ----a-w- C:\Windows\System32\winload.exe 2018-06-13 13:22:11 22DCF6C0FA7DDCF7516CC1E9F1003037 1258288 ----a-w- C:\Windows\System32\Boot\winload.exe 2018-06-13 13:22:11 0578BF1F8D8299924B08E6D1F8E604B5 1012640 ----a-w- C:\Windows\System32\hvax64.exe 2018-06-13 13:22:11 0269064AA2DD91125F13635FB194F499 236032 ----a-w- C:\Windows\System32\wevtutil.exe 2018-06-13 13:22:10 CDDD13273F93AC43C2DDD9675CD03B98 279232 ----a-w- C:\Windows\System32\oobe\Setup.exe 2018-06-13 13:22:10 48FB54BDC615B2D185BDC402C9602F3B 527264 ----a-w- C:\Windows\System32\wimserv.exe 2018-06-13 13:22:09 F9E10555345CF041238EFF580C8651EC 552352 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.CapturePicker_cw5n1h2txyewy\CapturePicker.exe 2018-06-13 13:22:09 DF361627C19A67157ACF4005B85D2E8E 223744 ----a-w- C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe 2018-06-13 13:22:09 B335628675473DB975A6AE13C1BCF65F 661160 ----a-w- C:\Windows\System32\GenValObj.exe 2018-06-13 13:22:09 AB5697A88FC284BF3025ABAF11459768 446880 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe 2018-06-13 13:22:09 6A4EDDC3BDC1FCDF77ACF3B551ED6EF5 237488 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe 2018-06-13 13:22:09 673C334F6ED608697DE985F41612EB57 95128 ----a-w- C:\Windows\ImmersiveControlPanel\SystemSettings.exe 2018-06-13 13:22:09 5FF04F97C32CD350F936D4CD268CB4F8 3640832 ----a-w- C:\Windows\System32\mstsc.exe 2018-06-13 13:22:09 4F17CAED5B023D9E5A41F16F52160362 280576 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe 2018-06-13 13:22:09 38CA9BB7B255115F19C96B1867A6C157 1213368 ----a-w- C:\Windows\System32\ClipUp.exe 2018-06-13 13:22:09 34E0D110516A13AC3E73B4ABF16D617C 844184 ----a-w- C:\Windows\Boot\PCAT\memtest.exe 2018-06-13 13:22:09 1F73D52590D1EDF803FD49EAF32ADC2E 3444224 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2018-06-13 13:22:08 FD09E11AD7DF44EEB0927076D5619252 497152 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cain.exe 2018-06-13 13:22:08 F84E7C82E76FF38D395D4F95B4FEA3FE 212992 ----a-w- C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe 2018-06-13 13:22:08 EF3E2B51B2268B55245F2956EB98D5B1 1157632 ----a-w- C:\Windows\SystemApps\Microsoft.ECApp_8wekyb3d8bbwe\Microsoft.ECApp.exe 2018-06-13 13:22:08 CB3A11E3C83B0F64E09AFF7BC055E433 456704 ----a-w- C:\Windows\System32\MDEServer.exe 2018-06-13 13:22:08 9F46840758431946CA096F8096B016B4 808960 ----a-w- C:\Windows\System32\MBR2GPT.EXE 2018-06-13 13:22:08 776FD76FFE03BBDF5E96793905AE28B4 342528 ----a-w- C:\Windows\System32\browserexport.exe 2018-06-13 13:22:08 49AFCE6895C31BD1C2E905260503A669 214016 ----a-w- C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe 2018-06-13 13:22:08 1101CCDC6D2B8C8E3EEBC08AF7AFD1A6 167936 ----a-w- C:\Windows\SysWOW64\wevtutil.exe 2018-06-13 13:22:07 E700ED8859588D2FE1913AE07ECA601C 1560576 ----a-w- C:\Windows\System32\msdt.exe 2018-06-13 13:22:07 B5D4615239480AA3465EF2B8D8F693AA 35840 ----a-w- C:\Windows\System32\TokenBrokerCookies.exe 2018-06-13 13:22:07 A56B8E63B7CAD52B29D7B1FE549D7024 275456 ----a-w- C:\Windows\System32\SIHClient.exe 2018-06-13 13:22:07 9D800CC0FB70DFD44AA20C06B0C1DA90 59904 ----a-w- C:\Windows\System32\edpnotify.exe 2018-06-13 13:22:07 8159ECA8BB42C16D894E3AEB4B2FECC5 5069312 ----a-w- C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe 2018-06-13 13:22:07 74F403CC413DDE05500FC2BC9A4387E6 29184 ----a-w- C:\Windows\SysWOW64\TokenBrokerCookies.exe 2018-06-13 13:22:07 6136C1E209F3EEC3E1D9DDB1DDB51DE5 1292288 ----a-w- C:\Windows\System32\GamePanel.exe 2018-06-13 13:22:07 45DB9D98DDBFEE0792D7E382D2EC13AC 1508352 ----a-w- C:\Windows\SysWOW64\msdt.exe 2018-06-13 08:15:06 DBE6061C4408052D6F71C0B7232BC646 1935192 ----a-w- C:\Windows\Temp\CR_BE792.tmp\setup.exe 2018-06-13 08:15:05 78EB764859F0B43B0316C59572DD4163 2296936 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\67.0.3396.87\67.0.3396.87_67.0.3396.79_chrome_updater.exe 2018-06-12 21:22:26 35B777A3911D02A2585BE31C3B474B5E 465584 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE16\LICLUA.EXE 2018-06-12 21:22:24 8972968D6315D367AD2F8C1CDE97CFD9 154288 ----a-w- C:\Program Files (x86)\Microsoft Office\Office16\OSPPREARM.EXE 2018-06-12 21:12:06 B30B1233B50837D06E8068F4744B6EDA 212144 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE === C: other files == 2018-06-17 13:52:42 D1E09471FC0445112C4686538A508FAD 24584 ----a-w- C:\Windows\ELAMBKUP\SYMELAM.SYS 2018-06-15 07:56:35 EF0BD4BC5BD9431156DBB38B30D6D718 187520 ----a-w- C:\Windows\System32\drivers\NGCx64\160E020.00D\ccsetx64.sys 2018-06-15 07:56:35 DD543931EF3940A2B201B12021EC9383 307792 ----a-w- C:\Windows\System32\drivers\NGCx64\160E020.00D\ironx64.sys 2018-06-15 07:56:35 D1E09471FC0445112C4686538A508FAD 24584 ----a-w- C:\Windows\System32\drivers\NGCx64\160E020.00D\symelam.sys 2018-06-15 07:56:35 9FBBBCE5B870C7E4948C012F752E99F1 1942096 ----a-w- C:\Windows\System32\drivers\NGCx64\160E020.00D\symefasi64.sys 2018-06-15 07:56:35 5E641EEE3F4279984D10E00B3ED98AD4 838224 ----a-w- C:\Windows\System32\drivers\NGCx64\160E020.00D\srtsp64.sys 2018-06-15 07:56:35 5322CDED33342BD8856AA88EAE94FC11 49232 ----a-w- C:\Windows\System32\drivers\NGCx64\160E020.00D\srtspx64.sys 2018-06-15 07:56:35 3D4BB856AC1B8FC090CD504194F0B23D 468616 ----a-w- C:\Windows\System32\drivers\NGCx64\160E020.00D\symtdiv.sys 2018-06-15 07:56:35 30418546D1D5C49639DC7ACEAF66FF5C 1015592 ----a-w- C:\Windows\System32\drivers\NGCx64\160E020.00D\wpctrldrv.sys 2018-06-15 07:56:35 138531EB369E77AEF5F9373FD093BCE7 566912 ----a-w- C:\Windows\System32\drivers\NGCx64\160E020.00D\symnets.sys 2018-06-13 13:22:18 68E337DFE50308F8C58362D6ED3CDFB7 3653120 ----a-w- C:\Windows\System32\win32kfull.sys 2018-06-13 13:22:14 E99FACCC3100E15B1520A67EDFF37231 2836384 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2018-06-13 13:22:13 9A60576014D6D72819D5413E3C631E5F 2895872 ----a-w- C:\Windows\SysWOW64\win32kfull.sys 2018-06-13 13:22:13 8E2DB353FBAC1DF497CDC40888495D21 2236928 ----a-w- C:\Windows\System32\win32kbase.sys 2018-06-13 13:22:12 71E9A27EE90D45174AECE1F37BAC6EAA 266752 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2018-06-13 13:22:11 FFADF87E4B64A99EDCF1B027F1B8C3E6 88472 ----a-w- C:\Windows\System32\drivers\crashdmp.sys 2018-06-13 13:22:11 60B42947B51D1C6D2DD7250295DF4161 2422688 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2018-06-13 13:22:10 EB0B154F12F78DE232F38EF61BCDEEA2 164768 ----a-w- C:\Windows\System32\drivers\wfplwfs.sys 2018-06-13 13:22:10 D1F6348F41DFCE25AA918E38F02E80FD 565152 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS 2018-06-13 13:22:10 999433544A4136A9B879C98049821EE6 375712 ----a-w- C:\Windows\System32\drivers\msrpc.sys 2018-06-13 13:22:10 744428491FA6BB37EC8070886C49CB12 1026976 ----a-w- C:\Windows\System32\drivers\http.sys 2018-06-13 13:22:10 701078F20919BD635EA25F691880F651 105368 ----a-w- C:\Windows\System32\drivers\stornvme.sys 2018-06-13 13:22:09 FA757EB9DEFEDB2F13FE2FC99834C58B 1921952 ----a-w- C:\Windows\System32\drivers\refs.sys 2018-06-13 13:22:09 EE62D07172014C8BBE7C80A3AAF56E8F 226720 ----a-w- C:\Windows\System32\drivers\Ucx01000.sys 2018-06-13 13:22:09 E8E5F722A699EF037891D735CB588F8D 705440 ----a-w- C:\Windows\System32\drivers\vhdmp.sys 2018-06-13 13:22:09 D30AF38971B6670C222250AC2CBB6227 29600 ----a-w- C:\Windows\System32\drivers\uefi.sys 2018-06-13 13:22:09 B772B6645004D1CEBD924CA5CD1B5767 130456 ----a-w- C:\Windows\System32\drivers\hvsocket.sys 2018-06-13 13:22:09 ADA07C58B1983B5C28CF167E03B9D43B 792992 ----a-w- C:\Windows\System32\drivers\dxgmms2.sys 2018-06-13 13:22:09 9779FAC96B0337F257CA843FD2ADFBFF 945568 ----a-w- C:\Windows\System32\drivers\refsv1.sys 2018-06-13 13:22:09 8C309A23F86F5B0E8E6B738754EE448F 709824 ----a-w- C:\Windows\System32\drivers\cng.sys 2018-06-13 13:22:09 5E5486E4F5278C09C6E9E1FD7001AE1A 401920 ----a-w- C:\Windows\System32\drivers\ks.sys 2018-06-13 13:22:09 5A90888D3D1B8E0C5DD0643C1FBBD53F 170912 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2018-06-13 13:22:09 2F3B9A23F8DEE9C3AD58CB3D966D83DD 32256 ----a-w- C:\Windows\System32\drivers\mskssrv.sys 2018-06-13 13:22:09 0ECF08953571A2E18814449CE418F601 413088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2018-06-13 13:22:08 CB05373229E47EA590BBD9094954ECD0 46080 ----a-w- C:\Windows\System32\drivers\hidparse.sys 2018-06-13 13:22:08 C12373EC998C6F17C0FE2D6C3CBB9C04 144384 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2018-06-13 13:22:08 5DDA2C4B9AAED51E73DD6D580406F07A 781824 ----a-w- C:\Windows\System32\drivers\WdiWiFi.sys 2018-06-13 13:22:07 11B4962A359DCE5F80C4D5F9E492EE93 75776 ----a-w- C:\Windows\System32\drivers\mpsdrv.sys 2018-06-12 21:21:46 E29340470FECA300D2C97280549EA1EC 105302 ----a-w- C:\Program Files (x86)\Microsoft Office\Office16\OSPP.VBS ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-1785666316-1713290431-1149740947-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\allon\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPMessageService"="C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe" "RtlS5Wake"="C:\PROGRA~2\Realtek\PCIEWI~1\RTLS5W~1\RTLS5W~1.EXE" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\allon\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "SecurityHealth"="%ProgramFiles%\Windows Defender\MSASCuiL.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\G2MUpdateTask-S-1-5-21-1785666316-1713290431-1149740947-1001.job --a-------- C:\Users\allon\AppData\Local\GoToMeeting\8953\g2mupdate.exe [15/06/2018 18:26] C:\WINDOWS\tasks\G2MUploadTask-S-1-5-21-1785666316-1713290431-1149740947-1001.job --a-------- C:\Users\allon\AppData\Local\GoToMeeting\8953\g2mupload.exe [15/06/2018 18:26] C:\WINDOWS\tasks\HPCeeScheduleForallon.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [24/06/2016 18:09] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\G2MUpdateTask-S-1-5-21-1785666316-1713290431-1149740947-1001" [C:\Users\allon\AppData\Local\GoToMeeting\8953\g2mupdate.exe] "C:\WINDOWS\SysNative\tasks\G2MUploadTask-S-1-5-21-1785666316-1713290431-1149740947-1001" [C:\Users\allon\AppData\Local\GoToMeeting\8953\g2mupload.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HPAudioSwitch" ["C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe"] "C:\WINDOWS\SysNative\tasks\HPCeeScheduleForallon" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\WINDOWS\SysNative\tasks\HPEA3JOBS" [C:\Program] "C:\WINDOWS\SysNative\tasks\HPJumpStartLaunch" ["C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe"] "C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files\Norton Security\Engine\22.14.2.13\WSCStub.exe"] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task v2" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-1785666316-1713290431-1149740947-1001" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\StartCN" ["c:\Program Files\AMD\CNext\CNext\cncmd.exe"] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\HP\HP CoolSense\HP CoolSense Start at Logon" [C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe] "C:\WINDOWS\SysNative\tasks\Norton Security with Backup\Norton Security Autofix" [C:\Program Files\Norton Security\Engine\22.14.2.13\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton Security with Backup\Norton Security Error Analyzer" [C:\Program Files\Norton Security\Engine\22.14.2.13\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton Security with Backup\Norton Security Error Processor" [C:\Program Files\Norton Security\Engine\22.14.2.13\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Remediation\AntimalwareMigrationTask" ["C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe"] ==== Firefox Extensions ====================== ProfilePath: C:\Users\allon\AppData\Roaming\Thunderbird\Profiles\ty7rll8l.default - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 67.0.3396.87 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjabmdjcfcfdmffimndhafhblfmpjdpe - C:\Program Files\Norton Security\Engine\22.14.2.13\Exts\Chrome.crx[] iikflkcanblccfahdhdonehdalibjnif - No path found[] Slides - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Docs - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf eID Chrome Extension - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbdaodnaecdijpajecpncpdomgcoakc YouTube - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Norton Security Toolbar - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe Norton Home Page for Chrome - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe Sheets - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap EasyDocMerge - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfgmjmilcoilaoljbbkmggbioojffahd Norton Home Page for Chrome - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfoabcdjalmeenbjjngidappmppchblc Google Docs Offline - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Norton Safe Search as default for Chrome - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbmobhkkblcgdifigjglcjneplefbkmh Refresh for Twitter - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdpiilkeoldobfomlhipnnfanmgfllmp Auto Refresh - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifooldnmmcmlbdennkpdnlnbgbmfalko Norton Identity Safe - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif Super Auto Refresh - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkhjakkgopekjlempoplnjclgedabddk Norton Safe Search as default for Chrome - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl Chrome Web Store Payments - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - allon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\allon\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\allon\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\allon\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\allon\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Edge Cache ====================== Edge Cache is not empty, a reboot is needed ==== Empty Chrome Cache ====================== C:\Users\allon\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== Empty Temp Folders ====================== C:\Users\allon\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\allon\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\allon\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted "C:\Users\allon\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted "C:\Users\allon\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted "C:\Users\allon\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted "C:\Users\allon\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted "C:\Users\allon\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001" not found "C:\Users\allon\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\AMD" not found "C:\Users\allon\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Microsoft" not found "C:\Users\allon\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge" not found "C:\Users\allon\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp" not found ==== EOF on di 19/06/2018 at 18:01:46,47 ======================