Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

adware malware oursurfing.com still exists after reformating PC [Solve

Started by adriandallegrave , Jun 10 2015 04:27 PM
adware malware oursurfing reformat format

  • This topic is locked This topic is locked

#16
adriandallegrave
Posted 18 June 2015 - 02:24 PM

adriandallegrave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

The last time I formatted the computer I only installed three drivers. The videocard straight from the NVIDIA website, the processor driver and chipset driver both straight from the Intel website. On device manager I still have a checkmark on "Other devices -> PCI Simple Communications Controller". I'm not sure which driver I should install there but since I still haven't fixed the issues with the computer I didn't bother to search for it.

 

From a malware perspective I attached three screenshots to show you how the ads appear on my browser. Whenever I open a new tab or go to a different website, the first time I click anywhere on the page, even the scroll bar, another tab with an ad opens up. One of the ads is shown on the png I attached called "ad 1". The other 2 files I attached as exemples, "ad 2" and "ad 3", are from geekstogo.com website. One of the images shows an ad on the bottom of the screen and the other on the bottom right. The AdBlock extension of Google Chrome blocks these last two ads but the box containing them appears either way. If I accidentaly click on any of them I usualy have a lot of trouble because they end up installing unwanted softwares or change the browser configurations.

 

Besides these weird ads, sometimes the computer starts to install lots of unwanted softwares. As soon as the computer is reboot those softwares start to multiply and change absolutely everything on the PC. When this happens there is no other choice but to reformat the computer once again. I'm not sure exactly what triggers this different behavior neither if it's the same malware causing it. 

 

Since as I posted before my friend got the same malware on his computer even though he didn't have any connection with any files from my computer, is it possible that the malware is in my router?

 

Thanks for all your time.

Attached Thumbnails

  • ad 1.png
  • ad 2.png
  • ad 3.png

  • 0

Advertisements

#17
Biscuithd
Posted 19 June 2015 - 07:10 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

In all honesty I'm starting to get a little confused here. In the first log(s) you had some issues, but be the time I addressed those you'd done a re-install. That part is fine, assuming that I've understood it correctly. Next, certainly trading files when there is active Malware on the machine will only spread the problems. Same with using the USB drive. That said, could you isolate the machine, don't use a USB or trade files until we get things stabilized. :)

 

Now, as a new starting point, let's do a FRST Scan and see what we've got. Also, just for completeness I'm going to check your Boot Record and System Files. Last, to answer your router question, I do not think the issue is lurking in there. In all honesty I only suspect a Browser based exploit, but these scans will tell me if I'm right or I'm wrong ;)

 

aswMBR.png Scan with aswMBR

Please download aswMBR by Avast! & Gmer and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.



  • Right-click on the aswMBR.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

     

     
  • Allow virtualisation if offered.
  • If you are prompted to download the latest anti-virus definitions from avast!, click Yes.
  • Click the AV Scan: drop down box and select C:\.
  • Select scan.
  • Upon completion, you will see Scan finished successfully. Click Save log.

Do NOT click Fix or FixMBR!
A file (MBR.dat) will be created on your desktop. Do NOT click or delete it!

Copy the contents of the logfile ans paste in into your next reply.
Do not forget to re-enable your previously switched-off protection software!

 

gmericon.png Scan with Gmer

This type of scan often produces false positives. At any point do not take any action for any suspicious entries you may see there. Instead post the log to be analyzed.

Please download GMER by Gmer and save the file to your desktop.
It will come as a randomly named file (like a6ge38b4.exe) - that's absolutely normal.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
If you are a user of CD emulation software (like Daemon Tools or Alcohol) also disable it for the cleaning process - instructions here.



  • Right-click on randomly named gmericon.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • It is very important that you do not use your computer while Gmer is running!
  • Gmer will open to the Rootkit/Malware tab and perform an automatic quick scan.
  • If you receive a warning about rootkit activity and are asked to fully scan your system click NO!

When the pre-scan is completed, please do the following:

  • Please check in the Quick scan box.
  • Please uncheck the IAT/EAT and Show All.
  • Click Scan.
  • If you see a rootkit warning window click OK.
  • When the scan is finished, Save the results to your desktop as gmer.log.

Please include the content of this file in your next reply.
Don't forget to re-enable previously switched-off protection software!

icon_idea.gif If you encounter any problems, try running GMER in Safe Mode.
icon_idea.gif If GMER crashes or keeps resulting in a Blue Screen of Death, uncheck Devices on the right side before scanning.

 

 

 

FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.


  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please copy and paste their content into your next reply.

 


  • 0

#18
adriandallegrave
Posted 19 June 2015 - 02:06 PM

adriandallegrave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

I left the PC scanning and went to work. I didn't have any problems with the scans.

Here are the logs. Sorry for the delay and thanks again.

 

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2015-06-19 11:49:33
-----------------------------
11:49:33.762    OS Version: Windows x64 6.2.9200 
11:49:33.762    Number of processors: 8 586 0x3C03
11:49:33.762    ComputerName: DALLEGRAVE-PC  UserName: Adrian
11:49:33.950    Initialize success
11:49:33.950    VM: initialized successfully
11:49:33.950    VM: Intel CPU supported 
11:49:42.667    VM: disk I/O iaStorAV.sys
11:51:10.882    AVAST engine defs: 15061901
11:51:21.882    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003a
11:51:21.882    Disk 0 Vendor: Intel___ 1.0. Size: 228942MB BusType: 8
11:51:21.882    Disk 1  \Device\Harddisk1\DR1 -> \Device\0000003c
11:51:21.882    Disk 1 Vendor: WDC_WD10EZEX-00BN5A0 01.01A01 Size: 953869MB BusType: 8
11:51:21.905    Disk 0 MBR read successfully
11:51:21.906    Disk 0 MBR scan
11:51:21.907    Disk 0 Windows 7 default MBR code
11:51:21.910    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       228840 MB offset 206848
11:51:21.915    Disk 0 scanning C:\WINDOWS\system32\drivers
11:51:23.884    Service scanning
11:51:29.988    Modules scanning
11:51:30.004    Disk 0 trace - called modules:
11:51:30.019    ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorAV.sys 
11:51:30.019    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe00002dfd060]
11:51:30.035    3 CLASSPNP.SYS[fffff8000081dabb] -> nt!IofCallDriver -> \Device\0000003a[0xffffe000008f7060]
11:51:30.226    AVAST engine scan C:\
12:31:13.398    Disk 0 statistics 17263425/0/0 @ 21503,59 MB/s
12:31:13.398    Scan finished successfully
16:43:08.496    Disk 0 MBR has been saved successfully to "C:\Users\Adrian\Desktop\MBR.dat"
16:43:08.496    The log file has been saved successfully to "C:\Users\Adrian\Desktop\aswMBR.txt"
 
 
 
 
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-06-19 16:51:17
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000003a Intel___ rev.1.0. 223,58GB
Running: gmer.exe; Driver: C:\Users\Adrian\AppData\Local\Temp\kwddraog.sys
 
 
---- User code sections - GMER 2.1 ----
 
.text   C:\WINDOWS\system32\dwm.exe[956] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                        00007ffc3e19169a 4 bytes [19, 3E, FC, 7F]
.text   C:\WINDOWS\system32\dwm.exe[956] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                        00007ffc3e1916a2 4 bytes [19, 3E, FC, 7F]
.text   C:\WINDOWS\system32\dwm.exe[956] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                           00007ffc3e19181a 4 bytes [19, 3E, FC, 7F]
.text   C:\WINDOWS\system32\dwm.exe[956] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                           00007ffc3e191832 4 bytes [19, 3E, FC, 7F]
.text   C:\WINDOWS\system32\nvvsvc.exe[100] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                     00007ffc3e19169a 4 bytes [19, 3E, FC, 7F]
.text   C:\WINDOWS\system32\nvvsvc.exe[100] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                     00007ffc3e1916a2 4 bytes [19, 3E, FC, 7F]
.text   C:\WINDOWS\system32\nvvsvc.exe[100] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                        00007ffc3e19181a 4 bytes [19, 3E, FC, 7F]
.text   C:\WINDOWS\system32\nvvsvc.exe[100] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                        00007ffc3e191832 4 bytes [19, 3E, FC, 7F]
.text   C:\Program Files\Windows Defender\MsMpEng.exe[1856] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506                     00007ffc3e19169a 4 bytes [19, 3E, FC, 7F]
.text   C:\Program Files\Windows Defender\MsMpEng.exe[1856] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514                     00007ffc3e1916a2 4 bytes [19, 3E, FC, 7F]
.text   C:\Program Files\Windows Defender\MsMpEng.exe[1856] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118                        00007ffc3e19181a 4 bytes [19, 3E, FC, 7F]
.text   C:\Program Files\Windows Defender\MsMpEng.exe[1856] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142                        00007ffc3e191832 4 bytes [19, 3E, FC, 7F]
.text   C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[1508] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506   00007ffc3e19169a 4 bytes [19, 3E, FC, 7F]
.text   C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[1508] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514   00007ffc3e1916a2 4 bytes [19, 3E, FC, 7F]
.text   C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[1508] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118      00007ffc3e19181a 4 bytes [19, 3E, FC, 7F]
.text   C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[1508] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142      00007ffc3e191832 4 bytes [19, 3E, FC, 7F]
.text   C:\WINDOWS\Explorer.EXE[764] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                            00007ffc3e19169a 4 bytes [19, 3E, FC, 7F]
.text   C:\WINDOWS\Explorer.EXE[764] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                            00007ffc3e1916a2 4 bytes [19, 3E, FC, 7F]
.text   C:\WINDOWS\Explorer.EXE[764] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                               00007ffc3e19181a 4 bytes [19, 3E, FC, 7F]
.text   C:\WINDOWS\Explorer.EXE[764] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                               00007ffc3e191832 4 bytes [19, 3E, FC, 7F]
 
---- Threads - GMER 2.1 ----
 
Thread  C:\WINDOWS\system32\csrss.exe [628:692]                                                                                        fffff960008784d0
 
---- Registry - GMER 2.1 ----
 
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                              1352512543
Reg     HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D5DA9376-0F53-4F28-8A00-F1A1F274362D}@LeaseObtainedTime    1434741174
Reg     HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D5DA9376-0F53-4F28-8A00-F1A1F274362D}@T1                   1434742974
Reg     HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D5DA9376-0F53-4F28-8A00-F1A1F274362D}@T2                   1434744324
Reg     HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D5DA9376-0F53-4F28-8A00-F1A1F274362D}@LeaseTerminatesTime  1434744774
Reg     HKCU\Software\Microsoft\Windows\DWM@ColorizationColor                                                                          -2009684301
Reg     HKCU\Software\Microsoft\Windows\DWM@ColorizationColorBalance                                                                   57
Reg     HKCU\Software\Microsoft\Windows\DWM@ColorizationAfterglow                                                                      -2009684301
Reg     HKCU\Software\Microsoft\Windows\DWM@ColorizationBlurBalance                                                                    33
 
---- EOF - GMER 2.1 ----
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Adrian (administrator) on DALLEGRAVE-PC on 19-06-2015 16:51:57
Running from C:\Users\Adrian\Desktop\frst
Loaded Profiles: Adrian (Available Profiles: Adrian)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-03] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\...\MountPoints2: {f0fd195e-1240-11e5-8253-74d435e68c45} - "G:\autorun.exe" 
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKU\S-1-5-21-3400116732-2033998285-2783747925-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.co...q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 89.248.171.33 8.8.8.8
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-12] (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-12]
CHR Extension: (YouTube) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-12]
CHR Extension: (Google Search) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-12]
CHR Extension: (AdBlock) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-12]
CHR Extension: (Google Wallet) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-12]
CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-12]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-03] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-05-29] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-03] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-06-14] (DT Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-03] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-05-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-05-28] (NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
U3 aswMBR; \??\C:\Users\Adrian\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\Adrian\AppData\Local\Temp\aswVmm.sys [X]
U3 kwddraog; \??\C:\Users\Adrian\AppData\Local\Temp\kwddraog.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-19 16:51 - 2015-06-19 16:51 - 00005406 _____ C:\Users\Adrian\Desktop\gmer.log
2015-06-19 16:43 - 2015-06-19 16:43 - 00001820 _____ C:\Users\Adrian\Desktop\aswMBR.txt
2015-06-19 16:43 - 2015-06-19 16:43 - 00000512 _____ C:\Users\Adrian\Desktop\MBR.dat
2015-06-19 11:47 - 2015-06-19 11:48 - 00380416 _____ C:\Users\Adrian\Desktop\gmer.exe
2015-06-19 11:47 - 2015-06-19 11:47 - 05198336 _____ (AVAST Software) C:\Users\Adrian\Desktop\aswMBR.exe
2015-06-18 20:08 - 2015-06-18 20:08 - 00000000 ____D C:\Users\Adrian\AppData\Local\Skyrim
2015-06-18 20:07 - 2015-06-18 20:07 - 00000000 ____D C:\Users\Adrian\Documents\My Games
2015-06-18 11:45 - 2015-06-18 11:45 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-DALLEGRAVE-PC-Windows-8.1-Pro-(64-bit).dat
2015-06-18 11:45 - 2015-06-18 11:45 - 00000000 ____D C:\RegBackup
2015-06-18 11:44 - 2015-06-18 11:44 - 00000000 ____D C:\AdwCleaner
2015-06-18 09:44 - 2015-06-18 09:37 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-06-18 09:40 - 2015-06-18 11:40 - 00015027 _____ C:\zoek-results.log
2015-06-18 09:37 - 2015-06-18 09:44 - 00000000 ____D C:\zoek_backup
2015-06-17 21:12 - 2015-06-17 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InputMapper
2015-06-17 21:11 - 2015-06-17 21:11 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\InputMapper
2015-06-17 21:11 - 2015-06-17 21:11 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\DSDCS
2015-06-17 21:11 - 2015-06-17 21:11 - 00000000 ____D C:\ProgramData\DSDCS
2015-06-17 21:11 - 2015-06-17 21:11 - 00000000 ____D C:\ProgramData\Caphyon
2015-06-17 21:11 - 2015-06-17 21:11 - 00000000 ____D C:\Program Files (x86)\DSDCS
2015-06-17 19:52 - 2015-06-18 00:28 - 00000000 ____D C:\Users\Adrian\AppData\Local\Paint.NET
2015-06-17 19:52 - 2015-06-17 19:52 - 00001200 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2015-06-17 19:52 - 2015-06-17 19:52 - 00000000 ____D C:\Program Files\Paint.NET
2015-06-17 19:39 - 2015-06-17 19:39 - 00002036 _____ C:\Users\Adrian\Desktop\Brasileirao A - Shortcut.lnk
2015-06-17 19:22 - 2015-06-17 19:22 - 00000000 ____D C:\ProgramData\KONAMI
2015-06-17 19:22 - 2015-06-17 19:22 - 00000000 ____D C:\Program Files (x86)\KONAMI
2015-06-17 17:49 - 2015-06-17 17:49 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-06-17 17:49 - 2015-06-17 17:49 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-06-17 17:42 - 2015-06-17 17:42 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-17 09:40 - 2015-06-17 09:40 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-06-17 09:40 - 2015-06-17 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-16 19:05 - 2015-06-16 19:05 - 00000000 ____D C:\Users\Adrian\Documents\Flight Simulator X Files
2015-06-16 19:04 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2015-06-16 19:04 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2015-06-16 19:04 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2015-06-16 19:04 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2015-06-16 19:04 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2015-06-16 19:04 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2015-06-16 19:04 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2015-06-16 19:04 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-06-16 19:04 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2015-06-16 19:04 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2015-06-16 19:04 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2015-06-16 19:04 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2015-06-16 19:04 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2015-06-16 19:04 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2015-06-16 19:04 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2015-06-16 19:04 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2015-06-16 19:04 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2015-06-16 19:04 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2015-06-16 19:04 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2015-06-16 19:04 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2015-06-16 19:04 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2015-06-16 19:04 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2015-06-16 19:04 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2015-06-16 19:04 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2015-06-16 19:04 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2015-06-16 19:04 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2015-06-16 19:04 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2015-06-16 19:04 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2015-06-16 19:04 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2015-06-16 19:04 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2015-06-16 19:04 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2015-06-16 19:04 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2015-06-16 19:04 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2015-06-16 19:04 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2015-06-16 19:04 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2015-06-16 19:04 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2015-06-16 19:04 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2015-06-16 19:04 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2015-06-16 19:04 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2015-06-16 19:04 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2015-06-16 19:04 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-06-16 19:04 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2015-06-16 19:04 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-06-16 19:04 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2015-06-16 19:04 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-06-16 19:04 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2015-06-16 19:04 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2015-06-16 19:04 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2015-06-16 19:04 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2015-06-16 19:04 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2015-06-16 19:04 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2015-06-16 19:04 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2015-06-16 19:04 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2015-06-16 19:04 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2015-06-16 19:04 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2015-06-16 19:04 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2015-06-16 19:04 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2015-06-16 19:04 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2015-06-16 19:04 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2015-06-16 19:04 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2015-06-16 19:04 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2015-06-16 19:04 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2015-06-16 19:04 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2015-06-16 19:04 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2015-06-16 19:04 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2015-06-16 19:04 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2015-06-16 19:04 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2015-06-16 19:04 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2015-06-16 19:04 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2015-06-16 19:04 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2015-06-16 19:04 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2015-06-16 19:04 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2015-06-16 19:04 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2015-06-16 19:04 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2015-06-16 19:04 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2015-06-16 19:04 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2015-06-16 19:04 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2015-06-16 19:04 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2015-06-16 19:04 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2015-06-16 19:04 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2015-06-16 19:04 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2015-06-16 19:04 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2015-06-16 19:04 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2015-06-16 19:04 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2015-06-16 19:04 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2015-06-16 19:04 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2015-06-16 19:04 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2015-06-16 19:04 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2015-06-16 19:04 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2015-06-16 19:04 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2015-06-16 19:04 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2015-06-16 19:04 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2015-06-16 19:04 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2015-06-16 19:04 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2015-06-16 19:04 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2015-06-16 19:04 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2015-06-16 19:04 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2015-06-16 19:04 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2015-06-16 12:10 - 2015-06-16 12:10 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2015-06-16 12:05 - 2015-06-16 12:05 - 00000000 ____D C:\Users\Adrian\Documents\KONAMI
2015-06-16 09:25 - 2015-06-16 09:25 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\WinRAR
2015-06-16 09:25 - 2015-06-16 09:25 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-16 09:25 - 2015-06-16 09:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-16 09:25 - 2015-06-16 09:25 - 00000000 ____D C:\Program Files\WinRAR
2015-06-15 19:38 - 2015-06-16 11:47 - 00000090 _____ C:\Users\Adrian\Desktop\pes 2013 serials.txt
2015-06-15 19:14 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2015-06-15 19:13 - 2015-06-15 19:13 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-06-15 19:13 - 2015-06-15 19:13 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-06-15 19:12 - 2015-06-15 19:12 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\NVIDIA
2015-06-15 19:12 - 2015-06-15 19:12 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-06-15 19:12 - 2015-06-15 19:12 - 00000000 ____D C:\Program Files\MSBuild
2015-06-15 19:12 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-06-15 19:12 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2015-06-15 19:12 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2015-06-15 19:12 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-06-15 19:12 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2015-06-15 19:12 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-06-15 19:12 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2015-06-15 19:12 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-06-15 19:12 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2015-06-15 19:12 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-06-15 19:12 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2015-06-15 19:12 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-06-15 19:12 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2015-06-15 19:12 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2015-06-15 19:12 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2015-06-15 19:12 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-06-15 19:12 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-06-15 19:12 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2015-06-15 19:12 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2015-06-15 19:12 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-06-15 19:12 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2015-06-15 19:12 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2015-06-15 19:12 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2015-06-15 19:12 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2015-06-15 19:12 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2015-06-15 19:12 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2015-06-15 19:12 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2015-06-15 19:12 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2015-06-15 19:12 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2015-06-15 19:12 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2015-06-15 19:12 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2015-06-15 19:12 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2015-06-15 19:12 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2015-06-15 19:12 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2015-06-15 19:12 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2015-06-15 19:12 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2015-06-15 19:12 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2015-06-15 19:12 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2015-06-15 19:12 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2015-06-15 19:12 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2015-06-15 19:12 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2015-06-15 19:12 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2015-06-15 19:12 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2015-06-15 19:12 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-06-15 19:12 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2015-06-15 19:12 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2015-06-15 19:12 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2015-06-15 19:12 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2015-06-15 19:12 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2015-06-15 19:12 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2015-06-15 19:12 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2015-06-15 19:11 - 2013-08-03 01:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-06-15 19:11 - 2013-08-03 01:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-15 19:11 - 2013-08-03 01:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-06-15 19:11 - 2013-08-03 01:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-06-15 19:11 - 2013-08-03 01:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-15 19:11 - 2013-08-03 01:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-06-15 19:09 - 2015-06-18 20:07 - 00078317 _____ C:\WINDOWS\DirectX.log
2015-06-15 19:09 - 2015-06-15 19:09 - 00000175 _____ C:\WINDOWS\DXError.log
2015-06-15 19:09 - 2015-06-15 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-06-15 19:09 - 2015-06-15 19:09 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2015-06-14 15:38 - 2015-06-14 15:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-14 13:25 - 2015-06-14 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enforcer Police Crime Action
2015-06-14 13:24 - 2015-06-14 13:24 - 00283200 _____ (DT Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2015-06-14 13:24 - 2015-06-14 13:24 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\DAEMON Tools Lite
2015-06-14 13:24 - 2015-06-14 13:24 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2015-06-14 13:23 - 2015-06-14 13:24 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-06-12 18:31 - 2015-06-19 16:51 - 00000000 ____D C:\Users\Adrian\Desktop\frst
2015-06-12 18:31 - 2015-06-19 16:51 - 00000000 ____D C:\FRST
2015-06-12 09:47 - 2015-06-12 09:47 - 00000000 __SHD C:\Recovery
2015-06-12 09:33 - 2015-06-12 09:33 - 00000118 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-06-12 08:47 - 2015-06-19 11:42 - 00494590 _____ C:\WINDOWS\PFRO.log
2015-06-12 08:47 - 2015-06-12 08:47 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-06-12 08:47 - 2015-06-12 00:51 - 00000000 ____D C:\WINDOWS\Panther
2015-06-12 04:40 - 2015-06-12 04:40 - 00007597 _____ C:\Users\Adrian\AppData\Local\Resmon.ResmonCfg
2015-06-12 04:15 - 2015-06-12 04:15 - 00002709 _____ C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\msinfo32.lnk
2015-06-12 03:28 - 2015-06-15 19:16 - 00000000 ____D C:\Users\Adrian\Documents\The Witcher 3
2015-06-12 03:24 - 2015-06-12 03:24 - 00000000 ____D C:\Users\Adrian\Documents\Game of Thrones
2015-06-12 03:19 - 2015-06-12 03:19 - 00000000 ____D C:\Users\Adrian\AppData\Local\Steam
2015-06-12 03:17 - 2015-06-19 00:51 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-12 03:17 - 2015-06-12 03:17 - 00000979 _____ C:\Users\Public\Desktop\Steam.lnk
2015-06-12 03:17 - 2015-06-12 03:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-12 01:41 - 2015-06-19 11:47 - 00003758 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-06-12 01:41 - 2015-06-18 23:21 - 00177416 _____ C:\Users\Adrian\Desktop\calendário inter certo.xlsx.xlsm
2015-06-12 01:41 - 2015-06-12 09:33 - 00000000 ____D C:\WINDOWS\AutoKMS
2015-06-12 01:40 - 2015-06-12 01:40 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2015-06-12 01:40 - 2013-08-22 09:40 - 00040664 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2015-06-12 01:34 - 2015-06-12 01:34 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-06-12 01:34 - 2015-06-12 01:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-12 01:34 - 2015-06-12 01:34 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-06-12 01:34 - 2015-06-12 01:34 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-06-12 01:34 - 2015-06-12 01:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-06-12 01:32 - 2015-06-12 01:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-12 01:32 - 2015-06-12 01:34 - 00000000 ____D C:\Program Files\Microsoft Office
2015-06-12 01:32 - 2015-06-12 01:32 - 00000000 ____D C:\Users\Adrian\AppData\Local\Microsoft Help
2015-06-12 01:32 - 2015-06-12 01:32 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-06-12 01:32 - 2015-06-12 01:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-06-12 01:32 - 2015-06-12 01:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-06-12 01:31 - 2015-06-12 01:31 - 00000000 __RHD C:\MSOCache
2015-06-12 01:19 - 2015-06-12 01:19 - 00000686 _____ C:\Users\Adrian\Desktop\downloads.lnk
2015-06-12 01:19 - 2015-06-12 01:19 - 00000657 _____ C:\Users\Adrian\Desktop\adrian.lnk
2015-06-12 01:04 - 2015-06-19 16:09 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-12 01:04 - 2015-06-19 11:46 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-12 01:04 - 2015-06-12 01:04 - 00004068 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-12 01:04 - 2015-06-12 01:04 - 00003832 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-12 01:04 - 2015-06-12 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-12 01:04 - 2015-06-12 01:04 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-12 01:03 - 2015-06-12 01:04 - 00000000 ____D C:\Users\Adrian\AppData\Local\Google
2015-06-12 01:03 - 2015-06-12 01:03 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Macromedia
2015-06-12 00:58 - 2015-06-12 00:58 - 00019634 _____ C:\WINDOWS\system32\results.xml
2015-06-12 00:58 - 2015-06-12 00:58 - 00000401 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-06-12 00:57 - 2015-06-18 21:20 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3400116732-2033998285-2783747925-1001
2015-06-12 00:57 - 2015-06-12 00:57 - 00000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2015-06-12 00:57 - 2015-06-12 00:57 - 00000000 ____D C:\Program Files (x86)\Intel
2015-06-12 00:56 - 2015-06-12 00:58 - 00000000 ____D C:\Intel
2015-06-12 00:56 - 2015-06-12 00:57 - 00000000 ____D C:\Program Files\Intel
2015-06-12 00:55 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-06-12 00:55 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-06-12 00:55 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-06-12 00:55 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-06-12 00:55 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-06-12 00:55 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-06-12 00:54 - 2015-06-19 11:49 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-12 00:54 - 2015-06-19 11:42 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-12 00:54 - 2015-06-18 20:15 - 00000000 ____D C:\Users\Adrian\AppData\Local\NVIDIA Corporation
2015-06-12 00:54 - 2015-06-18 20:15 - 00000000 ____D C:\Users\Adrian\AppData\Local\NVIDIA
2015-06-12 00:54 - 2015-06-12 00:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-12 00:54 - 2015-06-12 00:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-12 00:54 - 2015-06-03 18:04 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-06-12 00:54 - 2015-06-03 18:04 - 01571696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-06-12 00:54 - 2015-06-03 18:04 - 01320304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-06-12 00:54 - 2015-06-03 18:04 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-06-12 00:54 - 2015-05-29 15:49 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-06-12 00:54 - 2015-05-29 15:49 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-06-12 00:54 - 2015-05-28 01:15 - 06872904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-06-12 00:54 - 2015-05-28 01:15 - 03491984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-06-12 00:54 - 2015-05-28 01:15 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-06-12 00:54 - 2015-05-28 01:15 - 00937288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-06-12 00:54 - 2015-05-28 01:15 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-06-12 00:54 - 2015-05-28 01:15 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-06-12 00:54 - 2015-05-28 00:52 - 00571024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-06-12 00:54 - 2015-05-27 07:48 - 04408727 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-06-12 00:53 - 2015-06-18 20:15 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-12 00:53 - 2015-06-18 20:15 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-12 00:53 - 2015-06-12 00:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-12 00:53 - 2015-06-12 00:53 - 00000000 ____D C:\NVIDIA
2015-06-12 00:53 - 2015-05-28 04:04 - 42719888 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 37741712 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 30480528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 22946960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 17486856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 16185352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 15864064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 14987528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 14495448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 13304280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 12852152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 11830512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 10995528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-06-12 00:53 - 2015-05-28 04:04 - 03379680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 02986392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 02599056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435306.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01558848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcvadgenco64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435306.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01099808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01050440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00982856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00974480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00939080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00878816 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00503408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00407112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00364176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00195912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-06-12 00:53 - 2015-05-28 04:04 - 00175880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00117576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcaparm.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00052880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00048784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00039056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvadarm.sys
2015-06-12 00:53 - 2015-05-28 04:04 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-06-12 00:53 - 2015-05-28 04:04 - 00031552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb
2015-06-12 00:52 - 2015-06-19 12:04 - 00000000 ___RD C:\Users\Adrian\SkyDrive
2015-06-12 00:51 - 2015-06-19 11:58 - 00679571 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-12 00:51 - 2015-06-14 16:27 - 00000000 ____D C:\Users\Adrian\AppData\Local\Packages
2015-06-12 00:51 - 2015-06-14 13:27 - 00000000 ____D C:\Users\Adrian\AppData\Local\VirtualStore
2015-06-12 00:51 - 2015-06-12 00:51 - 00001446 _____ C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-12 00:51 - 2015-06-12 00:51 - 00000000 ____D C:\WINDOWS\CSC
2015-06-12 00:51 - 2015-06-12 00:51 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Adobe
2015-06-12 00:51 - 2013-08-22 02:17 - 02407936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-06-12 00:50 - 2015-06-12 00:58 - 00000000 ____D C:\Users\Adrian
2015-06-12 00:50 - 2015-06-12 00:50 - 00000020 ___SH C:\Users\Adrian\ntuser.ini
2015-06-12 00:50 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-12 00:50 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-12 00:50 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-12 00:50 - 2013-08-22 12:36 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-29 15:49 - 2015-05-29 15:49 - 24846712 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 24048456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 17804608 _____ C:\WINDOWS\system32\igd11dxva64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 17329224 _____ C:\WINDOWS\SysWOW64\igd11dxva32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 15981056 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 10851840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 09528320 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 09422928 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 08631888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 07500800 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 06725162 _____ C:\WINDOWS\system32\igdclbif.bin
2015-05-29 15:49 - 2015-05-29 15:49 - 06160424 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 04892088 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-05-29 15:49 - 2015-05-29 15:49 - 04851848 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 03584512 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 03318272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 02944648 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 02813952 _____ C:\WINDOWS\system32\iglhxa64.cpa
2015-05-29 15:49 - 2015-05-29 15:49 - 02776408 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 02039296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01540904 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01513304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01402336 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01399240 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01371136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01196336 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01131008 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01063936 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01036392 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 01032808 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 01014368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00698880 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00671328 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00641530 _____ C:\WINDOWS\system32\FilmModeDetection.wmv
2015-05-29 15:49 - 2015-05-29 15:49 - 00623616 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00616280 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00472168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00460048 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2015-05-29 15:49 - 2015-05-29 15:49 - 00448104 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00424960 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00403671 _____ C:\WINDOWS\system32\ImageStabilization.wmv
2015-05-29 15:49 - 2015-05-29 15:49 - 00392296 _____ C:\WINDOWS\system32\igfxTray.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00385024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00375173 _____ C:\WINDOWS\system32\ColorImageEnhancement.wmv
2015-05-29 15:49 - 2015-05-29 15:49 - 00373760 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00372224 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00354136 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00344168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00338536 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00338024 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00313448 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00304128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00286208 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00282696 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00279144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00274776 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00263120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00256000 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-05-29 15:49 - 2015-05-29 15:49 - 00248424 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00229888 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00218728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00213504 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00213192 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00196704 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00192000 _____ C:\WINDOWS\system32\igdde64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4222.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00179200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00178672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00169984 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00156264 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00153088 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00152064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00135000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00127320 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00094208 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00086528 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00073728 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00060416 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00044025 _____ C:\WINDOWS\system32\iglhxo64.vp
2015-05-29 15:49 - 2015-05-29 15:49 - 00043816 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2015-05-29 15:49 - 2015-05-29 15:49 - 00043494 _____ C:\WINDOWS\system32\iglhxc64.vp
2015-05-29 15:49 - 2015-05-29 15:49 - 00043298 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2015-05-29 15:49 - 2015-05-29 15:49 - 00043256 _____ C:\WINDOWS\system32\iglhxg64.vp
2015-05-29 15:49 - 2015-05-29 15:49 - 00042079 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2015-05-29 15:49 - 2015-05-29 15:49 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00004008 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-05-29 15:49 - 2015-05-29 15:49 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-19 15:00 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-19 11:42 - 2013-08-22 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-18 20:15 - 2013-08-22 11:46 - 00016238 _____ C:\WINDOWS\setupact.log
2015-06-18 09:44 - 2013-08-22 12:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-06-16 09:05 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-15 19:13 - 2013-08-22 12:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-15 02:15 - 2013-08-22 10:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-14 16:31 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-14 15:44 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\Vss
2015-06-12 09:47 - 2013-08-22 12:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-06-12 09:47 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-06-12 09:33 - 2013-08-22 11:44 - 00409848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-12 08:47 - 2013-08-22 12:37 - 00001720 _____ C:\WINDOWS\DtcInstall.log
2015-06-12 04:41 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\Registration
2015-06-12 01:34 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-12 01:32 - 2013-08-22 16:11 - 00000000 ____D C:\WINDOWS\ShellNew
2015-06-12 00:54 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\restore
2015-06-12 00:54 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\Help
2015-06-12 00:51 - 2013-08-22 12:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-06-12 00:51 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-06-12 00:51 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\FileManager
2015-06-12 00:51 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\Camera
 
==================== Files in the root of some directories =======
 
2015-06-12 04:40 - 2015-06-12 04:40 - 0007597 _____ () C:\Users\Adrian\AppData\Local\Resmon.ResmonCfg
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-12 08:47
 
==================== End of log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Adrian at 2015-06-19 16:52:08
Running from C:\Users\Adrian\Desktop\frst
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3400116732-2033998285-2783747925-500 - Administrator - Disabled)
Adrian (S-1-5-21-3400116732-2033998285-2783747925-1001 - Administrator - Enabled) => C:\Users\Adrian
Guest (S-1-5-21-3400116732-2033998285-2783747925-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version:  - Ubisoft Montreal)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Enforcer Police Crime Action (HKLM-x32\...\Enforcer Police Crime Action_is1) (Version:  - )
Game of Thrones  (HKLM-x32\...\Steam App 208730) (Version:  - Cyanide Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
InputMapper (HKLM-x32\...\{1A44056A-C7D8-4561-BC43-A0AA7D7AAA64}) (Version: 1.5.31.0 - DSDCS)
Intel® Chipset Device Software (x32 Version: 10.0.27 - Intel® Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4222 - Intel Corporation)
METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version:  - Kojima Productions)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62613.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62613.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Steam Edition (HKLM-x32\...\Steam App 314160) (Version:  - Microsoft Game Studios)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.06 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pro Evolution Soccer 2013 (HKLM-x32\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
Two Worlds II (HKLM-x32\...\Steam App 7520) (Version:  - Reality Pump Studios)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3400116732-2033998285-2783747925-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points =========================
 
12-06-2015 00:54:59 Installed DirectX
15-06-2015 19:09:16 Installed DirectX
17-06-2015 17:43:57 avast! antivirus system restore point
18-06-2015 20:07:39 Installed DirectX
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 10:25 - 2015-06-18 09:40 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       localhost 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1CA8609E-58D1-42BB-8F58-6D70C08BE3C9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {48D573F6-1290-4B13-91E8-8B1380996D02} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-12] (Google Inc.)
Task: {4ADBD9D3-EC2E-443D-A027-82E5FC877451} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {5688CAED-C607-4B5D-BCC2-2E7AB6C7ACA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-12] (Google Inc.)
Task: {668B5C4C-D929-41D8-A98D-DEDD35370040} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-06-12] ()
Task: {FE202C94-B1E8-4624-B8D8-09FB0ABF0916} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-06-12 00:54 - 2015-05-28 01:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-12 00:54 - 2015-06-03 18:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Adrian\SkyDrive:ms-properties
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 89.248.171.33 - 8.8.8.8
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{77F72464-78B3-48B0-B0F2-0F363AC17787}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{89BD8F87-F23E-4E7E-88A8-BDE83A4C9B3F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7FF0D0F4-4780-44A1-A184-1CE2ED4353A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{06D7F422-37F6-4E90-B842-2F1B122118AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0CAE9F5F-481F-4AB6-BD29-B26780178D2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D4957CD0-8D70-46CE-B393-3731B5F88E73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{01313BE6-25B0-4663-A2C9-106CB08069BB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{04591195-6F56-4242-98B6-E62B69732F72}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{565DBDBA-97A1-4889-96F1-8FB6B6DC8EEA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{75351BB4-B052-4BDF-9291-C29B4519BC50}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{510360FF-CAEF-432A-8481-E90AA338A25D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8CF9B0CD-4C61-4C72-9281-E1487FBDEE3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{3D70B7CD-E352-4AE0-8A2F-0DD657757C63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{A7E21DAD-CD27-4504-B96E-108810533BD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Binaries\Win32\ShippingPC-AGOTGame.exe
FirewallRules: [{DB4EA62F-7C4A-4033-99EC-FE9F5114271B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Binaries\Win32\ShippingPC-AGOTGame.exe
FirewallRules: [{21AF6423-DA38-406B-A279-34A3D6C32A3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{D343044C-7D4A-43A5-A562-2AD6E062F643}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{D75A6A9C-2306-44D4-9D91-74E350F525B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds II\TwoWorlds2.exe
FirewallRules: [{B08123F4-3B1D-49AD-8AFA-8DB86C8F96E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds II\TwoWorlds2.exe
FirewallRules: [{9F8778C7-F077-4691-AF46-B1FBD3223452}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds II\TwoWorlds2_DX10.exe
FirewallRules: [{3610E05C-5ED6-4E26-B2A3-1CEEDD234349}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds II\TwoWorlds2_DX10.exe
FirewallRules: [{2B197FA2-29A3-4BBB-9DD6-7B241CEA48F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{46D94CB5-A327-4714-9F06-A37554696CFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{F75AA6C6-A776-46BA-8BCE-6C85265EB4EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [{198FCF1C-6036-4786-B71B-A45238328433}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [TCP Query User{1079F915-6936-4203-98A8-7197B237A01F}C:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe
FirewallRules: [UDP Query User{A7704081-E5E4-4FDA-AF28-AD3CC81FFFB9}C:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe
 
==================== Faulty Device Manager Devices =============
 
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/18/2015 11:32:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Solitaire.exe, version: 1.0.0.0, time stamp: 0x54d8b5a6
Faulting module name: Windows.UI.Xaml.dll, version: 6.3.9600.16384, time stamp: 0x5215860f
Exception code: 0xc000027b
Fault offset: 0x00804fec
Faulting process id: 0xf78
Faulting application start time: 0xSolitaire.exe0
Faulting application path: Solitaire.exe1
Faulting module path: Solitaire.exe2
Report Id: Solitaire.exe3
Faulting package full name: Solitaire.exe4
Faulting package-relative application ID: Solitaire.exe5
 
Error: (06/18/2015 08:07:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (06/18/2015 01:56:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pes2013.exe, version: 1.3.0.0, time stamp: 0x50b536fe
Faulting module name: ntdll.dll, version: 6.3.9600.16384, time stamp: 0x52159015
Exception code: 0xc0000005
Fault offset: 0x0003e182
Faulting process id: 0x127c
Faulting application start time: 0xpes2013.exe0
Faulting application path: pes2013.exe1
Faulting module path: pes2013.exe2
Report Id: pes2013.exe3
Faulting package full name: pes2013.exe4
Faulting package-relative application ID: pes2013.exe5
 
Error: (06/17/2015 05:55:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Para Jogar CLIQUE AQUI.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control 
 
panel.
 
Process ID: ea4
 
Start Time: 01d0a93fdac80876
 
Termination Time: 0
 
Application Path: C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\Para Jogar CLIQUE AQUI.exe
 
Report Id: 1ff00efe-1533-11e5-825a-74d435e68c45
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (06/17/2015 05:54:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Para Jogar CLIQUE AQUI.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control 
 
panel.
 
Process ID: 18fc
 
Start Time: 01d0a93fba01330a
 
Termination Time: 0
 
Application Path: C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\Para Jogar CLIQUE AQUI.exe
 
Report Id: 00c0138e-1533-11e5-825a-74d435e68c45
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (06/17/2015 05:50:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (06/17/2015 05:49:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (06/17/2015 05:43:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (06/17/2015 09:43:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Minesweeper.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1160
 
Start Time: 01d0a8fb32868f29
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe\Minesweeper.exe
 
Report Id: 79dca64e-14ee-11e5-825a-74d435e68c45
 
Faulting package full name: Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe
 
Faulting package-relative application ID: App
 
Error: (06/17/2015 09:43:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DALLEGRAVE-PC)
Description: App Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe+App did not launch within its allotted time.
 
 
System errors:
=============
Error: (06/19/2015 00:51:05 AM) (Source: DCOM) (EventID: 10010) (User: DALLEGRAVE-PC)
Description: {03E64E17-B220-4052-9B9B-155F9CB8E016}
 
Error: (06/19/2015 00:51:05 AM) (Source: DCOM) (EventID: 10010) (User: DALLEGRAVE-PC)
Description: {03E64E17-B220-4052-9B9B-155F9CB8E016}
 
Error: (06/19/2015 00:51:04 AM) (Source: DCOM) (EventID: 10010) (User: DALLEGRAVE-PC)
Description: {03E64E17-B220-4052-9B9B-155F9CB8E016}
 
Error: (06/19/2015 00:51:04 AM) (Source: DCOM) (EventID: 10010) (User: DALLEGRAVE-PC)
Description: {03E64E17-B220-4052-9B9B-155F9CB8E016}
 
Error: (06/19/2015 00:51:03 AM) (Source: DCOM) (EventID: 10010) (User: DALLEGRAVE-PC)
Description: {03E64E17-B220-4052-9B9B-155F9CB8E016}
 
Error: (06/18/2015 11:46:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (06/18/2015 11:46:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Streamer Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/18/2015 11:46:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Network Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/18/2015 11:46:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA GeForce Experience Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/18/2015 11:46:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
 
Microsoft Office:
=========================
Error: (06/18/2015 11:32:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Solitaire.exe1.0.0.054d8b5a6Windows.UI.Xaml.dll6.3.9600.163845215860fc000027b00804fecf7801d0aa37daf88dd3C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe\Solitaire.exeC:
 
\Windows\System32\Windows.UI.Xaml.dll5ff5ca37-162b-11e5-825d-74d435e68c45Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbweApp
 
Error: (06/18/2015 08:07:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (06/18/2015 01:56:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: pes2013.exe1.3.0.050b536fentdll.dll6.3.9600.1638452159015c00000050003e182127c01d0a97682608bfdC:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exeC:\WINDOWS\SYSTEM32\ntdll.dll63891d3d-1576-11e5-825a-
 
74d435e68c45
 
Error: (06/17/2015 05:55:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Para Jogar CLIQUE AQUI.exe1.0.0.0ea401d0a93fdac808760C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\Para Jogar CLIQUE AQUI.exe1ff00efe-1533-11e5-825a-74d435e68c45
 
Error: (06/17/2015 05:54:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Para Jogar CLIQUE AQUI.exe1.0.0.018fc01d0a93fba01330a0C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\Para Jogar CLIQUE AQUI.exe00c0138e-1533-11e5-825a-74d435e68c45
 
Error: (06/17/2015 05:50:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (06/17/2015 05:49:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (06/17/2015 05:43:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (06/17/2015 09:43:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Minesweeper.exe1.0.0.0116001d0a8fb32868f294294967295C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe\Minesweeper.exe79dca64e-14ee-11e5-825a-
 
74d435e68c45Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbweApp
 
Error: (06/17/2015 09:43:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DALLEGRAVE-PC)
Description: Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe+App
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 31%
Total physical RAM: 8076.95 MB
Available physical RAM: 5521.42 MB
Total Pagefile: 9356.95 MB
Available Pagefile: 6750.08 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:223.48 GB) (Free:56.94 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:931.51 GB) (Free:744.59 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 7CCB641F)
Partition 1: (Active) - (Size=223.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1C31C86A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of log ============================

  • 0

#19
Biscuithd
Posted 22 June 2015 - 08:22 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Let's see if this helps.

 

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
EmptyTemp:
SearchScopes: HKU\S-1-5-21-3400116732-2033998285-2783747925-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.co...q={searchTerms}

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-12]

CHR Extension: (Google Wallet) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-12]

CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-12]

2015-06-12 09:33 - 2015-06-12 09:33 - 00000118 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2015-06-12 00:58 - 2015-06-12 00:58 - 00000401 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that          


  • 0

#20
adriandallegrave
Posted 22 June 2015 - 08:58 AM

adriandallegrave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
It ran succesfully. The malware stays though.
 
Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Adrian at 2015-06-22 11:52:41 Run:1
Running from C:\Users\Adrian\Desktop\frst
Loaded Profiles: Adrian (Available Profiles: Adrian)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
EmptyTemp:
SearchScopes: HKU\S-1-5-21-3400116732-2033998285-2783747925-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.co...q={searchTerms}
 
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-12]
 
CHR Extension: (Google Wallet) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-12]
 
CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-12]
 
2015-06-12 09:33 - 2015-06-12 09:33 - 00000118 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
 
2015-06-12 00:58 - 2015-06-12 00:58 - 00000401 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
*****************
 
Restore point was successfully created.
"HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found. 
C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg => moved successfully.
C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully.
C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia => moved successfully.
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully.
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat => moved successfully.
EmptyTemp: => 858.2 MB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 11:52:49 ====

  • 0

#21
adriandallegrave
Posted 24 June 2015 - 02:40 PM

adriandallegrave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

Do you have any new suggestions? 


  • 0

#22
Biscuithd
Posted 25 June 2015 - 06:58 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Very sorry that I missed your reply. I will dig in again. :)


  • 0

#23
Biscuithd
Posted 25 June 2015 - 07:26 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

The FreeLotto that you show hasn't been around in that form for a while. Let's see if we can remove it all at once.

 

Download ADWCleaner by Xplode to your desktop.


  • Close all programs and right-click on the adwcleaner.png icon - select Run as Administrator.
     
  • You will be presented with the console like the one below:

    adwcleaner-start.jpg

  • Click on Scan and follow the prompts.
  • Let it run unhindered.
  • When done, click on the Clean button, and follow the prompts.
  • Allow the system to reboot.

After that, you will then be presented with the report. Copy & Paste this report on your next reply.

icon_idea.gif The report will be saved in the C:\AdwCleaner folder, as AdwCleaner[S0].txt.

 

 

 

  1. You can download Malwarebytes Anti-Malware Free from the below link, then double click on it to install this program. Even if you have a copy, download a new one.
    MALWAREBYTES ANTI-MALWARE DOWNLOAD LINK (This link will open a download page in a new window from where you can download Malwarebytes Anti-Malware Free)
  2. When the installation begins, keep following the prompts in order to continue with the setup process.
    malwarebytes-installation.jpg
  3. On the Scanner tab,select Perform quick scan and then click on the Scan button to start scanning your computer.
    malwarebytes-quick-scan.jpg
  4. Malwarebytes’ Anti-Malware will now start scanning your computer for freelotto.com malicious files as shown below.
    malwarebytes-scan.jpg
  5. When the Malwarebytes scan will be completed,click on Show Result.
    malwarebytes-scan-results.jpg
  6. You will now be presented with a screen showing you the malware infections that Malwarebytes’ Anti-Malware has detected.Please note that the infections found may be different than what is shown in the image.Make sure that everything is Checked (ticked) and click on the Remove Selected button.
    malwarebytes-virus-removal.jpg

  • 0

#24
adriandallegrave
Posted 25 June 2015 - 03:11 PM

adriandallegrave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

The malware is not actually related to freelotto.com nor oursurfing.com. It makes the browser open a new tab every time I click anywhere on the page for the first time and it's always a different website. freelotto.com was just an example. Besides that it brings ads on any internte page I visit and they are always from different things. I ran ADWCleaner a few posts back but did it again as you told me too anyway and it found 2 search engines on chrome. MalwareBytes found OpenCandy and I removed it again. The malware stays even after cleaning those search engines. Here are the logs.

 

# AdwCleaner v4.207 - Logfile created 25/06/2015 at 17:45:30
# Updated 21/06/2015 by Xplode
# Database : 2015-06-23.1 [Server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : Adrian - DALLEGRAVE-PC
# Running from : C:\Users\Adrian\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16384
 
 
-\\ Google Chrome v43.0.2357.130
 
[C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [721 bytes] - [18/06/2015 11:44:28]
AdwCleaner[R1].txt - [1085 bytes] - [25/06/2015 17:44:34]
AdwCleaner[S0].txt - [1015 bytes] - [25/06/2015 17:45:30]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1074  bytes] ##########

  • 0

#25
adriandallegrave
Posted 25 June 2015 - 03:12 PM

adriandallegrave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

I forgot to put Malwarebytes log. Here it goes.

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 25/06/2015
Scan Time: 17:47:27
Logfile: mb.txt
Administrator: Yes
 
Version: 2.01.6.1022
Malware Database: v2015.03.09.05
Rootkit Database: v2015.02.25.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Adrian
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 337962
Time Elapsed: 2 min, 47 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 2
PUP.Optional.OpenCandy, C:\Users\Adrian\AppData\Local\Temp\HYDE7D0.tmp.1435264785\HTA\install.1435264785.zip, Quarantined, [0574a79c6b1f47efac7d27e144c230d0], 
PUP.Optional.OpenCandy, C:\Users\Adrian\AppData\Local\Temp\HYDE7D0.tmp.1435264785\HTA\3rdparty\OCSetupHlp.dll, Quarantined, [6613ae95791186b0082112f61bebee12], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

Advertisements

#26
adriandallegrave
Posted 25 June 2015 - 03:14 PM

adriandallegrave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

I also deleted those two files Malwarebytes found.


  • 0

#27
Biscuithd
Posted 01 July 2015 - 07:33 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Very sorry that I left you hanging! I've been in hospital for a bit. I'm on the mend now and assume you still need help.

 

If so, please run FRST and post a fresh log and lets see where we are.


  • 0

#28
adriandallegrave
Posted 01 July 2015 - 11:29 AM

adriandallegrave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

Thanks for coming back. I hope you're feeling better. 

 

I installed many Windows updates. Here goes the logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by Adrian (administrator) on DALLEGRAVE-PC on 01-07-2015 14:24:23
Running from C:\Users\Adrian\Desktop\frst
Loaded Profiles: Adrian (Available Profiles: Adrian)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-03] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 89.248.171.33 8.8.8.8
Tcpip\..\Interfaces\{4AA794E9-FB7F-42DB-B273-5775066E1DB0}: [DhcpNameServer] 89.248.171.33 8.8.8.8
Tcpip\..\Interfaces\{D5DA9376-0F53-4F28-8A00-F1A1F274362D}: [DhcpNameServer] 89.248.171.33 8.8.8.8
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-24] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-16] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
 
Chrome: 
=======
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-24]
CHR Extension: (YouTube) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-24]
CHR Extension: (Adblock Plus) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-24]
CHR Extension: (Google Search) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-24]
CHR Extension: (Bubble Shooter) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcdlnbbnjknldpikkllanljjbnegnnei [2015-06-24]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-06-24]
CHR Extension: (Planetarium) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2015-06-24]
CHR Extension: (MagicScroll eBook Reader) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2015-06-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-26]
CHR Extension: (Google Maps) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-06-24]
CHR Extension: (Google Wallet) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-24]
CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-24]
CHR Extension: (Writer) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnengefjfhgcceajaepbjhanoojifmog [2015-06-24]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-03] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-05-29] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-03] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-06-14] (DT Soft Ltd)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-03] (NVIDIA Corporation)
S3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-05-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-05-28] (NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-27 07:54 - 2015-06-27 07:54 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-06-27 07:54 - 2015-06-27 07:54 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-06-27 07:53 - 2015-06-27 07:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-26 05:30 - 2015-06-26 05:30 - 00965578 _____ C:\Users\Adrian\Downloads\Adm. Financeira – Material Complementar.zip
2015-06-26 00:55 - 2015-06-26 00:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-26 00:55 - 2015-05-27 00:04 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-26 00:52 - 2015-06-26 00:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-06-26 00:52 - 2015-06-26 00:52 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-06-26 00:52 - 2014-04-15 20:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-06-26 00:52 - 2014-04-15 20:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-06-26 00:51 - 2015-03-03 10:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-06-26 00:51 - 2014-02-06 09:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-26 00:51 - 2014-02-06 08:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-06-26 00:51 - 2014-02-06 08:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2015-06-26 00:51 - 2014-02-06 08:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-26 00:51 - 2014-02-06 08:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-06-26 00:51 - 2014-02-06 08:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2015-06-26 00:51 - 2014-02-06 07:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-06-26 00:51 - 2014-02-06 07:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-06-26 00:51 - 2014-02-06 07:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2015-06-26 00:51 - 2014-02-06 07:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-26 00:51 - 2014-02-06 07:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2015-06-26 00:51 - 2014-02-06 07:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-26 00:51 - 2014-02-06 07:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-06-26 00:51 - 2014-02-06 07:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-06-26 00:51 - 2014-02-06 07:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-06-26 00:51 - 2014-02-06 07:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-26 00:51 - 2014-02-06 07:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2015-06-26 00:51 - 2014-02-06 07:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2015-06-26 00:51 - 2014-02-06 06:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-26 00:51 - 2014-02-06 06:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-26 00:51 - 2014-02-06 06:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-06-26 00:51 - 2014-02-06 06:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2015-06-26 00:51 - 2014-02-06 06:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-26 00:51 - 2014-02-06 06:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2015-06-26 00:51 - 2014-02-06 06:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-26 00:51 - 2014-02-06 06:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-26 00:51 - 2014-02-06 06:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-06-26 00:51 - 2014-02-06 06:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-26 00:51 - 2014-02-06 06:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-26 00:51 - 2014-02-06 06:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-26 00:51 - 2014-02-06 06:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-26 00:51 - 2014-02-06 06:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-26 00:51 - 2014-02-06 05:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-26 00:51 - 2014-02-06 05:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-26 00:51 - 2014-02-06 05:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-26 00:51 - 2014-02-06 05:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-26 00:51 - 2014-02-06 05:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-26 00:50 - 2013-12-08 21:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2015-06-26 00:50 - 2013-12-08 21:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2015-06-26 00:50 - 2013-11-27 12:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-06-26 00:50 - 2013-11-27 12:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-06-26 00:50 - 2013-11-27 11:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-06-26 00:50 - 2013-11-27 10:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-06-26 00:50 - 2013-11-27 09:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2015-06-26 00:50 - 2013-11-27 07:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2015-06-26 00:50 - 2013-11-27 06:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2015-06-26 00:50 - 2013-11-27 06:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-06-26 00:50 - 2013-11-27 06:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-06-26 00:50 - 2013-11-27 06:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2015-06-26 00:50 - 2013-11-27 05:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-06-26 00:50 - 2013-11-27 05:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2015-06-26 00:50 - 2013-11-27 05:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-06-26 00:50 - 2013-11-26 10:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-06-26 00:50 - 2013-11-26 10:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-06-26 00:50 - 2013-11-26 08:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-06-26 00:50 - 2013-11-24 22:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2015-06-26 00:50 - 2013-11-24 22:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-06-26 00:50 - 2013-11-24 20:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2015-06-26 00:50 - 2013-11-24 20:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2015-06-26 00:50 - 2013-11-23 09:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2015-06-26 00:50 - 2013-11-23 04:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2015-06-26 00:50 - 2013-11-23 04:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2015-06-26 00:50 - 2013-11-23 04:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-06-26 00:50 - 2013-11-23 01:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-06-26 00:50 - 2013-11-23 00:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-06-26 00:50 - 2013-11-23 00:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-06-26 00:50 - 2013-11-21 03:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2015-06-26 00:50 - 2013-11-21 03:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-06-26 00:50 - 2013-11-15 11:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-06-26 00:50 - 2013-11-15 11:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-06-26 00:50 - 2013-11-15 11:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-06-26 00:50 - 2013-11-15 10:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-06-26 00:50 - 2013-10-30 21:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-06-26 00:50 - 2013-10-30 20:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-06-26 00:50 - 2013-09-26 06:20 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2015-06-26 00:50 - 2013-09-26 04:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-06-26 00:50 - 2013-09-26 04:14 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-06-26 00:50 - 2013-09-25 07:25 - 00783504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2015-06-26 00:50 - 2013-09-25 05:58 - 00648648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2015-06-26 00:50 - 2013-09-25 04:32 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-06-26 00:50 - 2013-09-25 02:40 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2015-06-26 00:50 - 2013-09-24 03:55 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2015-06-26 00:50 - 2013-09-24 02:59 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2015-06-26 00:50 - 2013-09-24 02:54 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-06-26 00:50 - 2013-09-24 02:10 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-06-26 00:50 - 2013-09-24 02:05 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-06-26 00:50 - 2013-09-24 00:56 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2015-06-26 00:50 - 2013-09-21 09:10 - 00579416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2015-06-26 00:50 - 2013-09-21 09:10 - 00236376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-06-26 00:50 - 2013-09-21 09:10 - 00151384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-06-26 00:50 - 2013-09-21 08:50 - 00528048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-06-26 00:50 - 2013-09-21 08:48 - 00534048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-06-26 00:50 - 2013-09-21 08:48 - 00123480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-06-26 00:50 - 2013-09-21 07:56 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2015-06-26 00:50 - 2013-09-21 07:53 - 01534504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-06-26 00:50 - 2013-09-21 07:53 - 00934856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-06-26 00:50 - 2013-09-21 07:53 - 00366688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2015-06-26 00:50 - 2013-09-21 07:45 - 00171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2015-06-26 00:50 - 2013-09-21 06:23 - 00427096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-06-26 00:50 - 2013-09-21 06:23 - 00098104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-06-26 00:50 - 2013-09-21 06:12 - 01092896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-06-26 00:50 - 2013-09-21 06:09 - 00796928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-06-26 00:50 - 2013-09-21 06:09 - 00312936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2015-06-26 00:50 - 2013-09-21 04:58 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2015-06-26 00:50 - 2013-09-21 04:57 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-06-26 00:50 - 2013-09-21 04:55 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-06-26 00:50 - 2013-09-21 04:50 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-06-26 00:50 - 2013-09-21 04:17 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2015-06-26 00:50 - 2013-09-21 03:55 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-06-26 00:50 - 2013-09-21 03:33 - 11366912 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2015-06-26 00:50 - 2013-09-21 03:01 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-06-26 00:50 - 2013-09-21 02:59 - 00940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-06-26 00:50 - 2013-09-21 02:57 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\livessp.dll
2015-06-26 00:50 - 2013-09-21 02:56 - 08712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2015-06-26 00:50 - 2013-09-21 02:43 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-06-26 00:50 - 2013-09-21 02:38 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-06-26 00:50 - 2013-09-21 02:37 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2015-06-26 00:50 - 2013-09-21 02:34 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-06-26 00:50 - 2013-09-21 02:31 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-06-26 00:50 - 2013-09-21 02:26 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-06-26 00:50 - 2013-09-21 02:20 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2015-06-26 00:50 - 2013-09-21 02:10 - 12028416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-06-26 00:50 - 2013-09-21 02:09 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2015-06-26 00:50 - 2013-09-21 02:05 - 08875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-06-26 00:50 - 2013-09-21 02:02 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2015-06-26 00:50 - 2013-09-21 01:54 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2015-06-26 00:50 - 2013-09-21 01:44 - 01662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-06-26 00:50 - 2013-09-21 01:39 - 01455616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-06-26 00:50 - 2013-09-21 01:38 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2015-06-26 00:50 - 2013-09-21 01:38 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2015-06-26 00:50 - 2013-09-21 01:37 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2015-06-26 00:50 - 2013-09-21 01:36 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2015-06-26 00:50 - 2013-09-19 03:39 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.dll
2015-06-26 00:50 - 2013-09-19 03:17 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2015-06-26 00:50 - 2013-09-19 02:47 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.dll
2015-06-26 00:50 - 2013-09-19 02:29 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2015-06-26 00:50 - 2013-09-19 02:08 - 01150976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-06-26 00:50 - 2013-09-19 02:01 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2015-06-26 00:50 - 2013-09-19 01:37 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-06-26 00:50 - 2013-09-19 01:32 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2015-06-26 00:50 - 2013-09-19 01:27 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2015-06-26 00:50 - 2013-09-19 01:27 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2015-06-26 00:50 - 2013-09-19 01:25 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2015-06-26 00:50 - 2013-09-19 01:11 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2015-06-26 00:50 - 2013-09-19 01:10 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2015-06-26 00:50 - 2013-09-19 00:59 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2015-06-26 00:50 - 2013-09-19 00:55 - 00552448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2015-06-26 00:50 - 2013-09-19 00:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-06-26 00:50 - 2013-09-19 00:32 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-06-26 00:50 - 2013-09-17 06:18 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-06-26 00:50 - 2013-09-17 03:58 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-06-26 00:50 - 2013-09-17 02:26 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-06-26 00:50 - 2013-09-17 02:15 - 01225728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2015-06-26 00:50 - 2013-09-17 02:00 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2015-06-26 00:50 - 2013-09-17 01:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2015-06-26 00:50 - 2013-09-17 01:08 - 00738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-06-26 00:50 - 2013-09-17 00:28 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-06-26 00:50 - 2013-09-14 11:06 - 00175960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VerifierExt.sys
2015-06-26 00:50 - 2013-09-14 11:06 - 00066904 _____ (Microsoft Corporation) C:\WINDOWS\system32\PSHED.DLL
2015-06-26 00:50 - 2013-09-14 08:39 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2015-06-26 00:50 - 2013-09-13 09:14 - 00872328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-06-26 00:50 - 2013-09-13 07:52 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-06-26 00:50 - 2013-09-13 06:52 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsClassExtension.dll
2015-06-26 00:50 - 2013-09-13 05:54 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-06-26 00:50 - 2013-09-13 05:10 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-06-26 00:50 - 2013-09-13 04:55 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2015-06-26 00:50 - 2013-09-13 04:30 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2015-06-26 00:50 - 2013-09-12 04:37 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2015-06-26 00:50 - 2013-09-11 06:31 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2015-06-26 00:50 - 2013-09-11 06:31 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2015-06-26 00:50 - 2013-09-11 04:41 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2015-06-26 00:50 - 2013-09-11 04:09 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2015-06-26 00:50 - 2013-09-07 09:44 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdprint.dll
2015-06-26 00:50 - 2013-09-07 09:29 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2015-06-26 00:50 - 2013-09-07 09:00 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdprint.dll
2015-06-26 00:50 - 2013-09-07 08:50 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceCenter.dll
2015-06-26 00:50 - 2013-09-07 08:45 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2015-06-26 00:50 - 2013-09-07 08:30 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2015-06-26 00:50 - 2013-09-07 08:22 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2015-06-26 00:50 - 2013-09-07 08:13 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2015-06-26 00:50 - 2013-09-07 08:07 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2015-06-26 00:50 - 2013-09-07 07:51 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2015-06-26 00:50 - 2013-09-07 07:51 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2015-06-26 00:50 - 2013-09-05 04:39 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2015-06-26 00:50 - 2013-09-05 03:42 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2015-06-26 00:50 - 2013-09-05 02:40 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2015-06-26 00:50 - 2013-09-04 04:01 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2015-06-26 00:50 - 2013-09-04 03:16 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2015-06-26 00:50 - 2013-09-04 02:47 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2015-06-26 00:50 - 2013-09-04 02:12 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCoreConfProv.dll
2015-06-26 00:50 - 2013-09-04 01:57 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2015-06-26 00:50 - 2013-09-04 01:48 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2015-06-26 00:50 - 2013-09-04 01:35 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2015-06-26 00:50 - 2013-08-31 11:18 - 00205024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2015-06-26 00:50 - 2013-08-31 09:15 - 00180232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2015-06-26 00:50 - 2013-08-31 09:04 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\riched20.dll
2015-06-26 00:50 - 2013-08-31 07:46 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\riched20.dll
2015-06-26 00:50 - 2013-08-31 07:00 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-06-26 00:50 - 2013-08-31 06:25 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2015-06-26 00:50 - 2013-08-30 04:31 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2015-06-26 00:50 - 2013-08-28 04:55 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-06-26 00:50 - 2013-08-28 04:49 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2015-06-26 00:50 - 2013-08-28 04:09 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2015-06-26 00:50 - 2013-08-27 03:09 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2015-06-26 00:50 - 2013-08-27 02:24 - 00813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2015-06-26 00:49 - 2014-10-30 19:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-06-26 00:49 - 2014-10-30 19:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-06-26 00:49 - 2014-03-06 06:19 - 01287576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2015-06-26 00:49 - 2014-03-06 06:02 - 01109424 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2015-06-26 00:49 - 2014-03-06 03:17 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2015-06-26 00:49 - 2014-03-06 03:10 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2015-06-26 00:49 - 2014-01-07 22:46 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-26 00:49 - 2014-01-07 22:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-06-26 00:49 - 2014-01-07 22:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-06-26 00:49 - 2014-01-07 02:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2015-06-26 00:49 - 2014-01-07 01:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2015-06-26 00:49 - 2014-01-04 12:54 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2015-06-26 00:49 - 2014-01-04 12:08 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2015-06-26 00:49 - 2014-01-04 11:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2015-06-26 00:49 - 2014-01-04 10:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2015-06-26 00:49 - 2014-01-02 20:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2015-06-26 00:49 - 2014-01-02 20:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2015-06-26 00:49 - 2013-12-31 22:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-06-26 00:49 - 2013-12-31 22:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-06-26 00:49 - 2013-12-31 21:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-06-26 00:49 - 2013-12-31 21:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-06-26 00:49 - 2013-12-31 20:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-06-26 00:49 - 2013-12-31 20:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-06-26 00:49 - 2013-12-31 20:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-06-26 00:49 - 2013-12-30 20:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2015-06-26 00:49 - 2013-12-30 20:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-06-26 00:49 - 2013-12-30 20:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2015-06-26 00:49 - 2013-12-30 20:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-06-26 00:49 - 2013-12-30 20:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-06-26 00:49 - 2013-12-27 12:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-06-26 00:49 - 2013-12-27 05:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2015-06-26 00:49 - 2013-12-27 05:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-06-26 00:49 - 2013-12-27 05:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2015-06-26 00:49 - 2013-12-27 04:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2015-06-26 00:49 - 2013-12-27 04:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-06-26 00:49 - 2013-12-27 03:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2015-06-26 00:49 - 2013-12-21 04:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2015-06-26 00:49 - 2013-12-20 07:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-06-26 00:49 - 2013-12-20 07:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-06-26 00:49 - 2013-12-17 04:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2015-06-26 00:49 - 2013-12-14 03:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-06-26 00:49 - 2013-12-14 03:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-06-26 00:49 - 2013-12-13 07:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2015-06-26 00:49 - 2013-12-13 03:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2015-06-26 00:49 - 2013-12-13 02:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2015-06-26 00:49 - 2013-12-11 04:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2015-06-26 00:49 - 2013-12-08 21:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-06-26 00:49 - 2013-12-08 21:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2015-06-26 00:49 - 2013-12-08 20:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2015-06-26 00:49 - 2013-12-08 20:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-06-26 00:49 - 2013-11-23 01:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-06-26 00:49 - 2013-11-23 01:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-06-26 00:49 - 2013-11-21 03:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2015-06-26 00:49 - 2013-11-21 02:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2015-06-26 00:49 - 2013-11-10 23:48 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-06-26 00:49 - 2013-11-09 03:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2015-06-26 00:49 - 2013-11-09 02:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2015-06-26 00:49 - 2013-11-08 07:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-06-26 00:49 - 2013-11-08 02:23 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2015-06-26 00:49 - 2013-11-08 01:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-06-26 00:49 - 2013-11-08 01:42 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2015-06-26 00:49 - 2013-11-08 01:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-06-26 00:49 - 2013-11-08 01:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-06-26 00:49 - 2013-11-08 00:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-06-26 00:49 - 2013-11-08 00:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-06-26 00:49 - 2013-11-05 11:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-06-26 00:49 - 2013-11-05 10:17 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-06-26 00:49 - 2013-11-04 10:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2015-06-26 00:49 - 2013-11-04 08:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-06-26 00:49 - 2013-11-04 07:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-06-26 00:49 - 2013-11-03 23:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2015-06-26 00:49 - 2013-11-03 22:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-06-26 00:49 - 2013-11-01 08:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-06-26 00:49 - 2013-11-01 03:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2015-06-26 00:49 - 2013-11-01 02:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2015-06-26 00:49 - 2013-10-30 21:58 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2015-06-26 00:49 - 2013-10-30 21:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-06-26 00:49 - 2013-10-30 21:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-06-26 00:49 - 2013-10-30 21:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-06-26 00:49 - 2013-10-25 22:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2015-06-26 00:49 - 2013-10-24 06:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2015-06-26 00:49 - 2013-10-24 06:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2015-06-26 00:49 - 2013-10-23 08:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2015-06-26 00:49 - 2013-10-23 08:21 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2015-06-26 00:49 - 2013-10-23 08:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2015-06-26 00:49 - 2013-10-22 05:18 - 00096088 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedapplauncher.exe
2015-06-26 00:49 - 2013-10-22 04:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-06-26 00:49 - 2013-10-22 03:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-06-26 00:49 - 2013-10-22 02:15 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-06-26 00:49 - 2013-10-22 01:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2015-06-26 00:49 - 2013-10-22 00:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2015-06-26 00:49 - 2013-10-22 00:44 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2015-06-26 00:49 - 2013-10-21 23:38 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-06-26 00:49 - 2013-10-21 23:22 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-06-26 00:49 - 2013-10-21 23:13 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-06-26 00:49 - 2013-10-21 22:53 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-06-26 00:49 - 2013-10-19 05:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2015-06-26 00:49 - 2013-10-19 04:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2015-06-26 00:49 - 2013-10-19 01:48 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-06-26 00:49 - 2013-10-19 01:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-06-26 00:49 - 2013-10-19 00:26 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-06-26 00:49 - 2013-10-19 00:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-06-26 00:49 - 2013-10-17 08:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-26 00:49 - 2013-10-17 07:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-26 00:49 - 2013-10-16 06:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-06-26 00:49 - 2013-10-16 06:33 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-06-26 00:49 - 2013-10-13 00:06 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-06-26 00:49 - 2013-10-12 23:48 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-06-26 00:49 - 2013-10-12 23:43 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2015-06-26 00:49 - 2013-10-12 18:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-06-26 00:49 - 2013-10-12 18:34 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-06-26 00:49 - 2013-10-10 13:26 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-06-26 00:49 - 2013-10-10 13:26 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-06-26 00:49 - 2013-10-10 11:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-06-26 00:49 - 2013-10-10 11:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-06-26 00:49 - 2013-10-10 08:53 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-06-26 00:49 - 2013-10-10 08:38 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-06-26 00:49 - 2013-10-10 08:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-06-26 00:49 - 2013-10-08 07:28 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-06-26 00:49 - 2013-10-08 03:46 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2015-06-26 00:49 - 2013-10-08 02:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2015-06-26 00:49 - 2013-10-08 02:50 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-06-26 00:49 - 2013-10-08 02:48 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-06-26 00:49 - 2013-10-08 02:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-06-26 00:49 - 2013-10-08 02:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2015-06-26 00:49 - 2013-10-08 01:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2015-06-26 00:49 - 2013-10-08 01:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2015-06-26 00:49 - 2013-10-07 04:21 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-06-26 00:49 - 2013-10-06 23:13 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-06-26 00:49 - 2013-10-05 12:25 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-06-26 00:49 - 2013-10-05 11:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-06-26 00:49 - 2013-10-05 11:21 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-06-26 00:49 - 2013-10-05 11:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2015-06-26 00:49 - 2013-10-05 11:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-06-26 00:49 - 2013-10-05 09:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-06-26 00:49 - 2013-10-05 09:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2015-06-26 00:49 - 2013-10-05 09:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-06-26 00:49 - 2013-10-05 08:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2015-06-26 00:49 - 2013-10-05 06:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-06-26 00:49 - 2013-10-05 06:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2015-06-26 00:49 - 2013-10-05 06:07 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2015-06-26 00:49 - 2013-10-05 05:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-26 00:49 - 2013-10-05 05:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2015-06-26 00:49 - 2013-10-05 05:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2015-06-26 00:49 - 2013-10-05 05:39 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-06-26 00:49 - 2013-10-05 05:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2015-06-26 00:49 - 2013-10-05 05:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-26 00:49 - 2013-10-05 05:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2015-06-26 00:49 - 2013-10-05 04:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-06-26 00:49 - 2013-10-05 04:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-06-26 00:49 - 2013-10-04 05:10 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2015-06-26 00:49 - 2013-10-03 06:16 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-06-26 00:49 - 2013-10-03 06:02 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-06-26 00:49 - 2013-10-02 08:00 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-06-26 00:49 - 2013-10-02 06:47 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-06-26 00:49 - 2013-10-01 00:42 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2015-06-26 00:49 - 2013-10-01 00:36 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2015-06-26 00:49 - 2013-09-19 04:19 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersRes.dll
2015-06-26 00:49 - 2013-09-19 03:27 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2015-06-26 00:49 - 2013-09-19 03:23 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WorkFoldersRes.dll
2015-06-26 00:49 - 2013-09-17 06:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-06-26 00:49 - 2013-09-17 06:06 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-06-26 00:49 - 2013-09-17 03:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-06-26 00:49 - 2013-09-17 03:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-06-26 00:49 - 2013-09-17 01:37 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2015-06-26 00:49 - 2013-09-14 11:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-06-26 00:49 - 2013-09-14 11:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2015-06-26 00:49 - 2013-09-14 09:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-06-26 00:49 - 2013-09-14 09:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2015-06-26 00:49 - 2013-09-14 07:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2015-06-26 00:49 - 2013-09-14 06:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2015-06-26 00:49 - 2013-09-13 05:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2015-06-26 00:49 - 2013-09-13 04:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2015-06-26 00:49 - 2013-09-12 05:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-06-26 00:49 - 2013-09-12 05:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-06-26 00:49 - 2013-09-12 05:08 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-06-26 00:49 - 2013-09-12 05:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-06-26 00:49 - 2013-09-12 04:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-06-26 00:49 - 2013-09-12 04:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-06-26 00:49 - 2013-09-12 04:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2015-06-26 00:49 - 2013-09-12 04:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-06-26 00:49 - 2013-09-12 04:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-06-26 00:49 - 2013-09-12 04:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-06-26 00:49 - 2013-09-10 01:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2015-06-26 00:48 - 2014-04-19 08:15 - 21186352 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-06-26 00:48 - 2014-04-19 03:49 - 18644072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-06-26 00:48 - 2014-03-10 07:35 - 02008408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-06-26 00:48 - 2014-03-10 07:35 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-06-26 00:48 - 2014-02-11 00:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-26 00:48 - 2014-02-10 23:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2015-06-26 00:48 - 2014-02-10 23:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2015-06-26 00:48 - 2014-01-31 13:15 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2015-06-26 00:48 - 2014-01-31 13:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-06-26 00:48 - 2014-01-31 13:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-06-26 00:48 - 2014-01-31 10:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-06-26 00:48 - 2014-01-31 06:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2015-06-26 00:48 - 2014-01-29 05:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-06-26 00:48 - 2014-01-29 05:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-06-26 00:48 - 2014-01-29 05:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2015-06-26 00:48 - 2014-01-29 05:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-06-26 00:48 - 2014-01-29 04:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2015-06-26 00:48 - 2014-01-29 04:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-06-26 00:48 - 2014-01-29 04:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-06-26 00:48 - 2014-01-29 03:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2015-06-26 00:48 - 2014-01-28 21:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2015-06-26 00:48 - 2014-01-27 16:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-06-26 00:48 - 2014-01-27 16:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2015-06-26 00:48 - 2014-01-27 16:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2015-06-26 00:48 - 2014-01-27 15:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-06-26 00:48 - 2014-01-27 15:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2015-06-26 00:48 - 2014-01-27 15:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2015-06-26 00:48 - 2014-01-27 15:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-06-26 00:48 - 2014-01-27 14:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-06-26 00:48 - 2014-01-27 14:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-06-26 00:48 - 2014-01-27 14:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-06-26 00:48 - 2014-01-27 12:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-06-26 00:48 - 2014-01-27 12:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-06-26 00:48 - 2014-01-27 08:45 - 00386722 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-26 00:48 - 2014-01-17 20:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-06-26 00:48 - 2014-01-17 18:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-06-26 00:48 - 2014-01-07 04:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2015-06-26 00:48 - 2014-01-07 02:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2015-06-26 00:48 - 2014-01-04 17:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2015-06-26 00:48 - 2014-01-04 16:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2015-06-26 00:48 - 2014-01-04 11:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-06-26 00:48 - 2014-01-04 11:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-06-26 00:48 - 2014-01-04 11:03 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-06-26 00:48 - 2014-01-04 10:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-06-26 00:48 - 2014-01-04 10:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-06-26 00:48 - 2014-01-04 10:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-06-26 00:48 - 2014-01-04 10:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-06-26 00:48 - 2014-01-04 10:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-06-26 00:48 - 2013-12-21 11:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2015-06-26 00:48 - 2013-12-21 05:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-06-26 00:48 - 2013-12-20 23:10 - 00009701 _____ C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2015-06-26 00:48 - 2013-12-20 23:10 - 00009701 _____ C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2015-06-26 00:48 - 2013-12-08 23:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-26 00:48 - 2013-12-08 22:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-26 00:48 - 2013-12-08 21:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2015-06-26 00:48 - 2013-11-27 12:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2015-06-26 00:48 - 2013-11-27 08:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-06-26 00:48 - 2013-11-27 05:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-26 00:48 - 2013-11-27 05:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-26 00:48 - 2013-11-27 05:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-06-26 00:48 - 2013-11-27 05:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-06-26 00:48 - 2013-11-09 03:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-06-26 00:48 - 2013-11-09 03:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-06-26 00:48 - 2013-11-09 02:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-06-26 00:48 - 2013-10-30 21:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-06-26 00:48 - 2013-10-30 21:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-06-26 00:48 - 2013-10-30 21:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-06-26 00:48 - 2013-10-16 12:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-06-26 00:48 - 2013-10-16 10:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-06-26 00:48 - 2013-10-15 05:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2015-06-26 00:48 - 2013-10-15 05:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2015-06-26 00:48 - 2013-10-10 08:26 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-26 00:48 - 2013-10-10 08:05 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-26 00:48 - 2013-10-10 07:34 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-06-26 00:48 - 2013-10-10 07:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-06-26 00:48 - 2013-09-26 03:51 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-06-26 00:48 - 2013-09-26 03:34 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2015-06-26 00:48 - 2013-09-26 03:34 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2015-06-26 00:48 - 2013-09-21 07:53 - 00996320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2015-06-25 17:42 - 2015-06-25 17:42 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-25 17:42 - 2015-06-25 17:42 - 02244096 _____ C:\Users\Adrian\Downloads\AdwCleaner.exe
2015-06-24 19:32 - 2015-06-24 19:32 - 00002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-24 19:32 - 2015-06-24 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-24 01:20 - 2015-06-29 01:33 - 00014145 _____ C:\Users\Adrian\Desktop\TRT.xlsx
2015-06-23 17:24 - 2015-06-24 11:48 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-06-23 17:24 - 2015-06-23 17:32 - 00000000 ____D C:\ProgramData\Adobe
2015-06-23 17:24 - 2015-06-23 17:24 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-06-23 17:24 - 2015-06-23 17:24 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-23 17:23 - 2015-06-23 17:30 - 00000000 ____D C:\Users\Adrian\AppData\Local\Adobe
2015-06-22 11:53 - 2015-06-22 11:53 - 00000118 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-06-20 21:29 - 2015-06-20 21:29 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-06-20 21:21 - 2015-06-20 21:21 - 00002175 _____ C:\Users\Adrian\Desktop\LEGOLOTR - Shortcut.lnk
2015-06-20 20:59 - 2015-06-20 20:59 - 00000000 ____D C:\Program Files (x86)\Warner Bros. Interactive Entertainment
2015-06-19 19:32 - 2015-06-29 01:32 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\vlc
2015-06-19 19:31 - 2015-06-19 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-06-19 19:31 - 2015-06-19 19:31 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-06-19 16:51 - 2015-06-19 16:51 - 00005406 _____ C:\Users\Adrian\Desktop\gmer.log
2015-06-19 16:43 - 2015-06-19 16:43 - 00001820 _____ C:\Users\Adrian\Desktop\aswMBR.txt
2015-06-19 16:43 - 2015-06-19 16:43 - 00000512 _____ C:\Users\Adrian\Desktop\MBR.dat
2015-06-19 11:47 - 2015-06-19 11:48 - 00380416 _____ C:\Users\Adrian\Desktop\gmer.exe
2015-06-19 11:47 - 2015-06-19 11:47 - 05198336 _____ (AVAST Software) C:\Users\Adrian\Desktop\aswMBR.exe
2015-06-18 20:08 - 2015-06-18 20:08 - 00000000 ____D C:\Users\Adrian\AppData\Local\Skyrim
2015-06-18 20:07 - 2015-06-18 20:07 - 00000000 ____D C:\Users\Adrian\Documents\My Games
2015-06-18 11:45 - 2015-06-18 11:45 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-DALLEGRAVE-PC-Windows-8.1-Pro-(64-bit).dat
2015-06-18 11:45 - 2015-06-18 11:45 - 00000000 ____D C:\RegBackup
2015-06-18 11:44 - 2015-06-25 17:45 - 00000000 ____D C:\AdwCleaner
2015-06-18 09:44 - 2015-06-18 09:37 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-06-18 09:40 - 2015-06-18 11:40 - 00015027 _____ C:\zoek-results.log
2015-06-18 09:37 - 2015-06-18 09:44 - 00000000 ____D C:\zoek_backup
2015-06-17 21:12 - 2015-06-17 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InputMapper
2015-06-17 21:11 - 2015-06-17 21:11 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\InputMapper
2015-06-17 21:11 - 2015-06-17 21:11 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\DSDCS
2015-06-17 21:11 - 2015-06-17 21:11 - 00000000 ____D C:\ProgramData\DSDCS
2015-06-17 21:11 - 2015-06-17 21:11 - 00000000 ____D C:\ProgramData\Caphyon
2015-06-17 21:11 - 2015-06-17 21:11 - 00000000 ____D C:\Program Files (x86)\DSDCS
2015-06-17 19:52 - 2015-06-23 01:55 - 00000000 ____D C:\Users\Adrian\AppData\Local\Paint.NET
2015-06-17 19:52 - 2015-06-17 19:52 - 00001200 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2015-06-17 19:52 - 2015-06-17 19:52 - 00000000 ____D C:\Program Files\Paint.NET
2015-06-17 19:39 - 2015-06-17 19:39 - 00002036 _____ C:\Users\Adrian\Desktop\Brasileirao A - Shortcut.lnk
2015-06-17 19:22 - 2015-06-17 19:22 - 00000000 ____D C:\ProgramData\KONAMI
2015-06-17 19:22 - 2015-06-17 19:22 - 00000000 ____D C:\Program Files (x86)\KONAMI
2015-06-17 17:49 - 2015-06-17 17:49 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-06-17 17:49 - 2015-06-17 17:49 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-06-17 17:42 - 2015-06-17 17:42 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-17 09:40 - 2015-06-17 09:40 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-06-17 09:40 - 2015-06-17 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-16 19:05 - 2015-06-16 19:05 - 00000000 ____D C:\Users\Adrian\Documents\Flight Simulator X Files
2015-06-16 19:04 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2015-06-16 19:04 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2015-06-16 19:04 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2015-06-16 19:04 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2015-06-16 19:04 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2015-06-16 19:04 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2015-06-16 19:04 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2015-06-16 19:04 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-06-16 19:04 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2015-06-16 19:04 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2015-06-16 19:04 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2015-06-16 19:04 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2015-06-16 19:04 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2015-06-16 19:04 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2015-06-16 19:04 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2015-06-16 19:04 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2015-06-16 19:04 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2015-06-16 19:04 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2015-06-16 19:04 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2015-06-16 19:04 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2015-06-16 19:04 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2015-06-16 19:04 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2015-06-16 19:04 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2015-06-16 19:04 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2015-06-16 19:04 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2015-06-16 19:04 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2015-06-16 19:04 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2015-06-16 19:04 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2015-06-16 19:04 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2015-06-16 19:04 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2015-06-16 19:04 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2015-06-16 19:04 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2015-06-16 19:04 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2015-06-16 19:04 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2015-06-16 19:04 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2015-06-16 19:04 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2015-06-16 19:04 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2015-06-16 19:04 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2015-06-16 19:04 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2015-06-16 19:04 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2015-06-16 19:04 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2015-06-16 19:04 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2015-06-16 19:04 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2015-06-16 19:04 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-06-16 19:04 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2015-06-16 19:04 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-06-16 19:04 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2015-06-16 19:04 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-06-16 19:04 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2015-06-16 19:04 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2015-06-16 19:04 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2015-06-16 19:04 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2015-06-16 19:04 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2015-06-16 19:04 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2015-06-16 19:04 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2015-06-16 19:04 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2015-06-16 19:04 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2015-06-16 19:04 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2015-06-16 19:04 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2015-06-16 19:04 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2015-06-16 19:04 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2015-06-16 19:04 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2015-06-16 19:04 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2015-06-16 19:04 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2015-06-16 19:04 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2015-06-16 19:04 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2015-06-16 19:04 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2015-06-16 19:04 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2015-06-16 19:04 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2015-06-16 19:04 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2015-06-16 19:04 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2015-06-16 19:04 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2015-06-16 19:04 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2015-06-16 19:04 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2015-06-16 19:04 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2015-06-16 19:04 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2015-06-16 19:04 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2015-06-16 19:04 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2015-06-16 19:04 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2015-06-16 19:04 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2015-06-16 19:04 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2015-06-16 19:04 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2015-06-16 19:04 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2015-06-16 19:04 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2015-06-16 19:04 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2015-06-16 19:04 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2015-06-16 19:04 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2015-06-16 19:04 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2015-06-16 19:04 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2015-06-16 19:04 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2015-06-16 19:04 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2015-06-16 19:04 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2015-06-16 19:04 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2015-06-16 19:04 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2015-06-16 19:04 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2015-06-16 19:04 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2015-06-16 19:04 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2015-06-16 19:04 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2015-06-16 19:04 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2015-06-16 19:04 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2015-06-16 19:04 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2015-06-16 12:10 - 2015-06-16 12:10 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2015-06-16 12:05 - 2015-06-16 12:05 - 00000000 ____D C:\Users\Adrian\Documents\KONAMI
2015-06-16 09:25 - 2015-06-16 09:25 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\WinRAR
2015-06-16 09:25 - 2015-06-16 09:25 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-16 09:25 - 2015-06-16 09:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-16 09:25 - 2015-06-16 09:25 - 00000000 ____D C:\Program Files\WinRAR
2015-06-15 19:38 - 2015-06-16 11:47 - 00000090 _____ C:\Users\Adrian\Desktop\pes 2013 serials.txt
2015-06-15 19:14 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2015-06-15 19:13 - 2015-06-15 19:13 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-06-15 19:13 - 2015-06-15 19:13 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-06-15 19:12 - 2015-06-15 19:12 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\NVIDIA
2015-06-15 19:12 - 2015-06-15 19:12 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-06-15 19:12 - 2015-06-15 19:12 - 00000000 ____D C:\Program Files\MSBuild
2015-06-15 19:12 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-06-15 19:12 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2015-06-15 19:12 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2015-06-15 19:12 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-06-15 19:12 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2015-06-15 19:12 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-06-15 19:12 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2015-06-15 19:12 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-06-15 19:12 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2015-06-15 19:12 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-06-15 19:12 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2015-06-15 19:12 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-06-15 19:12 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2015-06-15 19:12 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2015-06-15 19:12 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2015-06-15 19:12 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-06-15 19:12 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-06-15 19:12 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2015-06-15 19:12 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2015-06-15 19:12 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-06-15 19:12 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2015-06-15 19:12 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2015-06-15 19:12 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2015-06-15 19:12 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2015-06-15 19:12 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2015-06-15 19:12 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2015-06-15 19:12 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2015-06-15 19:12 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2015-06-15 19:12 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2015-06-15 19:12 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2015-06-15 19:12 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2015-06-15 19:12 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2015-06-15 19:12 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2015-06-15 19:12 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2015-06-15 19:12 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2015-06-15 19:12 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2015-06-15 19:12 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2015-06-15 19:12 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2015-06-15 19:12 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2015-06-15 19:12 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2015-06-15 19:12 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2015-06-15 19:12 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2015-06-15 19:12 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2015-06-15 19:12 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-06-15 19:12 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2015-06-15 19:12 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2015-06-15 19:12 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2015-06-15 19:12 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2015-06-15 19:12 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2015-06-15 19:12 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2015-06-15 19:12 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2015-06-15 19:11 - 2013-08-03 01:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-06-15 19:11 - 2013-08-03 01:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-15 19:11 - 2013-08-03 01:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-06-15 19:11 - 2013-08-03 01:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-06-15 19:11 - 2013-08-03 01:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-15 19:11 - 2013-08-03 01:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-06-15 19:09 - 2015-06-18 20:07 - 00078317 _____ C:\WINDOWS\DirectX.log
2015-06-15 19:09 - 2015-06-15 19:09 - 00000175 _____ C:\WINDOWS\DXError.log
2015-06-15 19:09 - 2015-06-15 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-06-15 19:09 - 2015-06-15 19:09 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2015-06-14 15:38 - 2015-06-14 15:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-14 13:25 - 2015-06-14 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enforcer Police Crime Action
2015-06-14 13:24 - 2015-06-14 13:24 - 00283200 _____ (DT Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2015-06-14 13:24 - 2015-06-14 13:24 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\DAEMON Tools Lite
2015-06-14 13:24 - 2015-06-14 13:24 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2015-06-14 13:23 - 2015-06-14 13:24 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-06-12 18:31 - 2015-07-01 14:24 - 00000000 ____D C:\Users\Adrian\Desktop\frst
2015-06-12 18:31 - 2015-07-01 14:24 - 00000000 ____D C:\FRST
2015-06-12 09:47 - 2015-06-12 09:47 - 00000000 __SHD C:\Recovery
2015-06-12 08:47 - 2015-06-26 00:43 - 00496836 _____ C:\WINDOWS\PFRO.log
2015-06-12 08:47 - 2015-06-12 08:47 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-06-12 08:47 - 2015-06-12 00:51 - 00000000 ____D C:\WINDOWS\Panther
2015-06-12 04:40 - 2015-06-12 04:40 - 00007597 _____ C:\Users\Adrian\AppData\Local\Resmon.ResmonCfg
2015-06-12 04:15 - 2015-06-12 04:15 - 00002709 _____ C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\msinfo32.lnk
2015-06-12 03:28 - 2015-06-15 19:16 - 00000000 ____D C:\Users\Adrian\Documents\The Witcher 3
2015-06-12 03:24 - 2015-06-12 03:24 - 00000000 ____D C:\Users\Adrian\Documents\Game of Thrones
2015-06-12 03:19 - 2015-06-12 03:19 - 00000000 ____D C:\Users\Adrian\AppData\Local\Steam
2015-06-12 03:17 - 2015-06-30 13:18 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-12 03:17 - 2015-06-12 03:17 - 00000979 _____ C:\Users\Public\Desktop\Steam.lnk
2015-06-12 03:17 - 2015-06-12 03:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-12 01:41 - 2015-07-01 11:15 - 00003758 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-06-12 01:41 - 2015-06-29 01:39 - 00177622 _____ C:\Users\Adrian\Desktop\calendário inter certo.xlsx.xlsm
2015-06-12 01:41 - 2015-06-12 09:33 - 00000000 ____D C:\WINDOWS\AutoKMS
2015-06-12 01:40 - 2015-06-12 01:40 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2015-06-12 01:40 - 2013-08-22 09:40 - 00040664 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2015-06-12 01:34 - 2015-06-27 07:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-12 01:34 - 2015-06-12 01:34 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-06-12 01:34 - 2015-06-12 01:34 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-06-12 01:34 - 2015-06-12 01:34 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-06-12 01:34 - 2015-06-12 01:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-06-12 01:32 - 2015-06-27 08:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-12 01:32 - 2015-06-12 01:34 - 00000000 ____D C:\Program Files\Microsoft Office
2015-06-12 01:32 - 2015-06-12 01:32 - 00000000 ____D C:\Users\Adrian\AppData\Local\Microsoft Help
2015-06-12 01:32 - 2015-06-12 01:32 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-06-12 01:32 - 2015-06-12 01:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-06-12 01:32 - 2015-06-12 01:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-06-12 01:31 - 2015-06-12 01:31 - 00000000 __RHD C:\MSOCache
2015-06-12 01:19 - 2015-06-12 01:19 - 00000686 _____ C:\Users\Adrian\Desktop\downloads.lnk
2015-06-12 01:19 - 2015-06-12 01:19 - 00000657 _____ C:\Users\Adrian\Desktop\adrian.lnk
2015-06-12 01:04 - 2015-07-01 13:37 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-12 01:04 - 2015-07-01 11:14 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-12 01:04 - 2015-06-24 19:32 - 00003898 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-12 01:04 - 2015-06-24 19:32 - 00003662 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-12 01:04 - 2015-06-24 19:32 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-12 01:03 - 2015-06-24 19:32 - 00000000 ____D C:\Users\Adrian\AppData\Local\Google
2015-06-12 01:03 - 2015-06-12 01:03 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Macromedia
2015-06-12 00:58 - 2015-06-12 00:58 - 00019634 _____ C:\WINDOWS\system32\results.xml
2015-06-12 00:57 - 2015-06-28 16:10 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3400116732-2033998285-2783747925-1001
2015-06-12 00:57 - 2015-06-12 00:57 - 00000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2015-06-12 00:57 - 2015-06-12 00:57 - 00000000 ____D C:\Program Files (x86)\Intel
2015-06-12 00:56 - 2015-06-12 00:58 - 00000000 ____D C:\Intel
2015-06-12 00:56 - 2015-06-12 00:57 - 00000000 ____D C:\Program Files\Intel
2015-06-12 00:55 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-06-12 00:55 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-06-12 00:55 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-06-12 00:55 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-06-12 00:55 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-06-12 00:55 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-06-12 00:54 - 2015-06-26 12:22 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-12 00:54 - 2015-06-26 12:16 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-12 00:54 - 2015-06-18 20:15 - 00000000 ____D C:\Users\Adrian\AppData\Local\NVIDIA Corporation
2015-06-12 00:54 - 2015-06-18 20:15 - 00000000 ____D C:\Users\Adrian\AppData\Local\NVIDIA
2015-06-12 00:54 - 2015-06-12 00:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-12 00:54 - 2015-06-12 00:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-12 00:54 - 2015-06-03 18:04 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-06-12 00:54 - 2015-06-03 18:04 - 01571696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-06-12 00:54 - 2015-06-03 18:04 - 01320304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-06-12 00:54 - 2015-06-03 18:04 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-06-12 00:54 - 2015-05-29 15:49 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-06-12 00:54 - 2015-05-29 15:49 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-06-12 00:54 - 2015-05-28 01:15 - 06872904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-06-12 00:54 - 2015-05-28 01:15 - 03491984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-06-12 00:54 - 2015-05-28 01:15 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-06-12 00:54 - 2015-05-28 01:15 - 00937288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-06-12 00:54 - 2015-05-28 01:15 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-06-12 00:54 - 2015-05-28 01:15 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-06-12 00:54 - 2015-05-28 00:52 - 00571024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-06-12 00:54 - 2015-05-27 07:48 - 04408727 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-06-12 00:53 - 2015-06-18 20:15 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-12 00:53 - 2015-06-18 20:15 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-12 00:53 - 2015-06-12 00:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-12 00:53 - 2015-06-12 00:53 - 00000000 ____D C:\NVIDIA
2015-06-12 00:53 - 2015-05-28 04:04 - 42719888 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 37741712 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 30480528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 22946960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 17486856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 16185352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 15864064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 14987528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 14495448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 13304280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 12852152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 11830512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 10995528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-06-12 00:53 - 2015-05-28 04:04 - 03379680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 02986392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 02599056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435306.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01558848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcvadgenco64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435306.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01099808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01050440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00982856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00974480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00939080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00878816 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00503408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00407112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00364176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00195912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-06-12 00:53 - 2015-05-28 04:04 - 00175880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00117576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcaparm.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00052880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00048784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00039056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvadarm.sys
2015-06-12 00:53 - 2015-05-28 04:04 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-06-12 00:53 - 2015-05-28 04:04 - 00031552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb
2015-06-12 00:52 - 2015-07-01 11:14 - 00000000 __RDO C:\Users\Adrian\SkyDrive
2015-06-12 00:51 - 2015-07-01 13:52 - 01692880 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-12 00:51 - 2015-06-23 17:31 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Adobe
2015-06-12 00:51 - 2015-06-14 16:27 - 00000000 ____D C:\Users\Adrian\AppData\Local\Packages
2015-06-12 00:51 - 2015-06-14 13:27 - 00000000 ____D C:\Users\Adrian\AppData\Local\VirtualStore
2015-06-12 00:51 - 2015-06-12 00:51 - 00001446 _____ C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-12 00:51 - 2015-06-12 00:51 - 00000000 ____D C:\WINDOWS\CSC
2015-06-12 00:51 - 2013-08-22 02:17 - 02407936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-06-12 00:50 - 2015-06-12 00:58 - 00000000 ____D C:\Users\Adrian
2015-06-12 00:50 - 2015-06-12 00:50 - 00000020 ___SH C:\Users\Adrian\ntuser.ini
2015-06-12 00:50 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-12 00:50 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-12 00:50 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-12 00:50 - 2013-08-22 12:36 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-01 13:00 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-27 08:01 - 2013-08-22 12:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-27 07:57 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-26 18:33 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-26 12:16 - 2013-08-22 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-26 12:16 - 2013-08-22 11:44 - 00409848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-26 07:00 - 2013-08-22 12:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-26 07:00 - 2013-08-22 12:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-06-26 07:00 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-26 07:00 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-26 07:00 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-06-26 07:00 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-06-26 07:00 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-26 07:00 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-06-26 07:00 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\FileManager
2015-06-26 07:00 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\Camera
2015-06-26 07:00 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-06-26 07:00 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-06-26 07:00 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-06-26 07:00 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-06-26 07:00 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-06-26 00:52 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2015-06-26 00:52 - 2013-08-22 11:46 - 00017331 _____ C:\WINDOWS\setupact.log
2015-06-26 00:51 - 2013-08-22 10:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-06-20 00:02 - 2013-08-22 12:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-20 00:02 - 2013-08-22 12:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-19 21:26 - 2013-08-22 10:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-18 09:44 - 2013-08-22 12:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-06-14 16:31 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-14 15:44 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\Vss
2015-06-12 09:47 - 2013-08-22 12:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-06-12 09:47 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-06-12 08:47 - 2013-08-22 12:37 - 00001720 _____ C:\WINDOWS\DtcInstall.log
2015-06-12 04:41 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\Registration
2015-06-12 01:32 - 2013-08-22 16:11 - 00000000 ____D C:\WINDOWS\ShellNew
2015-06-12 00:54 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\restore
2015-06-12 00:54 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\Help
 
==================== Files in the root of some directories =======
 
2015-06-12 04:40 - 2015-06-12 04:40 - 0007597 _____ () C:\Users\Adrian\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
C:\Users\Adrian\AppData\Local\Temp\LEGOLOTR.exe
C:\Users\Adrian\AppData\Local\Temp\Quarantine.exe
C:\Users\Adrian\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-29 12:24
 
==================== End of log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Adrian at 2015-07-01 14:24:37
Running from C:\Users\Adrian\Desktop\frst
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3400116732-2033998285-2783747925-500 - Administrator - Disabled)
Adrian (S-1-5-21-3400116732-2033998285-2783747925-1001 - Administrator - Enabled) => C:\Users\Adrian
Guest (S-1-5-21-3400116732-2033998285-2783747925-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version:  - Ubisoft Montreal)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Enforcer Police Crime Action (HKLM-x32\...\Enforcer Police Crime Action_is1) (Version:  - )
Game of Thrones  (HKLM-x32\...\Steam App 208730) (Version:  - Cyanide Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
InputMapper (HKLM-x32\...\{1A44056A-C7D8-4561-BC43-A0AA7D7AAA64}) (Version: 1.5.31.0 - DSDCS)
Intel® Chipset Device Software (x32 Version: 10.0.27 - Intel® Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4222 - Intel Corporation)
LEGO® The Lord of the Rings™ (HKLM-x32\...\{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version:  - Kojima Productions)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62613.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62613.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Steam Edition (HKLM-x32\...\Steam App 314160) (Version:  - Microsoft Game Studios)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.06 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pro Evolution Soccer 2013 (HKLM-x32\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
Two Worlds II (HKLM-x32\...\Steam App 7520) (Version:  - Reality Pump Studios)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version:  - Microsoft)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3400116732-2033998285-2783747925-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points =========================
 
15-06-2015 19:09:16 Installed DirectX
17-06-2015 17:43:57 avast! antivirus system restore point
18-06-2015 20:07:39 Installed DirectX
20-06-2015 20:59:09 Installed LEGO® The Lord of the Rings™
22-06-2015 11:52:43 Restore Point Created by FRST
26-06-2015 00:51:33 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 10:25 - 2015-06-18 09:40 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       localhost 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1B5195AC-3BCF-4E23-9B2C-51C5EA063F8A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-24] (Google Inc.)
Task: {1CA8609E-58D1-42BB-8F58-6D70C08BE3C9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {4ADBD9D3-EC2E-443D-A027-82E5FC877451} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {762616E0-865A-4556-8F06-CDDA0CF6A664} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {8FD03D37-1422-4167-94E1-80BD2DAA801C} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-06-12] ()
Task: {9DEFE168-3716-484E-B6DE-13D42A62BAD9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-24] (Google Inc.)
Task: {FE202C94-B1E8-4624-B8D8-09FB0ABF0916} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {FE7FE0BB-33B2-4895-AE13-4E0DE38C990C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-27] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-06-12 00:54 - 2015-05-28 01:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-12 00:54 - 2015-06-03 18:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-24 19:32 - 2015-06-20 02:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-24 19:32 - 2015-06-20 02:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Adrian\SkyDrive:ms-properties
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\15174583.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\15174583.sys => ""="Driver"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 89.248.171.33 - 8.8.8.8
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{77F72464-78B3-48B0-B0F2-0F363AC17787}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{89BD8F87-F23E-4E7E-88A8-BDE83A4C9B3F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7FF0D0F4-4780-44A1-A184-1CE2ED4353A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{06D7F422-37F6-4E90-B842-2F1B122118AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0CAE9F5F-481F-4AB6-BD29-B26780178D2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D4957CD0-8D70-46CE-B393-3731B5F88E73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{04591195-6F56-4242-98B6-E62B69732F72}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{565DBDBA-97A1-4889-96F1-8FB6B6DC8EEA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{75351BB4-B052-4BDF-9291-C29B4519BC50}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{510360FF-CAEF-432A-8481-E90AA338A25D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8CF9B0CD-4C61-4C72-9281-E1487FBDEE3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{3D70B7CD-E352-4AE0-8A2F-0DD657757C63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{A7E21DAD-CD27-4504-B96E-108810533BD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Binaries\Win32\ShippingPC-AGOTGame.exe
FirewallRules: [{DB4EA62F-7C4A-4033-99EC-FE9F5114271B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Binaries\Win32\ShippingPC-AGOTGame.exe
FirewallRules: [{21AF6423-DA38-406B-A279-34A3D6C32A3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{D343044C-7D4A-43A5-A562-2AD6E062F643}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{D75A6A9C-2306-44D4-9D91-74E350F525B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds II\TwoWorlds2.exe
FirewallRules: [{B08123F4-3B1D-49AD-8AFA-8DB86C8F96E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds II\TwoWorlds2.exe
FirewallRules: [{9F8778C7-F077-4691-AF46-B1FBD3223452}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds II\TwoWorlds2_DX10.exe
FirewallRules: [{3610E05C-5ED6-4E26-B2A3-1CEEDD234349}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds II\TwoWorlds2_DX10.exe
FirewallRules: [{2B197FA2-29A3-4BBB-9DD6-7B241CEA48F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{46D94CB5-A327-4714-9F06-A37554696CFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{F75AA6C6-A776-46BA-8BCE-6C85265EB4EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [{198FCF1C-6036-4786-B71B-A45238328433}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [TCP Query User{1079F915-6936-4203-98A8-7197B237A01F}C:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe
FirewallRules: [UDP Query User{A7704081-E5E4-4FDA-AF28-AD3CC81FFFB9}C:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe
FirewallRules: [{9A88F7C8-3C84-4EE8-8DB7-1F3C510AB6BC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{05CFF381-EEFD-46BF-91BA-C0BE282ACC97}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D2272624-542C-4464-BE29-760817D264CE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{58BFA621-7094-4A88-9FC6-7B838136E111}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{87141265-6B20-456F-BD78-8FC07F913B83}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/28/2015 06:40:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: InputMapper.exe, version: 1.5.31.0, time stamp: 0x5563438c
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16656, time stamp: 0x531812f4
Exception code: 0xe0434352
Fault offset: 0x00012c1a
Faulting process id: 0x298
Faulting application start time: 0xInputMapper.exe0
Faulting application path: InputMapper.exe1
Faulting module path: InputMapper.exe2
Report Id: InputMapper.exe3
Faulting package full name: InputMapper.exe4
Faulting package-relative application ID: InputMapper.exe5
 
Error: (06/28/2015 06:40:11 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: InputMapper.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Exception
Stack:
   at InputMapper.EntryPoint.Main(System.String[])
 
Error: (06/28/2015 06:40:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: InputMapper.exe, version: 1.5.31.0, time stamp: 0x5563438c
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16656, time stamp: 0x531812f4
Exception code: 0xe0434352
Fault offset: 0x00012c1a
Faulting process id: 0x16c4
Faulting application start time: 0xInputMapper.exe0
Faulting application path: InputMapper.exe1
Faulting module path: InputMapper.exe2
Report Id: InputMapper.exe3
Faulting package full name: InputMapper.exe4
Faulting package-relative application ID: InputMapper.exe5
 
Error: (06/28/2015 06:40:08 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: InputMapper.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Exception
Stack:
   at InputMapper.EntryPoint.Main(System.String[])
 
Error: (06/28/2015 06:40:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: InputMapper.exe, version: 1.5.31.0, time stamp: 0x5563438c
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16656, time stamp: 0x531812f4
Exception code: 0xe0434352
Fault offset: 0x00012c1a
Faulting process id: 0x608
Faulting application start time: 0xInputMapper.exe0
Faulting application path: InputMapper.exe1
Faulting module path: InputMapper.exe2
Report Id: InputMapper.exe3
Faulting package full name: InputMapper.exe4
Faulting package-relative application ID: InputMapper.exe5
 
Error: (06/28/2015 06:40:04 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: InputMapper.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Exception
Stack:
   at InputMapper.EntryPoint.Main(System.String[])
 
Error: (06/27/2015 11:38:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: InputMapper.exe, version: 1.5.31.0, time stamp: 0x5563438c
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16656, time stamp: 0x531812f4
Exception code: 0xe0434352
Fault offset: 0x00012c1a
Faulting process id: 0x1310
Faulting application start time: 0xInputMapper.exe0
Faulting application path: InputMapper.exe1
Faulting module path: InputMapper.exe2
Report Id: InputMapper.exe3
Faulting package full name: InputMapper.exe4
Faulting package-relative application ID: InputMapper.exe5
 
Error: (06/27/2015 11:38:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: InputMapper.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Exception
Stack:
   at InputMapper.EntryPoint.Main(System.String[])
 
Error: (06/26/2015 00:51:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (06/23/2015 08:36:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Solitaire.exe, version: 1.0.0.0, time stamp: 0x54d8b5a6
Faulting module name: xaudio2_8.dll, version: 6.3.9600.16384, time stamp: 0x52157906
Exception code: 0xc0000094
Fault offset: 0x000067c4
Faulting process id: 0x608
Faulting application start time: 0xSolitaire.exe0
Faulting application path: Solitaire.exe1
Faulting module path: Solitaire.exe2
Report Id: Solitaire.exe3
Faulting package full name: Solitaire.exe4
Faulting package-relative application ID: Solitaire.exe5
 
 
System errors:
=============
Error: (06/25/2015 05:45:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly.  It has done this 2 time(s).
 
Error: (06/25/2015 05:45:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (06/25/2015 05:45:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (06/25/2015 05:45:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Streamer Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/25/2015 05:45:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Network Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/25/2015 05:45:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA GeForce Experience Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/25/2015 05:45:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/25/2015 05:45:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (06/25/2015 05:45:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® HD Graphics Control Panel Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/25/2015 05:45:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office:
=========================
Error: (06/28/2015 06:40:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: InputMapper.exe1.5.31.05563438cKERNELBASE.dll6.3.9600.16656531812f4e043435200012c1a29801d0b1866dafae1fC:\Program Files (x86)\DSDCS\InputMapper\InputMapper.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dllab5f8650-1d79-11e5-826d-74d435e68c45
 
Error: (06/28/2015 06:40:11 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: InputMapper.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Exception
Stack:
   at InputMapper.EntryPoint.Main(System.String[])
 
Error: (06/28/2015 06:40:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: InputMapper.exe1.5.31.05563438cKERNELBASE.dll6.3.9600.16656531812f4e043435200012c1a16c401d0b1866bbeeca5C:\Program Files (x86)\DSDCS\InputMapper\InputMapper.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dlla96eae8c-1d79-11e5-826d-74d435e68c45
 
Error: (06/28/2015 06:40:08 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: InputMapper.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Exception
Stack:
   at InputMapper.EntryPoint.Main(System.String[])
 
Error: (06/28/2015 06:40:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: InputMapper.exe1.5.31.05563438cKERNELBASE.dll6.3.9600.16656531812f4e043435200012c1a60801d0b1866947032eC:\Program Files (x86)\DSDCS\InputMapper\InputMapper.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dlla6f7887e-1d79-11e5-826d-74d435e68c45
 
Error: (06/28/2015 06:40:04 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: InputMapper.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Exception
Stack:
   at InputMapper.EntryPoint.Main(System.String[])
 
Error: (06/27/2015 11:38:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: InputMapper.exe1.5.31.05563438cKERNELBASE.dll6.3.9600.16656531812f4e043435200012c1a131001d0b14b74353459C:\Program Files (x86)\DSDCS\InputMapper\InputMapper.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dllb1eaaab8-1d3e-11e5-826d-74d435e68c45
 
Error: (06/27/2015 11:38:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: InputMapper.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Exception
Stack:
   at InputMapper.EntryPoint.Main(System.String[])
 
Error: (06/26/2015 00:51:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (06/23/2015 08:36:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Solitaire.exe1.0.0.054d8b5a6xaudio2_8.dll6.3.9600.1638452157906c0000094000067c460801d0adfb00fa5b5aC:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe\Solitaire.exeC:\WINDOWS\SYSTEM32\xaudio2_8.dlla8d96b26-1a00-11e5-8266-74d435e68c45Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbweApp
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 24%
Total physical RAM: 8076.95 MB
Available physical RAM: 6080.38 MB
Total Pagefile: 9356.95 MB
Available Pagefile: 6815.09 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:223.48 GB) (Free:44.66 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:931.51 GB) (Free:557.68 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 7CCB641F)
Partition 1: (Active) - (Size=223.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1C31C86A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of log ============================

  • 0

#29
Biscuithd
Posted 06 July 2015 - 07:53 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

I've reached out to some of my peers and we think the issue might be in the Web Proxy Auto Detect. Before we do too much there, let me ask if the issue is confined to Chrome or is in all the Browsers?

 

Also, Defender is outdated. That's not the cause of your issue, but something that needs tended to. And, since Defender is outdated and not active, might I suggest you try Avast. They have an excellent free a/v.


  • 0

#30
adriandallegrave
Posted 06 July 2015 - 09:00 AM

adriandallegrave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

Hello! Thanks for looking further into my issues.

The malware affects all web browsers. I tried using Chrome, Internet Explorer, Firefox and Opera both before the virus manifesting after formating the computer and after. One weird thing though is that my iPad started to open tabs with ads in the Google Chrome app. Besides sharing the same internet connection they both load the configurations from my google account. 

Defender is indeed outdated but I didn't bother to update it since I still haven't found the source of the problem. A few weeks ago I installed and scaned the computer with Avast but with no success. I'll go back to it for sure.

 

Thanks again.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: adware, malware, oursurfing, reformat, format

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP