Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Ständig im TaskManager Audio.exe EMCO Malware Destroyer

Ständig im TaskManager Audio.exe EMCO Malware Destroyer


Log-Analyse und Auswertung: Ständig im TaskManager Audio.exe EMCO Malware Destroyer

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 02.09.2017, 11:43   #16
ktownmods
 
Ständig im TaskManager Audio.exe EMCO Malware Destroyer - Standard

Ständig im TaskManager Audio.exe EMCO Malware Destroyer


Fixlog:
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von ktown (02-09-2017 12:33:44) Run:2
Gestartet von C:\Users\ktown\Downloads\Mods
Geladene Profile: ktown (Verfügbare Profile: ktown)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
closeprocesses:
folder: C:\Users\ktown\AppData\Local\Microsoft\Windows
cmd: type C:\Users\ktown\AppData\Local\VirtualStore\Windows\assembly\Desktop.ini
cmd: type C:\Users\ktown\AppData\Local\Temp\guid.bat
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
folder: C:\Users\ktown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Startup: C:\Users\ktown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2017-08-28] ()
C:\Users\ktown\Downloads\Mods\cdbxp_setup_4.5.7.6623.exe
2017-08-27 22:22 - 2017-08-28 16:25 - 000000000 ____D C:\Users\ktown\AppData\Roaming\tor
2017-08-27 22:21 - 2017-08-28 18:33 - 000000000 ____D C:\Users\ktown\AppData\Roaming\sound
2017-08-27 22:21 - 2017-08-28 18:33 - 000000000 ____D C:\Users\ktown\AppData\Roaming\Audio
emptytemp:
*****************

Prozesse erfolgreich geschlossen.

========================= folder: C:\Users\ktown\AppData\Local\Microsoft\Windows ========================

2017-08-25 21:12 - 2017-09-01 13:47 - 003670016 ____H () C:\Users\ktown\AppData\Local\Microsoft\Windows\UsrClass.dat
2017-08-25 21:12 - 2017-08-25 21:12 - 003166208 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1
2017-08-25 21:12 - 2017-08-25 21:12 - 001081344 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2
2017-08-25 21:12 - 2017-08-25 21:12 - 000065536 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\UsrClass.dat{0350d035-89c9-11e7-ba53-f832e4a07181}.TM.blf
2017-08-25 21:12 - 2017-08-25 21:12 - 000524288 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\UsrClass.dat{0350d035-89c9-11e7-ba53-f832e4a07181}.TMContainer00000000000000000001.regtrans-ms
2017-08-25 21:12 - 2017-08-25 21:12 - 000524288 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\UsrClass.dat{0350d035-89c9-11e7-ba53-f832e4a07181}.TMContainer00000000000000000002.regtrans-ms
2017-08-25 21:13 - 2017-08-25 21:13 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\WebCacheLock.dat
2017-08-28 00:07 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{024A0432-A804-47A4-8817-A9BEE06E8910}
2017-08-28 16:24 - 2017-08-31 18:11 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{032644B3-4DBF-404C-9DDB-ADE8247BA58D}
2017-08-28 00:07 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{07447B11-BD36-48EB-B4E9-E7F9BF5363B0}
2017-08-27 22:56 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{1070BD43-530B-4357-A9B8-3C56887B61F1}
2017-08-27 22:47 - 2017-08-27 22:47 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{122ACCD3-7873-4BC9-8D1A-A61542814B75}
2017-08-27 23:29 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{139558E7-CDC1-429B-9102-1262B97B7B85}
2017-08-27 22:55 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{17A3D445-3FD8-4749-B713-40D195E83059}
2017-08-27 23:01 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{1B6A2BD5-9186-40B7-AE0D-B50D1FF28920}
2017-08-27 22:54 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{1E9F4759-67BE-4C02-ACE4-74F62187D259}
2017-08-27 22:54 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{209CD171-D1F0-4F55-B654-41B51081028E}
2017-08-27 22:54 - 2017-08-28 18:33 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{23A1C90E-6B28-45F0-834B-28ACA2D2D339}
2017-08-27 22:54 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{2D494E5D-CB30-410A-8210-2A567D9ED826}
2017-08-27 23:01 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{2FD1294D-BEB5-4F29-9955-FD7329AE71D8}
2017-08-28 16:24 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{2FD7733B-8CF8-4F2B-8602-ED71387F0CE6}
2017-08-27 22:56 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{3152A6D8-F373-4EC6-8003-AFB5B6FFE3FE}
2017-08-27 22:21 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{40AB6665-68D5-496B-AFC0-BA8AF50C6919}
2017-08-27 22:51 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{4320DDD4-600C-4A45-8177-E4F360433D85}
2017-08-27 23:01 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{43D1CE4D-90A7-47A6-8548-0F746D5FD623}
2017-08-27 22:56 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{460E70F7-144D-4875-866B-C864BEC1AB98}
2017-08-27 23:30 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{46F48AEB-DB7C-47A0-B006-719CBDEF549D}
2017-08-27 22:55 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{482F908D-75BC-4E0F-AC08-29665CAA16CE}
2017-08-28 00:07 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{4B29994D-7D11-48AA-BBD7-3D6F5972EB8C}
2017-08-27 22:56 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{566E0DA9-203E-496C-A5B0-8C825F39E577}
2017-08-27 22:55 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{58155E36-DBC6-417A-BDFF-B16C171553CB}
2017-08-27 22:56 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{5A37934C-FFA9-4F56-80DF-9D31F8950B06}
2017-08-27 22:55 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{5B63FCA5-5390-4F9D-A526-003B8B356D4F}
2017-08-27 23:22 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{5D0BE935-AAA1-4756-B798-9E2F41396BAB}
2017-08-28 16:22 - 2017-08-28 16:23 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{5EB9B3AC-0160-42D7-AEC2-58385DDEFF67}
2017-08-27 22:54 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{6176FFB1-D968-4280-A148-EA629546F193}
2017-08-27 22:21 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{64CC78B0-D949-40FD-BA90-B2899E561F15}
2017-08-27 22:50 - 2017-08-27 22:50 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{66FCDB64-40FB-4956-A5F0-377A14EFF24D}
2017-08-27 22:54 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{6750A088-8B0E-4BD8-BD0E-86CC73025E01}
2017-08-27 22:59 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{68317946-D327-4210-817B-C0E827221C43}
2017-08-27 23:31 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{69CE8F0F-5B53-42AD-8F26-02722D10B41B}
2017-08-27 23:31 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{6B13E4C4-6BA4-429D-A987-432769D8414B}
2017-08-27 22:59 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{6B4EA066-4854-492E-840A-8C7C5736B832}
2017-08-27 22:56 - 2017-08-27 22:56 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{6B74B309-E7FD-4FD5-B22D-CA53E1B33B41}
2017-08-27 22:56 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{714C6B6F-2043-4925-A281-ABF548FD5CE4}
2017-08-27 23:31 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{73DC0E34-2888-41FC-B2AC-A86201DA0FAD}
2017-08-27 22:54 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{7BE4E157-B5F0-4B05-94E5-3862A9558DA8}
2017-08-27 22:56 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{80A045C6-8219-45AE-B9D1-F57E829472C5}
2017-08-27 23:02 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{832C6928-C980-4B4C-853C-1FC87E0E9032}
2017-08-27 23:01 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{8C851D31-2EDE-4F07-939D-5C8A5C69CDFF}
2017-08-27 23:02 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{8D3989AA-3322-4AB5-A14A-057BE8DF64FC}
2017-08-28 16:24 - 2017-08-28 18:33 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{8E73B611-6D21-4BA3-B993-163F23FD62A0}
2017-08-27 23:22 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{93822BC0-2749-4A82-B29A-CBEDE201C0DA}
2017-08-27 22:21 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{94EE25A4-3009-46F4-82A2-80EDFCF8540A}
2017-08-28 16:22 - 2017-08-28 16:23 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{976708A6-0B52-4144-BB35-50BB4B655C78}
2017-08-27 22:56 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{9B385A54-7A40-47F4-AEA3-1DA3D3F03849}
2017-08-27 22:55 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{A39D38FC-FBC7-48ED-882A-248539E8860C}
2017-08-27 22:51 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{A800E9B1-0658-4F46-9D76-93F432E60DEE}
2017-08-27 22:56 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{A8645507-B84A-4FD1-AC84-D7BEADA0C558}
2017-08-27 23:31 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{A91DDEBE-7B15-4F86-B500-257A1E332388}
2017-08-28 00:08 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{ADD3B04C-A1CD-403F-A495-4695B75F30FD}
2017-08-27 22:54 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{B5EBD04C-8CDA-40BC-9B77-9EBA379BF202}
2017-08-27 23:31 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{BA86BCA4-4096-428E-948B-1A43E316FCAD}
2017-08-28 16:22 - 2017-08-28 16:23 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{BBDC5531-D1EB-4C76-B6C0-76AC8435833D}
2017-08-27 22:59 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{BF496574-6A87-4920-8310-A54F8096DF51}
2017-08-28 16:24 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{C83EFF28-A57A-4BBC-B695-426178168753}
2017-08-28 16:05 - 2017-08-28 16:06 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{C8678A9A-48F2-4B55-BE16-354D909C3328}
2017-08-28 00:07 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{CBDFBAF8-299F-44AC-9DF3-F27FE98C7231}
2017-08-28 00:08 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{CD3229B0-A69D-42D9-8C04-C73C7F9A8120}
2017-08-27 22:59 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{CD5FC2EA-1F10-46B3-AB08-A3444A6F3E86}
2017-08-27 22:55 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{CEE6B822-FD7E-4EFB-A7C8-019D405FC2C4}
2017-08-27 22:56 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{D000F72B-49B8-4B73-A5C7-CD55D0A8DA8A}
2017-08-28 16:22 - 2017-08-28 16:23 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{D60CC88D-D1E0-4145-9F6E-76A5965EB182}
2017-08-27 22:21 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{D8A391E8-547D-4F60-A4C9-7ADB37D4BF81}
2017-08-27 23:31 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{D8FC2835-B597-4978-A0F5-F3C1E1D2FD2C}
2017-08-27 23:29 - 2017-08-28 18:33 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{DC41174F-1316-4C73-AF54-50FAC2A2B0E6}
2017-08-27 23:01 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{DD3F0BEA-6038-4E6A-92C6-012D40B65DEC}
2017-08-28 16:05 - 2017-08-28 16:06 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{E1D5BFD4-07D4-4193-9884-6744CF2F5BE4}
2017-08-27 22:56 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{E49E6D4F-E95C-4D0C-8E10-1FA6E9F8BB5F}
2017-08-27 23:01 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{ECF6E036-3732-40A8-9AC2-4FDCA292811E}
2017-08-27 23:30 - 2017-08-28 18:34 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{EEF4FFCC-6844-428D-B69F-2AB0BAE9A03E}
2017-08-27 22:49 - 2017-08-27 22:49 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{EF5BA5D0-27CE-492C-BE7B-8F481583F185}
2017-08-27 22:47 - 2017-08-27 22:47 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\{F96B83B8-2262-4431-991F-8DF1F5714B59}
2017-08-26 11:53 - 2017-08-26 11:53 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\0
2017-08-27 12:24 - 2017-08-27 12:24 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\1024
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\1031
2017-08-26 11:50 - 2017-08-26 11:50 - 000418356 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\1031\StructuredQuerySchema.bin
2017-08-26 13:13 - 2017-09-02 12:09 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\ActionCenterCache
2017-09-02 12:09 - 2017-08-26 12:44 - 000004107 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\ActionCenterCache\microsoft-skypeapp_kzf8qxf38zg5c-app_638_0.png
2017-08-26 11:50 - 2017-08-30 09:33 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\AppCache
2017-08-30 09:33 - 2017-08-30 09:33 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\AppCache\container.dat
2017-08-30 09:33 - 2017-08-30 09:33 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\AppCache\DDFDQL8I
2017-08-30 09:33 - 2017-08-30 09:33 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\AppCache\DDFDQL8I\container.dat
2017-08-25 21:13 - 2017-08-26 13:45 - 000000000 ___RD () C:\Users\ktown\AppData\Local\Microsoft\Windows\Application Shortcuts
2017-08-25 21:13 - 2017-08-26 13:45 - 000000174 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\Application Shortcuts\desktop.ini
2017-08-25 21:15 - 2017-08-27 12:04 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Burn
2017-08-25 21:15 - 2017-08-25 21:15 - 000000000 __RHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\Burn\Burn
2017-08-25 21:15 - 2017-08-25 21:15 - 000000174 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\Burn\Burn\desktop.ini
2017-08-27 12:04 - 2017-08-27 12:04 - 000000000 __RHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\Burn\Burn1
2017-08-27 12:04 - 2017-08-27 12:04 - 000000174 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\Burn\Burn1\desktop.ini
2017-08-25 21:13 - 2017-09-02 12:08 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Caches
2017-08-26 12:44 - 2017-08-28 18:07 - 000418392 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Caches\{1FC437C3-B905-4D30-88C9-B63C603DA134}.3.ver0x0000000000000002.db
2017-09-02 12:08 - 2017-09-02 12:08 - 000319112 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x00000000000000c2.db
2017-09-01 11:00 - 2017-09-01 11:00 - 000156784 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000019.db
2017-09-01 13:47 - 2017-09-01 13:47 - 000099192 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000001a.db
2017-08-25 21:16 - 2017-08-25 21:16 - 000016384 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
2017-08-25 21:13 - 2017-08-25 21:13 - 000016384 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Caches\cversions.3.db
2017-08-25 21:12 - 2017-03-18 23:03 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\CloudStore
2017-08-25 21:13 - 2017-08-28 18:10 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer
2017-08-25 21:13 - 2017-08-25 21:15 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\ExplorerStartupLog.etl
2017-08-27 00:20 - 2017-09-02 12:08 - 000040960 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\ExplorerStartupLog_RunOnce.etl
2017-08-28 18:10 - 2017-08-28 18:10 - 000000024 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\iconcache_1280.db
2017-08-28 18:10 - 2017-08-28 18:10 - 003145728 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db
2017-08-28 18:10 - 2017-08-28 18:10 - 000000024 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\iconcache_1920.db
2017-08-28 18:10 - 2017-08-28 19:15 - 002097152 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\iconcache_256.db
2017-08-28 18:10 - 2017-08-28 18:10 - 000000024 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\iconcache_2560.db
2017-08-28 18:10 - 2017-08-28 18:10 - 006291456 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db
2017-08-28 18:10 - 2017-08-28 18:10 - 007340032 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db
2017-08-28 18:10 - 2017-08-28 18:10 - 000000024 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\iconcache_768.db
2017-08-28 18:10 - 2017-08-28 18:10 - 000000024 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\iconcache_96.db
2017-08-28 18:10 - 2017-08-28 18:10 - 000000024 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\iconcache_custom_stream.db
2017-08-28 18:10 - 2017-08-28 18:10 - 000000024 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\iconcache_exif.db
2017-08-28 18:10 - 2017-09-01 13:34 - 000465552 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
2017-08-28 18:10 - 2017-08-28 18:10 - 000000024 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\iconcache_sr.db
2017-08-28 18:10 - 2017-08-28 18:10 - 000000024 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide.db
2017-08-28 18:10 - 2017-08-28 18:10 - 000000024 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide_alternate.db
2017-08-25 21:14 - 2017-09-01 13:10 - 002097152 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1280.db
2017-08-25 21:14 - 2017-08-28 18:10 - 001048576 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\thumbcache_16.db
2017-08-25 21:14 - 2017-08-28 18:07 - 000000024 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1920.db
2017-08-25 21:14 - 2017-08-28 18:07 - 001048576 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db
2017-08-25 21:14 - 2017-08-30 09:38 - 001048576 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\thumbcache_2560.db
2017-08-25 21:14 - 2017-08-28 18:10 - 002097152 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db
2017-08-25 21:14 - 2017-08-28 18:07 - 001048576 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\thumbcache_48.db
2017-08-25 21:14 - 2017-09-01 13:45 - 002097152 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\thumbcache_768.db
2017-08-25 21:14 - 2017-08-30 09:38 - 001048576 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db
2017-08-25 21:14 - 2017-08-28 18:07 - 000000024 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\thumbcache_custom_stream.db
2017-08-25 21:14 - 2017-08-30 09:38 - 001048576 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\thumbcache_exif.db
2017-08-25 21:14 - 2017-08-28 20:10 - 000058320 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db
2017-08-25 21:14 - 2017-08-28 18:07 - 000000024 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db
2017-08-25 21:14 - 2017-08-28 18:07 - 000000024 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\thumbcache_wide.db
2017-08-25 21:14 - 2017-08-28 18:07 - 000000024 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\thumbcache_wide_alternate.db
2017-08-25 21:16 - 2017-08-31 19:33 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\NotifyIcon
2017-08-29 21:55 - 2017-08-30 22:55 - 000000701 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Explorer\NotifyIcon\Microsoft.Explorer.Notification.{0A7B8388-5D8E-22DC-2DE3-0AE91C1C44F2}.png
2017-08-25 21:12 - 2017-03-18 23:03 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\GameExplorer
2017-08-25 21:12 - 2017-08-28 18:11 - 000000000 ___SD () C:\Users\ktown\AppData\Local\Microsoft\Windows\History
2017-08-28 18:11 - 2017-08-28 18:11 - 000000130 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\desktop.ini
2017-08-25 21:13 - 2017-09-02 12:32 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\History.IE5
2017-08-28 18:11 - 2017-08-28 18:11 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\History.IE5\container.dat
2017-08-28 00:16 - 2017-08-28 18:09 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017082120170828
2017-08-28 00:16 - 2017-08-28 18:11 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017082820170829
2017-08-28 18:11 - 2017-08-28 18:11 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017082820170829\container.dat
2017-08-29 15:31 - 2017-08-29 15:31 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017082920170830
2017-08-29 15:31 - 2017-08-29 15:31 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017082920170830\container.dat
2017-08-30 09:18 - 2017-08-30 09:18 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017083020170831
2017-08-30 09:18 - 2017-08-30 09:18 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017083020170831\container.dat
2017-08-31 14:26 - 2017-08-31 14:26 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017083120170901
2017-08-31 14:26 - 2017-08-31 14:26 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017083120170901\container.dat
2017-09-01 09:51 - 2017-09-01 09:51 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017090120170902
2017-09-01 09:51 - 2017-09-01 09:51 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017090120170902\container.dat
2017-09-02 12:32 - 2017-09-02 12:32 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017090220170903
2017-09-02 12:32 - 2017-09-02 12:32 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017090220170903\container.dat
2017-08-25 21:13 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\Low
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\Low\History.IE5
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\History\Low\History.IE5\container.dat
2017-08-25 21:13 - 2017-08-29 20:39 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\IECompatCache
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\IECompatCache\container.dat
2017-08-25 21:13 - 2017-08-29 20:39 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\IECompatCache\Low
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\IECompatCache\Low\container.dat
2017-08-25 21:13 - 2017-08-29 20:39 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\IECompatUaCache
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\IECompatUaCache\container.dat
2017-08-25 21:13 - 2017-08-29 20:39 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\IECompatUaCache\Low
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\IECompatUaCache\Low\container.dat
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\IEDownloadHistory
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\IEDownloadHistory\container.dat
2017-08-25 21:12 - 2017-08-29 20:39 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache
2017-08-28 18:10 - 2017-08-28 18:10 - 000000128 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\counters2.dat
2017-08-28 18:10 - 2017-08-28 18:10 - 000000000 _SHDL () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Content.IE5
2017-08-28 18:10 - 2017-08-29 20:41 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE
2017-08-28 18:10 - 2017-08-28 18:10 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\container.dat
2017-08-29 15:24 - 2017-09-02 12:33 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\NBJP9SFO
2017-08-30 09:32 - 2017-08-30 09:32 - 000013905 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\NBJP9SFO\203[1]
2017-08-31 14:50 - 2017-08-31 14:50 - 000013905 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\NBJP9SFO\203[2]
2017-09-01 13:01 - 2017-09-01 13:01 - 000072527 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\NBJP9SFO\9NBLGGH1ZRPV[1].json
2017-08-29 20:39 - 2017-08-29 20:39 - 000032956 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\NBJP9SFO\favicon[1].ico
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\NBJP9SFO\favicon[1].png
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\NBJP9SFO\favicon[2].png
2017-08-29 20:39 - 2017-08-29 20:39 - 000090518 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\NBJP9SFO\known_providers_download_v1[1].xml
2017-08-30 20:21 - 2017-09-01 10:29 - 000000187 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\NBJP9SFO\lightshot[1].xml
2017-08-29 20:32 - 2017-08-29 20:32 - 000000139 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\NBJP9SFO\ShippedFlights[1].cache
2017-08-30 09:38 - 2017-08-30 09:38 - 000048143 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\NBJP9SFO\tmpldata[1]
2017-09-02 12:33 - 2017-09-02 12:33 - 000000011 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\NBJP9SFO\up64[2]
2017-09-01 13:23 - 2017-09-01 13:23 - 000011590 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\NBJP9SFO\vs[2].cache
2017-08-29 14:29 - 2017-08-30 20:21 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\Q51OAH2F
2017-08-29 20:33 - 2017-08-29 20:33 - 000001471 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\Q51OAH2F\CompatibilityList[1].cache
2017-08-29 20:32 - 2017-08-29 20:32 - 000010338 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\Q51OAH2F\dyntelconfig[1].cache
2017-08-29 20:43 - 2017-08-29 20:43 - 000003296 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\Q51OAH2F\dyntelconfig[2].cache
2017-08-29 20:32 - 2017-08-29 20:32 - 000000505 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\Q51OAH2F\Master[1].cache
2017-08-29 20:32 - 2017-08-29 20:32 - 000006494 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\Q51OAH2F\RemoteSettings_Common_15.0[1].cache
2017-08-29 20:39 - 2017-08-31 17:17 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\RBVY8F7U
2017-08-30 09:32 - 2017-08-30 09:32 - 000010532 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\RBVY8F7U\200[1]
2017-08-30 09:33 - 2017-08-30 09:33 - 000079107 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\RBVY8F7U\edgecompatviewlist[1].xml
2017-08-30 09:45 - 2017-08-30 09:45 - 000079107 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\RBVY8F7U\edgecompatviewlist[2].xml
2017-08-29 20:39 - 2017-08-29 20:39 - 000000300 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\RBVY8F7U\favicon[1].ico
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\RBVY8F7U\favicon[1].png
2017-08-29 20:39 - 2017-08-29 20:39 - 000017174 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\RBVY8F7U\favicon[2].ico
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\RBVY8F7U\favicon[2].png
2017-08-31 17:17 - 2017-08-31 17:17 - 000000139 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\RBVY8F7U\windows-app-web-link[1].json
2017-08-31 17:17 - 2017-08-31 17:17 - 000000963 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\IE\RBVY8F7U\windows-app-web-link[2].json
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low
2017-08-29 20:39 - 2017-08-29 20:39 - 000049120 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\MSIMGSIZ.DAT
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 _SHDL () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\container.dat
2017-08-29 20:39 - 2017-08-29 20:44 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\ATC5QTQ6
2017-08-29 20:39 - 2017-08-29 20:39 - 000001348 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\ATC5QTQ6\1015730972[1].htm
2017-08-29 20:39 - 2017-08-29 20:39 - 000034500 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\ATC5QTQ6\fbevents[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000000817 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\ATC5QTQ6\footer-bg-1sZLDumW[1].svg
2017-08-29 20:39 - 2017-08-29 20:39 - 000051089 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\ATC5QTQ6\jsll-4[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000028315 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\ATC5QTQ6\latest[1].eot
2017-08-29 20:39 - 2017-08-29 20:39 - 000003079 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\ATC5QTQ6\ms-icons-v2[1].jpg
2017-08-29 20:39 - 2017-08-29 20:39 - 000002229 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\ATC5QTQ6\notosansjp[1].css
2017-08-29 20:39 - 2017-08-29 20:39 - 000002238 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\ATC5QTQ6\notosanssc[1].css
2017-08-29 20:39 - 2017-08-29 20:39 - 000000115 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\ATC5QTQ6\prebuilt[1].htm
2017-08-29 20:39 - 2017-08-29 20:39 - 000021314 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\ATC5QTQ6\products-icons[1].svg
2017-08-29 20:39 - 2017-08-29 20:39 - 000000044 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\ATC5QTQ6\tr[1].gif
2017-08-29 20:39 - 2017-08-29 20:39 - 000762315 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\ATC5QTQ6\vendor-e16b4de4[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\DR49M29F
2017-08-29 20:39 - 2017-08-29 20:39 - 000161808 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\DR49M29F\acquaint@2x-iQDFagDs[1].png
2017-08-29 20:39 - 2017-08-29 20:39 - 000000377 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\DR49M29F\BizibleAcct[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000013737 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\DR49M29F\f[1].txt
2017-08-29 20:39 - 2017-08-29 20:39 - 000035047 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\DR49M29F\latest[1].eot
2017-08-29 20:39 - 2017-08-29 20:39 - 000001569 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\DR49M29F\linkid[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000012487 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\DR49M29F\ms[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000034946 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\DR49M29F\prebuilt[1].htm
2017-08-29 20:39 - 2017-08-29 20:39 - 000020103 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\DR49M29F\sport-by9FYFi2[1].png
2017-08-29 20:39 - 2017-08-29 20:39 - 000076509 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\DR49M29F\ws-ui-3cJvZ_2f[1].woff
2017-08-29 20:39 - 2017-08-29 20:39 - 000180080 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\DR49M29F\ws-ui-light-1zr-aUMJ[1].woff
2017-08-29 20:39 - 2017-08-29 20:39 - 000193196 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\DR49M29F\ws-ui-semibold-1iFJ2HVh[1].woff
2017-08-29 20:39 - 2017-08-29 20:39 - 000013348 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\DR49M29F\xamarin-crm-yRAsiCwY[1].png
2017-08-29 20:39 - 2017-08-29 20:44 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GHSLD6RU
2017-08-29 20:39 - 2017-08-29 20:39 - 000012849 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GHSLD6RU\5244a493c9b752f600000087[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000223895 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GHSLD6RU\8400156450[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000041137 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GHSLD6RU\871531639650731[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000032959 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GHSLD6RU\analytics[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000065975 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GHSLD6RU\gtm[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000000794 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GHSLD6RU\hexagon-1KGO_xDi[1].svg
2017-08-29 20:39 - 2017-08-29 20:39 - 000236483 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GHSLD6RU\ms-edge-specs[1].jpg
2017-08-29 20:39 - 2017-08-29 20:39 - 000001208 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GHSLD6RU\munchkin[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000000155 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GHSLD6RU\prebuilt[1].htm
2017-08-29 20:39 - 2017-08-29 20:39 - 000172016 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GHSLD6RU\script[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000119361 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GHSLD6RU\style[1].css
2017-08-29 20:39 - 2017-08-29 20:39 - 000000044 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GHSLD6RU\tr[1].gif
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\LQ0BQCE9
2017-08-29 20:39 - 2017-08-29 20:39 - 000001346 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\LQ0BQCE9\1015730972[1].htm
2017-08-29 20:39 - 2017-08-29 20:39 - 000094840 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\LQ0BQCE9\jquery-1.7.2.min[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000003826 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\LQ0BQCE9\microsoft-logo-invert-TqcakxjU[1].svg
2017-08-29 20:39 - 2017-08-29 20:39 - 000029598 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\LQ0BQCE9\ms-edge-hero-v2[1].jpg
2017-08-29 20:39 - 2017-08-29 20:39 - 000005337 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\LQ0BQCE9\ms-logo[1].jpg
2017-08-29 20:39 - 2017-08-29 20:39 - 000007775 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\LQ0BQCE9\munchkin[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000039336 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\LQ0BQCE9\my-shoppe-tDjOBjpA[1].png
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\LQ0BQCE9\pixel[1]
2017-08-29 20:39 - 2017-08-29 20:39 - 000003673 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\LQ0BQCE9\prebuilt-3t6lzMrL[1].css
2017-08-29 20:39 - 2017-08-29 20:39 - 000186918 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\LQ0BQCE9\template-4IeQvJe1[1].css
2017-08-29 20:39 - 2017-08-29 20:39 - 000078399 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\LQ0BQCE9\template-b1e0cbde[1].js
2017-08-29 20:39 - 2017-08-29 20:39 - 000003678 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Low\IE\LQ0BQCE9\xamarin-logo-3eAJQV2x[1].svg
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ___HD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Virtualized
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\ProgramData
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\ProgramData\NVIDIA Corporation
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\ProgramData\NVIDIA Corporation\Drs
2017-08-29 20:39 - 2017-08-29 19:47 - 000000001 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\ProgramData\NVIDIA Corporation\Drs\nvdrssel.bin
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\ProgramData\NVIDIA Corporation\ShadowPlay
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\Users
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\Users\ktown
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\Users\ktown\AppData
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\Users\ktown\AppData\Local
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\Users\ktown\AppData\Local\Microsoft
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\Users\ktown\AppData\Local\Microsoft\Windows
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\Users\ktown\AppData\Local\Microsoft\Windows\INetCache
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies
2017-08-25 21:12 - 2017-08-29 20:39 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies
2017-08-29 14:29 - 2017-08-29 14:29 - 000000114 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\6MZWCMQG.cookie
2017-08-29 14:29 - 2017-08-29 14:29 - 000000328 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\ALBJDMRY.cookie
2017-08-28 18:10 - 2017-08-28 18:10 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\container.dat
2017-08-29 15:24 - 2017-08-29 15:24 - 000000122 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\QWVPONIM.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\DNTException
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\DNTException\container.dat
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ___HD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low
2017-08-29 20:39 - 2017-08-29 20:39 - 000000279 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\07NS0QM8.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000001100 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\12HINYP0.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000090 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\1617U04E.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000283 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\30OQ8B12.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000377 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\37QR3RAV.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000132 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\9MQ1HT6G.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000669 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\BORLN2BP.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000145 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\C9QUFLDZ.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\container.dat
2017-08-29 20:39 - 2017-08-29 20:39 - 000000110 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\CS5LOJ3A.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000100 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\LDKYEFZ6.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000104 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\PU7Y625I.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000705 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\UZ2EZ1EN.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000113 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\V9Z6CRHP.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000108 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\VZ9YWPPT.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000268 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\XAU601P0.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000210 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\Low\YTUFXEZX.cookie
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE
2017-08-29 20:39 - 2017-08-29 20:39 - 000000000 ___HD () C:\Users\ktown\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
2017-08-25 21:13 - 2017-08-26 11:49 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications
2017-08-25 21:13 - 2017-09-01 13:47 - 001048576 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpndatabase.db
2017-08-26 11:49 - 2017-09-02 12:08 - 000032768 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpndatabase.db-shm
2017-08-25 21:13 - 2017-09-02 12:31 - 001330792 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpndatabase.db-wal
2017-08-25 21:13 - 2017-09-02 12:08 - 000000000 ____H () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\WPNPRMRY.tmp
2017-08-25 21:13 - 2017-08-31 14:30 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm
2016-06-13 15:31 - 2016-06-13 15:31 - 000028383 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\294af3d2.jpg
2014-11-25 23:27 - 2014-11-25 23:27 - 000006475 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\2b67b297.jpg
2014-11-25 23:27 - 2014-11-25 23:27 - 000007127 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\4254396c.jpg
2014-11-25 23:27 - 2014-11-25 23:27 - 000008261 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\4464ab25.jpg
2014-11-25 23:27 - 2014-11-25 23:27 - 000005585 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\4683b0e5.jpg
2017-07-13 16:24 - 2017-07-13 16:24 - 000066446 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\5f02b56d.jpg
2014-11-25 23:27 - 2014-11-25 23:27 - 000004952 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\5fc0968a.jpg
2017-07-13 16:24 - 2017-07-13 16:24 - 000053310 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\63420817.jpg
2014-11-25 23:27 - 2014-11-25 23:27 - 000008396 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\6973a695.jpg
2014-11-25 23:27 - 2014-11-25 23:27 - 000009443 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\70af9816.jpg
2017-08-26 11:45 - 2017-08-26 11:45 - 000004555 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\7764210d.jpg
2014-11-25 23:27 - 2014-11-25 23:27 - 000009739 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\ae9fa87c.jpg
2016-04-27 09:45 - 2016-04-27 09:45 - 000048972 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\b6ed539b.jpg
2017-08-28 10:02 - 2017-08-28 10:02 - 000003747 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\bf3ae79.jpg
2017-08-31 06:16 - 2017-08-31 06:16 - 000003441 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\d8e51c8.jpg
2017-07-13 16:24 - 2017-07-13 16:24 - 000056762 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\d9bcf9e7.jpg
2017-08-29 12:45 - 2017-08-29 12:45 - 000004592 ____N () C:\Users\ktown\AppData\Local\Microsoft\Windows\Notifications\wpnidm\ef21e789.jpg
2017-08-25 21:15 - 2017-08-25 21:15 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PicturePassword
2017-08-26 23:22 - 2017-08-26 23:25 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PowerShell
2017-08-26 23:22 - 2017-08-26 23:52 - 000045998 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
2017-08-26 23:25 - 2017-09-01 13:42 - 000000064 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
2017-08-25 21:13 - 2017-08-26 23:05 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\1527c705-839a-4832-9118-54d4Bd6a0c89_10.0.15063.0_neutral_neutral_cw5n1h2txyewy
2017-08-26 13:45 - 2017-08-26 13:45 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\1527c705-839a-4832-9118-54d4Bd6a0c89_10.0.15063.447_neutral_neutral_cw5n1h2txyewy
2017-08-26 14:24 - 2017-08-26 14:24 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\1742034116
2017-08-26 14:24 - 2017-08-26 14:24 - 000203584 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\1742034116\2548312375.pri
2017-08-26 13:45 - 2017-08-26 13:45 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\2045991972
2017-08-26 13:45 - 2017-08-26 13:45 - 000151992 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\2045991972\3600740613.pri
2017-08-26 23:05 - 2017-08-26 23:05 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\2117620423
2017-08-26 23:05 - 2017-08-26 23:05 - 000016128 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\2117620423\1755592438.pri
2017-08-26 13:45 - 2017-08-26 13:45 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\3329127440
2017-08-26 13:45 - 2017-08-26 13:45 - 000069408 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\3329127440\859778732.pri
2017-08-26 13:55 - 2017-08-26 13:55 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\3638200224
2017-08-26 13:55 - 2017-08-26 13:55 - 000457672 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\3638200224\2254494611.pri
2017-08-26 23:03 - 2017-08-26 23:03 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\3772836457
2017-08-26 23:03 - 2017-08-26 23:03 - 000043192 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\3772836457\1231558255.pri
2017-08-26 13:55 - 2017-08-26 13:55 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\3898115897
2017-08-26 13:55 - 2017-08-26 13:55 - 000043256 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\3898115897\2441655616.pri
2017-08-26 23:03 - 2017-08-26 23:03 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\4249408766
2017-08-26 23:03 - 2017-08-26 23:03 - 000006984 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\4249408766\3838406820.pri
2017-08-26 13:45 - 2017-08-26 13:45 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\814284900
2017-08-26 13:45 - 2017-08-26 13:45 - 000122752 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\814284900\1087846103.pri
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\c5e2524a-ea46-4f67-841f-6a9465d9d515_10.0.15063.0_neutral_neutral_cw5n1h2txyewy
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\CortanaListenUIApp_10.0.15063.0_neutral__cw5n1h2txyewy
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\DesktopLearning_1000.15063.0.0_neutral__cw5n1h2txyewy
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\DesktopView_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\E2A4F912-2574-4A75-9BB0-0D023378592B_10.0.15063.0_neutral_neutral_cw5n1h2txyewy
2017-08-26 13:45 - 2017-08-26 13:45 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\E2A4F912-2574-4A75-9BB0-0D023378592B_10.0.15063.332_neutral_neutral_cw5n1h2txyewy
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\EnvironmentsApp_10.0.15063.0_neutral__cw5n1h2txyewy
2017-08-26 11:51 - 2017-08-26 11:51 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\HoloCamera_1.0.0.5_neutral__cw5n1h2txyewy
2017-08-26 11:51 - 2017-08-26 11:51 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\HoloItemPlayerApp_1.0.0.2_neutral__cw5n1h2txyewy
2017-08-25 21:13 - 2017-08-25 21:13 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.AAD.BrokerPlugin_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy
2017-08-26 11:51 - 2017-08-26 11:51 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.AccountsControl_10.0.15063.0_neutral__cw5n1h2txyewy
2017-08-26 13:45 - 2017-08-26 13:45 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.AccountsControl_10.0.15063.447_neutral__cw5n1h2txyewy
2017-08-26 11:51 - 2017-08-26 11:51 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.BioEnrollment_10.0.15063.0_neutral__cw5n1h2txyewy
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.CredDialogHost_10.0.15063.0_neutral__cw5n1h2txyewy
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.LockApp_10.0.15063.0_neutral__cw5n1h2txyewy
2017-08-25 21:13 - 2017-08-25 21:13 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.PPIProjection_10.0.15063.0_neutral_neutral_cw5n1h2txyewy
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.Apprep.ChxApp_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.AssignedAccessLockApp_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy
2017-08-25 21:13 - 2017-08-25 21:13 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.CloudExperienceHost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy
2017-08-25 21:13 - 2017-08-25 21:13 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy
2017-08-25 21:13 - 2017-08-26 13:45 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy
2017-08-26 13:45 - 2017-08-26 13:45 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy\814284900
2017-08-26 13:45 - 2017-08-26 13:45 - 000122752 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy\814284900\1087846103.pri
2017-08-26 11:51 - 2017-08-26 11:51 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.HolographicFirstRun_10.0.15063.0_neutral_neutral_cw5n1h2txyewy
2017-08-26 11:51 - 2017-08-26 11:51 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.ModalSharePickerHost_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy
2017-08-26 11:51 - 2017-08-26 11:51 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.OOBENetworkCaptivePortal_10.0.15063.0_neutral__cw5n1h2txyewy
2017-08-26 11:51 - 2017-08-26 11:51 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.OOBENetworkConnectionFlow_10.0.15063.0_neutral__cw5n1h2txyewy
2017-08-26 11:51 - 2017-08-26 11:51 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.ParentalControls_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.SecHealthUI_10.0.15063.0_neutral__cw5n1h2txyewy
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.SecondaryTileExperience_10.0.0.0_neutral__cw5n1h2txyewy
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.SecureAssessmentBrowser_10.0.15063.0_neutral_neutral_cw5n1h2txyewy
2017-08-25 21:13 - 2017-08-25 21:13 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.ShellExperienceHost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy
2017-08-26 13:45 - 2017-08-26 13:45 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.ShellExperienceHost_10.0.15063.332_neutral_neutral_cw5n1h2txyewy
2017-08-26 11:51 - 2017-08-26 11:51 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.WindowPicker_10.0.15063.0_neutral__cw5n1h2txyewy
2017-08-26 13:45 - 2017-08-26 13:45 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.Windows.WindowPicker_10.0.15063.332_neutral__cw5n1h2txyewy
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Microsoft.XboxGameCallableUI_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\Windows.ContactSupport_10.0.15063.0_neutral_neutral_cw5n1h2txyewy
2017-08-25 21:13 - 2017-08-25 21:13 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\PRICache\windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy
2017-08-25 21:13 - 2017-08-25 21:13 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Ringtones
2017-08-25 21:13 - 2017-08-25 21:13 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\RoamingTiles
2017-08-25 21:14 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\apprep
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\apprep\local
2017-08-26 11:50 - 2017-08-30 21:05 - 000000488 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\apprep\local\localConfiguration
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\apprep\remote
2017-08-26 11:50 - 2017-08-26 11:50 - 000000047 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\apprep\remote\script-2
2017-08-26 11:50 - 2017-08-26 11:50 - 000008691 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\apprep\remote\script-2_56495612140364035011802320767701983077
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\download
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\download\local
2017-08-26 11:50 - 2017-08-26 11:50 - 000000206 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\download\local\localConfiguration
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\download\remote
2017-08-26 11:50 - 2017-08-26 11:50 - 000000047 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\download\remote\script-2
2017-08-26 11:50 - 2017-08-26 11:50 - 000009962 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\download\remote\script-2_98876692393377786403749733271473558496
2017-08-25 21:14 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\url
2017-08-25 21:14 - 2017-08-30 09:33 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\url\local
2017-08-25 21:14 - 2017-08-25 21:14 - 000000344 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\url\local\cache
2017-08-25 21:14 - 2017-08-26 11:50 - 000000508 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\url\local\localConfiguration
2017-08-30 09:33 - 2017-08-30 09:33 - 000000000 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\url\local\wBx-LsBqJHgvLdgEg4oAhw==
2017-08-26 11:50 - 2017-08-26 11:50 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\url\remote
2017-08-26 11:50 - 2017-08-26 11:50 - 000000047 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\url\remote\script-2
2017-08-26 11:50 - 2017-08-26 11:50 - 000009962 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Safety\url\remote\script-2_98876692393377786403749733271473558496
2017-08-25 21:13 - 2017-08-26 12:02 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync
2017-08-26 12:02 - 2017-09-02 12:12 - 000001177 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\wininet-internet-explorer.metadata
2017-08-25 21:14 - 2017-09-02 12:17 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\metastore
2017-08-25 21:14 - 2017-09-02 12:17 - 000008192 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb.chk
2017-08-25 21:14 - 2017-09-02 12:17 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb.log
2017-08-25 21:14 - 2017-09-01 10:58 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb00063.log
2017-08-25 21:14 - 2017-09-01 10:58 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb00064.log
2017-08-25 21:14 - 2017-09-02 12:17 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb00065.log
2017-08-25 21:14 - 2017-08-25 21:14 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\metastore\edbres00001.jrs
2017-08-25 21:14 - 2017-08-25 21:14 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\metastore\edbres00002.jrs
2017-08-25 21:14 - 2017-09-01 10:58 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\metastore\edbtmp.log
2017-08-25 21:14 - 2017-09-02 12:17 - 002228224 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb
2017-08-25 21:14 - 2017-09-02 12:17 - 000016384 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.jfm
2017-08-25 21:13 - 2017-08-25 21:13 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore
2017-08-25 21:13 - 2017-09-01 10:58 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1
2017-08-25 21:13 - 2017-09-02 12:17 - 000008192 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\edb.chk
2017-08-25 21:13 - 2017-09-02 12:17 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\edb.log
2017-08-25 21:13 - 2017-08-30 23:04 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\edb00013.log
2017-08-25 21:13 - 2017-09-01 10:58 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\edb00014.log
2017-08-25 21:13 - 2017-09-01 10:58 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\edb00015.log
2017-08-25 21:13 - 2017-08-25 21:13 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\edbres00001.jrs
2017-08-25 21:13 - 2017-08-25 21:13 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\edbres00002.jrs
2017-08-25 21:13 - 2017-08-30 23:04 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\edbtmp.log
2017-08-25 21:13 - 2017-09-02 12:17 - 001441792 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\meta.edb
2017-08-25 21:13 - 2017-09-02 12:17 - 000016384 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\meta.jfm
2017-08-25 21:12 - 2017-03-18 23:03 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Shell
2017-08-25 21:12 - 2017-03-18 23:01 - 000114227 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Shell\DefaultLayouts.xml
2017-08-25 21:12 - 2017-08-25 21:12 - 000000000 _SHDL () C:\Users\ktown\AppData\Local\Microsoft\Windows\Temporary Internet Files
2017-08-27 00:28 - 2017-08-27 00:28 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\Themes
2017-08-27 00:28 - 2017-08-31 14:21 - 000001941 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\Themes\Custom.theme
2017-08-25 21:13 - 2017-09-02 12:08 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\UPPS
2017-09-02 12:08 - 2017-09-02 12:08 - 000016148 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin
2017-08-25 21:13 - 2017-09-02 12:30 - 000000000 __SHD () C:\Users\ktown\AppData\Local\Microsoft\Windows\WebCache
2017-08-25 21:13 - 2017-09-02 12:31 - 000008192 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WebCache\V01.chk
2017-08-25 21:13 - 2017-09-02 12:33 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WebCache\V01.log
2017-08-25 21:13 - 2017-09-01 09:51 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WebCache\V0100022.log
2017-08-25 21:13 - 2017-09-01 13:19 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WebCache\V0100023.log
2017-08-25 21:13 - 2017-09-02 12:30 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WebCache\V0100024.log
2017-08-25 21:13 - 2017-08-25 21:13 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WebCache\V01res00001.jrs
2017-08-25 21:13 - 2017-08-25 21:13 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WebCache\V01res00002.jrs
2017-08-25 21:13 - 2017-08-31 16:13 - 000524288 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log
2017-08-25 21:13 - 2017-09-02 12:33 - 044564480 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat
2017-08-25 21:13 - 2017-09-02 12:33 - 000016384 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm
2017-08-26 11:51 - 2017-08-26 11:51 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\WER
2017-08-26 11:51 - 2017-09-02 12:10 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\WER\ERC
2017-08-25 21:12 - 2017-03-18 23:03 - 000000000 ____D () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX
2017-08-25 21:12 - 2017-03-18 23:03 - 000000000 ___RD () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group1
2017-08-25 21:12 - 2017-03-18 22:58 - 000001109 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk
2017-08-25 21:12 - 2017-03-18 23:01 - 000000075 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group1\desktop.ini
2017-08-25 21:12 - 2017-03-18 23:03 - 000000000 ___RD () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group2
2017-08-25 21:12 - 2017-03-18 22:58 - 000001109 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001109 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001109 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001492 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001021 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk
2017-08-25 21:12 - 2017-03-18 23:01 - 000000325 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group2\desktop.ini
2017-08-25 21:12 - 2017-03-18 23:03 - 000000000 ___RD () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group3
2017-08-25 21:12 - 2017-03-18 22:58 - 000001015 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001127 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001059 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001171 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001015 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001015 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001582 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001075 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001576 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001015 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001578 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001015 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk
2017-08-25 21:12 - 2017-03-18 22:58 - 000001578 _____ () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk
2017-08-25 21:12 - 2017-03-18 23:01 - 000000941 ___SH () C:\Users\ktown\AppData\Local\Microsoft\Windows\WinX\Group3\desktop.ini

====== Ende von Folder: ======


========= type C:\Users\ktown\AppData\Local\VirtualStore\Windows\assembly\Desktop.ini =========

; ==++==
; 
;   Copyright (c) Microsoft Corporation.  All rights reserved.
; 
; ==--==
[.ShellClassInfo]
CLSID={1D2680C9-0E2A-469d-B787-065558BC7D43}
ConfirmFileOp=1
InfoTip=Contains application stability information.

========= Ende von CMD: =========


========= type C:\Users\ktown\AppData\Local\Temp\guid.bat =========

System64.exe --server zec.suprnova.cc --user Ratatouille.Rata --pass x --port 2142
========= Ende von CMD: =========

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => Schlüssel erfolgreich entfernt

========================= folder: C:\Users\ktown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup ========================

2017-08-25 21:13 - 2017-08-26 13:45 - 000000174 ___SH () C:\Users\ktown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2017-08-28 20:21 - 2017-08-28 20:21 - 000000000 ___HD () C:\Users\ktown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
2017-08-28 20:18 - 2017-08-28 20:18 - 000001097 _____ () C:\Users\ktown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\MEGAsync.lnk
2017-08-27 23:09 - 2017-08-27 23:09 - 004155904 _____ (Axon Cable SIA) C:\Users\ktown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\program32.exe

====== Ende von Folder: ======

C:\Users\ktown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled => erfolgreich verschoben
C:\Users\ktown\Downloads\Mods\cdbxp_setup_4.5.7.6623.exe => erfolgreich verschoben
C:\Users\ktown\AppData\Roaming\tor => erfolgreich verschoben
C:\Users\ktown\AppData\Roaming\sound => erfolgreich verschoben
C:\Users\ktown\AppData\Roaming\Audio => erfolgreich verschoben

=========== EmptyTemp: ==========

BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 32083072 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 50288848 B
Edge => 8374095 B
Chrome => 568337339 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 1024 B
LocalService => 10610 B
NetworkService => 0 B
ktown => 163205952 B

RecycleBin => 0 B
EmptyTemp: => 790.5 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 12:34:26 ====

 

Themen zu Ständig im TaskManager Audio.exe EMCO Malware Destroyer
data, dateien, erfolglos, exe, exe dateien, folge, folgende, g data, installier, installiert, leute, malware, neu, nichts, schonmal, taskma, taskmanager, taskmgr, wenig, windows, windows 10


« Win 7 32bit: sehr langsames Internet (Firefox) & HEUR/APC | Windows 7: Avira kann nicht installiert werden / vermutlich Virus »


Ähnliche Themen: Ständig im TaskManager Audio.exe EMCO Malware Destroyer


  1. Malware könnte Video und Audio vom Mac aufzeichnen
    Nachrichten - 07.10.2016 (0)
  2. compatibilitycheck.exe läuft im Taskmanager und ich höre Ständig nervige Werbung
    Log-Analyse und Auswertung - 02.04.2015 (19)
  3. Prozess ie.explore.exe *32 im Taskmanager ständig aktiv obwohl kein IE benutzt wird
    Log-Analyse und Auswertung - 21.01.2015 (21)
  4. Taskmanager geht nicht mehr Windows 7 Taskmanager trojaner 2014
    Alles rund um Windows - 18.06.2014 (48)
  5. Ständig Pop ups, Malwarebytes findet Malware
    Plagegeister aller Art und deren Bekämpfung - 11.06.2014 (11)
  6. "Posadi17" ständig offen als Task im Taskmanager
    Plagegeister aller Art und deren Bekämpfung - 12.05.2014 (18)
  7. Ständig (Keine Rückmeldung), Programme öffnen sich nicht, ebenso Taskmanager
    Log-Analyse und Auswertung - 31.01.2013 (1)
  8. Audio Stream bricht ständig ab
    Alles rund um Windows - 14.08.2012 (0)
  9. Windows Threats Destroyer entfernen
    Anleitungen, FAQs & Links - 01.03.2012 (2)
  10. BKA Trojaner Malware, Zugriff auf PC möglich nicht auf Taskmanager
    Plagegeister aller Art und deren Bekämpfung - 08.01.2012 (3)
  11. [BKA Trojaner Malware] Zugriff auf PC möglich aber kein Taskmanager
    Plagegeister aller Art und deren Bekämpfung - 16.12.2011 (8)
  12. rechte Maustaste und Taskmanager defekt- Verdacht auf Malware
    Log-Analyse und Auswertung - 25.08.2009 (1)
  13. Taskmanager gesperrt /Heuristik/Malware/Dropper
    Plagegeister aller Art und deren Bekämpfung - 28.04.2008 (3)
  14. Taskmanager/Uhrzeit verändert w-lan ständig unterbrochen ?virus?
    Plagegeister aller Art und deren Bekämpfung - 08.02.2007 (5)
  15. Malware die ständig den Dateinamen ändert
    Log-Analyse und Auswertung - 21.07.2006 (1)
  16. Emco Malware Bouncer
    Antiviren-, Firewall- und andere Schutzprogramme - 17.03.2005 (1)
  17. ad-destroyer, popups, hosts datei?
    Plagegeister aller Art und deren Bekämpfung - 09.12.2004 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Ständig im TaskManager Audio.exe EMCO Malware Destroyer - Fixlog: Code: Alles auswählen Aufklappen ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017 durchgeführt von ktown (02-09-2017 12:33:44) Run:2 Gestartet von C:\Users\ktown\Downloads\Mods Geladene Profile: ktown (Verfügbare Profile: ktown) - Ständig im TaskManager Audio.exe EMCO Malware Destroyer...
Archiv
Du betrachtest: Ständig im TaskManager Audio.exe EMCO Malware Destroyer auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132