
Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by feesoleil64 on 23/09/2016 at  8:18:11,21.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\feesoleil64\Downloads\zoek.exe [Scan all users]   [Quick Scan] [Auto Clean]

==== System Restore Info ======================

23/09/2016 08:19:33 Zoek.exe System Restore Point Created Successfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\feesoleil64\ZHPDiag3.exe deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2016-09-07 23:45:44	7826082B93262AB6460E77B91C61EA30	128512	----a-w-	C:\WINDOWS\splwow64.exe
2016-09-07 23:43:09	FC2EA5BD5307D2CFA5AAA38E0C0DDCE9	221184	----a-w-	C:\WINDOWS\notepad.exe
2016-09-07 23:26:40	B3541A5A20C6264781909B1B7FE54836	2757616	----a-w-	C:\WINDOWS\explorer.exe
2016-09-07 23:06:03	A59CA020A52569657D064CD0D38495E4	30483	----a-w-	C:\WINDOWS\diagwrn.xml
2016-09-07 23:06:03	A59CA020A52569657D064CD0D38495E4	30483	----a-w-	C:\WINDOWS\diagerr.xml
2016-09-07 22:55:24	210875E72C45D712120904128F357233	1664000	----a-w-	C:\WINDOWS\sttray64.exe
====== C:\Users\FEESOL~1\AppData\Local\Temp ====
2016-09-21 19:43:42	E3A25C80E2375B2D42C3D4729769BDF3	10240	----a-w-	C:\Users\feesoleil64\AppData\Local\Temp\SDIAG_d86e44d7-64f2-43cf-b22b-ae78e1350ec2\NetworkDiagnosticSnapIn.dll
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2016-09-14 05:46:30	D6A6E13D8C0E1BAB7FE02015D3E8058B	73728	------w-	C:\WINDOWS\SysWOW64\BrDctF2.dll
2016-09-14 05:46:30	CB5156FFD3C2FB815E90849135DB2443	5120	------w-	C:\WINDOWS\SysWOW64\BrDctF2L.dll
2016-09-14 05:46:30	70554A0CF734CB4F2EC51826200CE25D	3072	------w-	C:\WINDOWS\SysWOW64\BrDctF2S.dll
2016-09-14 05:46:30	6DD51E86B85F9A12728369E937573E75	217088	------w-	C:\WINDOWS\SysWOW64\NSSearch.dll
2016-09-14 05:46:27	38E5E24BEDE6F59AFC648CB7EF897D69	180224	------w-	C:\WINDOWS\SysWOW64\BroSNMP.dll
2016-09-13 20:08:25	3901F08EFB0E5BC63F81645FC69B73A7	2539008	----a-w-	C:\WINDOWS\SysWOW64\esent.dll
2016-09-13 20:08:23	1ED58A2A65A540827E93706ADC5F402B	498688	----a-w-	C:\WINDOWS\SysWOW64\dnsapi.dll
2016-09-13 20:08:22	D8F8046DA2CA5F52F5FD1CB6230E21CC	628736	----a-w-	C:\WINDOWS\SysWOW64\rasapi32.dll
2016-09-13 20:08:21	E6B458615508D30B4B3EA01D4B9891FB	319488	----a-w-	C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-13 20:08:21	8D9F6E1A80642968EB3704C6E7B7E268	187392	----a-w-	C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-13 20:08:21	7B72F7997113D413C92F66AD03D78BBE	1212248	----a-w-	C:\WINDOWS\SysWOW64\ole32.dll
2016-09-13 20:08:20	73B4FF7FC30E2D722AC5435CC8EDF55E	157016	----a-w-	C:\WINDOWS\SysWOW64\dssenh.dll
2016-09-13 20:08:16	E49E9DB05732B27B2E42B524D7950321	145920	----a-w-	C:\WINDOWS\SysWOW64\rasman.dll
2016-09-13 20:08:16	D618055B8F13FFC2061DEA55A4E25053	285184	----a-w-	C:\WINDOWS\SysWOW64\iprtrmgr.dll
2016-09-13 20:08:16	C05E8A87B36AE09F12428EB6470B1C18	185856	----a-w-	C:\WINDOWS\SysWOW64\rasppp.dll
2016-09-13 20:04:03	FCDB0FD3A1ECDAFA4C953ED0F0AF5071	20312064	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-13 20:03:59	C38EBAE98B5D2B4A5F9370FB4EE6FB4B	13808128	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-13 20:03:58	FCC0FC40C00AF4B5DC25BFA6404896E4	1049600	----a-w-	C:\WINDOWS\SysWOW64\actxprxy.dll
2016-09-13 20:03:58	6904CC18680F8746C8F7873701A5D1C0	4607488	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-13 20:03:57	AB37C67BF2E2D24758FFD209BD907A97	498688	----a-w-	C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-13 20:03:57	42B01C859A89EEA6237DBD9A290DF857	2445824	----a-w-	C:\WINDOWS\SysWOW64\wininet.dll
2016-09-13 20:03:56	821269ED4870F190461CFCA529BACF13	2286592	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-13 20:03:54	CB989AF28CEB4E71D127FA1E0686E676	663552	----a-w-	C:\WINDOWS\SysWOW64\jscript.dll
2016-09-13 20:03:54	ACDC51F7F17702BCDD34EF0F36060DE7	880128	----a-w-	C:\WINDOWS\SysWOW64\inetcomm.dll
2016-09-13 20:03:54	A8F96A50D37297F7C050DDEE79ABA0B2	1316352	----a-w-	C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-13 20:03:54	903AB195DEF789E1E8B2641766E2C980	692736	----a-w-	C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-13 20:03:53	2D8A732E8380EF7BBB8E405B68A7732B	710144	----a-w-	C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-13 19:54:54	2CE3233B09EC1AF8B71A035559B25511	332632	----a-w-	C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-13 19:54:52	73451815A11DCF1259AAE72AD9E0F1BD	104960	----a-w-	C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-13 19:54:52	61BA31CEE45F98AC6B024A913D65FA9D	324096	----a-w-	C:\WINDOWS\SysWOW64\certcli.dll
2016-09-13 19:54:30	BF592547880342F2FC6CE8CC8CDE63F4	360448	----a-w-	C:\WINDOWS\SysWOW64\schannel.dll
2016-09-13 19:54:14	97BF59249A6ECFF3BEF60603A39C0C2C	611576	----a-w-	C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-13 19:54:08	EEAE09888C09989080040A960AD4A2CC	5273600	----a-w-	C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-09-13 19:54:08	09806A2826C2B745DFB6107F5CFAD155	5268480	----a-w-	C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-13 19:45:54	6416D52BE6D1030DF1B5B8B6090C6E09	1376768	----a-w-	C:\WINDOWS\SysWOW64\user32.dll
2016-09-12 06:06:15	A636D341E03F15A161068383B538EFF1	176632	----a-w-	C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-12 06:06:15	1C6F31756DE0CAC502A743382892C620	828408	----a-w-	C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-11 20:44:46	F51474B15B4210E93FD73CA9E52E7926	103120	----a-w-	C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-11 20:20:54	3B26DCAB842C280FA7271FF2B58D3293	28352	----a-w-	C:\WINDOWS\SysWOW64\aspnet_counters.dll
2016-09-10 19:35:26	7FA4D74CC9940BD4FDF248C64FE19F20	15158272	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-10 19:35:18	BFF7119B5E232F36EEFCFF1CC53C0160	19788688	----a-w-	C:\WINDOWS\SysWOW64\shell32.dll
2016-09-10 19:35:10	F6B88F20C88E78867FE9C2E8960385A4	1613528	----a-w-	C:\WINDOWS\SysWOW64\crypt32.dll
2016-09-10 19:35:07	8696752284B4F5786BA82ED4BA90F48A	12879872	----a-w-	C:\WINDOWS\SysWOW64\twinui.dll
2016-09-10 19:35:04	AC7D7440632FD5F6A9259CE39334E856	626176	----a-w-	C:\WINDOWS\SysWOW64\winhttp.dll
2016-09-10 19:35:04	45B32760EE7F74AE0D8657286C2B274C	2317824	----a-w-	C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-09-10 19:35:00	4A9D63560E7753F666E5EEADAD1F6025	862720	----a-w-	C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-10 19:34:59	CAB4F6336C48C0959DB06D0EE46CCAD7	800768	----a-w-	C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-10 19:34:59	34D7B359AF1BB7FCB9E3786D5CE51773	413184	----a-w-	C:\WINDOWS\SysWOW64\webio.dll
2016-09-10 19:34:58	0226079EFADB4BBDF849EC3FBD23C845	91416	----a-w-	C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-09-10 19:34:56	8C5DD41EBAC8116DBD935427C5FE4255	727040	----a-w-	C:\WINDOWS\SysWOW64\wuapi.dll
2016-09-10 19:34:55	2BF465ADC668730CE14181262FDDE065	3273728	----a-w-	C:\WINDOWS\SysWOW64\rdpcore.dll
2016-09-10 19:34:54	8DF6158250D75654F0A95E9486FFD74E	3607040	----a-w-	C:\WINDOWS\SysWOW64\msi.dll
2016-09-10 19:34:51	26B03453376E375C8598F456C2A238D3	218112	----a-w-	C:\WINDOWS\SysWOW64\Windows.Devices.Geolocation.dll
2016-09-10 19:34:50	5294CF018BF48C3C5C40C073CAD9BC00	99136	----a-w-	C:\WINDOWS\SysWOW64\cryptxml.dll
2016-09-10 19:34:48	AA5E14276A0AF0BB3D3E6305A24AC02A	30984	----a-w-	C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2016-09-10 19:34:48	0F885F103D107B2BADFC0D53036862C0	281088	----a-w-	C:\WINDOWS\SysWOW64\LocationApi.dll
2016-09-10 19:34:48	0257B25DAE13FF41CF60261EDC6DF516	59904	----a-w-	C:\WINDOWS\SysWOW64\msiexec.exe
2016-09-10 19:34:46	A39157A0B76BF555489CCA3736C73F67	543232	----a-w-	C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-09-10 19:34:45	E8CA62A0B12DF8E30551C837F46E3EFC	199168	----a-w-	C:\WINDOWS\SysWOW64\WebClnt.dll
2016-09-10 19:34:29	D365B46072B17B6DD3B1E54BF8E1A57F	86016	----a-w-	C:\WINDOWS\SysWOW64\olepro32.dll
2016-09-10 19:34:29	CD9FDE5828EDDB4CF0E2144CAA5B0BA1	192512	----a-w-	C:\WINDOWS\SysWOW64\gpresult.exe
2016-09-10 19:34:29	95B8C952D389F5CEE49AC55F99C864CB	20480	----a-w-	C:\WINDOWS\SysWOW64\wfapigp.dll
2016-09-10 19:34:29	91B5B5CED8DC6C1592522DE33BE2536F	66560	----a-w-	C:\WINDOWS\SysWOW64\hbaapi.dll
2016-09-10 19:34:27	E4B7BA1919B8A9C701DC4CC12FEAF499	1060352	----a-w-	C:\WINDOWS\SysWOW64\certutil.exe
2016-09-10 19:34:27	1AC127FB0FAE1AD2C209981EC68CB384	44032	----a-w-	C:\WINDOWS\SysWOW64\certenc.dll
2016-09-10 19:34:26	B06DD7654204874D3C807CD1E2EA4051	81920	----a-w-	C:\WINDOWS\SysWOW64\wudriver.dll
2016-09-10 19:34:26	42F28B3DF34071375AC0BBD953965FB1	2464768	----a-w-	C:\WINDOWS\SysWOW64\authui.dll
2016-09-10 19:34:26	06968346AA40C9778AFD8BA45D153A4E	124928	----a-w-	C:\WINDOWS\SysWOW64\wuwebv.dll
2016-09-10 19:34:25	D0DE3C0181F7500068F69AD566D26DB3	29696	----a-w-	C:\WINDOWS\SysWOW64\wuapp.exe
2016-09-10 19:04:50	38045850ACB96313A1983A8803302906	35480	----a-w-	C:\WINDOWS\SysWOW64\TsWpfWrp.exe
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2016-09-23 06:08:48	E43AEE6A66067C6535C1F994BCFB93A1	391496	----a-w-	C:\WINDOWS\Sysnative\aswBoot.exe
2016-09-13 20:08:25	D835250EE4140AB3306C8296E3F9CC6C	2897920	----a-w-	C:\WINDOWS\Sysnative\esent.dll
2016-09-13 20:08:23	4C6236C131E68FC23713523C8CDB5469	429568	----a-w-	C:\WINDOWS\Sysnative\vpnike.dll
2016-09-13 20:08:23	1A5F011B7C2417C651E43653E9C8C0F4	3547136	----a-w-	C:\WINDOWS\Sysnative\rdpcorets.dll
2016-09-13 20:08:22	DF78648AC3C8DC9D70E6714AF785382F	233472	----a-w-	C:\WINDOWS\Sysnative\mprdim.dll
2016-09-13 20:08:22	D1F7620A919F7AB7D0184C7EE618BD21	1661064	----a-w-	C:\WINDOWS\Sysnative\ole32.dll
2016-09-13 20:08:22	9DFB604E2A2B842599CF803B84774B46	657920	----a-w-	C:\WINDOWS\Sysnative\dnsapi.dll
2016-09-13 20:08:22	920C189568561AF1FCEDC91DF730E1CA	704512	----a-w-	C:\WINDOWS\Sysnative\rasapi32.dll
2016-09-13 20:08:22	56F1A1BE1B9B3053EE85FB5A1E1346C6	377344	----a-w-	C:\WINDOWS\Sysnative\mprddm.dll
2016-09-13 20:08:21	F7E47D15A6C00AF4D1A5B5E0F1388E39	197352	----a-w-	C:\WINDOWS\Sysnative\dssenh.dll
2016-09-13 20:08:21	15C0034561FE5B03FA376F1A6232478B	542720	----a-w-	C:\WINDOWS\Sysnative\rasmans.dll
2016-09-13 20:08:20	DBDCE2378F65F0A07D4644AC103037E7	87040	----a-w-	C:\WINDOWS\Sysnative\wpdbusenum.dll
2016-09-13 20:08:20	61C9B6B89EB613F86DE3A2A552CF0425	272896	----a-w-	C:\WINDOWS\Sysnative\rasppp.dll
2016-09-13 20:08:18	7930EAD9B95144F3AB565B97C470AB5D	173568	----a-w-	C:\WINDOWS\Sysnative\rasman.dll
2016-09-13 20:08:17	AFD61C47BD8354FB3E9AF060D0E69ED0	254464	----a-w-	C:\WINDOWS\Sysnative\rascustom.dll
2016-09-13 20:08:17	653D829AA641C0DA8071F49E773852FD	132096	----a-w-	C:\WINDOWS\Sysnative\rdpudd.dll
2016-09-13 20:08:17	3094E937AE11D2A1B2E7830B55259B8A	323072	----a-w-	C:\WINDOWS\Sysnative\iprtrmgr.dll
2016-09-13 20:08:17	02ACE47F91FF96665743389D050A0956	360448	----a-w-	C:\WINDOWS\Sysnative\rdpclip.exe
2016-09-13 20:08:16	F95AC7F370273A92478758CF389B6EF6	713216	----a-w-	C:\WINDOWS\Sysnative\nshwfp.dll
2016-09-13 20:08:16	561CBB163EB3C8221D9B1D7D1E5CA477	252416	----a-w-	C:\WINDOWS\Sysnative\dnsrslvr.dll
2016-09-13 20:08:15	5697FD05EC6915A1E7193D658D8D6E05	1080320	----a-w-	C:\WINDOWS\Sysnative\IKEEXT.DLL
2016-09-13 20:04:05	33063F69D8E97D6A5C81AE5D9083239D	25770496	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2016-09-13 20:04:01	7936C38FA219F9677B6ADC1BD449312A	6047232	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
2016-09-13 20:04:00	EDFE9C542057783240B99AF1D22AB9E7	15411712	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2016-09-13 20:04:00	A433DAC3B202BD13668B10E198BF3CDC	2881536	----a-w-	C:\WINDOWS\Sysnative\actxprxy.dll
2016-09-13 20:03:57	F28B26DE031D6C7AC3F393417191A22F	2921472	----a-w-	C:\WINDOWS\Sysnative\wininet.dll
2016-09-13 20:03:57	7E7E95BD081708B6F25C8D53905C2555	576000	----a-w-	C:\WINDOWS\Sysnative\vbscript.dll
2016-09-13 20:03:56	6B814ECF3A4916D86142685A40B4F1CA	2894336	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2016-09-13 20:03:55	A83046F312DD0A0093919A55566F12BF	1032704	----a-w-	C:\WINDOWS\Sysnative\inetcomm.dll
2016-09-13 20:03:55	A28190FACB9A57460646DC34D1872602	1550848	----a-w-	C:\WINDOWS\Sysnative\urlmon.dll
2016-09-13 20:03:55	62FA32D750EE2EE4A5428EBB1D19579F	806400	----a-w-	C:\WINDOWS\Sysnative\msfeeds.dll
2016-09-13 20:03:54	63FE1FCCA4DE89650B5F1B053F90C14D	817664	----a-w-	C:\WINDOWS\Sysnative\jscript.dll
2016-09-13 20:03:54	2519AE972350743048572AE2B4468A6A	800768	----a-w-	C:\WINDOWS\Sysnative\ieapfltr.dll
2016-09-13 19:54:54	FC443D2597006FC73F44B4491FC25FF1	179248	----a-w-	C:\WINDOWS\Sysnative\sspicli.dll
2016-09-13 19:54:54	F577BC03ADA6A29DDB3F0A8651A8F661	443224	----a-w-	C:\WINDOWS\Sysnative\msv1_0.dll
2016-09-13 19:54:54	37E3C77FA8608709318EBD2B3BA97E8E	1445376	----a-w-	C:\WINDOWS\Sysnative\lsasrv.dll
2016-09-13 19:54:52	1E9DB6550A2A6B3ACB1F17B0EA077461	445440	----a-w-	C:\WINDOWS\Sysnative\certcli.dll
2016-09-13 19:54:30	12A4EEE911929AF2C0297E415AB90B01	435200	----a-w-	C:\WINDOWS\Sysnative\schannel.dll
2016-09-13 19:54:14	01EB7C4D8749DCA4693CFA43BD6C30A8	803176	----a-w-	C:\WINDOWS\Sysnative\oleaut32.dll
2016-09-13 19:54:10	D8E1BEF3EF4F933E024CD611117A1921	7076864	----a-w-	C:\WINDOWS\Sysnative\glcndFilter.dll
2016-09-13 19:54:09	9E200461615AE4E365496E8C9E1F48C0	7795712	----a-w-	C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll
2016-09-13 19:46:01	E3A24927840E8B13EF099CA46CE399FA	7445848	----a-w-	C:\WINDOWS\Sysnative\ntoskrnl.exe
2016-09-13 19:45:59	F25907AFCD1149352EF5B988E44C3B27	1358952	----a-w-	C:\WINDOWS\Sysnative\winresume.exe
2016-09-13 19:45:59	D0FE3C3F4F834C919066400E23AB4345	1663184	----a-w-	C:\WINDOWS\Sysnative\winload.efi
2016-09-13 19:45:59	99BA858B8CF4FAC6B2655502411D81A2	1490120	----a-w-	C:\WINDOWS\Sysnative\winresume.efi
2016-09-13 19:45:59	250A6C581F8293B7F7BB55B09B3CB298	1737080	----a-w-	C:\WINDOWS\Sysnative\ntdll.dll
2016-09-13 19:45:59	0191F21E7215A2B609AA53D54532E0AA	1523208	----a-w-	C:\WINDOWS\Sysnative\winload.exe
2016-09-13 19:45:58	8EBA3AAB9696A948F3D9EA29CE714D65	59392	----a-w-	C:\WINDOWS\Sysnative\csrsrv.dll
2016-09-13 19:45:55	F3F386959F2CD1C64346E7F1C0E670CA	4171264	----a-w-	C:\WINDOWS\Sysnative\win32k.sys
2016-09-13 19:45:55	50708D66BB008FF4A3573403B342EBAC	1541248	----a-w-	C:\WINDOWS\Sysnative\user32.dll
2016-09-13 19:45:28	935E2FD7B6F3CFFB8772CDD409E3F0DC	1156608	----a-w-	C:\WINDOWS\Sysnative\wwanmm.dll
2016-09-13 19:45:28	6BA8A2A04C8BE600158B2937D4200E16	627200	----a-w-	C:\WINDOWS\Sysnative\pnidui.dll
2016-09-13 19:45:28	0CD4AC29075FD65B3A37CBB440128FE9	455680	----a-w-	C:\WINDOWS\Sysnative\wwanconn.dll
2016-09-11 20:44:46	AFA127EEA1E9FAE862A55A1D0B7E822C	124624	----a-w-	C:\WINDOWS\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2016-09-11 20:20:57	9BC00C5608BF75BEAE893814A3AEC2AD	29888	----a-w-	C:\WINDOWS\Sysnative\aspnet_counters.dll
2016-09-10 19:35:30	FAA6C62D571B195977CE4B4756C542E9	1487992	----a-w-	C:\WINDOWS\Sysnative\sppobjs.dll
2016-09-10 19:35:29	F264662C057A54AA2DE41B3C7551712F	6521800	----a-w-	C:\WINDOWS\Sysnative\sppsvc.exe
2016-09-10 19:35:27	10231E6C0208C02B18F80F52917DB49A	18825216	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2016-09-10 19:35:21	6E3782BE7D6BAF9105BAE32D0BF376F1	22361344	----a-w-	C:\WINDOWS\Sysnative\shell32.dll
2016-09-10 19:35:12	F3F60C88A6BBC8D0C68FE5B1C91181AF	3667968	----a-w-	C:\WINDOWS\Sysnative\wuaueng.dll
2016-09-10 19:35:12	60CA12F17FBFCF2ABCBA36D126F52156	14467584	----a-w-	C:\WINDOWS\Sysnative\twinui.dll
2016-09-10 19:35:11	795DF565EE288691436C5C8B6FA425A8	1970968	----a-w-	C:\WINDOWS\Sysnative\crypt32.dll
2016-09-10 19:35:09	F8BFE5788C36737A2DAC8AFCA2D4BEC3	2635264	----a-w-	C:\WINDOWS\Sysnative\CertEnroll.dll
2016-09-10 19:35:06	C0C38B16E805C0D9429010E8197DBB9D	261376	----a-w-	C:\WINDOWS\Sysnative\sppwinob.dll
2016-09-10 19:35:05	7830CEA509693DE0817DF2F3F2D80E89	816128	----a-w-	C:\WINDOWS\Sysnative\rpcss.dll
2016-09-10 19:35:05	0E70990EC2E5D2331AA5E88DB0CFB826	796672	----a-w-	C:\WINDOWS\Sysnative\winhttp.dll
2016-09-10 19:35:04	EFCCB19AFEEE2109EFB02C7BF53C82D7	1134768	----a-w-	C:\WINDOWS\Sysnative\KernelBase.dll
2016-09-10 19:35:03	628D62A47D2722FEDAE0451B799AAE76	987136	----a-w-	C:\WINDOWS\Sysnative\kerberos.dll
2016-09-10 19:35:02	9E51190D36AFD8443F11D1CAF51F3B83	897024	----a-w-	C:\WINDOWS\Sysnative\wuapi.dll
2016-09-10 19:35:01	306F94640CEDDDD0530BA322E1C6A55C	509440	----a-w-	C:\WINDOWS\Sysnative\webio.dll
2016-09-10 19:35:00	D1418745A5472F3930A288E05B9E2C05	881152	----a-w-	C:\WINDOWS\Sysnative\MPSSVC.dll
2016-09-10 19:35:00	B452623C1DE60544054E784D94A7AA47	927744	----a-w-	C:\WINDOWS\Sysnative\iphlpsvc.dll
2016-09-10 19:34:59	EF12AB4D0F764B2393673B86AA73EC29	2230784	----a-w-	C:\WINDOWS\Sysnative\wucltux.dll
2016-09-10 19:34:59	C19EB92E4595E65633C8ED0E3E44DD34	482304	----a-w-	C:\WINDOWS\Sysnative\tpmvsc.dll
2016-09-10 19:34:58	E02FC70CEC1524033085ECAB7CA24D0F	3820544	----a-w-	C:\WINDOWS\Sysnative\rdpcore.dll
2016-09-10 19:34:58	678AC77833B3C2BC83640C17CCF75C09	306176	----a-w-	C:\WINDOWS\Sysnative\Windows.Devices.Geolocation.dll
2016-09-10 19:34:57	88D8A63BBB3F6DB76D315D2E730CD0C4	3320832	----a-w-	C:\WINDOWS\Sysnative\msi.dll
2016-09-10 19:34:57	7696A58F8CECF246FD6C6D4AEEE9DD93	1291776	----a-w-	C:\WINDOWS\Sysnative\certutil.exe
2016-09-10 19:34:51	B4121C79FEB8A9A7D9ABA60F8F8ED404	216576	----a-w-	C:\WINDOWS\Sysnative\gpresult.exe
2016-09-10 19:34:51	3C91A6E3469C26D81107409CEA6305AD	107984	----a-w-	C:\WINDOWS\Sysnative\ncryptsslp.dll
2016-09-10 19:34:51	0E1CF052693E178C561BE82A7FEE9175	346112	----a-w-	C:\WINDOWS\Sysnative\LocationApi.dll
2016-09-10 19:34:50	50B9ADE67C5B9E0C6F4D989FE5503E94	125024	----a-w-	C:\WINDOWS\Sysnative\cryptxml.dll
2016-09-10 19:34:48	D628F8470F5D8008736270F5B02B5311	136904	----a-w-	C:\WINDOWS\Sysnative\wuauclt.exe
2016-09-10 19:34:48	666154E6F1C38B5CE7E5624127A0817E	34600	----a-w-	C:\WINDOWS\Sysnative\UserAccountBroker.exe
2016-09-10 19:34:48	26C47F054F740413C965F69FB3A04689	65024	----a-w-	C:\WINDOWS\Sysnative\msiexec.exe
2016-09-10 19:34:47	A70CAF5EA36CBA5FCA24244306D4D5C6	228864	----a-w-	C:\WINDOWS\Sysnative\WebClnt.dll
2016-09-10 19:34:45	CCFB52A0CBCA72AF991600E7B5D7EBC8	754176	----a-w-	C:\WINDOWS\Sysnative\FirewallAPI.dll
2016-09-10 19:34:45	CC052D7666EBCD73E06471157AE32AF0	409088	----a-w-	C:\WINDOWS\Sysnative\WUSettingsProvider.dll
2016-09-10 19:34:40	D995BA4297D24814C2CFDA1D7981D618	26112	----a-w-	C:\WINDOWS\Sysnative\wfapigp.dll
2016-09-10 19:34:40	9FA3832668F7E9886D154C143E5ACC1E	108032	----a-w-	C:\WINDOWS\Sysnative\BdeHdCfgLib.dll
2016-09-10 19:34:37	91223E065C114F470140C427CD9ADFFC	83456	----a-w-	C:\WINDOWS\Sysnative\hbaapi.dll
2016-09-10 19:34:36	EC8C9B46310D93B09CCC9EE74648C3A2	737280	----a-w-	C:\WINDOWS\Sysnative\fveapi.dll
2016-09-10 19:34:29	174394F4EF93C117BF7BE3878046A1B1	348672	----a-w-	C:\WINDOWS\Sysnative\bdesvc.dll
2016-09-10 19:34:28	A3A4CCD28306A67BF1E0DC2662C650FD	125440	----a-w-	C:\WINDOWS\Sysnative\httpprxm.dll
2016-09-10 19:34:27	A4005F7621C409ADB8E5DE1B807768B4	77824	----a-w-	C:\WINDOWS\Sysnative\adhsvc.dll
2016-09-10 19:34:27	7E3D1C99C6DF74DEC1050481536C2830	322048	----a-w-	C:\WINDOWS\Sysnative\fvecpl.dll
2016-09-10 19:34:27	653B9F9BFB9F7CDC506A4A6ABE49E362	18944	----a-w-	C:\WINDOWS\Sysnative\httpprxp.dll
2016-09-10 19:34:27	0AB5E2073DC87AEBD35F783BC5A6B150	53248	----a-w-	C:\WINDOWS\Sysnative\certenc.dll
2016-09-10 19:34:26	7E7ABD8687D4BEC20A95E5F15C954D4D	140288	----a-w-	C:\WINDOWS\Sysnative\wuwebv.dll
2016-09-10 19:34:26	1B52CBE104E10DD392A78F7932A1ACEE	95744	----a-w-	C:\WINDOWS\Sysnative\wudriver.dll
2016-09-10 19:34:26	08EBC23D6118A3364407BBFC17D441BE	2778624	----a-w-	C:\WINDOWS\Sysnative\authui.dll
2016-09-10 19:34:25	A784ADB74CE02D7BF236FBDC2CD5EA92	35840	----a-w-	C:\WINDOWS\Sysnative\wuapp.exe
2016-09-10 19:23:43	EFC3821B41A7DF6ED6201B9474220A9B	268800	----a-w-	C:\WINDOWS\Sysnative\centel.dll
2016-09-10 19:23:43	B9485CE6BD18E05533DB6C9807BAE722	50368	----a-w-	C:\WINDOWS\Sysnative\CompatTelRunner.exe
2016-09-10 19:23:42	C9A83882E068FA0E04FCFD2F86300FF2	1490432	----a-w-	C:\WINDOWS\Sysnative\appraiser.dll
2016-09-10 19:23:42	8E2B8DDF27C083373519EB32E65DA39F	544256	----a-w-	C:\WINDOWS\Sysnative\devinv.dll
2016-09-10 19:23:42	6CFF18A010A5F103BB37562A69CDFEFF	571904	----a-w-	C:\WINDOWS\Sysnative\generaltel.dll
2016-09-10 19:23:42	37D627234C5BE75D0E83C131C1EB2FBC	294912	----a-w-	C:\WINDOWS\Sysnative\invagent.dll
2016-09-10 19:23:42	245D481194733BC8B46CA721F18371BF	1208320	----a-w-	C:\WINDOWS\Sysnative\aeinv.dll
2016-09-10 19:23:42	01171FCE8FEB8F1BD1BBA60F25EE2E42	76800	----a-w-	C:\WINDOWS\Sysnative\acmigration.dll
2016-09-10 19:23:41	83A5F89896E625650148CEFCABD8418D	219136	----a-w-	C:\WINDOWS\Sysnative\aepic.dll
2016-09-10 19:23:41	0A2DF1055FEEA30DFF73DAC0DA45FDE4	472576	----a-w-	C:\WINDOWS\Sysnative\pcasvc.dll
2016-09-10 19:23:31	D73DBBB96CEE90C2856164AAD8543425	294912	----a-w-	C:\WINDOWS\Sysnative\SystemEventsBrokerServer.dll
2016-09-10 19:04:50	6DBE73C09215E281F4283641144110A5	35480	----a-w-	C:\WINDOWS\Sysnative\TsWpfWrp.exe
2016-09-10 18:51:33	52C95098F6EA96F4A9780CE64B4DEFFF	175616	----a-w-	C:\WINDOWS\Sysnative\TpmTasks.dll
2016-09-10 18:49:07	D2B6D2C64B74277FC27756F9C02FFB5F	63488	----a-w-	C:\WINDOWS\Sysnative\tzsync.exe
2016-09-09 19:56:53	CB136B267569A62EF63D798BC90ABD5A	144	----a-w-	C:\WINDOWS\Sysnative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
====== C:\WINDOWS\Sysnative\drivers =====
2016-09-23 06:08:53	9C58B6E9663D0A76D00D83E43C765BDF	163416	----a-w-	C:\WINDOWS\Sysnative\drivers\asw5CB1.tmp
2016-09-23 06:08:53	9B480B472D6826E7257C90E2D0EE2954	37656	----a-w-	C:\WINDOWS\Sysnative\drivers\asw5B06.tmp
2016-09-23 06:08:53	937885085BFE5BD08EC1BC0245DD203B	74544	----a-w-	C:\WINDOWS\Sysnative\drivers\asw5BD3.tmp
2016-09-23 06:08:53	3267ED11A7EE6CA7F30505197B9FEC85	292704	----a-w-	C:\WINDOWS\Sysnative\drivers\asw5C62.tmp
2016-09-23 06:08:53	28213B34725B18387CC1B8C3D73858A1	513632	----a-w-	C:\WINDOWS\Sysnative\drivers\asw5C13.tmp
2016-09-23 06:08:53	1BB00571CC2C78463ABD7E9C32970758	108816	----a-w-	C:\WINDOWS\Sysnative\drivers\asw5B46.tmp
2016-09-23 06:08:52	75325BC6BE15471331FFCEEC14E1DA03	453192	----a-w-	C:\WINDOWS\Sysnative\drivers\aswNetSec.sys
2016-09-23 06:08:52	7010B57D708DA5C9686A5923EE621776	103064	----a-w-	C:\WINDOWS\Sysnative\drivers\asw5AB7.tmp
2016-09-23 06:08:52	0B6352251C5D84130DF4252D33D266C2	969184	----a-w-	C:\WINDOWS\Sysnative\drivers\asw5A2A.tmp
2016-09-23 06:08:52	06362BBA1347CBA0996F4B39BB1D8353	37144	----a-w-	C:\WINDOWS\Sysnative\drivers\asw59DA.tmp
2016-09-23 06:08:04	3CE1B3C4122030A4FAE6894A49BBDC0B	82936	----a-w-	C:\WINDOWS\Sysnative\drivers\aswHdsKe.sys
2016-09-13 20:08:21	24DABC0A77FAFDC0E379AB3B30F61BB6	101208	----a-w-	C:\WINDOWS\Sysnative\drivers\mountmgr.sys
2016-09-13 20:08:20	D5ECE7E7F349EB3C4B152AFF3577280D	95744	----a-w-	C:\WINDOWS\Sysnative\drivers\agilevpn.sys
2016-09-13 19:54:54	3AF30CEB99E581E2FADA0B5FC4B551D8	401408	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb.sys
2016-09-13 19:54:54	15D7AF1A26CCEBA32DF21A8E2098F463	284672	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys
2016-09-13 19:54:53	304DA394D958BC3B62AF6DF514005B01	100184	----a-w-	C:\WINDOWS\Sysnative\drivers\ksecdd.sys
2016-09-13 19:54:52	0790EEB1EC199F8BE8259E47B373ED23	201728	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys
2016-09-13 19:54:33	FABC49666708EA562549E78E6FBF3191	243712	----a-w-	C:\WINDOWS\Sysnative\drivers\srvnet.sys
2016-09-13 19:54:33	F5849909D4B29B4E3D4445F943E5C7E3	675328	----a-w-	C:\WINDOWS\Sysnative\drivers\srv2.sys
2016-09-13 19:54:33	36B082C7A764A34FB1DC72D975870B61	416768	----a-w-	C:\WINDOWS\Sysnative\drivers\srv.sys
2016-09-10 19:35:29	5408A71E47FF21E357192FD4126B3002	138240	----a-w-	C:\WINDOWS\Sysnative\drivers\dfsc.sys
2016-09-10 19:35:10	D67ED4AB59D1EF66B05AD1A81AC28B26	402432	----a-w-	C:\WINDOWS\Sysnative\drivers\rdbss.sys
2016-09-10 19:35:09	D4AB6EE3D715BC44C00277FD934FAACF	590688	----a-w-	C:\WINDOWS\Sysnative\drivers\fvevol.sys
2016-09-10 19:35:04	438EA7A2D8D4F9B8AFB64748ACA70BA8	114528	----a-w-	C:\WINDOWS\Sysnative\drivers\mup.sys
2016-09-10 19:35:02	C3755FCF9A0B5C6FE8ED9E873B85D3CE	205824	----a-w-	C:\WINDOWS\Sysnative\drivers\ndiswan.sys
2016-09-10 19:34:58	5BC3C5C66EBF939128B0EC7CA66C0EAB	379232	----a-w-	C:\WINDOWS\Sysnative\drivers\storport.sys
2016-09-10 19:34:58	177D76B32D417537FAADFF90237A508B	111616	----a-w-	C:\WINDOWS\Sysnative\drivers\hidclass.sys
2016-09-10 19:34:56	C5196B53CA2F8FC637D20DEC386CFBE2	72408	----a-w-	C:\WINDOWS\Sysnative\drivers\dumpfve.sys
2016-09-10 19:34:55	F9ED4FFE6EBAC59F564323848974C3B4	331608	----a-w-	C:\WINDOWS\Sysnative\drivers\Classpnp.sys
2016-09-10 19:34:53	49676FEC898AB2A11B157F848269A56E	32768	----a-w-	C:\WINDOWS\Sysnative\drivers\hidusb.sys
2016-09-10 19:34:52	0EDD1F4D470C775740625B06A60C9DD5	57184	----a-w-	C:\WINDOWS\Sysnative\drivers\stornvme.sys
2016-09-10 19:34:46	5DB4AFA10A488EC4DDB3DA09B0425BE5	551256	----a-w-	C:\WINDOWS\Sysnative\drivers\vhdmp.sys
2016-09-10 19:34:27	24E6C1F418BACEE4E7D18266F48FF2EA	32512	----a-w-	C:\WINDOWS\Sysnative\drivers\hidparse.sys
2016-09-08 19:46:55	8A375CB3B6D1A56A2AEEE72A5F1D0926	36096	----a-w-	C:\WINDOWS\Sysnative\drivers\amdkmpfd.sys
2016-09-07 23:45:44	ED54A75050211DC77F9B98C41E026858	86336	----a-w-	C:\WINDOWS\Sysnative\drivers\pdc.sys
2016-09-07 23:45:44	DC1D9F692C2AD84C214584C28501C1F7	24576	----a-w-	C:\WINDOWS\Sysnative\drivers\ndistapi.sys
2016-09-07 23:45:44	B41F3E5780D97CFD44A717153AD9CF2C	80896	----a-w-	C:\WINDOWS\Sysnative\drivers\wanarp.sys
2016-09-07 23:45:44	7AA01AB1C110916825E6E1389F1B9AF2	39744	----a-w-	C:\WINDOWS\Sysnative\drivers\intelpep.sys
2016-09-07 23:45:44	389C998C64319CD97625B0550E52ECFA	58176	----a-w-	C:\WINDOWS\Sysnative\drivers\dam.sys
2016-09-07 23:45:44	0BBE2FA30BAD58C9ADC01E4F84A3D2A1	72192	----a-w-	C:\WINDOWS\Sysnative\drivers\ndproxy.sys
2016-09-07 23:43:04	C61EAF8E1E4B2F62BA4FDF457440B2C6	316416	----a-w-	C:\WINDOWS\Sysnative\drivers\udfs.sys
2016-09-07 23:42:41	8B1E62881D5AC68E673CD94B136B34AC	99672	----a-w-	C:\WINDOWS\Sysnative\drivers\disk.sys
2016-09-07 23:41:18	8CD840A062F6BDF41DDE3ACB96164B72	32256	----a-w-	C:\WINDOWS\Sysnative\drivers\kbdhid.sys
2016-09-07 23:41:18	5FCBAB60598AE119E02B4C27DE6B99EA	30208	----a-w-	C:\WINDOWS\Sysnative\drivers\mouhid.sys
2016-09-07 23:41:18	5917AFE4A3F695A54B99C1849C8207FE	59712	----a-w-	C:\WINDOWS\Sysnative\drivers\kbdclass.sys
2016-09-07 23:41:18	49EE0AE9E5B64FFBBD06D55C4984B598	108544	----a-w-	C:\WINDOWS\Sysnative\drivers\i8042prt.sys
2016-09-07 23:41:18	148195AE95D9BC7375A08846439FDAC1	26112	----a-w-	C:\WINDOWS\Sysnative\drivers\sermouse.sys
2016-09-07 23:41:18	08374E4E5B8914DE6067CBA99F61E930	51008	----a-w-	C:\WINDOWS\Sysnative\drivers\mouclass.sys
2016-09-07 23:40:56	25991A1635AF725E9DC840A6A36824EC	428888	----a-w-	C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS
2016-09-07 23:40:56	1C8560E3A37A9D4F25B7769C3E3D4163	2466136	----a-w-	C:\WINDOWS\Sysnative\drivers\tcpip.sys
2016-09-07 23:38:39	9DC17B7D9D84C37C102D379FCC7D4942	281088	----a-w-	C:\WINDOWS\Sysnative\drivers\netbt.sys
2016-09-07 23:38:13	272A62B660A48AEF366F8A1836CED19F	57856	----a-w-	C:\WINDOWS\Sysnative\drivers\bthhfenum.sys
2016-09-07 23:36:16	FEBCEE7A6F2F65251DB4799409544D24	13824	----a-w-	C:\WINDOWS\Sysnative\drivers\hyperkbd.sys
2016-09-07 23:36:16	F204A1B043A561407206CAFC4CBE76E9	29696	----a-w-	C:\WINDOWS\Sysnative\drivers\dmvsc.sys
2016-09-07 23:36:16	E956EAE1424FE07472466354748245DD	61232	----a-w-	C:\WINDOWS\Sysnative\drivers\winhv.sys
2016-09-07 23:36:16	BCB076BC7CD75493C855B9D6A17E743E	77312	----a-w-	C:\WINDOWS\Sysnative\drivers\vmbkmclr.sys
2016-09-07 23:36:16	A2BA4E39BD5794202EDB5B071B9AFD43	56624	----a-w-	C:\WINDOWS\Sysnative\drivers\Synth3dVsc.sys
2016-09-07 23:36:16	73E50D3FEBA752FD9D3CBDEFF765C9CD	129536	----a-w-	C:\WINDOWS\Sysnative\drivers\vmbusr.sys
2016-09-07 23:36:16	61B2BAE8020F8D2F7E59D337F2AB4CD1	89392	----a-w-	C:\WINDOWS\Sysnative\drivers\vmbkmcl.sys
2016-09-07 23:36:16	57E908ED01D8DF05B9CC6A0C9869C7A2	7168	----a-w-	C:\WINDOWS\Sysnative\drivers\vms3cap.sys
2016-09-07 23:36:16	4A2F3A12A67BF9D4BCF2EFBADD801BA9	21760	----a-w-	C:\WINDOWS\Sysnative\drivers\VMBusHID.sys
2016-09-07 23:36:16	26F9B63705BFA9640D53FBD141041865	45872	----a-w-	C:\WINDOWS\Sysnative\drivers\storvsc.sys
2016-09-07 23:36:16	1CF28521DB6D35317F7A4F0FDC8D35BE	48128	----a-w-	C:\WINDOWS\Sysnative\drivers\winhvr.sys
2016-09-07 23:36:16	1A0D1B15D3443393D5DADBA366F318A7	11264	----a-w-	C:\WINDOWS\Sysnative\drivers\vmgencounter.sys
2016-09-07 23:36:16	0312DCB72628E57C6F0FA087295F25B8	97072	----a-w-	C:\WINDOWS\Sysnative\drivers\vmbus.sys
2016-09-07 23:34:34	8EB7E70C2D348FE2476A2E3F2D585E3D	377152	----a-w-	C:\WINDOWS\Sysnative\drivers\clfs.sys
2016-09-07 23:34:03	312BB35275EB15145F4B6D1FFCE56C50	20992	----a-w-	C:\WINDOWS\Sysnative\drivers\usb8023.sys
2016-09-07 23:33:43	C54B6B2170BF628FD42F799A66956D75	239424	----a-w-	C:\WINDOWS\Sysnative\drivers\sdbus.sys
2016-09-07 23:33:43	95E295FD19F80B3AD33629B5AEFEC9C7	154432	----a-w-	C:\WINDOWS\Sysnative\drivers\dumpsd.sys
2016-09-07 23:33:08	F74B839FA0F4E6060CA1DA6B8DA17941	1549144	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2016-09-07 23:32:44	FE14D249D39368CA62D8DA6BC94AC694	80384	----a-w-	C:\WINDOWS\Sysnative\drivers\ahcache.sys
2016-09-07 23:32:07	CECD84D511DEF9759D834FA0AF010400	470360	----a-w-	C:\WINDOWS\Sysnative\drivers\netio.sys
2016-09-07 23:29:51	42F88B57CAE42FC10059C887B3FCFCEA	97792	----a-w-	C:\WINDOWS\Sysnative\drivers\hidbth.sys
2016-09-07 23:28:14	5CBF8B3E27D824D2AA2A34AFB406F1D0	563024	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2016-09-07 23:28:14	3D4AE520CD6F6FFE549DD195C1F515BE	178016	----a-w-	C:\WINDOWS\Sysnative\drivers\ksecpkg.sys
2016-09-07 23:27:35	80A2FC1A089A71F2DBE5D8394FFB009F	155480	----a-w-	C:\WINDOWS\Sysnative\drivers\tpm.sys
2016-09-07 23:26:01	44603DA5A87FB491EF59C889EBBB4DDB	325464	----a-w-	C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS
2016-09-07 23:23:53	715ABA3DD164D06457A2A3C92F6EA9D5	136512	----a-w-	C:\WINDOWS\Sysnative\drivers\wfplwfs.sys
2016-09-07 23:23:02	5C90D5379B53590FBB24BBAD4FA682EE	468824	----a-w-	C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2016-09-07 23:22:58	235624C147E3CB4C288D5D3D8E8D64A2	112640	----a-w-	C:\WINDOWS\Sysnative\drivers\rasl2tp.sys
2016-09-07 23:22:42	97DC5967F65503213FD1F1B3E4A6F983	1113944	----a-w-	C:\WINDOWS\Sysnative\drivers\ndis.sys
2016-09-07 23:22:05	CE67080F00E0AF32755096CEA6430ABA	114520	----a-w-	C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys
2016-09-07 23:22:05	81285DDC994F03379DB46419300B2DCB	44560	----a-w-	C:\WINDOWS\Sysnative\drivers\WdBoot.sys
2016-09-07 23:22:05	26B8FED3F3B85F5F0C4BD03FD00B9941	270168	----a-w-	C:\WINDOWS\Sysnative\drivers\WdFilter.sys
2016-09-07 23:20:50	DAC438FB5FF85A9E72806E2341D5D732	72024	----a-w-	C:\WINDOWS\Sysnative\drivers\vpci.sys
2016-09-07 23:20:38	FC974B03C8B87455F44F734C8F31A3C8	37376	----a-w-	C:\WINDOWS\Sysnative\drivers\usbuhci.sys
2016-09-07 23:20:38	D25F0093A71FFB355160358DD70B0373	443224	----a-w-	C:\WINDOWS\Sysnative\drivers\usbport.sys
2016-09-07 23:20:38	CD81683F4553677B9BF5163A922153EB	462168	----a-w-	C:\WINDOWS\Sysnative\drivers\usbhub.sys
2016-09-07 23:20:38	C996CBEF922B5653A01E3F50DDCE2F86	91992	----a-w-	C:\WINDOWS\Sysnative\drivers\usbehci.sys
2016-09-07 23:20:38	A0F0484C97D6441ED6A75D7426ECCC9E	30208	----a-w-	C:\WINDOWS\Sysnative\drivers\usbohci.sys
2016-09-07 23:20:38	9A2B3A98D7982372CA36A823F673EFB8	27992	----a-w-	C:\WINDOWS\Sysnative\drivers\usbd.sys
2016-09-07 23:20:29	C800DCD904016B2BF6AB541083770A3A	80896	----a-w-	C:\WINDOWS\Sysnative\drivers\IPMIDrv.sys
2016-09-07 23:19:37	9980B262DBE439AE6BDC91AA985F19EE	2017624	----a-w-	C:\WINDOWS\Sysnative\drivers\ntfs.sys
2016-09-07 23:19:34	E85916632CD3B9E9B546968DB950BF42	154112	----a-w-	C:\WINDOWS\Sysnative\drivers\tunnel.sys
2016-09-07 23:18:00	A7D51169CA28B0AA9B5DE2B7EFB5C3C9	145408	----a-w-	C:\WINDOWS\Sysnative\drivers\rmcast.sys
2016-09-07 23:17:57	436E1A724E7E683F6B612D3D58F04241	74584	----a-w-	C:\WINDOWS\Sysnative\drivers\volmgr.sys
2016-09-07 23:17:44	D2AC8F07995CE6CD18848C129435B481	140800	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxdav.sys
2016-09-07 23:16:08	9D168BFA334D47BE404367EB58D4E130	148832	----a-w-	C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS
2016-09-07 23:13:36	17F7B0F2298D97F4B6C7A69511033D3D	316760	----a-w-	C:\WINDOWS\Sysnative\drivers\volsnap.sys
2016-09-07 23:13:33	E0BD2D83875464FEEEB242CBA8B7E073	108032	----a-w-	C:\WINDOWS\Sysnative\drivers\tdx.sys
2016-09-07 23:13:33	A460C3AF3755A2A79A3C8EFE72E147B5	559616	----a-w-	C:\WINDOWS\Sysnative\drivers\afd.sys
2016-09-07 23:13:29	B45AE0970B2D66CCE756DE6989E23EEC	419160	----a-w-	C:\WINDOWS\Sysnative\drivers\spaceport.sys
2016-09-07 23:12:31	E87A6D3B8FECD5B93BC0CFBB48C27970	991552	----a-w-	C:\WINDOWS\Sysnative\drivers\http.sys
2016-09-07 22:55:07	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_Kernel_SynTP_01009.Wdf
2016-09-07 22:54:47	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2016-08-27 22:48:32	0D5A09B08568760AE85A801FCBC0F83D	28272	----a-w-	C:\WINDOWS\Sysnative\drivers\TrueSight.sys
====== C:\WINDOWS\Tasks ======
2016-09-20 20:26:23	C645E3D8B201B3DAFA46939DAEB65F63	3964	----a-w-	C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{E7099111-787E-43AC-8B4E-C413557B8889}
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-09-13 06:02:31	--------	d-----w-	C:\Program Files\iPod
2016-09-13 05:59:47	--------	d-----w-	C:\Program Files\iTunes
2016-09-08 19:57:10	--------	d-----w-	C:\Program Files\ATI Technologies
2016-09-07 23:06:37	--------	d-----w-	C:\Program Files\Reference Assemblies
2016-09-07 23:06:37	--------	d-----w-	C:\Program Files\MSBuild
2016-09-07 22:55:11	--------	d-----w-	C:\Program Files\IDT
2016-09-07 22:54:46	--------	d-----w-	C:\Program Files\Synaptics
2016-09-07 22:53:15	--------	d-----w-	C:\Program Files\AMD
2016-08-27 22:47:45	--------	d-----w-	C:\Program Files\RogueKiller
======= C:\PROGRA~2 =====
2016-09-20 19:25:57	--------	d-----w-	C:\PROGRA~2\ZHPFix
2016-09-14 05:46:54	--------	d-----w-	C:\PROGRA~2\Browny02
2016-09-13 06:02:32	--------	d-----w-	C:\PROGRA~2\iTunes
2016-09-07 23:06:38	--------	d-----w-	C:\PROGRA~2\Reference Assemblies
2016-09-07 23:06:38	--------	d-----w-	C:\PROGRA~2\MSBuild
======= C: =====
2016-09-23 06:08:57	943F84F7815E25A360ADC893AB4E1F94	387255	----a-w-	C:\unp305452484170001227.mdmp
2016-09-23 06:08:53	E30396CD2961D47BDBA56708F2D173B6	395173	----a-w-	C:\unp305452484123123275.mdmp
2016-09-23 06:08:53	E2EA2C29386D0D477ED3FD61E73A6F3A	394535	----a-w-	C:\unp305452484124529598.mdmp
2016-09-23 06:08:53	D62B12ADB8DDEBF0D9315ED2DC495828	395535	----a-w-	C:\unp305452484125154648.mdmp
2016-09-23 06:08:53	70D0FB890A0B06A383B92FE530772ED4	395271	----a-w-	C:\unp305452484122498237.mdmp
2016-09-23 06:08:53	5A72014584F289B57D07473E55E417F8	395383	----a-w-	C:\unp305452484125935944.mdmp
2016-09-23 06:08:53	33693734D11C4CBAD302FEBEC205B27A	395600	----a-w-	C:\unp305452484126717221.mdmp
2016-09-23 06:08:52	FDBFA8170890CD672143DC0248FA3EE4	395144	----a-w-	C:\unp305452484119522035.mdmp
2016-09-23 06:08:52	DED6D629F19ADE6E8471A8A1E253FB22	392055	----a-w-	C:\unp305452484118115732.mdmp
2016-09-23 06:08:52	D909976E1C7E1578FB74AE370B5E7547	385729	----a-w-	C:\unp305452484114834275.mdmp
2016-09-23 06:08:52	64A4C3322152FA324F30B00CB9645A00	384989	----a-w-	C:\unp305452484114209245.mdmp
2016-09-23 06:08:52	62AFD2EC3A5FDEF254F6C4D54536C41F	384191	----a-w-	C:\unp305452484112490402.mdmp
2016-09-23 06:08:52	550213AFCCD13EA9931FAE1FF58777A1	387615	----a-w-	C:\unp305452484115615580.mdmp
2016-09-23 06:08:52	2EFD40F11A62412A719F8DF87AFB3F6D	396979	----a-w-	C:\unp305452484120310622.mdmp
2016-09-23 06:08:52	25C85EF6FBE768F4640F9ADD69E9EFB3	384760	----a-w-	C:\unp305452484116396856.mdmp
2016-09-23 06:08:52	21E71CDB044EC922DE62BD594DCF6178	386514	----a-w-	C:\unp305452484113115443.mdmp
2016-09-23 06:08:52	07D82823B2977770A10719F85C001BDD	394183	----a-w-	C:\unp305452484121716949.mdmp
2016-09-23 06:08:52	06DE14B75663EAFCC4A48451E3FB113D	391891	----a-w-	C:\unp305452484118740738.mdmp
2016-09-23 06:08:52	0633A05D1AE41F60896602594905EECB	392309	----a-w-	C:\unp305452484121091911.mdmp
2016-09-23 06:08:51	E76E6BD56AF155675C7485CBB51EEDBB	383127	----a-w-	C:\unp305452484111709105.mdmp
2016-09-23 06:08:48	00E19D8462C3C5422C44D9C6791CF1D9	387587	----a-w-	C:\unp305452484079082209.mdmp
====== C:\Users\feesoleil64\AppData\Roaming ======
2016-09-21 19:10:00	--------	d-----w-	C:\Users\feesoleil64\AppData\Local\Deployment
2016-09-21 19:10:00	--------	d-----w-	C:\Users\feesoleil64\AppData\Local\Apps
2016-09-20 19:40:38	--------	d-----w-	C:\Users\feesoleil64\AppData\Local\Temp
2016-09-14 05:45:20	--------	d-----w-	C:\Users\feesoleil64\AppData\Roaming\InstallShield
2016-09-08 19:48:59	--------	d-----w-	C:\Users\feesoleil64\AppData\Roaming\Identities
2016-09-07 23:41:17	--------	d-s---w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Locallow\Microsoft
2016-09-07 23:37:01	--------	d-s---w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft
2016-09-07 23:36:41	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Adobe
2016-09-07 23:29:15	--------	d-s---w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Microsoft
2016-09-07 23:25:38	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Apple Computer
2016-09-07 23:18:14	--------	d-----w-	C:\Users\Default\AppData\Roaming\TuneUp Software
2016-09-07 23:18:14	--------	d-----w-	C:\Users\Default User\AppData\Roaming\TuneUp Software
2016-09-07 23:06:16	--------	d-s---w-	C:\Users\feesoleil64\AppData\Roaming\Microsoft
2016-09-07 23:06:16	--------	d-----w-	C:\Users\feesoleil64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-09-07 23:06:16	--------	d-----w-	C:\Users\feesoleil64\AppData\Local\Microsoft
2016-09-07 23:06:16	--------	d-----r-	C:\Users\feesoleil64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-09-07 23:06:16	--------	d-----r-	C:\Users\feesoleil64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-09-07 23:06:16	--------	d-----r-	C:\Users\feesoleil64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-09-07 23:06:14	--------	d-s---w-	C:\Users\Administrator\AppData\Roaming\Microsoft
2016-09-07 23:06:14	--------	d-----w-	C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-09-07 23:06:14	--------	d-----w-	C:\Users\Administrator\AppData\Local\Temp
2016-09-07 23:06:14	--------	d-----w-	C:\Users\Administrator\AppData\Local\Microsoft
2016-09-07 23:06:14	--------	d-----r-	C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-09-07 23:06:14	--------	d-----r-	C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-09-07 23:06:14	--------	d-----r-	C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-09-07 22:53:29	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2016-09-03 05:43:35	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp
2016-09-03 05:43:35	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp
====== C:\Users\feesoleil64 ======
2016-09-20 19:46:16	D049E7A6DE66723FAB222C9CA40BC6FF	2350080	----a-w-	C:\Users\feesoleil64\Downloads\ZHPDiag3(1).exe
2016-09-20 19:25:58	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-09-20 19:16:38	66E3AE37EFC366ABC5C15584BB80A44B	739397	----a-w-	C:\Users\feesoleil64\Downloads\OneClick2RP.exe
2016-09-19 20:32:51	CF8BB8DC44AFCBB5DE799CA593EDB012	2347008	----a-w-	C:\Users\feesoleil64\Downloads\ZHPDiag3.exe
2016-09-19 14:06:04	D0C3F0827A1CC0107E5D42E23F664A84	3861056	----a-w-	C:\Users\feesoleil64\Downloads\adwcleaner_6.020.exe
2016-09-14 05:50:39	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2016-09-13 06:02:33	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-09-09 19:58:25	--------	d-----w-	C:\ProgramData\ATI
2016-09-08 19:57:23	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-09-08 19:46:44	--------	d-sh--w-	C:\Users\feesoleil64\IntelGraphicsProfiles
2016-09-08 19:46:28	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\feesoleil64\ntuser.ini
2016-09-07 23:06:16	--------	d--h--w-	C:\Users\feesoleil64\AppData
2016-09-07 23:06:16	--------	d-----r-	C:\Users\feesoleil64\Favorites
2016-09-07 23:06:16	--------	d-----r-	C:\Users\feesoleil64\Documents
2016-09-07 23:06:16	--------	d-----r-	C:\Users\feesoleil64\Desktop
2016-09-07 23:06:14	--------	d--h--w-	C:\Users\Administrator\AppData
2016-09-07 23:06:14	--------	d-----r-	C:\Users\Administrator\Favorites
2016-09-07 23:06:14	--------	d-----r-	C:\Users\Administrator\Desktop
2016-08-27 22:47:49	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-08-27 22:47:40	--------	d-----w-	C:\ProgramData\RogueKiller

====== C: exe-files ==
2016-09-23 06:08:48	E43AEE6A66067C6535C1F994BCFB93A1	391496	----a-w-	C:\Windows\System32\aswBoot.exe
2016-09-21 19:10:13	F68134F7FEDEC2E777A4E11ED9265A9E	16024	----a-w-	C:\Users\feesoleil64\AppData\Local\Apps\2.0\4E3HYGAO.Q1Z\GOKYVED5.KG0\prog...app_baa8013a79450f71_0001.0003_cad155cc259ea8e5\clickonce_bootstrap.exe
2016-09-21 19:10:13	812D664B0084DF946C8E9BC01B3FC19E	1065376	----a-w-	C:\Users\feesoleil64\AppData\Local\Apps\2.0\4E3HYGAO.Q1Z\GOKYVED5.KG0\prog...app_baa8013a79450f71_0001.0003_cad155cc259ea8e5\GoogleUpdateSetup.exe
2016-09-21 19:10:13	812D664B0084DF946C8E9BC01B3FC19E	1065376	----a-w-	C:\Users\feesoleil64\AppData\Local\Apps\2.0\4E3HYGAO.Q1Z\GOKYVED5.KG0\clic...exe_baa8013a79450f71_0001.0003_none_8554920337a51673\GoogleUpdateSetup.exe
2016-09-20 19:46:16	D049E7A6DE66723FAB222C9CA40BC6FF	2350080	----a-w-	C:\Users\feesoleil64\Downloads\ZHPDiag3(1).exe
2016-09-20 19:25:58	F3A37421DBD1AAA36558C97572C91C5A	147456	----a-w-	C:\Program Files (x86)\ZHPFix\catchme.exe
2016-09-20 19:25:58	C573A6CB885554F9B162AC4709A78407	3061760	----a-w-	C:\Program Files (x86)\ZHPFix\ZHPFix.exe
2016-09-20 19:25:58	C155A13687144076286989EF078112C2	1917440	----a-w-	C:\Program Files (x86)\ZHPFix\ZHPhep.exe
2016-09-20 19:25:58	9DAA7218961710008D7385B01BD3F386	89088	----a-w-	C:\Program Files (x86)\ZHPFix\mbr.exe
2016-09-20 19:25:58	53CDBB093B0AEE9FD6CF1CBD25A95077	290304	----a-w-	C:\Program Files (x86)\ZHPFix\subinacl.exe
2016-09-20 19:25:58	451AE03D3C92777F09840CA56F08AB62	454056	----a-w-	C:\Program Files (x86)\ZHPFix\setacl32.exe
2016-09-20 19:25:58	3E350EB5DF15C06DEC400A39DD1C6F29	559528	----a-w-	C:\Program Files (x86)\ZHPFix\setacl64.exe
2016-09-20 19:25:57	9658565C1728E9B7F9F45C907E2028D9	694736	----a-w-	C:\Program Files (x86)\ZHPFix\unins000.exe
2016-09-20 19:16:38	66E3AE37EFC366ABC5C15584BB80A44B	739397	----a-w-	C:\Users\feesoleil64\Downloads\OneClick2RP.exe
2016-09-19 20:32:51	CF8BB8DC44AFCBB5DE799CA593EDB012	2347008	----a-w-	C:\Users\feesoleil64\Downloads\ZHPDiag3.exe
2016-09-19 14:06:04	D0C3F0827A1CC0107E5D42E23F664A84	3861056	----a-w-	C:\Users\feesoleil64\Downloads\adwcleaner_6.020.exe
=== C: other files ==
2016-09-23 06:08:52	75325BC6BE15471331FFCEEC14E1DA03	453192	----a-w-	C:\Windows\System32\drivers\aswNetSec.sys
2016-09-23 06:08:04	3CE1B3C4122030A4FAE6894A49BBDC0B	82936	----a-w-	C:\Windows\System32\drivers\aswHdsKe.sys

==== Orphaned Tasks deleted from Registry ======================

avast Emergency Update deleted

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-4191687600-3337495284-2790797349-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress8"="C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun"
"BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress8"="C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/09/2016 22:51]
C:\WINDOWS\tasks\HPCeeScheduleForfeesoleil64.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13/09/2010 23:15]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]
"C:\WINDOWS\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe]
"C:\WINDOWS\SysNative\tasks\HPCeeScheduleForfeesoleil64" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\WINDOWS\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\WINDOWS\SysNative\tasks\SafeZone scheduled Autoupdate 1471985236" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{E7099111-787E-43AC-8B4E-C413557B8889}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\WINDOWS\SysNative\tasks\AVAST Software\Avast settings backup" [C:\Program Files\Common Files\AV\avast Antivirus\backup.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [23/09/2016 08:08]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [23/09/2016 08:08]

==== Firefox Extensions ======================

ProfilePath: C:\Users\FEESOL~1\AppData\Roaming\Mozilla\Firefox\Profiles\53hdez6k.default-1465160478062
- Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\feesoleil64\AppData\Roaming\Mozilla\Firefox\Profiles\53hdez6k.default-1465160478062
DAD55CEF682EAE6FA7B4C9487563A496	- C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll -	Shockwave for Director / Shockwave for Director
7FB1DC8C464CAFC230E7AD6392AE859B	- C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll -	Shockwave Flash


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
gomekmidlodglbbmalcneegieacbdmki - No path found[]

Google Slides - feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Text Mode - feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Extensions\amdfgmbdhppidaaekginkljmbfcmobnd
Google Docs - feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Chrome Web Notes - feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbkllamjdkkfgcmddalccckpgnbklmdf
Google Sheets - feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Notes - feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmnlgpnbbkjmijlihokckkfkjnlfghgg
Chrome Web Store Payments - feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Chrome Media Router - feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searchqq.com_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searchqq.com_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adcontrol.cherchons.com_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adcontrol.cherchons.com_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adexc.net_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adexc.net_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adexchangeprediction.com_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adexchangeprediction.com_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adskeeper.co.uk_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adskeeper.co.uk_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.coupontime00.coupontime.co_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.coupontime00.coupontime.co_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.cmptch.com_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.cmptch.com_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.dealsandcoupons-network.com_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.dealsandcoupons-network.com_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystartpage1.ru_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystartpage1.ru_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.fulltabsearch.com_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.fulltabsearch.com_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.socialnewtabssearch.com_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.socialnewtabssearch.com_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.topsafetabsearch.com_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.topsafetabsearch.com_0.localstorage-journal deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.tvnewtabsearch.com_0.localstorage deleted successfully
C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.tvnewtabsearch.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://g.uk.msn.com/HPNOT13/3"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://g.uk.msn.com/HPNOT13/3"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
HKLM\SearchScopes\{34B99490-A983-4E3F-9991-BEF6098AD37D} - http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
HKLM\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - http://rover.ebay.com/rover/1/709-29563-11896-9/4
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
HKLM\Wow6432Node\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - http://rover.ebay.com/rover/1/709-29563-11896-9/4
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
HKCU\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - http://rover.ebay.com/rover/1/709-29563-11896-9/4

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\feesoleil64\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\feesoleil64\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\feesoleil64\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\feesoleil64\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\feesoleil64\AppData\Local\Mozilla\Firefox\Profiles\53hdez6k.default-1465160478062\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\feesoleil64\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=58 folders=15 16706826 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\feesoleil64\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\FEESOL~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 23/09/2016 at 17:01:33,96 ======================