Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

IE & Mozilla browsers hijacked by hao123 and won't go away!


  • This topic is locked This topic is locked

#1
itsdave

itsdave

    Member

  • Member
  • PipPip
  • 50 posts

I've been trying to fix this for several days now.. thrown a whole bunch of scanning tools at it to try and fix the issue but it still keeps coming back next time I reboot. I saw that other people's issue with hao123 got fixed here so I thought I'd give it a go. I can see that it automatically adds the "www.hao123.com" to the browser shortcut's target but I don't know where the source is coming from.

 

Help me please!

 

 

OTL logfile created on: 10/02/2016 8:15:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Users\user\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy
 
7.93 Gb Total Physical Memory | 4.64 Gb Available Physical Memory | 58.46% Memory free
9.18 Gb Paging File | 5.48 Gb Available in Paging File | 59.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.30 Gb Total Space | 69.38 Gb Free Space | 62.33% Space Free | Partition Type: NTFS
Drive D: | 882.58 Gb Total Space | 648.00 Gb Free Space | 73.42% Space Free | Partition Type: NTFS
 
Computer Name: DESKTOP-TTGS3RU | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found --
PRC - [2016/02/10 20:15:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\user\Desktop\OTL.exe
PRC - [2016/02/10 19:36:03 | 004,287,488 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.49\deploy\LoLPatcher.exe
PRC - [2016/02/10 19:36:01 | 002,364,928 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.9\deploy\LoLLauncher.exe
PRC - [2016/02/05 10:01:46 | 003,014,224 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\Steam.exe
PRC - [2016/02/05 10:01:46 | 001,944,144 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
PRC - [2016/02/05 10:01:46 | 000,835,152 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2016/02/03 20:18:16 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
PRC - [2016/01/24 15:14:34 | 000,393,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/01/23 20:49:50 | 003,442,368 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe
PRC - [2016/01/23 20:14:57 | 000,074,752 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.186\deploy\LolClient.exe
PRC - [2016/01/23 18:54:57 | 007,021,880 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2016/01/23 18:54:56 | 000,226,440 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016/01/12 17:43:57 | 002,787,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2016/01/12 17:43:47 | 001,879,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2015/12/17 03:19:24 | 000,417,584 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2015/12/14 20:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/11/24 12:36:24 | 001,339,984 | ---- | M] () -- C:\Program Files (x86)\OBS\OBS.exe
PRC - [2015/06/03 12:03:42 | 000,322,472 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2015/06/03 12:03:38 | 000,018,856 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2014/01/21 16:54:00 | 001,301,688 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2016/02/10 19:36:03 | 004,287,488 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.49\deploy\LoLPatcher.exe
MOD - [2016/02/10 19:36:03 | 001,458,176 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.49\deploy\RiotLauncher.dll
MOD - [2016/02/10 19:36:01 | 002,364,928 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.9\deploy\LoLLauncher.exe
MOD - [2016/02/05 10:02:16 | 002,546,768 | ---- | M] () -- D:\Program Files (x86)\Steam\video.dll
MOD - [2016/02/05 10:01:46 | 000,802,896 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2016/02/03 20:18:17 | 022,330,368 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
MOD - [2016/02/03 20:18:16 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
MOD - [2016/02/03 20:18:15 | 000,141,312 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
MOD - [2016/01/23 20:49:50 | 017,882,304 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll
MOD - [2016/01/23 20:14:57 | 000,074,752 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.186\deploy\LolClient.exe
MOD - [2016/01/23 18:54:57 | 040,539,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016/01/23 18:54:57 | 000,469,008 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016/01/23 18:54:57 | 000,103,888 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2016/01/23 18:54:56 | 000,125,512 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016/01/12 17:43:57 | 000,018,880 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2016/01/11 10:36:54 | 000,932,032 | R--- | M] () -- C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
MOD - [2016/01/06 14:52:58 | 048,387,872 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2015/12/30 14:51:06 | 000,208,896 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\openvr_api.dll
MOD - [2015/12/15 18:54:46 | 000,782,336 | ---- | M] () -- D:\Program Files (x86)\Steam\SDL2.dll
MOD - [2015/11/24 12:36:24 | 001,339,984 | ---- | M] () -- C:\Program Files (x86)\OBS\OBS.exe
MOD - [2015/11/24 12:36:24 | 000,214,096 | ---- | M] () -- C:\Program Files (x86)\OBS\plugins\DShowPlugin.dll
MOD - [2015/09/25 12:56:28 | 000,119,208 | ---- | M] () -- D:\Program Files (x86)\Steam\winh264.dll
MOD - [2015/09/24 13:33:18 | 002,549,248 | ---- | M] () -- D:\Program Files (x86)\Steam\libavcodec-56.dll
MOD - [2015/09/24 13:33:18 | 000,491,008 | ---- | M] () -- D:\Program Files (x86)\Steam\libavformat-56.dll
MOD - [2015/09/24 13:33:18 | 000,485,888 | ---- | M] () -- D:\Program Files (x86)\Steam\libswscale-3.dll
MOD - [2015/09/24 13:33:18 | 000,442,880 | ---- | M] () -- D:\Program Files (x86)\Steam\libavutil-54.dll
MOD - [2015/09/24 13:33:18 | 000,332,800 | ---- | M] () -- D:\Program Files (x86)\Steam\libavresample-2.dll
MOD - [2015/07/10 21:14:06 | 000,157,264 | ---- | M] () -- C:\Program Files (x86)\OBS\plugins\GraphicsCapture.dll
MOD - [2015/07/10 21:14:06 | 000,155,728 | ---- | M] () -- C:\Program Files (x86)\OBS\plugins\NoiseGate.dll
MOD - [2015/07/10 21:14:06 | 000,100,944 | ---- | M] () -- C:\Program Files (x86)\OBS\plugins\PSVPlugin.dll
MOD - [2015/07/10 21:14:00 | 001,960,016 | ---- | M] () -- C:\Program Files (x86)\OBS\OBSApi.dll
MOD - [2015/07/04 05:12:46 | 004,962,816 | ---- | M] () -- D:\Program Files (x86)\Steam\v8.dll
MOD - [2015/07/04 05:12:28 | 001,556,992 | ---- | M] () -- D:\Program Files (x86)\Steam\icui18n.dll
MOD - [2015/07/04 05:12:28 | 001,187,840 | ---- | M] () -- D:\Program Files (x86)\Steam\icuuc.dll
MOD - [2014/01/21 16:54:00 | 001,301,688 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2016/02/04 16:36:13 | 000,203,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:64bit: - [2016/02/04 16:36:10 | 001,223,168 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:64bit: - [2016/02/04 16:36:10 | 001,035,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:64bit: - [2016/02/04 16:36:10 | 000,912,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:64bit: - [2016/02/04 16:36:10 | 000,749,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:64bit: - [2016/02/04 16:36:10 | 000,607,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2016/02/04 16:36:10 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:64bit: - [2016/02/04 16:36:10 | 000,162,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:64bit: - [2016/02/04 16:36:07 | 000,948,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:64bit: - [2016/02/04 16:36:07 | 000,087,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:64bit: - [2016/02/04 16:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:64bit: - [2016/01/23 18:55:30 | 005,561,368 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2016/01/23 18:54:56 | 000,226,440 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2016/01/16 18:34:59 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:64bit: - [2016/01/16 18:34:33 | 000,275,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2016/01/16 18:24:56 | 002,057,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2016/01/12 17:43:46 | 001,163,200 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2016/01/12 17:43:37 | 006,308,288 | ---- | M] (NVIDIA Corporation) [On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe -- (NvStreamNetworkSvc)
SRV:64bit: - [2016/01/12 17:43:37 | 004,812,736 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2016/01/07 08:49:24 | 000,193,144 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe -- (LogiRegistryService)
SRV:64bit: - [2015/10/30 20:19:28 | 001,073,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:64bit: - [2015/10/30 20:19:28 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2015/10/30 20:19:26 | 000,504,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2015/10/30 20:19:26 | 000,497,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:64bit: - [2015/10/30 20:18:46 | 000,168,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2015/10/30 20:18:43 | 001,872,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2015/10/30 20:18:41 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/10/30 20:18:19 | 001,297,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:64bit: - [2015/10/30 20:18:18 | 000,729,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2015/10/30 20:18:14 | 000,081,408 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2015/10/30 20:18:03 | 001,613,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015/10/30 20:18:01 | 001,491,456 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:64bit: - [2015/10/30 20:18:01 | 001,130,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:64bit: - [2015/10/30 20:18:01 | 000,649,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:64bit: - [2015/10/30 20:18:01 | 000,587,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2015/10/30 20:18:01 | 000,490,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:64bit: - [2015/10/30 20:18:01 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2015/10/30 20:18:01 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:64bit: - [2015/10/30 20:18:01 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:64bit: - [2015/10/30 20:18:01 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:64bit: - [2015/10/30 20:18:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:64bit: - [2015/10/30 20:18:01 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:64bit: - [2015/10/30 20:18:01 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:64bit: - [2015/10/30 20:17:59 | 002,745,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:64bit: - [2015/10/30 20:17:59 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:64bit: - [2015/10/30 20:17:59 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:64bit: - [2015/10/30 20:17:58 | 000,764,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:64bit: - [2015/10/30 20:17:58 | 000,287,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:64bit: - [2015/10/30 20:17:54 | 003,449,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2015/10/30 20:17:54 | 001,090,048 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:64bit: - [2015/10/30 20:17:54 | 000,360,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:64bit: - [2015/10/30 20:17:53 | 000,846,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2015/10/30 20:17:53 | 000,625,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:64bit: - [2015/10/30 20:17:53 | 000,361,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2015/10/30 20:17:53 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2015/10/30 20:17:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2015/10/30 20:17:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2015/10/30 20:17:52 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2015/10/30 20:17:51 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:64bit: - [2015/10/30 20:17:50 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:64bit: - [2015/10/30 20:17:50 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:64bit: - [2015/10/30 20:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_6830620)
SRV:64bit: - [2015/10/30 20:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_6830620)
SRV:64bit: - [2015/10/30 20:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_6830620)
SRV:64bit: - [2015/10/30 20:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_6830620)
SRV:64bit: - [2015/10/30 20:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_6830620)
SRV:64bit: - [2015/10/30 20:17:48 | 000,444,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2015/10/30 20:17:48 | 000,205,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2015/10/30 20:17:47 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2015/10/30 20:17:46 | 000,290,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:64bit: - [2015/10/30 20:17:46 | 000,186,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:64bit: - [2015/10/30 20:17:46 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2015/10/30 20:17:46 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2015/10/30 20:17:45 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:64bit: - [2015/10/30 20:17:43 | 002,156,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2015/10/30 20:17:43 | 000,278,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:64bit: - [2015/10/30 20:17:43 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:64bit: - [2015/10/30 20:17:41 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:64bit: - [2015/10/30 20:17:39 | 000,547,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2015/10/30 20:17:37 | 000,380,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2015/10/30 20:17:37 | 000,364,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2015/10/30 20:17:37 | 000,164,864 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2015/10/30 20:17:37 | 000,024,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2015/10/30 20:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2015/10/30 20:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:64bit: - [2015/10/30 20:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2015/10/30 20:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2015/10/30 20:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2015/10/30 20:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2015/10/30 20:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2015/10/30 20:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2015/10/30 20:17:21 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2015/10/30 20:17:18 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2015/06/03 12:03:38 | 000,018,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2015/05/07 15:00:20 | 000,271,632 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel®
SRV - [2016/02/05 10:01:46 | 000,835,152 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2016/02/04 16:36:10 | 000,948,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2016/01/23 20:49:50 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/01/12 17:43:47 | 001,879,488 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2016/01/10 04:39:00 | 003,916,368 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2016/01/06 16:56:28 | 000,167,880 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/12/17 03:19:24 | 000,417,584 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2015/12/14 20:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/10/30 20:18:31 | 002,179,584 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015/10/30 20:18:31 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\lfsvc.dll -- (lfsvc)
SRV - [2015/10/30 20:18:29 | 000,461,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2015/10/30 20:18:23 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2015/10/30 20:18:21 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2015/10/30 20:17:21 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2015/10/05 09:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/07/09 12:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2016/02/04 16:36:07 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:64bit: - [2016/02/04 16:36:07 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2016/02/03 19:56:27 | 000,024,688 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TrueSight.sys -- (TrueSight)
DRV:64bit: - [2016/01/23 18:55:33 | 000,147,088 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\ngvss.sys -- (ngvss)
DRV:64bit: - [2016/01/23 18:55:30 | 000,310,904 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2016/01/23 18:55:13 | 001,065,208 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2016/01/23 18:55:13 | 000,464,256 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2016/01/23 18:55:13 | 000,097,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2016/01/23 18:54:58 | 000,273,784 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2016/01/23 18:54:58 | 000,155,304 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2016/01/23 18:54:58 | 000,093,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2016/01/23 18:54:58 | 000,065,224 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2016/01/23 18:54:58 | 000,028,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2016/01/23 11:57:55 | 000,026,880 | ---- | M] (Western Digital Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2016/01/16 18:46:08 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2016/01/12 17:43:36 | 000,026,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2015/12/18 19:11:06 | 000,047,760 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2015/12/17 05:59:13 | 000,205,456 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2015/11/21 08:45:48 | 000,026,264 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgLowAudio.sys -- (lgLowAudio)
DRV:64bit: - [2015/10/30 22:07:05 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2015/10/30 22:06:56 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015/10/30 20:19:39 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2015/10/30 20:18:42 | 000,052,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2015/10/30 20:18:09 | 000,930,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:64bit: - [2015/10/30 20:18:09 | 000,385,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2015/10/30 20:18:08 | 000,218,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2015/10/30 20:18:03 | 000,200,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2015/10/30 20:18:03 | 000,106,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:64bit: - [2015/10/30 20:18:03 | 000,078,848 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:64bit: - [2015/10/30 20:18:03 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:64bit: - [2015/10/30 20:18:03 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2015/10/30 20:18:03 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2015/10/30 20:18:03 | 000,026,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ioqos.sys -- (IoQos)
DRV:64bit: - [2015/10/30 20:18:01 | 000,154,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2015/10/30 20:17:57 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:64bit: - [2015/10/30 20:17:52 | 000,254,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:64bit: - [2015/10/30 20:17:52 | 000,163,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2015/10/30 20:17:52 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:64bit: - [2015/10/30 20:17:52 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:64bit: - [2015/10/30 20:17:51 | 000,155,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2015/10/30 20:17:51 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2015/10/30 20:17:51 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2015/10/30 20:17:51 | 000,074,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2015/10/30 20:17:51 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2015/10/30 20:17:50 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2015/10/30 20:17:46 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2015/10/30 20:17:46 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:64bit: - [2015/10/30 20:17:42 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2015/10/30 20:17:42 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2015/10/30 20:17:40 | 000,694,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:64bit: - [2015/10/30 20:17:39 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2015/10/30 20:17:37 | 000,293,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2015/10/30 20:17:37 | 000,209,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:64bit: - [2015/10/30 20:17:37 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2015/10/30 20:17:37 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2015/10/30 20:17:37 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2015/10/30 20:17:37 | 000,099,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2015/10/30 20:17:37 | 000,087,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:64bit: - [2015/10/30 20:17:37 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:64bit: - [2015/10/30 20:17:37 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:64bit: - [2015/10/30 20:17:37 | 000,044,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2015/10/30 20:17:37 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:64bit: - [2015/10/30 20:17:26 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:64bit: - [2015/10/30 20:17:25 | 000,046,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2015/10/30 20:17:25 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2015/10/30 20:17:25 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:64bit: - [2015/10/30 20:17:25 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:64bit: - [2015/10/30 20:17:25 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2015/10/30 20:17:23 | 000,705,376 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:64bit: - [2015/10/30 20:17:23 | 000,534,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2015/10/30 20:17:23 | 000,532,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2015/10/30 20:17:23 | 000,424,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:64bit: - [2015/10/30 20:17:23 | 000,378,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2015/10/30 20:17:23 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2015/10/30 20:17:23 | 000,133,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2015/10/30 20:17:23 | 000,131,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:64bit: - [2015/10/30 20:17:23 | 000,104,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:64bit: - [2015/10/30 20:17:23 | 000,099,168 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:64bit: - [2015/10/30 20:17:23 | 000,094,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:64bit: - [2015/10/30 20:17:23 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2015/10/30 20:17:23 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2015/10/30 20:17:23 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2015/10/30 20:17:23 | 000,076,128 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:64bit: - [2015/10/30 20:17:23 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2015/10/30 20:17:23 | 000,059,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:64bit: - [2015/10/30 20:17:23 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:64bit: - [2015/10/30 20:17:23 | 000,058,208 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:64bit: - [2015/10/30 20:17:23 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2015/10/30 20:17:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:64bit: - [2015/10/30 20:17:23 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2015/10/30 20:17:23 | 000,034,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:64bit: - [2015/10/30 20:17:23 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2015/10/30 20:17:23 | 000,026,976 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:64bit: - [2015/10/30 20:17:22 | 003,436,896 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2015/10/30 20:17:22 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2015/10/30 20:17:22 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2015/10/30 20:17:22 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2015/10/30 20:17:22 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2015/10/30 20:17:22 | 000,238,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:64bit: - [2015/10/30 20:17:22 | 000,209,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2015/10/30 20:17:22 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2015/10/30 20:17:22 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2015/10/30 20:17:22 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2015/10/30 20:17:22 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:64bit: - [2015/10/30 20:17:22 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:64bit: - [2015/10/30 20:17:22 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2015/10/30 20:17:22 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2015/10/30 20:17:22 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:64bit: - [2015/10/30 20:17:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2015/10/30 20:17:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:64bit: - [2015/10/30 20:17:22 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2015/10/30 20:17:22 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2015/10/30 20:17:22 | 000,009,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2015/10/30 20:17:22 | 000,009,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:64bit: - [2015/10/30 20:17:18 | 000,277,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2015/10/30 20:17:18 | 000,165,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:64bit: - [2015/10/30 20:17:18 | 000,117,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2015/10/30 20:17:18 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2015/10/30 20:17:18 | 000,081,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:64bit: - [2015/10/30 20:17:18 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2015/10/30 20:17:18 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2015/10/30 20:17:18 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2015/10/30 20:17:18 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2015/10/30 20:17:18 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2015/10/30 20:17:18 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2015/10/30 20:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2015/10/30 20:17:18 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2015/10/30 20:17:18 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2015/10/30 20:17:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2015/10/30 20:17:18 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2015/10/30 20:17:18 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2015/10/05 09:50:22 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2015/10/05 09:50:06 | 000,025,816 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/06/22 10:13:48 | 000,014,184 | ---- | M] (Logitech) [Kernel | Auto | Running] -- C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys -- (LGCoreTemp)
DRV:64bit: - [2015/06/12 04:54:56 | 000,183,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
DRV:64bit: - [2015/06/11 13:33:42 | 000,068,384 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGJoyXlCore.sys -- (LGJoyXlCore)
DRV:64bit: - [2015/06/11 13:33:42 | 000,026,912 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2015/06/11 13:33:40 | 000,037,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2015/06/03 12:02:34 | 001,446,824 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2015/05/19 05:45:26 | 000,494,064 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1d65x64.sys -- (e1dexpress)
DRV:64bit: - [2011/11/07 10:13:06 | 000,017,192 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV - [2016/02/10 19:26:58 | 000,022,280 | ---- | M] (ASRock Incorporation) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AsrAutoChkUpdDrv.sys -- (AsrAutoChkUpdDrv)
DRV - [2015/10/30 20:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/e...03&ocid=UE03DHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-NZ
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FC 25 DC 73 50 5E D1 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 49 2E C8 43 50 5E D1 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...=IESR02&pc=UE04
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.countryCode: "NZ"
FF - prefs.js..browser.search.region: "NZ"
FF - prefs.js..browser.startup.homepage: "http://google.com/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:44.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll ()
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/01/23 18:55:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/01/23 18:55:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 44.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 44.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2016/01/23 19:31:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Extensions
[2016/02/04 17:45:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\ch5py7b7.default-1454393996597\extensions
[2016/02/04 17:45:21 | 001,001,911 | ---- | M] () (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\ch5py7b7.default-1454393996597\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/02/05 20:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2016/02/05 20:45:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2016/01/23 20:50:39 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [f.lux] C:\Users\David\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4 - HKCU..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe (Nota Inc.)
O4 - HKCU..\Run: [OneDrive] C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\WINDOWS\system32\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ec4ef9c0-effe-4a2f-9729-fec32259b33f}: DhcpNameServer = 192.168.1.254 192.168.1.254
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2016/02/10 20:15:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Users\user\Desktop\OTL.exe
[2016/02/06 15:19:41 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\WinRAR
[2016/02/06 15:19:25 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2016/02/06 15:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2016/02/06 15:19:23 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2016/02/06 14:45:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SleepStudy
[2016/02/06 14:42:58 | 008,728,920 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2016/02/06 14:42:58 | 006,971,752 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2016/02/06 14:42:57 | 022,394,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2016/02/06 14:42:57 | 018,678,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2016/02/06 14:42:54 | 013,018,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2016/02/06 14:42:53 | 016,986,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2016/02/06 14:42:53 | 006,600,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2016/02/06 14:42:52 | 011,545,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2016/02/06 14:42:51 | 005,238,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2016/02/06 14:42:50 | 009,918,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2016/02/06 14:42:49 | 007,979,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2016/02/06 14:42:49 | 006,297,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2016/02/06 14:42:49 | 005,503,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2016/02/06 14:42:47 | 005,202,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2016/02/06 14:42:47 | 002,624,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2016/02/06 14:42:47 | 001,946,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2016/02/06 14:42:46 | 007,199,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2016/02/06 14:42:46 | 001,944,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2016/02/06 14:42:46 | 001,750,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2016/02/06 14:42:45 | 002,597,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2016/02/06 14:42:45 | 002,057,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2016/02/06 14:42:45 | 001,626,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2016/02/06 14:42:44 | 001,500,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe
[2016/02/06 14:42:44 | 001,415,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2016/02/06 14:42:44 | 001,173,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2016/02/06 14:42:44 | 000,851,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2016/02/06 14:42:44 | 000,536,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2016/02/06 14:42:43 | 001,542,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quartz.dll
[2016/02/06 14:42:43 | 001,318,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifinetworkmanager.dll
[2016/02/06 14:42:43 | 000,848,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2016/02/06 14:42:43 | 000,784,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2016/02/06 14:42:43 | 000,709,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2016/02/06 14:42:43 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SmsRouterSvc.dll
[2016/02/06 14:42:43 | 000,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsApi.dll
[2016/02/06 14:42:42 | 001,674,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quartz.dll
[2016/02/06 14:42:42 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredProvDataModel.dll
[2016/02/06 14:42:41 | 002,050,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2016/02/06 14:42:41 | 000,652,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2016/02/06 14:42:41 | 000,538,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll
[2016/02/06 14:42:41 | 000,369,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2016/02/06 14:42:41 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredProvDataModel.dll
[2016/02/06 14:42:41 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsApi.dll
[2016/02/06 14:42:40 | 002,127,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2016/02/06 14:42:40 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdlg.dll
[2016/02/06 14:42:40 | 000,576,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2016/02/06 14:42:40 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2016/02/06 14:42:40 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srcore.dll
[2016/02/06 14:42:40 | 000,431,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWanAPI.dll
[2016/02/06 14:42:40 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DisplayManager.dll
[2016/02/06 14:42:40 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SimCfg.dll
[2016/02/06 14:42:39 | 000,884,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdlg.dll
[2016/02/06 14:42:39 | 000,733,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2016/02/06 14:42:39 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.UX.EapRequestHandler.dll
[2016/02/06 14:42:39 | 000,440,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2016/02/06 14:42:39 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2016/02/06 14:42:39 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2016/02/06 14:42:39 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SimCfg.dll
[2016/02/06 14:42:39 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SimAuth.dll
[2016/02/06 14:42:39 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SimAuth.dll
[2016/02/06 14:42:38 | 000,638,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2016/02/06 14:42:38 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DDDS.dll
[2016/02/06 14:42:38 | 000,408,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2016/02/06 14:42:38 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2016/02/06 14:42:38 | 000,202,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2016/02/06 14:42:38 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapsBtSvc.dll
[2016/02/06 14:42:38 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SMSRouter.dll
[2016/02/06 14:42:37 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2016/02/06 14:42:37 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2016/02/06 14:42:37 | 000,366,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2016/02/06 14:42:37 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DisplayManager.dll
[2016/02/06 14:42:37 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll
[2016/02/06 14:42:36 | 003,593,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2016/02/06 14:42:36 | 000,785,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2016/02/06 14:42:36 | 000,713,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2016/02/06 14:42:36 | 000,610,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2016/02/06 14:42:36 | 000,513,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2016/02/06 14:42:36 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2016/02/06 14:42:36 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FilterDS.dll
[2016/02/06 14:42:36 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2016/02/06 14:42:35 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2016/02/06 14:42:35 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2016/02/06 14:42:35 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2016/02/06 14:42:35 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbser.sys
[2016/02/06 14:42:35 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.exe
[2016/02/06 14:42:35 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.exe
[2016/02/06 14:42:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasautou.exe
[2016/02/06 14:42:34 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2016/02/06 14:42:34 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2016/02/06 14:42:34 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbio.dll
[2016/02/06 14:42:34 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winhttpcom.dll
[2016/02/06 14:42:34 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winbio.dll
[2016/02/06 14:42:34 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winhttpcom.dll
[2016/02/06 14:42:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasautou.exe
[2016/02/06 14:42:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasadhlp.dll
[2016/02/06 14:42:34 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sscoreext.dll
[2016/02/06 14:42:34 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastlsext.dll
[2016/02/06 14:42:34 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastlsext.dll
[2016/02/06 12:26:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2016/02/06 12:26:18 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2016/02/06 12:24:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2016/02/06 12:15:41 | 011,323,704 | ---- | C] (SurfRight B.V.) -- D:\Users\user\Desktop\HitmanPro_x64.exe
[2016/02/06 11:58:26 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2016/02/06 11:58:25 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Logitech
[2016/02/06 11:57:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2016/02/06 11:57:55 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech Gaming Software
[2016/02/06 11:57:24 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Logitech
[2016/02/06 11:57:24 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Logishrd
[2016/02/05 20:47:10 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Macromedia
[2016/02/05 20:45:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2016/02/04 16:37:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2016/02/04 16:36:39 | 000,000,000 | ---D | C] -- C:\Windows.old
[2016/02/04 16:36:18 | 002,796,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2016/02/04 16:36:18 | 002,180,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2016/02/04 16:36:18 | 001,070,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMSPDMOE.DLL
[2016/02/04 16:36:18 | 000,983,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2016/02/04 16:36:18 | 000,925,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2016/02/04 16:36:18 | 000,890,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMSPDMOD.DLL
[2016/02/04 16:36:18 | 000,871,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL
[2016/02/04 16:36:18 | 000,786,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMADMOD.DLL
[2016/02/04 16:36:18 | 000,695,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMADMOD.DLL
[2016/02/04 16:36:18 | 000,671,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll
[2016/02/04 16:36:18 | 000,569,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qdvd.dll
[2016/02/04 16:36:18 | 000,517,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2016/02/04 16:36:18 | 000,450,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2016/02/04 16:36:18 | 000,387,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qdvd.dll
[2016/02/04 16:36:18 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
[2016/02/04 16:36:18 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2016/02/04 16:36:18 | 000,340,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToDevice.dll
[2016/02/04 16:36:18 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcastdvr.exe
[2016/02/04 16:36:18 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSFlacDecoder.dll
[2016/02/04 16:36:18 | 000,305,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ksproxy.ax
[2016/02/04 16:36:18 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSFlacDecoder.dll
[2016/02/04 16:36:18 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ksproxy.ax
[2016/02/04 16:36:18 | 000,208,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mftranscode.dll
[2016/02/04 16:36:18 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dialserver.dll
[2016/02/04 16:36:18 | 000,119,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP3DMOD.DLL
[2016/02/04 16:36:18 | 000,116,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2016/02/04 16:36:18 | 000,100,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP3DMOD.DLL
[2016/02/04 16:36:18 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppCapture.dll
[2016/02/04 16:36:18 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcastdvr.proxy.dll
[2016/02/04 16:36:13 | 007,826,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2016/02/04 16:36:13 | 005,660,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2016/02/04 16:36:13 | 004,894,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2016/02/04 16:36:13 | 003,428,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2016/02/04 16:36:13 | 002,582,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2016/02/04 16:36:13 | 002,544,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2016/02/04 16:36:13 | 002,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2016/02/04 16:36:13 | 001,817,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2016/02/04 16:36:13 | 001,299,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2016/02/04 16:36:13 | 001,255,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMSPDMOE.DLL
[2016/02/04 16:36:13 | 001,155,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2016/02/04 16:36:13 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Audio.dll
[2016/02/04 16:36:13 | 001,118,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2016/02/04 16:36:13 | 001,105,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
[2016/02/04 16:36:13 | 001,092,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2016/02/04 16:36:13 | 001,065,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2016/02/04 16:36:13 | 001,020,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2016/02/04 16:36:13 | 000,931,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSMPEG2ENC.DLL
[2016/02/04 16:36:13 | 000,898,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2016/02/04 16:36:13 | 000,884,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2016/02/04 16:36:13 | 000,870,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2016/02/04 16:36:13 | 000,858,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2016/02/04 16:36:13 | 000,824,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2016/02/04 16:36:13 | 000,823,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2016/02/04 16:36:13 | 000,803,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2016/02/04 16:36:13 | 000,794,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2016/02/04 16:36:13 | 000,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2016/02/04 16:36:13 | 000,716,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2016/02/04 16:36:13 | 000,701,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2016/02/04 16:36:13 | 000,696,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupEngine.dll
[2016/02/04 16:36:13 | 000,670,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2016/02/04 16:36:13 | 000,572,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2016/02/04 16:36:13 | 000,526,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2016/02/04 16:36:13 | 000,516,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2016/02/04 16:36:13 | 000,502,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll
[2016/02/04 16:36:13 | 000,498,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2016/02/04 16:36:13 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmkvsrcsnk.dll
[2016/02/04 16:36:13 | 000,462,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2016/02/04 16:36:13 | 000,337,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFPlay.dll
[2016/02/04 16:36:13 | 000,289,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFPlay.dll
[2016/02/04 16:36:13 | 000,245,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2016/02/04 16:36:13 | 000,234,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mftranscode.dll
[2016/02/04 16:36:13 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupSvc.dll
[2016/02/04 16:36:13 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\flvprophandler.dll
[2016/02/04 16:36:13 | 000,115,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupApi.dll
[2016/02/04 16:36:13 | 000,110,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll
[2016/02/04 16:36:13 | 000,088,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\remoteaudioendpoint.dll
[2016/02/04 16:36:13 | 000,084,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupApi.dll
[2016/02/04 16:36:13 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RMSRoamingSecurity.dll
[2016/02/04 16:36:13 | 000,073,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\remoteaudioendpoint.dll
[2016/02/04 16:36:13 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2016/02/04 16:36:13 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2016/02/04 16:36:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\readingviewresources.dll
[2016/02/04 16:36:10 | 007,477,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2016/02/04 16:36:10 | 006,572,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2016/02/04 16:36:10 | 003,993,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2016/02/04 16:36:10 | 002,352,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2016/02/04 16:36:10 | 002,155,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2016/02/04 16:36:10 | 001,995,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActiveSyncProvider.dll
[2016/02/04 16:36:10 | 001,814,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2016/02/04 16:36:10 | 001,717,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2016/02/04 16:36:10 | 001,713,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRHInproc.dll
[2016/02/04 16:36:10 | 001,706,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
[2016/02/04 16:36:10 | 001,648,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comsvcs.dll
[2016/02/04 16:36:10 | 001,582,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2016/02/04 16:36:10 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comsvcs.dll
[2016/02/04 16:36:10 | 001,317,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2016/02/04 16:36:10 | 001,309,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2016/02/04 16:36:10 | 001,281,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2016/02/04 16:36:10 | 001,223,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Unistore.dll
[2016/02/04 16:36:10 | 001,141,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2016/02/04 16:36:10 | 001,035,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XboxNetApiSvc.dll
[2016/02/04 16:36:10 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMSPDMOD.DLL
[2016/02/04 16:36:10 | 000,973,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2016/02/04 16:36:10 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2016/02/04 16:36:10 | 000,948,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Unistore.dll
[2016/02/04 16:36:10 | 000,912,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
[2016/02/04 16:36:10 | 000,900,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2016/02/04 16:36:10 | 000,808,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2016/02/04 16:36:10 | 000,796,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2016/02/04 16:36:10 | 000,749,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneService.dll
[2016/02/04 16:36:10 | 000,704,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CellularAPI.dll
[2016/02/04 16:36:10 | 000,698,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2016/02/04 16:36:10 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2016/02/04 16:36:10 | 000,678,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2016/02/04 16:36:10 | 000,674,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2016/02/04 16:36:10 | 000,644,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uReFS.dll
[2016/02/04 16:36:10 | 000,630,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2016/02/04 16:36:10 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneProviders.dll
[2016/02/04 16:36:10 | 000,607,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2016/02/04 16:36:10 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2016/02/04 16:36:10 | 000,586,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2016/02/04 16:36:10 | 000,584,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2016/02/04 16:36:10 | 000,558,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uReFS.dll
[2016/02/04 16:36:10 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2016/02/04 16:36:10 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\catsrvut.dll
[2016/02/04 16:36:10 | 000,523,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2016/02/04 16:36:10 | 000,517,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2016/02/04 16:36:10 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2016/02/04 16:36:10 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DscCore.dll
[2016/02/04 16:36:10 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2016/02/04 16:36:10 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LogonController.dll
[2016/02/04 16:36:10 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2016/02/04 16:36:10 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\catsrvut.dll
[2016/02/04 16:36:10 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.exe
[2016/02/04 16:36:10 | 000,412,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifitask.exe
[2016/02/04 16:36:10 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2016/02/04 16:36:10 | 000,365,568 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2016/02/04 16:36:10 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorService.dll
[2016/02/04 16:36:10 | 000,334,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2016/02/04 16:36:10 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptngc.dll
[2016/02/04 16:36:10 | 000,296,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2016/02/04 16:36:10 | 000,292,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2016/02/04 16:36:10 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provhandlers.dll
[2016/02/04 16:36:10 | 000,264,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2016/02/04 16:36:10 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserMgrProxy.dll
[2016/02/04 16:36:10 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptngc.dll
[2016/02/04 16:36:10 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KnobsCore.dll
[2016/02/04 16:36:10 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2016/02/04 16:36:10 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2016/02/04 16:36:10 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2016/02/04 16:36:10 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2016/02/04 16:36:10 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2016/02/04 16:36:10 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shutdownux.dll
[2016/02/04 16:36:10 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2016/02/04 16:36:10 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserMgrProxy.dll
[2016/02/04 16:36:10 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provdatastore.dll
[2016/02/04 16:36:10 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provops.dll
[2016/02/04 16:36:10 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tetheringservice.dll
[2016/02/04 16:36:10 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2016/02/04 16:36:10 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2016/02/04 16:36:10 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2016/02/04 16:36:10 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshom.ocx
[2016/02/04 16:36:10 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rmcast.sys
[2016/02/04 16:36:10 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmclient.exe
[2016/02/04 16:36:10 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wificonnapi.dll
[2016/02/04 16:36:10 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KnobsCsp.dll
[2016/02/04 16:36:10 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2016/02/04 16:36:10 | 000,092,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2016/02/04 16:36:10 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.V2.dll
[2016/02/04 16:36:10 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanagerprecheck.dll
[2016/02/04 16:36:10 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NFCProvisioningPlugin.dll
[2016/02/04 16:36:10 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppCapture.dll
[2016/02/04 16:36:10 | 000,080,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwapi.dll
[2016/02/04 16:36:10 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BarcodeProvisioningPlugin.dll
[2016/02/04 16:36:10 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProvPluginEng.dll
[2016/02/04 16:36:10 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.XboxLive.ProxyStub.dll
[2016/02/04 16:36:10 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanprotdim.dll
[2016/02/04 16:36:10 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssign32.dll
[2016/02/04 16:36:10 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwancfg.dll
[2016/02/04 16:36:10 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininetlui.dll
[2016/02/04 16:36:10 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ihvrilproxy.dll
[2016/02/04 16:36:10 | 000,063,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wwapi.dll
[2016/02/04 16:36:10 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssign32.dll
[2016/02/04 16:36:10 | 000,058,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.dll
[2016/02/04 16:36:10 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provtool.exe
[2016/02/04 16:36:10 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rilproxy.dll
[2016/02/04 16:36:10 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tetheringclient.dll
[2016/02/04 16:36:10 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemovableMediaProvisioningPlugin.dll
[2016/02/04 16:36:10 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wwanpref.dll
[2016/02/04 16:36:10 | 000,051,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsUtilsV2.dll
[2016/02/04 16:36:10 | 000,045,568 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2016/02/04 16:36:10 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsplib.dll
[2016/02/04 16:36:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgrcli.dll
[2016/02/04 16:36:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.proxy.dll
[2016/02/04 16:36:10 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2016/02/04 16:36:10 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usermgrcli.dll
[2016/02/04 16:36:10 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2016/02/04 16:36:10 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tetheringconfigsp.dll
[2016/02/04 16:36:10 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StorageUsage.dll
[2016/02/04 16:36:10 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2016/02/04 16:36:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Provisioning.ProxyStub.dll
[2016/02/04 16:36:10 | 000,026,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2016/02/04 16:36:10 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshrm.dll
[2016/02/04 16:36:10 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IcsEntitlementHost.exe
[2016/02/04 16:36:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dciman32.dll
[2016/02/04 16:36:10 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpk.dll
[2016/02/04 16:36:07 | 003,355,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2016/02/04 16:36:07 | 002,843,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2016/02/04 16:36:07 | 002,772,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2016/02/04 16:36:07 | 002,680,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2016/02/04 16:36:07 | 002,444,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2016/02/04 16:36:07 | 002,185,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2016/02/04 16:36:07 | 002,001,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2016/02/04 16:36:07 | 001,860,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2016/02/04 16:36:07 | 001,804,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMALFXGFXDSP.dll
[2016/02/04 16:36:07 | 001,594,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2016/02/04 16:36:07 | 001,467,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2016/02/04 16:36:07 | 001,443,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRHInproc.dll
[2016/02/04 16:36:07 | 001,399,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2016/02/04 16:36:07 | 001,395,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2016/02/04 16:36:07 | 001,393,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2016/02/04 16:36:07 | 001,387,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2016/02/04 16:36:07 | 001,268,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll
[2016/02/04 16:36:07 | 001,268,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.dll
[2016/02/04 16:36:07 | 001,139,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2016/02/04 16:36:07 | 001,056,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2016/02/04 16:36:07 | 001,042,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingOnlineServices.dll
[2016/02/04 16:36:07 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll
[2016/02/04 16:36:07 | 000,948,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthManager.dll
[2016/02/04 16:36:07 | 000,938,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2016/02/04 16:36:07 | 000,911,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2016/02/04 16:36:07 | 000,870,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2016/02/04 16:36:07 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2016/02/04 16:36:07 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2016/02/04 16:36:07 | 000,784,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll
[2016/02/04 16:36:07 | 000,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2016/02/04 16:36:07 | 000,711,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll
[2016/02/04 16:36:07 | 000,709,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingOnlineServices.dll
[2016/02/04 16:36:07 | 000,703,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2016/02/04 16:36:07 | 000,697,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToManager.dll
[2016/02/04 16:36:07 | 000,675,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2016/02/04 16:36:07 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2016/02/04 16:36:07 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MessagingDataModel2.dll
[2016/02/04 16:36:07 | 000,589,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeApi.dll
[2016/02/04 16:36:07 | 000,586,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2016/02/04 16:36:07 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2016/02/04 16:36:07 | 000,558,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MBMediaManager.dll
[2016/02/04 16:36:07 | 000,540,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2016/02/04 16:36:07 | 000,511,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2016/02/04 16:36:07 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MessagingDataModel2.dll
[2016/02/04 16:36:07 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2016/02/04 16:36:07 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MbaeApi.dll
[2016/02/04 16:36:07 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2016/02/04 16:36:07 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToDevice.dll
[2016/02/04 16:36:07 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Bluetooth.dll
[2016/02/04 16:36:07 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2016/02/04 16:36:07 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Bluetooth.dll
[2016/02/04 16:36:07 | 000,303,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2016/02/04 16:36:07 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceaccess.dll
[2016/02/04 16:36:07 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\facecredentialprovider.dll
[2016/02/04 16:36:07 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll
[2016/02/04 16:36:07 | 000,264,192 | ---- | C] (Nokia) -- C:\WINDOWS\SysNative\NmaDirect.dll
[2016/02/04 16:36:07 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceaccess.dll
[2016/02/04 16:36:07 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2016/02/04 16:36:07 | 000,205,824 | ---- | C] (Nokia) -- C:\WINDOWS\SysWow64\NmaDirect.dll
[2016/02/04 16:36:07 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft-Windows-AppModelExecEvents.dll
[2016/02/04 16:36:07 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityCommon.dll
[2016/02/04 16:36:07 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2016/02/04 16:36:07 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ETWCoreUIComponentsResources.dll
[2016/02/04 16:36:07 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ETWCoreUIComponentsResources.dll
[2016/02/04 16:36:07 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wshom.ocx
[2016/02/04 16:36:07 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ProximityCommon.dll
[2016/02/04 16:36:07 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\capimg.sys
[2016/02/04 16:36:07 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinelsa.dll
[2016/02/04 16:36:07 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft-Windows-MapControls.dll
[2016/02/04 16:36:07 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft-Windows-MapControls.dll
[2016/02/04 16:36:07 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2016/02/04 16:36:07 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offlinelsa.dll
[2016/02/04 16:36:07 | 000,095,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdstor.sys
[2016/02/04 16:36:07 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2016/02/04 16:36:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsCSP.dll
[2016/02/04 16:36:07 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tzautoupdate.dll
[2016/02/04 16:36:07 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputLocaleManager.dll
[2016/02/04 16:36:07 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2016/02/04 16:36:07 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll
[2016/02/04 16:36:07 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthManagerProxy.dll
[2016/02/04 16:36:07 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2016/02/04 16:36:07 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wininetlui.dll
[2016/02/04 16:36:07 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosHostClient.dll
[2016/02/04 16:36:07 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthTokenBrokerExt.dll
[2016/02/04 16:36:07 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2016/02/04 16:36:07 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosStorage.dll
[2016/02/04 16:36:07 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosResource.dll
[2016/02/04 16:36:07 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosResource.dll
[2016/02/04 16:36:07 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XblAuthTokenBrokerExt.dll
[2016/02/04 16:36:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosHostClient.dll
[2016/02/04 16:36:07 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapstoasttask.dll
[2016/02/04 16:36:07 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XblAuthManagerProxy.dll
[2016/02/04 16:36:07 | 000,037,376 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2016/02/04 16:36:07 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BackgroundTransferHost.exe
[2016/02/04 16:36:07 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCoreRes.dll
[2016/02/04 16:36:07 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCoreRes.dll
[2016/02/04 16:36:07 | 000,035,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfpmp.exe
[2016/02/04 16:36:07 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BackgroundTransferHost.exe
[2016/02/04 16:36:07 | 000,032,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfpmp.exe
[2016/02/04 16:36:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2016/02/04 16:36:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapsupdatetask.dll
[2016/02/04 16:36:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nativemap.dll
[2016/02/04 16:36:07 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2016/02/04 16:36:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvcProxy.dll
[2016/02/04 16:36:07 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft-Windows-MosTrace.dll
[2016/02/04 16:36:07 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft-Windows-MosTrace.dll
[2016/02/04 16:36:07 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft-Windows-MosHost.dll
[2016/02/04 16:36:07 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft-Windows-MosHost.dll
[2016/02/04 16:36:07 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlStringsRes.dll
[2016/02/04 16:36:07 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlStringsRes.dll
[2016/02/04 16:34:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Microsoft
[2016/02/04 16:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2016/02/04 16:34:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2016/02/04 16:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2016/02/04 16:34:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2016/02/04 16:33:53 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2016/02/04 16:33:53 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2016/02/04 16:33:53 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2016/02/04 16:33:52 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2016/02/04 16:33:52 | 000,124,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2016/02/04 16:33:52 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2016/02/03 19:43:11 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\ActiveSync
[2016/02/03 19:42:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2016/02/03 19:42:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2016/02/03 19:42:44 | 000,000,000 | -HSD | C] -- C:\Recovery
[2016/02/03 19:42:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2016/02/03 19:42:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2016/02/03 19:42:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2016/02/03 19:40:22 | 002,718,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2016/02/03 19:39:17 | 000,000,000 | --SD | C] -- C:\Users\David\AppData\Roaming\Microsoft
[2016/02/03 19:39:17 | 000,000,000 | R-SD | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2016/02/03 19:39:17 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2016/02/03 19:39:17 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2016/02/03 19:39:17 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\AppData\Local\Temporary Internet Files
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\Templates
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\Start Menu
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\SendTo
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\Recent
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\PrintHood
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\NetHood
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\Documents\My Videos
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\Documents\My Pictures
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\Documents\My Music
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\My Documents
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\Local Settings
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\AppData\Local\History
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\Cookies
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\Application Data
[2016/02/03 19:39:17 | 000,000,000 | -HSD | C] -- C:\Users\David\AppData\Local\Application Data
[2016/02/03 19:39:17 | 000,000,000 | -H-D | C] -- C:\Users\David\AppData
[2016/02/03 19:39:17 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Temp
[2016/02/03 19:39:17 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Microsoft
[2016/02/03 19:39:17 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2016/02/03 19:38:46 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2016/02/03 19:38:45 | 006,359,672 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2016/02/03 19:38:45 | 002,985,264 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2016/02/03 19:38:45 | 002,554,488 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2016/02/03 19:38:45 | 000,523,384 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshext.dll
[2016/02/03 19:38:45 | 000,385,328 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2016/02/03 19:38:45 | 000,075,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshextr.dll
[2016/02/03 19:38:45 | 000,062,768 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2016/02/03 19:38:44 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Uninstall Information
[2016/02/03 19:38:39 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2016/02/03 19:38:36 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2016/02/03 19:38:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2016/02/03 19:38:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2016/02/03 19:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2016/02/03 19:38:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2016/01/30 14:09:31 | 000,000,000 | ---D | C] -- D:\Users\user\Desktop\vegas projects
[2016/01/30 13:54:27 | 000,000,000 | ---D | C] -- D:\Users\user\Desktop\obs_vids
[2016/01/30 13:49:44 | 000,000,000 | ---D | C] -- D:\Users\user\Desktop\temp_vegas_files
[2016/01/30 13:47:32 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\NVIDIA
[2016/01/30 13:47:30 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Publish Providers
[2016/01/30 13:39:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2016/01/30 13:39:51 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Sony
[2016/01/30 13:39:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2016/01/30 13:39:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2016/01/30 13:37:29 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Sony
[2016/01/30 13:36:16 | 000,000,000 | ---D | C] -- D:\Users\user\Desktop\Sony Vegas Pro 12 Build 726 (64 bit) (patch-keygen-DI) [ChingLiu]
[2016/01/29 20:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2016/01/28 20:16:18 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\League of Legends
[2016/01/26 21:03:55 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\TS3Client
[2016/01/26 21:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2016/01/26 21:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2016/01/26 21:01:27 | 000,000,000 | ---D | C] -- D:\Users\user\Desktop\teamspeak3-server_win64
[2016/01/24 09:32:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\vbox
[2016/01/24 09:32:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\vbox
[2016/01/24 00:32:23 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\My Games
[2016/01/24 00:32:21 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Steam
[2016/01/24 00:31:51 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2016/01/23 23:20:07 | 000,000,000 | ---D | C] -- D:\Users\user\Desktop\desktop programs
[2016/01/23 22:57:26 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\ElevatedDiagnostics
[2016/01/23 22:56:54 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Ubisoft Game Launcher
[2016/01/23 21:29:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2016/01/23 21:12:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2016/01/23 21:12:02 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Assassin's Creed Revelations
[2016/01/23 21:02:30 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Diablo III
[2016/01/23 20:59:57 | 000,000,000 | ---D | C] -- D:\Users\user\Desktop\torrents
[2016/01/23 20:49:55 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2016/01/23 20:48:23 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\CrashDumps
[2016/01/23 20:46:21 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Awesomium
[2016/01/23 20:46:11 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\BnS
[2016/01/23 20:43:14 | 003,916,368 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\SysWow64\GameMon.des
[2016/01/23 20:43:12 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\SysWow64\npptNT2.sys
[2016/01/23 20:43:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2016/01/23 20:28:39 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\CEF
[2016/01/23 20:28:38 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Steam
[2016/01/23 20:27:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2016/01/23 20:27:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2016/01/23 20:24:03 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\OBS
[2016/01/23 20:24:01 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
[2016/01/23 20:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\OBS
[2016/01/23 20:24:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OBS
[2016/01/23 20:22:56 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_43.dll
[2016/01/23 20:22:56 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_43.dll
[2016/01/23 20:22:56 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dcsx_43.dll
[2016/01/23 20:22:56 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dcsx_43.dll
[2016/01/23 20:22:56 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_6.dll
[2016/01/23 20:22:56 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_6.dll
[2016/01/23 20:22:56 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_7.dll
[2016/01/23 20:22:56 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_7.dll
[2016/01/23 20:22:56 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_5.dll
[2016/01/23 20:22:56 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_5.dll
[2016/01/23 20:22:56 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_7.dll
[2016/01/23 20:22:56 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_6.dll
[2016/01/23 20:22:56 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_5.dll
[2016/01/23 20:22:56 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_7.dll
[2016/01/23 20:22:56 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_6.dll
[2016/01/23 20:22:56 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_5.dll
[2016/01/23 20:22:56 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_4.dll
[2016/01/23 20:22:56 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_5.dll
[2016/01/23 20:22:56 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_5.dll
[2016/01/23 20:22:56 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_4.dll
[2016/01/23 20:22:56 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_7.dll
[2016/01/23 20:22:56 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_7.dll
[2016/01/23 20:22:55 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dcsx_42.dll
[2016/01/23 20:22:55 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dcsx_42.dll
[2016/01/23 20:22:55 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_41.dll
[2016/01/23 20:22:55 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_41.dll
[2016/01/23 20:22:55 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_42.dll
[2016/01/23 20:22:55 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_42.dll
[2016/01/23 20:22:55 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_41.dll
[2016/01/23 20:22:55 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_42.dll
[2016/01/23 20:22:55 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_41.dll
[2016/01/23 20:22:55 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_42.dll
[2016/01/23 20:22:55 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_4.dll
[2016/01/23 20:22:55 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_41.dll
[2016/01/23 20:22:55 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_4.dll
[2016/01/23 20:22:55 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_42.dll
[2016/01/23 20:22:55 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_41.dll
[2016/01/23 20:22:55 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx11_42.dll
[2016/01/23 20:22:55 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx11_42.dll
[2016/01/23 20:22:55 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_3.dll
[2016/01/23 20:22:55 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_3.dll
[2016/01/23 20:22:54 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_40.dll
[2016/01/23 20:22:54 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_40.dll
[2016/01/23 20:22:54 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_40.dll
[2016/01/23 20:22:54 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_40.dll
[2016/01/23 20:22:54 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_39.dll
[2016/01/23 20:22:54 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_39.dll
[2016/01/23 20:22:54 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_40.dll
[2016/01/23 20:22:54 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_3.dll
[2016/01/23 20:22:54 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_3.dll
[2016/01/23 20:22:54 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_2.dll
[2016/01/23 20:22:54 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_40.dll
[2016/01/23 20:22:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_2.dll
[2016/01/23 20:22:54 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_3.dll
[2016/01/23 20:22:54 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_4.dll
[2016/01/23 20:22:54 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_2.dll
[2016/01/23 20:22:54 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_3.dll
[2016/01/23 20:22:54 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_4.dll
[2016/01/23 20:22:54 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_2.dll
[2016/01/23 20:22:54 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_1.dll
[2016/01/23 20:22:54 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_2.dll
[2016/01/23 20:22:54 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_5.dll
[2016/01/23 20:22:54 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_6.dll
[2016/01/23 20:22:54 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_5.dll
[2016/01/23 20:22:54 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_6.dll
[2016/01/23 20:22:53 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_39.dll
[2016/01/23 20:22:53 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_38.dll
[2016/01/23 20:22:53 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_38.dll
[2016/01/23 20:22:53 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_38.dll
[2016/01/23 20:22:53 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_38.dll
[2016/01/23 20:22:53 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_38.dll
[2016/01/23 20:22:53 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_1.dll
[2016/01/23 20:22:53 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_1.dll
[2016/01/23 20:22:53 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_0.dll
[2016/01/23 20:22:53 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_0.dll
[2016/01/23 20:22:53 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_38.dll
[2016/01/23 20:22:53 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_1.dll
[2016/01/23 20:22:53 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_0.dll
[2016/01/23 20:22:53 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_1.dll
[2016/01/23 20:22:53 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_0.dll
[2016/01/23 20:22:53 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_0.dll
[2016/01/23 20:22:53 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_0.dll
[2016/01/23 20:22:53 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_4.dll
[2016/01/23 20:22:53 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_3.dll
[2016/01/23 20:22:53 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_4.dll
[2016/01/23 20:22:53 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_3.dll
[2016/01/23 20:22:52 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_36.dll
[2016/01/23 20:22:52 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_37.dll
[2016/01/23 20:22:52 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_37.dll
[2016/01/23 20:22:52 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_36.dll
[2016/01/23 20:22:52 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_36.dll
[2016/01/23 20:22:52 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_37.dll
[2016/01/23 20:22:52 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_37.dll
[2016/01/23 20:22:52 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_36.dll
[2016/01/23 20:22:52 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_37.dll
[2016/01/23 20:22:52 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_36.dll
[2016/01/23 20:22:52 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_37.dll
[2016/01/23 20:22:52 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_36.dll
[2016/01/23 20:22:52 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_10.dll
[2016/01/23 20:22:52 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_10.dll
[2016/01/23 20:22:51 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_35.dll
[2016/01/23 20:22:51 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_34.dll
[2016/01/23 20:22:51 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_35.dll
[2016/01/23 20:22:51 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_34.dll
[2016/01/23 20:22:51 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_35.dll
[2016/01/23 20:22:51 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_34.dll
[2016/01/23 20:22:51 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_35.dll
[2016/01/23 20:22:51 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_34.dll
[2016/01/23 20:22:51 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_35.dll
[2016/01/23 20:22:51 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_34.dll
[2016/01/23 20:22:51 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_35.dll
[2016/01/23 20:22:51 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_34.dll
[2016/01/23 20:22:51 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_9.dll
[2016/01/23 20:22:51 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_8.dll
[2016/01/23 20:22:51 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_7.dll
[2016/01/23 20:22:51 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_9.dll
[2016/01/23 20:22:51 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_8.dll
[2016/01/23 20:22:51 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_7.dll
[2016/01/23 20:22:51 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_3.dll
[2016/01/23 20:22:51 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_3.dll
[2016/01/23 20:22:51 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_2.dll
[2016/01/23 20:22:51 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_2.dll
[2016/01/23 20:22:50 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_33.dll
[2016/01/23 20:22:50 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_32.dll
[2016/01/23 20:22:50 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_33.dll
[2016/01/23 20:22:50 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_32.dll
[2016/01/23 20:22:50 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_33.dll
[2016/01/23 20:22:50 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_33.dll
[2016/01/23 20:22:50 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_33.dll
[2016/01/23 20:22:50 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10.dll
[2016/01/23 20:22:50 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_33.dll
[2016/01/23 20:22:50 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10.dll
[2016/01/23 20:22:50 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_6.dll
[2016/01/23 20:22:50 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_5.dll
[2016/01/23 20:22:50 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_4.dll
[2016/01/23 20:22:50 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_6.dll
[2016/01/23 20:22:50 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_5.dll
[2016/01/23 20:22:50 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_4.dll
[2016/01/23 20:22:50 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\x3daudio1_1.dll
[2016/01/23 20:22:50 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_1.dll
[2016/01/23 20:22:49 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_31.dll
[2016/01/23 20:22:49 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_30.dll
[2016/01/23 20:22:49 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_30.dll
[2016/01/23 20:22:49 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_3.dll
[2016/01/23 20:22:49 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_2.dll
[2016/01/23 20:22:49 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_1.dll
[2016/01/23 20:22:49 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_3.dll
[2016/01/23 20:22:49 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_2.dll
[2016/01/23 20:22:49 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_1.dll
[2016/01/23 20:22:49 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_2.dll
[2016/01/23 20:22:49 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_1.dll
[2016/01/23 20:22:49 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_2.dll
[2016/01/23 20:22:49 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_1.dll
[2016/01/23 20:22:48 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_29.dll
[2016/01/23 20:22:48 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_25.dll
[2016/01/23 20:22:48 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_28.dll
[2016/01/23 20:22:48 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_27.dll
[2016/01/23 20:22:48 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_26.dll
[2016/01/23 20:22:48 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_25.dll
[2016/01/23 20:22:48 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_29.dll
[2016/01/23 20:22:48 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_28.dll
[2016/01/23 20:22:48 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_27.dll
[2016/01/23 20:22:48 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_26.dll
[2016/01/23 20:22:48 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_0.dll
[2016/01/23 20:22:48 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_0.dll
[2016/01/23 20:22:48 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\x3daudio1_0.dll
[2016/01/23 20:22:48 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_0.dll
[2016/01/23 20:22:47 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_24.dll
[2016/01/23 20:22:47 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_24.dll
[2016/01/23 20:13:37 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_39.dll
[2016/01/23 20:13:37 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_39.dll
[2016/01/23 20:13:37 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_2.dll
[2016/01/23 20:13:37 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_39.dll
[2016/01/23 20:13:37 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_1.dll
[2016/01/23 20:13:34 | 000,000,000 | ---D | C] -- C:\Riot Games
[2016/01/23 20:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
[2016/01/23 20:13:04 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Riot Games
[2016/01/23 20:10:53 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
[2016/01/23 20:10:51 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\FluxSoftware
[2016/01/23 19:59:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2016/01/23 19:59:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2016/01/23 19:58:13 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Comms
[2016/01/23 19:55:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
[2016/01/23 19:55:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deluge
[2016/01/23 19:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2016/01/23 19:49:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2016/01/23 19:49:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2016/01/23 19:48:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2016/01/23 19:48:22 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Adobe
[2016/01/23 19:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2016/01/23 19:47:52 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_31.dll
[2016/01/23 19:47:52 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_42.dll
[2016/01/23 19:47:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2016/01/23 19:47:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2016/01/23 19:43:45 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Gyazo
[2016/01/23 19:31:46 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Mozilla
[2016/01/23 19:31:46 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Mozilla
[2016/01/23 19:31:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2016/01/23 19:20:57 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Dropbox
[2016/01/23 19:20:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dropbox
[2016/01/23 19:20:38 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Dropbox
[2016/01/23 19:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Dropbox
[2016/01/23 19:20:30 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\vlc
[2016/01/23 19:20:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2016/01/23 19:20:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2016/01/23 19:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
[2016/01/23 19:19:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gyazo
[2016/01/23 19:17:30 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\LolClient
[2016/01/23 19:17:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Riot Games
[2016/01/23 19:11:18 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Winamp
[2016/01/23 19:08:08 | 000,000,000 | ---D | C] -- C:\Users\David\Tracing
[2016/01/23 19:07:50 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Skype
[2016/01/23 19:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2016/01/23 19:07:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2016/01/23 19:07:45 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2016/01/23 19:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2016/01/23 19:05:30 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\deluge
[2016/01/23 19:05:07 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2016/01/23 19:04:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2016/01/23 19:04:56 | 000,109,272 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2016/01/23 19:04:56 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2016/01/23 19:04:56 | 000,025,816 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2016/01/23 19:04:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2016/01/23 19:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2016/01/23 18:55:41 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Google
[2016/01/23 18:55:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2016/01/23 18:55:36 | 000,147,088 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\ngvss.sys
[2016/01/23 18:55:35 | 000,386,096 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2016/01/23 18:55:17 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\AVAST Software
[2016/01/23 18:55:00 | 001,065,208 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2016/01/23 18:55:00 | 000,464,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2016/01/23 18:55:00 | 000,273,784 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2016/01/23 18:55:00 | 000,155,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2016/01/23 18:55:00 | 000,097,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2016/01/23 18:55:00 | 000,093,528 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2016/01/23 18:55:00 | 000,065,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2016/01/23 18:55:00 | 000,028,656 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2016/01/23 18:54:57 | 000,043,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2016/01/23 18:54:39 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2016/01/23 18:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2016/01/23 18:48:47 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Blizzard Entertainment
[2016/01/23 18:48:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2016/01/23 18:48:41 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Battle.net
[2016/01/23 18:48:41 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Battle.net
[2016/01/23 18:48:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2016/01/23 18:44:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCWest
[2016/01/23 18:43:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2016/01/23 18:38:27 | 000,000,000 | ---D | C] -- D:\Users\user\Desktop\new piano music
[2016/01/23 12:10:58 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Macromedia
[2016/01/23 11:59:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MRT
[2016/01/23 11:59:45 | 000,022,280 | ---- | C] (ASRock Incorporation) -- C:\WINDOWS\SysWow64\drivers\AsrAutoChkUpdDrv.sys
[2016/01/23 11:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\ASRock
[2016/01/23 11:57:55 | 000,026,880 | ---- | C] (Western Digital Technologies, Inc.) -- C:\WINDOWS\SysNative\drivers\wdcsam64.sys
[2016/01/23 11:51:45 | 000,103,216 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvStreaming.exe
[2016/01/23 11:50:56 | 031,098,488 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2016/01/23 11:50:56 | 024,923,768 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2016/01/23 11:50:56 | 021,131,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2016/01/23 11:50:56 | 019,727,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2016/01/23 11:50:56 | 017,568,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2016/01/23 11:50:56 | 017,123,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2016/01/23 11:50:56 | 001,915,512 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6436143.dll
[2016/01/23 11:50:56 | 001,572,496 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdagenco6420103.dll
[2016/01/23 11:50:56 | 001,564,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6436143.dll
[2016/01/23 11:50:56 | 000,938,104 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2016/01/23 11:50:56 | 000,872,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2016/01/23 11:50:56 | 000,786,688 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFTH264.dll
[2016/01/23 11:50:56 | 000,784,640 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFThevc.dll
[2016/01/23 11:50:56 | 000,735,024 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2016/01/23 11:50:56 | 000,681,592 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2016/01/23 11:50:56 | 000,632,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFTH264.dll
[2016/01/23 11:50:56 | 000,630,592 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFThevc.dll
[2016/01/23 11:50:56 | 000,541,000 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvumdshimx.dll
[2016/01/23 11:50:56 | 000,445,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvumdshim.dll
[2016/01/23 11:50:56 | 000,416,560 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2016/01/23 11:50:56 | 000,378,784 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2016/01/23 11:50:56 | 000,376,440 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvDecMFTMjpeg.dll
[2016/01/23 11:50:56 | 000,370,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2016/01/23 11:50:56 | 000,316,960 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2016/01/23 11:50:56 | 000,205,456 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2016/01/23 11:50:56 | 000,175,368 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvinitx.dll
[2016/01/23 11:50:56 | 000,153,208 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvinit.dll
[2016/01/23 11:50:56 | 000,151,184 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglshim64.dll
[2016/01/23 11:50:56 | 000,128,696 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2016/01/23 11:50:56 | 000,039,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2016/01/23 11:50:55 | 020,672,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2016/01/23 11:50:55 | 017,164,160 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2016/01/23 11:50:55 | 017,104,016 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2016/01/23 11:50:55 | 014,103,608 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2016/01/23 11:50:55 | 003,603,368 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2016/01/23 11:50:55 | 003,184,152 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2016/01/23 11:50:55 | 002,560,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2016/01/23 11:50:55 | 002,214,192 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2016/01/23 11:50:55 | 000,339,760 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvDecMFTMjpeg.dll
[2016/01/23 11:47:54 | 000,099,472 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvaudcap64v.dll
[2016/01/23 11:47:54 | 000,090,768 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvaudcap32v.dll
[2016/01/23 11:47:54 | 000,047,760 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvvad64v.sys
[2016/01/23 11:47:21 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\MicrosoftEdge
[2016/01/23 09:51:34 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_43.dll
[2016/01/23 09:51:34 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_43.dll
[2016/01/23 09:51:34 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_43.dll
[2016/01/23 09:51:34 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_43.dll
[2016/01/23 09:51:34 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx11_43.dll
[2016/01/23 09:51:34 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx11_43.dll
[2016/01/23 09:51:32 | 001,860,120 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvspcap64.dll
[2016/01/23 09:51:32 | 001,756,608 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvspbridge64.dll
[2016/01/23 09:51:31 | 001,542,600 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvspcap.dll
[2016/01/23 09:51:31 | 001,316,184 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvspbridge.dll
[2016/01/23 09:51:28 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\NVIDIA Corporation
[2016/01/23 09:51:28 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\NVIDIA
[2016/01/23 09:51:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2016/01/23 09:50:28 | 001,898,104 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6435582.dll
[2016/01/23 09:50:28 | 001,558,648 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6435582.dll
[2016/01/23 09:44:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2016/01/23 09:41:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASRock Utility
[2016/01/23 09:41:19 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Programs
[2016/01/23 09:41:14 | 000,017,192 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\AsrAppCharger.sys
[2016/01/23 09:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
[2016/01/23 09:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\ASRock Utility
[2016/01/23 09:40:03 | 000,404,752 | R--- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\PROUnstl.exe
[2016/01/23 09:40:02 | 000,494,064 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\e1d65x64.sys
[2016/01/23 09:40:02 | 000,125,728 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\NicCo4.dll
[2016/01/23 09:40:02 | 000,089,872 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\NicInstD.dll
[2016/01/23 09:40:02 | 000,075,288 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\e1dmsg.dll
[2016/01/23 09:38:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2016/01/23 09:37:10 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Intel Corporation
[2016/01/23 09:37:08 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2016/01/23 09:37:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2016/01/23 09:37:00 | 000,000,000 | ---D | C] -- C:\Users\David\Intel
[2016/01/23 09:36:27 | 002,162,992 | ---- | C] (Yamaha Corporation) -- C:\WINDOWS\SysNative\YamahaAE.dll
[2016/01/23 09:36:25 | 002,101,848 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\WavesGUILib64.dll
[2016/01/23 09:36:25 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tosade.dll
[2016/01/23 09:36:25 | 000,871,856 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tossaeapo64.dll
[2016/01/23 09:36:25 | 000,582,056 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tosasfapo64.dll
[2016/01/23 09:36:25 | 000,162,224 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\toseaeapo64.dll
[2016/01/23 09:36:24 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tadefxapo264.dll
[2016/01/23 09:36:24 | 000,724,728 | ---- | C] (DTS, Inc.) -- C:\WINDOWS\SysNative\sltech64.dll
[2016/01/23 09:36:24 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSX64.dll
[2016/01/23 09:36:24 | 000,246,008 | ---- | C] (TODO: <Company name>) -- C:\WINDOWS\SysNative\slprp64.dll
[2016/01/23 09:36:24 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSH64.dll
[2016/01/23 09:36:24 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSHP64.dll
[2016/01/23 09:36:24 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSWOW64.dll
[2016/01/23 09:36:24 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tadefxapo.dll
[2016/01/23 09:36:24 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\WINDOWS\SysNative\tepeqapo64.dll
[2016/01/23 09:36:23 | 002,831,576 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtPgEx64.dll
[2016/01/23 09:36:23 | 001,959,128 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTSnMg64.cpl
[2016/01/23 09:36:23 | 001,048,824 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\slcnt64.dll
[2016/01/23 09:36:23 | 000,947,760 | ---- | C] (Sony Corporation) -- C:\WINDOWS\SysNative\SFSS_APO.dll
[2016/01/23 09:36:23 | 000,889,592 | ---- | C] (DTS, Inc.) -- C:\WINDOWS\SysNative\sl3apo64.dll
[2016/01/23 09:36:23 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtlCPAPI64.dll
[2016/01/23 09:36:23 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFNHK64.dll
[2016/01/23 09:36:23 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFCOM64.dll
[2016/01/23 09:36:23 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFAPO64.dll
[2016/01/23 09:36:23 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\WINDOWS\SysWow64\SFCOM.dll
[2016/01/23 09:36:22 | 002,794,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkAPO64.dll
[2016/01/23 09:36:22 | 001,286,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTCOM64.dll
[2016/01/23 09:36:22 | 001,019,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkApi64.dll
[2016/01/23 09:36:22 | 000,627,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtDataProc64.dll
[2016/01/23 09:36:22 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEP64A.dll
[2016/01/23 09:36:22 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DHT64.dll
[2016/01/23 09:36:22 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DAA64.dll
[2016/01/23 09:36:22 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEED64A.dll
[2016/01/23 09:36:22 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkCfg64.dll
[2016/01/23 09:36:22 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEL64A.dll
[2016/01/23 09:36:22 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEG64A.dll
[2016/01/23 09:36:22 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkCoLDR64.dll
[2016/01/23 09:36:21 | 057,362,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoRes64.dat
[2016/01/23 09:36:21 | 012,816,472 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxVoiceAPO3064.dll
[2016/01/23 09:36:21 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEP64A.dll
[2016/01/23 09:36:21 | 005,751,048 | ---- | C] (Nahimic Inc) -- C:\WINDOWS\SysNative\NAHIMICAPOlfx.dll
[2016/01/23 09:36:21 | 001,313,904 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxSpeechAPO64.dll
[2016/01/23 09:36:21 | 000,947,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoInstII64.dll
[2016/01/23 09:36:21 | 000,942,384 | ---- | C] (Nahimic Inc) -- C:\WINDOWS\SysNative\NAHIMICAPOSettingsIPC.dll
[2016/01/23 09:36:21 | 000,938,608 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxVoiceAPO2064.dll
[2016/01/23 09:36:21 | 000,906,800 | ---- | C] (Sony Corporation) -- C:\WINDOWS\SysNative\MISS_APO.dll
[2016/01/23 09:36:21 | 000,662,784 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxVolumeSDAPO.dll
[2016/01/23 09:36:21 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EED64A.dll
[2016/01/23 09:36:21 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEL64A.dll
[2016/01/23 09:36:21 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEA64A.dll
[2016/01/23 09:36:21 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEG64A.dll
[2016/01/23 09:36:20 | 028,314,200 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioVnA64.dll
[2016/01/23 09:36:20 | 014,742,104 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek64.dll
[2016/01/23 09:36:20 | 003,927,640 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioVnN64.dll
[2016/01/23 09:36:20 | 002,396,760 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO6064.dll
[2016/01/23 09:36:20 | 002,040,920 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioEQ64.dll
[2016/01/23 09:36:20 | 001,933,400 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek264.dll
[2016/01/23 09:36:20 | 001,424,984 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO4064.dll
[2016/01/23 09:36:20 | 001,423,960 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO5064.dll
[2016/01/23 09:36:20 | 001,042,520 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPOShell64.dll
[2016/01/23 09:36:20 | 000,882,776 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysWow64\MaxxAudioAPOShell.dll
[2016/01/23 09:36:20 | 000,663,296 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO30.dll
[2016/01/23 09:36:20 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\WINDOWS\SysNative\KAAPORT64.dll
[2016/01/23 09:36:20 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO20.dll
[2016/01/23 09:36:19 | 002,770,976 | ---- | C] (Fortemedia Corporation) -- C:\WINDOWS\SysNative\FMAPO64.dll
[2016/01/23 09:36:19 | 001,756,264 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2SpeakerDLL64.dll
[2016/01/23 09:36:19 | 001,568,360 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2HeadphoneDLL64.dll
[2016/01/23 09:36:19 | 001,486,952 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBoostDLL64.dll
[2016/01/23 09:36:19 | 000,712,296 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSSymmetryDLL64.dll
[2016/01/23 09:36:19 | 000,693,352 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSVoiceClarityDLL64.dll
[2016/01/23 09:36:19 | 000,501,184 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PLFX64.dll
[2016/01/23 09:36:19 | 000,491,112 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSNeoPCDLL64.dll
[2016/01/23 09:36:19 | 000,487,360 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PGFX64.dll
[2016/01/23 09:36:19 | 000,432,744 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLimiterDLL64.dll
[2016/01/23 09:36:19 | 000,428,648 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGainCompensatorDLL64.dll
[2016/01/23 09:36:19 | 000,415,680 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PREC64.dll
[2016/01/23 09:36:19 | 000,242,792 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLFXAPO64.dll
[2016/01/23 09:36:19 | 000,242,792 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPO64.dll
[2016/01/23 09:36:19 | 000,241,768 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPONS64.dll
[2016/01/23 09:36:18 | 006,217,904 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\DDPP64A.dll
[2016/01/23 09:36:18 | 001,938,608 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\DDPD64A.dll
[2016/01/23 09:36:18 | 000,728,680 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBassEnhancementDLL64.dll
[2016/01/23 09:36:18 | 000,313,520 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\DDPO64A.dll
[2016/01/23 09:36:18 | 000,260,272 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\DDPA64.dll
[2016/01/23 09:36:18 | 000,209,096 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAC64.dll
[2016/01/23 09:36:18 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\WINDOWS\SysNative\CONEQMSAPOGUILibrary.dll
[2016/01/23 09:36:18 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAR64.dll
[2016/01/23 09:36:18 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2016/01/23 09:36:18 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2016/01/23 09:36:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2016/01/23 09:36:17 | 002,080,472 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2016/01/23 09:36:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2016/01/23 09:31:55 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2016/01/23 09:31:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2016/01/23 09:30:28 | 000,022,352 | ---- | C] (RW-Everything) -- C:\WINDOWS\SysWow64\drivers\AsrSetupDrv.sys
[2016/01/23 09:18:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2016/01/23 09:16:47 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Publishers
[2016/01/23 09:16:43 | 000,000,000 | R--D | C] -- C:\Users\David\Videos
[2016/01/23 09:16:43 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2016/01/23 09:16:43 | 000,000,000 | R--D | C] -- C:\Users\David\Searches
[2016/01/23 09:16:43 | 000,000,000 | R--D | C] -- C:\Users\David\Saved Games
[2016/01/23 09:16:43 | 000,000,000 | R--D | C] -- C:\Users\David\Pictures
[2016/01/23 09:16:43 | 000,000,000 | R--D | C] -- C:\Users\David\Music
[2016/01/23 09:16:43 | 000,000,000 | R--D | C] -- C:\Users\David\Links
[2016/01/23 09:16:43 | 000,000,000 | R--D | C] -- C:\Users\David\Favorites
[2016/01/23 09:16:43 | 000,000,000 | R--D | C] -- C:\Users\David\Downloads
[2016/01/23 09:16:43 | 000,000,000 | R--D | C] -- C:\Users\David\Documents
[2016/01/23 09:16:43 | 000,000,000 | R--D | C] -- C:\Users\David\Contacts
[2016/01/23 09:16:43 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2016/01/23 09:16:43 | 000,000,000 | -H-D | C] -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2016/01/23 09:16:43 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\VirtualStore
[2016/01/23 09:16:43 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\TileDataLayer
[2016/01/23 09:16:43 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Packages
[2016/01/23 09:16:43 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Adobe
[2016/01/23 09:14:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2016/01/23 09:11:58 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2016/02/10 20:15:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\user\Desktop\OTL.exe
[2016/02/10 20:15:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/02/10 19:52:14 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2016/02/10 19:30:36 | 000,001,223 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/02/10 19:26:58 | 000,022,280 | ---- | M] (ASRock Incorporation) -- C:\WINDOWS\SysWow64\drivers\AsrAutoChkUpdDrv.sys
[2016/02/10 19:26:51 | 3407,495,168 | -HS- | M] () -- C:\hiberfil.sys
[2016/02/10 19:26:51 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/02/08 20:23:47 | 000,001,781 | ---- | M] () -- C:\Users\David\AppData\Local\recently-used.xbel
[2016/02/07 22:50:47 | 000,881,036 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/02/07 22:50:47 | 000,748,458 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2016/02/07 22:50:47 | 000,143,390 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2016/02/07 11:44:27 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2016/02/06 15:49:56 | 000,000,221 | ---- | M] () -- D:\Users\user\Desktop\Fallout New Vegas.url
[2016/02/06 15:48:32 | 000,000,221 | ---- | M] () -- D:\Users\user\Desktop\The Elder Scrolls V Skyrim.url
[2016/02/06 15:47:48 | 000,000,221 | ---- | M] () -- D:\Users\user\Desktop\Borderlands 2.url
[2016/02/06 12:36:15 | 000,189,264 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016/02/06 12:31:46 | 000,000,408 | ---- | M] () -- C:\WINDOWS\SysNative\.crusader
[2016/02/06 12:26:18 | 000,001,969 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2016/02/06 12:24:37 | 011,323,704 | ---- | M] (SurfRight B.V.) -- D:\Users\user\Desktop\HitmanPro_x64.exe
[2016/02/04 16:36:18 | 002,796,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2016/02/04 16:36:18 | 002,180,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2016/02/04 16:36:18 | 001,070,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMSPDMOE.DLL
[2016/02/04 16:36:18 | 000,983,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2016/02/04 16:36:18 | 000,925,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2016/02/04 16:36:18 | 000,890,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMSPDMOD.DLL
[2016/02/04 16:36:18 | 000,871,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL
[2016/02/04 16:36:18 | 000,786,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMADMOD.DLL
[2016/02/04 16:36:18 | 000,695,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMADMOD.DLL
[2016/02/04 16:36:18 | 000,671,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll
[2016/02/04 16:36:18 | 000,569,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qdvd.dll
[2016/02/04 16:36:18 | 000,517,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2016/02/04 16:36:18 | 000,450,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2016/02/04 16:36:18 | 000,387,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qdvd.dll
[2016/02/04 16:36:18 | 000,381,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
[2016/02/04 16:36:18 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2016/02/04 16:36:18 | 000,340,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToDevice.dll
[2016/02/04 16:36:18 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcastdvr.exe
[2016/02/04 16:36:18 | 000,323,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSFlacDecoder.dll
[2016/02/04 16:36:18 | 000,305,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ksproxy.ax
[2016/02/04 16:36:18 | 000,270,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSFlacDecoder.dll
[2016/02/04 16:36:18 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ksproxy.ax
[2016/02/04 16:36:18 | 000,208,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mftranscode.dll
[2016/02/04 16:36:18 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dialserver.dll
[2016/02/04 16:36:18 | 000,119,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP3DMOD.DLL
[2016/02/04 16:36:18 | 000,116,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2016/02/04 16:36:18 | 000,100,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP3DMOD.DLL
[2016/02/04 16:36:18 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppCapture.dll
[2016/02/04 16:36:18 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcastdvr.proxy.dll
[2016/02/04 16:36:13 | 007,826,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2016/02/04 16:36:13 | 005,660,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2016/02/04 16:36:13 | 004,894,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2016/02/04 16:36:13 | 003,428,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2016/02/04 16:36:13 | 002,582,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2016/02/04 16:36:13 | 002,544,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2016/02/04 16:36:13 | 002,061,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2016/02/04 16:36:13 | 001,817,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2016/02/04 16:36:13 | 001,299,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2016/02/04 16:36:13 | 001,255,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMSPDMOE.DLL
[2016/02/04 16:36:13 | 001,155,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2016/02/04 16:36:13 | 001,131,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Audio.dll
[2016/02/04 16:36:13 | 001,118,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2016/02/04 16:36:13 | 001,105,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
[2016/02/04 16:36:13 | 001,092,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2016/02/04 16:36:13 | 001,065,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2016/02/04 16:36:13 | 001,020,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2016/02/04 16:36:13 | 000,931,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSMPEG2ENC.DLL
[2016/02/04 16:36:13 | 000,898,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2016/02/04 16:36:13 | 000,884,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2016/02/04 16:36:13 | 000,870,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2016/02/04 16:36:13 | 000,858,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2016/02/04 16:36:13 | 000,824,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2016/02/04 16:36:13 | 000,823,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2016/02/04 16:36:13 | 000,803,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2016/02/04 16:36:13 | 000,794,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2016/02/04 16:36:13 | 000,764,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2016/02/04 16:36:13 | 000,716,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2016/02/04 16:36:13 | 000,701,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2016/02/04 16:36:13 | 000,696,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupEngine.dll
[2016/02/04 16:36:13 | 000,670,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2016/02/04 16:36:13 | 000,572,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2016/02/04 16:36:13 | 000,526,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2016/02/04 16:36:13 | 000,516,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2016/02/04 16:36:13 | 000,502,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll
[2016/02/04 16:36:13 | 000,498,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2016/02/04 16:36:13 | 000,497,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmkvsrcsnk.dll
[2016/02/04 16:36:13 | 000,462,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2016/02/04 16:36:13 | 000,337,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFPlay.dll
[2016/02/04 16:36:13 | 000,289,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFPlay.dll
[2016/02/04 16:36:13 | 000,245,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2016/02/04 16:36:13 | 000,234,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mftranscode.dll
[2016/02/04 16:36:13 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupSvc.dll
[2016/02/04 16:36:13 | 000,133,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\flvprophandler.dll
[2016/02/04 16:36:13 | 000,115,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupApi.dll
[2016/02/04 16:36:13 | 000,110,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll
[2016/02/04 16:36:13 | 000,088,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\remoteaudioendpoint.dll
[2016/02/04 16:36:13 | 000,084,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupApi.dll
[2016/02/04 16:36:13 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RMSRoamingSecurity.dll
[2016/02/04 16:36:13 | 000,073,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\remoteaudioendpoint.dll
[2016/02/04 16:36:13 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2016/02/04 16:36:13 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2016/02/04 16:36:13 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\readingviewresources.dll
[2016/02/04 16:36:10 | 007,477,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2016/02/04 16:36:10 | 006,572,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2016/02/04 16:36:10 | 003,993,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2016/02/04 16:36:10 | 002,352,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2016/02/04 16:36:10 | 002,155,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2016/02/04 16:36:10 | 001,995,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActiveSyncProvider.dll
[2016/02/04 16:36:10 | 001,814,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2016/02/04 16:36:10 | 001,717,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2016/02/04 16:36:10 | 001,713,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRHInproc.dll
[2016/02/04 16:36:10 | 001,706,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
[2016/02/04 16:36:10 | 001,648,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comsvcs.dll
[2016/02/04 16:36:10 | 001,582,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2016/02/04 16:36:10 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comsvcs.dll
[2016/02/04 16:36:10 | 001,317,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2016/02/04 16:36:10 | 001,309,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2016/02/04 16:36:10 | 001,281,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2016/02/04 16:36:10 | 001,223,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Unistore.dll
[2016/02/04 16:36:10 | 001,141,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2016/02/04 16:36:10 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XboxNetApiSvc.dll
[2016/02/04 16:36:10 | 001,009,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMSPDMOD.DLL
[2016/02/04 16:36:10 | 000,973,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2016/02/04 16:36:10 | 000,957,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2016/02/04 16:36:10 | 000,948,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Unistore.dll
[2016/02/04 16:36:10 | 000,912,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
[2016/02/04 16:36:10 | 000,900,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2016/02/04 16:36:10 | 000,808,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2016/02/04 16:36:10 | 000,796,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2016/02/04 16:36:10 | 000,749,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneService.dll
[2016/02/04 16:36:10 | 000,704,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CellularAPI.dll
[2016/02/04 16:36:10 | 000,698,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2016/02/04 16:36:10 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2016/02/04 16:36:10 | 000,678,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2016/02/04 16:36:10 | 000,674,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2016/02/04 16:36:10 | 000,644,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uReFS.dll
[2016/02/04 16:36:10 | 000,630,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2016/02/04 16:36:10 | 000,623,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneProviders.dll
[2016/02/04 16:36:10 | 000,607,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2016/02/04 16:36:10 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2016/02/04 16:36:10 | 000,586,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2016/02/04 16:36:10 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2016/02/04 16:36:10 | 000,558,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uReFS.dll
[2016/02/04 16:36:10 | 000,543,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2016/02/04 16:36:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\catsrvut.dll
[2016/02/04 16:36:10 | 000,523,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2016/02/04 16:36:10 | 000,517,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2016/02/04 16:36:10 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2016/02/04 16:36:10 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DscCore.dll
[2016/02/04 16:36:10 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2016/02/04 16:36:10 | 000,421,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LogonController.dll
[2016/02/04 16:36:10 | 000,416,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2016/02/04 16:36:10 | 000,415,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\catsrvut.dll
[2016/02/04 16:36:10 | 000,414,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.exe
[2016/02/04 16:36:10 | 000,412,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifitask.exe
[2016/02/04 16:36:10 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2016/02/04 16:36:10 | 000,365,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2016/02/04 16:36:10 | 000,342,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorService.dll
[2016/02/04 16:36:10 | 000,334,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2016/02/04 16:36:10 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptngc.dll
[2016/02/04 16:36:10 | 000,296,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2016/02/04 16:36:10 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2016/02/04 16:36:10 | 000,286,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provhandlers.dll
[2016/02/04 16:36:10 | 000,264,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2016/02/04 16:36:10 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserMgrProxy.dll
[2016/02/04 16:36:10 | 000,241,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptngc.dll
[2016/02/04 16:36:10 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KnobsCore.dll
[2016/02/04 16:36:10 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2016/02/04 16:36:10 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2016/02/04 16:36:10 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2016/02/04 16:36:10 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2016/02/04 16:36:10 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2016/02/04 16:36:10 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shutdownux.dll
[2016/02/04 16:36:10 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2016/02/04 16:36:10 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserMgrProxy.dll
[2016/02/04 16:36:10 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provdatastore.dll
[2016/02/04 16:36:10 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provops.dll
[2016/02/04 16:36:10 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tetheringservice.dll
[2016/02/04 16:36:10 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2016/02/04 16:36:10 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2016/02/04 16:36:10 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2016/02/04 16:36:10 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\SensorsCx.dll
[2016/02/04 16:36:10 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshom.ocx
[2016/02/04 16:36:10 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rmcast.sys
[2016/02/04 16:36:10 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmclient.exe
[2016/02/04 16:36:10 | 000,134,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wificonnapi.dll
[2016/02/04 16:36:10 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KnobsCsp.dll
[2016/02/04 16:36:10 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2016/02/04 16:36:10 | 000,092,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2016/02/04 16:36:10 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.V2.dll
[2016/02/04 16:36:10 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanagerprecheck.dll
[2016/02/04 16:36:10 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NFCProvisioningPlugin.dll
[2016/02/04 16:36:10 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppCapture.dll
[2016/02/04 16:36:10 | 000,080,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwapi.dll
[2016/02/04 16:36:10 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BarcodeProvisioningPlugin.dll
[2016/02/04 16:36:10 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProvPluginEng.dll
[2016/02/04 16:36:10 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.XboxLive.ProxyStub.dll
[2016/02/04 16:36:10 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanprotdim.dll
[2016/02/04 16:36:10 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssign32.dll
[2016/02/04 16:36:10 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwancfg.dll
[2016/02/04 16:36:10 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininetlui.dll
[2016/02/04 16:36:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ihvrilproxy.dll
[2016/02/04 16:36:10 | 000,063,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wwapi.dll
[2016/02/04 16:36:10 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssign32.dll
[2016/02/04 16:36:10 | 000,058,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.dll
[2016/02/04 16:36:10 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provtool.exe
[2016/02/04 16:36:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rilproxy.dll
[2016/02/04 16:36:10 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tetheringclient.dll
[2016/02/04 16:36:10 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemovableMediaProvisioningPlugin.dll
[2016/02/04 16:36:10 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wwanpref.dll
[2016/02/04 16:36:10 | 000,051,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsUtilsV2.dll
[2016/02/04 16:36:10 | 000,045,568 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2016/02/04 16:36:10 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsplib.dll
[2016/02/04 16:36:10 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgrcli.dll
[2016/02/04 16:36:10 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.proxy.dll
[2016/02/04 16:36:10 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2016/02/04 16:36:10 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usermgrcli.dll
[2016/02/04 16:36:10 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2016/02/04 16:36:10 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tetheringconfigsp.dll
[2016/02/04 16:36:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StorageUsage.dll
[2016/02/04 16:36:10 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2016/02/04 16:36:10 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Provisioning.ProxyStub.dll
[2016/02/04 16:36:10 | 000,026,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2016/02/04 16:36:10 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshrm.dll
[2016/02/04 16:36:10 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IcsEntitlementHost.exe
[2016/02/04 16:36:10 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dciman32.dll
[2016/02/04 16:36:10 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpk.dll
[2016/02/04 16:36:07 | 003,355,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2016/02/04 16:36:07 | 002,843,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2016/02/04 16:36:07 | 002,772,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2016/02/04 16:36:07 | 002,680,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2016/02/04 16:36:07 | 002,653,816 | ---- | M] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016/02/04 16:36:07 | 002,444,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2016/02/04 16:36:07 | 002,185,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2016/02/04 16:36:07 | 002,001,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2016/02/04 16:36:07 | 001,860,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2016/02/04 16:36:07 | 001,859,448 | ---- | M] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/02/04 16:36:07 | 001,804,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMALFXGFXDSP.dll
[2016/02/04 16:36:07 | 001,594,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2016/02/04 16:36:07 | 001,467,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2016/02/04 16:36:07 | 001,443,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRHInproc.dll
[2016/02/04 16:36:07 | 001,399,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2016/02/04 16:36:07 | 001,395,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2016/02/04 16:36:07 | 001,393,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2016/02/04 16:36:07 | 001,387,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2016/02/04 16:36:07 | 001,268,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll
[2016/02/04 16:36:07 | 001,268,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.dll
[2016/02/04 16:36:07 | 001,139,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2016/02/04 16:36:07 | 001,056,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2016/02/04 16:36:07 | 001,042,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingOnlineServices.dll
[2016/02/04 16:36:07 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll
[2016/02/04 16:36:07 | 000,948,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthManager.dll
[2016/02/04 16:36:07 | 000,938,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2016/02/04 16:36:07 | 000,911,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2016/02/04 16:36:07 | 000,870,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2016/02/04 16:36:07 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2016/02/04 16:36:07 | 000,793,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2016/02/04 16:36:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll
[2016/02/04 16:36:07 | 000,764,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2016/02/04 16:36:07 | 000,711,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll
[2016/02/04 16:36:07 | 000,709,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingOnlineServices.dll
[2016/02/04 16:36:07 | 000,703,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2016/02/04 16:36:07 | 000,697,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToManager.dll
[2016/02/04 16:36:07 | 000,675,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2016/02/04 16:36:07 | 000,647,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2016/02/04 16:36:07 | 000,628,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MessagingDataModel2.dll
[2016/02/04 16:36:07 | 000,589,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeApi.dll
[2016/02/04 16:36:07 | 000,586,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2016/02/04 16:36:07 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2016/02/04 16:36:07 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MBMediaManager.dll
[2016/02/04 16:36:07 | 000,540,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2016/02/04 16:36:07 | 000,511,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2016/02/04 16:36:07 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MessagingDataModel2.dll
[2016/02/04 16:36:07 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2016/02/04 16:36:07 | 000,470,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MbaeApi.dll
[2016/02/04 16:36:07 | 000,459,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2016/02/04 16:36:07 | 000,458,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToDevice.dll
[2016/02/04 16:36:07 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Bluetooth.dll
[2016/02/04 16:36:07 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2016/02/04 16:36:07 | 000,315,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Bluetooth.dll
[2016/02/04 16:36:07 | 000,303,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2016/02/04 16:36:07 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceaccess.dll
[2016/02/04 16:36:07 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\facecredentialprovider.dll
[2016/02/04 16:36:07 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll
[2016/02/04 16:36:07 | 000,264,192 | ---- | M] (Nokia) -- C:\WINDOWS\SysNative\NmaDirect.dll
[2016/02/04 16:36:07 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceaccess.dll
[2016/02/04 16:36:07 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2016/02/04 16:36:07 | 000,205,824 | ---- | M] (Nokia) -- C:\WINDOWS\SysWow64\NmaDirect.dll
[2016/02/04 16:36:07 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft-Windows-AppModelExecEvents.dll
[2016/02/04 16:36:07 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityCommon.dll
[2016/02/04 16:36:07 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2016/02/04 16:36:07 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ETWCoreUIComponentsResources.dll
[2016/02/04 16:36:07 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ETWCoreUIComponentsResources.dll
[2016/02/04 16:36:07 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wshom.ocx
[2016/02/04 16:36:07 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ProximityCommon.dll
[2016/02/04 16:36:07 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\capimg.sys
[2016/02/04 16:36:07 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinelsa.dll
[2016/02/04 16:36:07 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft-Windows-MapControls.dll
[2016/02/04 16:36:07 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft-Windows-MapControls.dll
[2016/02/04 16:36:07 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2016/02/04 16:36:07 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offlinelsa.dll
[2016/02/04 16:36:07 | 000,095,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdstor.sys
[2016/02/04 16:36:07 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2016/02/04 16:36:07 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsCSP.dll
[2016/02/04 16:36:07 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tzautoupdate.dll
[2016/02/04 16:36:07 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputLocaleManager.dll
[2016/02/04 16:36:07 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2016/02/04 16:36:07 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll
[2016/02/04 16:36:07 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthManagerProxy.dll
[2016/02/04 16:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2016/02/04 16:36:07 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wininetlui.dll
[2016/02/04 16:36:07 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosHostClient.dll
[2016/02/04 16:36:07 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthTokenBrokerExt.dll
[2016/02/04 16:36:07 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2016/02/04 16:36:07 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosStorage.dll
[2016/02/04 16:36:07 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosResource.dll
[2016/02/04 16:36:07 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosResource.dll
[2016/02/04 16:36:07 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XblAuthTokenBrokerExt.dll
[2016/02/04 16:36:07 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosHostClient.dll
[2016/02/04 16:36:07 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapstoasttask.dll
[2016/02/04 16:36:07 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XblAuthManagerProxy.dll
[2016/02/04 16:36:07 | 000,037,376 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2016/02/04 16:36:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BackgroundTransferHost.exe
[2016/02/04 16:36:07 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCoreRes.dll
[2016/02/04 16:36:07 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCoreRes.dll
[2016/02/04 16:36:07 | 000,035,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfpmp.exe
[2016/02/04 16:36:07 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BackgroundTransferHost.exe
[2016/02/04 16:36:07 | 000,032,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfpmp.exe
[2016/02/04 16:36:07 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2016/02/04 16:36:07 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapsupdatetask.dll
[2016/02/04 16:36:07 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nativemap.dll
[2016/02/04 16:36:07 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2016/02/04 16:36:07 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvcProxy.dll
[2016/02/04 16:36:07 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft-Windows-MosTrace.dll
[2016/02/04 16:36:07 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft-Windows-MosTrace.dll
[2016/02/04 16:36:07 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft-Windows-MosHost.dll
[2016/02/04 16:36:07 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft-Windows-MosHost.dll
[2016/02/04 16:36:07 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlStringsRes.dll
[2016/02/04 16:36:07 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlStringsRes.dll
[2016/02/03 19:56:27 | 000,024,688 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2016/02/03 19:42:16 | 000,009,528 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2016/02/03 19:42:16 | 000,009,528 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2016/02/03 19:41:38 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2016/02/03 19:38:34 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2016/01/30 13:39:55 | 000,000,785 | ---- | M] () -- C:\Users\Public\Desktop\Vegas Pro 12.0 (64-bit).lnk
[2016/01/26 21:03:53 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2016/01/24 00:31:51 | 000,000,221 | ---- | M] () -- D:\Users\user\Desktop\The Last Remnant.url
[2016/01/23 23:33:46 | 000,001,529 | ---- | M] () -- D:\Users\user\Desktop\Malwarebytes Anti-Malware.lnk
[2016/01/23 20:50:39 | 000,000,824 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2016/01/23 20:49:56 | 000,000,030 | ---- | M] () -- C:\AVScanner.ini
[2016/01/23 19:59:40 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/01/23 19:47:53 | 000,001,079 | ---- | M] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2016/01/23 19:47:53 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2016/01/23 19:19:42 | 000,001,082 | ---- | M] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Gyazo.lnk
[2016/01/23 19:19:42 | 000,001,082 | ---- | M] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Gyazo GIF.lnk
[2016/01/23 18:55:33 | 000,147,088 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\ngvss.sys
[2016/01/23 18:55:13 | 001,065,208 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2016/01/23 18:55:13 | 000,464,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2016/01/23 18:55:13 | 000,097,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2016/01/23 18:54:58 | 000,386,096 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2016/01/23 18:54:58 | 000,273,784 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2016/01/23 18:54:58 | 000,155,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2016/01/23 18:54:58 | 000,093,528 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2016/01/23 18:54:58 | 000,065,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2016/01/23 18:54:58 | 000,028,656 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2016/01/23 18:54:57 | 000,043,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2016/01/23 12:05:36 | 000,022,352 | ---- | M] (RW-Everything) -- C:\WINDOWS\SysWow64\drivers\AsrSetupDrv.sys
[2016/01/23 11:57:55 | 000,026,880 | ---- | M] (Western Digital Technologies, Inc.) -- C:\WINDOWS\SysNative\drivers\wdcsam64.sys
[2016/01/23 09:37:09 | 000,838,760 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2016/01/23 09:16:30 | 000,016,148 | ---- | M] () -- C:\WINDOWS\SysNative\DESKTOP-TTGS3RU_defaultuser0_HistoryPrediction.bin
[2016/01/23 09:12:16 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2016/01/16 19:37:05 | 000,202,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2016/01/16 19:36:40 | 000,713,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2016/01/16 19:36:31 | 001,173,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2016/01/16 19:34:51 | 000,513,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2016/01/16 19:24:34 | 000,538,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll
[2016/01/16 19:23:47 | 008,728,920 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2016/01/16 19:23:44 | 000,369,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2016/01/16 19:23:37 | 000,536,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2016/01/16 19:23:36 | 000,848,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2016/01/16 19:23:35 | 000,785,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2016/01/16 19:23:33 | 000,408,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2016/01/16 19:21:33 | 001,750,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2016/01/16 19:20:58 | 006,600,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2016/01/16 19:20:56 | 000,431,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWanAPI.dll
[2016/01/16 19:20:12 | 006,971,752 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2016/01/16 19:20:01 | 000,652,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2016/01/16 19:20:00 | 000,366,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2016/01/16 19:19:59 | 000,709,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2016/01/16 19:16:49 | 005,238,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2016/01/16 19:13:24 | 000,576,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2016/01/16 19:12:49 | 001,415,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2016/01/16 19:08:56 | 000,440,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2016/01/16 18:46:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbser.sys
[2016/01/16 18:45:13 | 016,986,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2016/01/16 18:44:38 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastlsext.dll
[2016/01/16 18:44:28 | 022,394,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2016/01/16 18:44:25 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2016/01/16 18:44:20 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasadhlp.dll
[2016/01/16 18:43:19 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winhttpcom.dll
[2016/01/16 18:42:37 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sscoreext.dll
[2016/01/16 18:42:18 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll
[2016/01/16 18:41:11 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2016/01/16 18:40:46 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.exe
[2016/01/16 18:40:11 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasautou.exe
[2016/01/16 18:40:05 | 011,545,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2016/01/16 18:39:18 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FilterDS.dll
[2016/01/16 18:38:42 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2016/01/16 18:38:26 | 007,979,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2016/01/16 18:38:22 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SimCfg.dll
[2016/01/16 18:38:18 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbio.dll
[2016/01/16 18:37:47 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SMSRouter.dll
[2016/01/16 18:37:00 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DisplayManager.dll
[2016/01/16 18:36:57 | 000,475,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DDDS.dll
[2016/01/16 18:36:46 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SimAuth.dll
[2016/01/16 18:36:41 | 000,221,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2016/01/16 18:36:17 | 000,638,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2016/01/16 18:36:06 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastlsext.dll
[2016/01/16 18:35:03 | 013,018,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2016/01/16 18:34:59 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SmsRouterSvc.dll
[2016/01/16 18:34:55 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winhttpcom.dll
[2016/01/16 18:34:38 | 000,477,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srcore.dll
[2016/01/16 18:34:33 | 000,275,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2016/01/16 18:34:25 | 000,610,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2016/01/16 18:33:53 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapsBtSvc.dll
[2016/01/16 18:33:08 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2016/01/16 18:33:08 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.UX.EapRequestHandler.dll
[2016/01/16 18:32:30 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.exe
[2016/01/16 18:31:58 | 000,343,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsApi.dll
[2016/01/16 18:31:54 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasautou.exe
[2016/01/16 18:31:36 | 000,851,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2016/01/16 18:31:28 | 000,440,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredProvDataModel.dll
[2016/01/16 18:30:35 | 002,127,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2016/01/16 18:30:19 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SimCfg.dll
[2016/01/16 18:30:18 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winbio.dll
[2016/01/16 18:30:01 | 000,784,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2016/01/16 18:29:56 | 001,500,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe
[2016/01/16 18:29:06 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DisplayManager.dll
[2016/01/16 18:28:52 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SimAuth.dll
[2016/01/16 18:28:14 | 000,884,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdlg.dll
[2016/01/16 18:28:03 | 002,624,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2016/01/16 18:28:02 | 009,918,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2016/01/16 18:28:02 | 001,318,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifinetworkmanager.dll
[2016/01/16 18:26:52 | 000,535,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2016/01/16 18:26:14 | 000,345,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2016/01/16 18:26:11 | 000,260,608 | ---- | M] () -- C:\WINDOWS\SysNative\MTFServer.dll
[2016/01/16 18:26:09 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2016/01/16 18:25:59 | 000,235,008 | ---- | M] () -- C:\WINDOWS\SysNative\MTF.dll
[2016/01/16 18:25:39 | 000,510,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2016/01/16 18:24:56 | 002,057,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2016/01/16 18:24:44 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsApi.dll
[2016/01/16 18:24:29 | 018,678,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2016/01/16 18:24:13 | 000,350,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredProvDataModel.dll
[2016/01/16 18:23:07 | 002,050,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2016/01/16 18:21:51 | 006,297,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2016/01/16 18:20:40 | 001,944,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2016/01/16 18:20:38 | 002,597,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2016/01/16 18:20:22 | 000,799,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdlg.dll
[2016/01/16 18:20:18 | 007,199,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2016/01/16 18:19:33 | 000,733,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2016/01/16 18:19:08 | 000,162,816 | ---- | M] () -- C:\WINDOWS\SysWow64\MTF.dll
[2016/01/16 18:19:08 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2016/01/16 18:19:05 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2016/01/16 18:18:21 | 001,674,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quartz.dll
[2016/01/16 18:18:18 | 003,593,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2016/01/16 18:17:08 | 005,503,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2016/01/16 18:16:59 | 001,542,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quartz.dll
[2016/01/16 18:16:05 | 005,202,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2016/01/16 18:14:51 | 001,626,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2016/01/16 18:14:43 | 001,946,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2016/01/16 18:09:47 | 001,087,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2016/01/12 17:41:10 | 001,542,600 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvspcap.dll
[2016/01/12 17:41:09 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvspbridge.dll
[2016/01/12 17:40:47 | 001,860,120 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvspcap64.dll
[2016/01/12 17:40:47 | 001,756,608 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvspbridge64.dll
[2016/01/12 17:40:47 | 000,112,032 | ---- | M] () -- C:\WINDOWS\SysNative\NvRtmpStreamer64.dll
 
========== Files Created - No Company Name ==========
 
[2016/02/08 20:23:47 | 000,001,781 | ---- | C] () -- C:\Users\David\AppData\Local\recently-used.xbel
[2016/02/06 15:49:56 | 000,000,221 | ---- | C] () -- D:\Users\user\Desktop\Fallout New Vegas.url
[2016/02/06 15:48:32 | 000,000,221 | ---- | C] () -- D:\Users\user\Desktop\The Elder Scrolls V Skyrim.url
[2016/02/06 15:47:48 | 000,000,221 | ---- | C] () -- D:\Users\user\Desktop\Borderlands 2.url
[2016/02/06 14:42:42 | 000,260,608 | ---- | C] () -- C:\WINDOWS\SysNative\MTFServer.dll
[2016/02/06 14:42:41 | 000,235,008 | ---- | C] () -- C:\WINDOWS\SysNative\MTF.dll
[2016/02/06 14:42:41 | 000,162,816 | ---- | C] () -- C:\WINDOWS\SysWow64\MTF.dll
[2016/02/06 12:31:46 | 000,000,408 | ---- | C] () -- C:\WINDOWS\SysNative\.crusader
[2016/02/06 12:26:18 | 000,001,969 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2016/02/05 20:46:00 | 000,001,223 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/02/04 16:37:44 | 000,000,619 | ---- | C] () -- C:\WINDOWS\SysWow64\license.rtf
[2016/02/04 16:37:44 | 000,000,619 | ---- | C] () -- C:\WINDOWS\SysNative\license.rtf
[2016/02/04 16:36:07 | 002,653,816 | ---- | C] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016/02/04 16:36:07 | 001,859,448 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/02/03 19:41:38 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2016/02/03 19:40:58 | 3407,495,168 | -HS- | C] () -- C:\hiberfil.sys
[2016/02/03 19:40:24 | 000,001,576 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2016/02/03 19:39:17 | 000,000,352 | ---- | C] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2016/02/03 19:39:17 | 000,000,334 | ---- | C] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2016/02/03 19:38:47 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2016/02/03 19:38:45 | 006,090,019 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2016/02/03 19:38:34 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2016/02/03 19:38:09 | 000,189,264 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016/02/03 19:28:20 | 000,009,528 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2016/02/03 19:28:20 | 000,009,528 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2016/01/30 13:39:55 | 000,000,785 | ---- | C] () -- C:\Users\Public\Desktop\Vegas Pro 12.0 (64-bit).lnk
[2016/01/29 20:40:30 | 000,024,688 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2016/01/26 21:03:53 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2016/01/24 00:31:51 | 000,000,221 | ---- | C] () -- D:\Users\user\Desktop\The Last Remnant.url
[2016/01/23 23:33:22 | 000,001,529 | ---- | C] () -- D:\Users\user\Desktop\Malwarebytes Anti-Malware.lnk
[2016/01/23 21:11:32 | 000,001,232 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo III.lnk
[2016/01/23 20:56:56 | 000,002,344 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blade & Soul.lnk
[2016/01/23 20:50:41 | 000,000,030 | ---- | C] () -- C:\AVScanner.ini
[2016/01/23 20:49:51 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/01/23 20:43:11 | 000,005,174 | ---- | C] () -- C:\WINDOWS\SysWow64\nppt9x.vxd
[2016/01/23 19:59:40 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/01/23 19:49:27 | 000,002,457 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2016/01/23 19:47:53 | 000,001,079 | ---- | C] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2016/01/23 19:47:53 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2016/01/23 19:31:42 | 000,001,235 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2016/01/23 19:31:07 | 000,000,824 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
[2016/01/23 19:30:45 | 000,000,446 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Local Disk_MAIN (D).lnk
[2016/01/23 19:19:42 | 000,001,082 | ---- | C] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Gyazo.lnk
[2016/01/23 19:19:42 | 000,001,082 | ---- | C] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Gyazo GIF.lnk
[2016/01/23 18:55:16 | 000,001,982 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
[2016/01/23 12:01:18 | 000,001,051 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
[2016/01/23 11:50:56 | 000,601,936 | ---- | C] () -- C:\WINDOWS\SysNative\nvmcumd.dll
[2016/01/23 11:50:56 | 000,035,775 | ---- | C] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2016/01/23 11:50:55 | 042,976,888 | ---- | C] () -- C:\WINDOWS\SysNative\nvcompiler.dll
[2016/01/23 11:50:55 | 037,608,568 | ---- | C] () -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2016/01/23 11:48:09 | 000,112,032 | ---- | C] () -- C:\WINDOWS\SysNative\NvRtmpStreamer64.dll
[2016/01/23 09:40:04 | 000,001,904 | ---- | C] () -- C:\WINDOWS\SysNative\SetupBD.din
[2016/01/23 09:40:02 | 000,003,130 | ---- | C] () -- C:\WINDOWS\SysNative\e1d65x64.din
[2016/01/23 09:37:09 | 000,838,760 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2016/01/23 09:36:24 | 001,738,032 | ---- | C] () -- C:\WINDOWS\SysNative\SStudio.dll
[2016/01/23 09:36:23 | 005,804,772 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\rtvienna.dat
[2016/01/23 09:36:22 | 000,853,784 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2016/01/23 09:36:18 | 000,605,496 | ---- | C] () -- C:\WINDOWS\SysNative\audioLibVc.dll
[2016/01/23 09:36:18 | 000,109,848 | ---- | C] () -- C:\WINDOWS\SysNative\AcpiServiceVnA64.dll
[2016/01/23 09:23:52 | 000,881,036 | ---- | C] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/01/23 09:18:10 | 000,002,370 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[2016/01/23 09:16:30 | 000,016,148 | ---- | C] () -- C:\WINDOWS\SysNative\DESKTOP-TTGS3RU_defaultuser0_HistoryPrediction.bin
[2016/01/23 09:12:16 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2016/01/23 09:11:58 | 016,777,216 | -HS- | C] () -- C:\swapfile.sys
[2015/10/30 20:24:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2015/10/30 20:24:43 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2015/10/30 20:18:39 | 000,164,224 | ---- | C] () -- C:\WINDOWS\SysWow64\weretw.dll
[2015/10/30 20:18:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2015/10/30 20:18:36 | 000,047,104 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015/10/30 20:18:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2015/10/30 20:18:31 | 000,252,928 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2015/10/30 20:18:31 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\dtdump.exe
[2015/10/30 20:18:29 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2015/10/30 20:18:29 | 000,293,376 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2015/10/30 20:18:26 | 000,022,528 | ---- | C] () -- C:\WINDOWS\SysWow64\efsext.dll
[2015/10/30 20:18:25 | 000,002,269 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2015/10/30 20:18:23 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2015/10/30 20:17:40 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016/01/16 19:20:58 | 006,600,904 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016/01/16 19:16:49 | 005,238,360 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015/10/30 20:17:43 | 000,987,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2015/10/30 20:18:21 | 000,765,440 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2015/10/30 20:17:45 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
 

 

Attached Files

  • Attached File  OTL.Txt   446.97KB   120 downloads

  • 0

Advertisements


#2
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,213 posts

Hi itsdave,

Welcome to Geeks to Go. My name is dbreeze and I'll be helping you with this problem. Before I get into the removal of malware / correction of your problem, I need you to be aware of the following:

  • Please read all of my response through at least once before attempting to follow the procedures described.I would recommend printing them out, if you can, as you can check off each step as you complete it. Also, as some of the cleaning may be done in Safe Mode and there will be no internet connection then, you will find that having the steps printed for reference speeds the cleaning process along. If there's anything you don't understand or isn't totally clear to you, please come back to me for clarification before you start those steps.
  • All of the assistants and staff at Geeks to Go are here on a volunteer basis; please respect our time given to the cause of helping others.If you are going to be away for more than 4 days, please let me know here. (I will do the same for you.) We do realize that 'life happens' and situations arise unexpectedly; we just ask that you keep us up to date. That being said, please notice the following Geeks to Go rule:
  • Posts that are not replied to in four (4) days will result in the topic being closed. We have not forgotten you; this is just an effort to keep the boards organized and flowing. To continue on your closed topic, please PM me or any Moderator to have the topic reactivated. If, at any time during our working together, I have not responded to you in 2 days (48 hours), then please PM me.
  • Malware removal is a complex, multiple step process; please stay with me on this thread (don't start another thread) until I declare that your logs are clean and you are good to go. The absence of apparent issues does not mean your system is clean; I will tell you when everything looks good for you to go and help you remove the tools we have used.
  • If any of the security programs on your system should give any warnings about the software tools I ask you to download and use, please do not be alarmed.  All of the tools I will have you use are safe to use (as instructed) and malware free.
  • While we strive to disrupt your system as little as possible, things happen.  If you can, it would be best to back up your personal files now (if you do not already have a backup). You can store these on a CD/DVD, USB drive or stick, anywhere but on your same system. This will save you from possible anguish later if something unforeseen happens.
  • Please do not run any other tools or scanners than what I ask you to.  Some of the openly available software made for malware removal can make changes to your system that interfere with the cleaning of the malware, or even destroy your system. I will use only what the situation calls for and direct you in the proper use of that software.
  • Please do not attach any log files to your replies unless I specifically ask you.  Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.


- Save ALL Tools to your Desktop-

 

All the tools that I will have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

Quoted from and used by permission of BrianDrab.  Thank you.

Let's get started....

 

 

OTL is a fine tool but we prefer FRST for a first look into the system.

Please download Farbar Recovery Scan Tool 64bit and save it to your Desktop.
 

  • Right click the FRST file on your desktop and select "Run as Administrator..." (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • If an update is available, the program will inform you and download the update.  Allow it do this please.
  • Once the tool shows "The tool is ready to use." message, please press the Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

 

 


  • 0

#3
itsdave

itsdave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Hi dbreeze and thank you for your time.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by David (administrator) on DESKTOP-TTGS3RU (10-02-2016 21:10:10)
Running from D:\Users\user\Desktop
Loaded Profiles: David (Available Profiles: David)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Program Files (x86)\OBS\OBS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.16901.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.16901.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.9\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.49\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.186\deploy\LolClient.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-03] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15053944 2016-01-07] (Logitech Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2016-01-23] (AVAST Software)
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\...\Run: [RESTART_STICKY_NOTES] => C:\WINDOWS\system32\StikyNot.exe [465920 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50615936 2016-01-18] (Skype Technologies S.A.)
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3586848 2016-01-19] (Nota Inc.)
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-09] (Piriform Ltd)
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\...\Run: [f.lux] => C:\Users\David\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-01-23] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{ec4ef9c0-effe-4a2f-9729-fec32259b33f}: [DhcpNameServer] 192.168.1.254 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-nz/?pc=UE03&ocid=UE03DHP
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-23] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-23] (AVAST Software)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2806489308-2931262457-2236997717-1001 -> hxxp://google.com/

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\ch5py7b7.default-1454393996597
FF Homepage: hxxp://google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-23] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-23] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-17] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-14] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-19] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\ch5py7b7.default-1454393996597\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-04]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-23]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-01-23]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-01-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2016-01-23] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5561368 2016-01-23] (Avast Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-03] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2016-01-07] (Logitech Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3916368 2016-01-10] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsrAutoChkUpdDrv; C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys [22280 2016-02-10] (ASRock Incorporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2016-01-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2016-01-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2016-01-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2016-01-23] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065208 2016-01-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [464256 2016-01-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2016-01-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2016-01-23] (AVAST Software)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [494064 2015-05-19] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-22] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 lgLowAudio; C:\Windows\system32\drivers\lgLowAudio.sys [26264 2015-11-21] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [183584 2015-06-12] (Intel Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [147088 2016-01-23] (AVAST Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-02-03] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [310904 2016-01-23] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-10 21:10 - 2016-02-10 21:10 - 00000000 ____D C:\FRST
2016-02-10 20:02 - 2016-02-10 20:03 - 00000521 _____ C:\DelFix.txt
2016-02-08 20:23 - 2016-02-08 20:23 - 00001781 _____ C:\Users\David\AppData\Local\recently-used.xbel
2016-02-06 15:19 - 2016-02-06 15:19 - 00000000 ____D C:\Users\David\AppData\Roaming\WinRAR
2016-02-06 15:19 - 2016-02-06 15:19 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-06 15:19 - 2016-02-06 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-06 15:19 - 2016-02-06 15:19 - 00000000 ____D C:\Program Files\WinRAR
2016-02-06 14:45 - 2016-02-06 14:45 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-02-06 14:42 - 2016-01-16 19:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-02-06 14:42 - 2016-01-16 19:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-02-06 14:42 - 2016-01-16 19:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-02-06 14:42 - 2016-01-16 19:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-02-06 14:42 - 2016-01-16 19:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-02-06 14:42 - 2016-01-16 19:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-02-06 14:42 - 2016-01-16 19:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-02-06 14:42 - 2016-01-16 19:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-02-06 14:42 - 2016-01-16 19:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-02-06 14:42 - 2016-01-16 19:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-02-06 14:42 - 2016-01-16 19:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-02-06 14:42 - 2016-01-16 19:21 - 22572624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-06 14:42 - 2016-01-16 19:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-02-06 14:42 - 2016-01-16 19:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-02-06 14:42 - 2016-01-16 19:20 - 06600904 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-06 14:42 - 2016-01-16 19:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-02-06 14:42 - 2016-01-16 19:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-02-06 14:42 - 2016-01-16 19:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-02-06 14:42 - 2016-01-16 19:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-02-06 14:42 - 2016-01-16 19:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-02-06 14:42 - 2016-01-16 19:17 - 21125400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-06 14:42 - 2016-01-16 19:16 - 05238360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-06 14:42 - 2016-01-16 19:13 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-06 14:42 - 2016-01-16 19:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-06 14:42 - 2016-01-16 19:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-02-06 14:42 - 2016-01-16 19:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-02-06 14:42 - 2016-01-16 19:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-02-06 14:42 - 2016-01-16 19:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-02-06 14:42 - 2016-01-16 18:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-02-06 14:42 - 2016-01-16 18:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-02-06 14:42 - 2016-01-16 18:44 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-06 14:42 - 2016-01-16 18:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-02-06 14:42 - 2016-01-16 18:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-02-06 14:42 - 2016-01-16 18:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-02-06 14:42 - 2016-01-16 18:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-02-06 14:42 - 2016-01-16 18:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-02-06 14:42 - 2016-01-16 18:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-02-06 14:42 - 2016-01-16 18:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-02-06 14:42 - 2016-01-16 18:40 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-06 14:42 - 2016-01-16 18:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-02-06 14:42 - 2016-01-16 18:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-02-06 14:42 - 2016-01-16 18:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-02-06 14:42 - 2016-01-16 18:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-02-06 14:42 - 2016-01-16 18:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-02-06 14:42 - 2016-01-16 18:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-02-06 14:42 - 2016-01-16 18:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-02-06 14:42 - 2016-01-16 18:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-02-06 14:42 - 2016-01-16 18:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-02-06 14:42 - 2016-01-16 18:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-02-06 14:42 - 2016-01-16 18:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-02-06 14:42 - 2016-01-16 18:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-02-06 14:42 - 2016-01-16 18:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-02-06 14:42 - 2016-01-16 18:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-02-06 14:42 - 2016-01-16 18:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-02-06 14:42 - 2016-01-16 18:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-02-06 14:42 - 2016-01-16 18:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-02-06 14:42 - 2016-01-16 18:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-02-06 14:42 - 2016-01-16 18:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-02-06 14:42 - 2016-01-16 18:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-02-06 14:42 - 2016-01-16 18:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-02-06 14:42 - 2016-01-16 18:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-02-06 14:42 - 2016-01-16 18:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-02-06 14:42 - 2016-01-16 18:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-02-06 14:42 - 2016-01-16 18:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-02-06 14:42 - 2016-01-16 18:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-02-06 14:42 - 2016-01-16 18:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-02-06 14:42 - 2016-01-16 18:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-02-06 14:42 - 2016-01-16 18:32 - 24602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-06 14:42 - 2016-01-16 18:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-02-06 14:42 - 2016-01-16 18:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-02-06 14:42 - 2016-01-16 18:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-02-06 14:42 - 2016-01-16 18:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-02-06 14:42 - 2016-01-16 18:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-02-06 14:42 - 2016-01-16 18:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-02-06 14:42 - 2016-01-16 18:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-02-06 14:42 - 2016-01-16 18:30 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-06 14:42 - 2016-01-16 18:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-02-06 14:42 - 2016-01-16 18:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-02-06 14:42 - 2016-01-16 18:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-02-06 14:42 - 2016-01-16 18:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-02-06 14:42 - 2016-01-16 18:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-02-06 14:42 - 2016-01-16 18:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-02-06 14:42 - 2016-01-16 18:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-02-06 14:42 - 2016-01-16 18:28 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-06 14:42 - 2016-01-16 18:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-02-06 14:42 - 2016-01-16 18:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-02-06 14:42 - 2016-01-16 18:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-02-06 14:42 - 2016-01-16 18:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-02-06 14:42 - 2016-01-16 18:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-02-06 14:42 - 2016-01-16 18:26 - 19338752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-06 14:42 - 2016-01-16 18:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-02-06 14:42 - 2016-01-16 18:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-02-06 14:42 - 2016-01-16 18:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-02-06 14:42 - 2016-01-16 18:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-02-06 14:42 - 2016-01-16 18:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-02-06 14:42 - 2016-01-16 18:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-02-06 14:42 - 2016-01-16 18:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-02-06 14:42 - 2016-01-16 18:24 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-06 14:42 - 2016-01-16 18:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-02-06 14:42 - 2016-01-16 18:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-02-06 14:42 - 2016-01-16 18:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-02-06 14:42 - 2016-01-16 18:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-02-06 14:42 - 2016-01-16 18:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-02-06 14:42 - 2016-01-16 18:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-02-06 14:42 - 2016-01-16 18:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-02-06 14:42 - 2016-01-16 18:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-02-06 14:42 - 2016-01-16 18:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-02-06 14:42 - 2016-01-16 18:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-02-06 14:42 - 2016-01-16 18:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-02-06 14:42 - 2016-01-16 18:19 - 12126208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-06 14:42 - 2016-01-16 18:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-02-06 14:42 - 2016-01-16 18:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-02-06 14:42 - 2016-01-16 18:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-02-06 14:42 - 2016-01-16 18:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-02-06 14:42 - 2016-01-16 18:18 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-06 14:42 - 2016-01-16 18:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-02-06 14:42 - 2016-01-16 18:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-02-06 14:42 - 2016-01-16 18:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-02-06 14:42 - 2016-01-16 18:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-02-06 14:42 - 2016-01-16 18:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-02-06 14:42 - 2016-01-16 18:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-02-06 14:42 - 2016-01-16 18:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-02-06 14:42 - 2016-01-16 18:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-02-06 14:42 - 2016-01-16 18:09 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-06 12:31 - 2016-02-06 12:31 - 00000408 _____ C:\WINDOWS\system32\.crusader
2016-02-06 12:26 - 2016-02-06 12:26 - 00001969 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-02-06 12:26 - 2016-02-06 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-02-06 12:26 - 2016-02-06 12:26 - 00000000 ____D C:\Program Files\HitmanPro
2016-02-06 12:24 - 2016-02-06 12:34 - 00000000 ____D C:\ProgramData\HitmanPro
2016-02-06 11:58 - 2016-02-06 11:58 - 00000000 ____D C:\Users\David\AppData\Local\Logitech
2016-02-06 11:58 - 2016-02-06 11:58 - 00000000 ____D C:\ProgramData\LogiShrd
2016-02-06 11:57 - 2016-02-06 11:58 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2016-02-06 11:57 - 2016-02-06 11:57 - 00000000 ____D C:\Users\David\AppData\Roaming\Logitech
2016-02-06 11:57 - 2016-02-06 11:57 - 00000000 ____D C:\Users\David\AppData\Roaming\Logishrd
2016-02-06 11:57 - 2016-02-06 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-02-05 20:47 - 2016-02-05 20:47 - 00000000 ____D C:\Users\David\AppData\Local\Macromedia
2016-02-05 20:46 - 2016-02-10 19:30 - 00001223 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-05 20:45 - 2016-02-05 20:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-04 16:37 - 2016-02-05 20:45 - 00000000 ___DC C:\WINDOWS\Panther
2016-02-04 16:36 - 2016-02-04 16:36 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-02-04 16:36 - 2016-02-04 16:36 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-02-04 16:36 - 2016-02-04 16:36 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-02-04 16:36 - 2016-02-04 16:36 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-02-04 16:36 - 2016-02-04 16:36 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-02-04 16:36 - 2016-02-04 16:36 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-02-04 16:36 - 2016-02-04 16:36 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-02-04 16:36 - 2016-02-04 16:36 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-02-04 16:36 - 2016-02-04 16:36 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-02-04 16:36 - 2016-02-04 16:36 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-02-04 16:36 - 2016-02-04 16:36 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-02-04 16:36 - 2016-02-04 16:36 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-02-04 16:36 - 2016-02-04 16:36 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-02-04 16:36 - 2016-02-04 16:36 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-04 16:36 - 2016-02-04 16:36 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-02-04 16:36 - 2016-02-04 16:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-02-04 16:36 - 2016-02-04 16:36 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-02-04 16:36 - 2016-02-04 16:36 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-02-04 16:36 - 2016-02-04 16:36 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-02-04 16:36 - 2016-02-04 16:36 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-02-04 16:36 - 2016-02-04 16:36 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-02-04 16:36 - 2016-02-04 16:36 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-02-04 16:36 - 2016-02-04 16:36 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-02-04 16:36 - 2016-02-04 16:36 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-02-04 16:36 - 2016-02-04 16:36 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-02-04 16:36 - 2016-02-04 16:36 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-02-04 16:36 - 2016-02-04 16:36 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-02-04 16:36 - 2016-02-04 16:36 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-02-04 16:36 - 2016-02-04 16:36 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-02-04 16:36 - 2016-02-04 16:36 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-02-04 16:36 - 2016-02-04 16:36 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00000000 ____D C:\Windows.old
2016-02-04 16:34 - 2016-02-04 16:34 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-02-04 16:34 - 2016-02-04 16:34 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-02-04 16:34 - 2016-02-04 16:34 - 00000000 ____D C:\Program Files\MSBuild
2016-02-04 16:34 - 2016-02-04 16:34 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-02-04 16:34 - 2016-02-04 16:34 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-02-04 16:33 - 2015-10-24 14:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-02-04 16:33 - 2015-10-24 14:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-02-04 16:33 - 2015-10-24 14:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-02-04 16:33 - 2015-10-24 14:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-02-04 16:33 - 2015-10-24 14:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-02-04 16:33 - 2015-10-24 14:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-02-03 19:43 - 2016-02-03 19:43 - 00000000 ____D C:\Users\David\AppData\Local\ActiveSync
2016-02-03 19:42 - 2016-02-03 19:42 - 00000020 ___SH C:\Users\David\ntuser.ini
2016-02-03 19:42 - 2016-02-03 19:42 - 00000000 _SHDL C:\Users\Default\My Documents
2016-02-03 19:42 - 2016-02-03 19:42 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-02-03 19:42 - 2016-02-03 19:42 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-02-03 19:42 - 2016-02-03 19:42 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-02-03 19:42 - 2016-02-03 19:42 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-02-03 19:42 - 2016-02-03 19:42 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-02-03 19:42 - 2016-02-03 19:42 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-02-03 19:41 - 2016-02-07 11:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-03 19:41 - 2016-02-03 19:41 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-02-03 19:40 - 2016-02-03 19:40 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-02-03 19:40 - 2015-10-30 20:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-02-03 19:39 - 2016-02-08 22:42 - 00000000 ____D C:\Users\David
2016-02-03 19:39 - 2016-02-03 19:40 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-02-03 19:39 - 2016-02-03 19:39 - 00000000 _SHDL C:\Users\David\My Documents
2016-02-03 19:39 - 2016-02-03 19:39 - 00000000 _SHDL C:\Users\David\Documents\My Videos
2016-02-03 19:39 - 2016-02-03 19:39 - 00000000 _SHDL C:\Users\David\Documents\My Pictures
2016-02-03 19:39 - 2016-02-03 19:39 - 00000000 _SHDL C:\Users\David\Documents\My Music
2016-02-03 19:38 - 2016-02-07 11:44 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-03 19:38 - 2016-02-06 12:36 - 00189264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-03 19:38 - 2016-02-03 19:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-03 19:38 - 2016-02-03 19:39 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-02-03 19:38 - 2016-02-03 19:39 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-02-03 19:38 - 2016-02-03 19:38 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-02-03 19:38 - 2016-02-03 19:38 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-02-03 19:38 - 2016-02-03 19:38 - 00000000 ____D C:\Program Files\Realtek
2016-02-03 19:38 - 2015-12-17 03:54 - 06359672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-02-03 19:38 - 2015-12-17 03:54 - 02985264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-02-03 19:38 - 2015-12-17 03:54 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-02-03 19:38 - 2015-12-17 03:54 - 01256240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-02-03 19:38 - 2015-12-17 03:54 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-02-03 19:38 - 2015-12-17 03:54 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-02-03 19:38 - 2015-12-17 03:54 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-02-03 19:38 - 2015-12-17 03:54 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-02-03 19:38 - 2015-12-17 03:49 - 06090019 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-02-03 19:28 - 2016-02-03 19:42 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2016-02-03 19:28 - 2016-02-03 19:42 - 00009528 _____ C:\WINDOWS\diagerr.xml
2016-01-30 13:47 - 2016-01-30 14:08 - 00000000 ____D C:\Users\David\AppData\Roaming\NVIDIA
2016-01-30 13:47 - 2016-01-30 13:47 - 00000000 ____D C:\Users\David\AppData\Roaming\Publish Providers
2016-01-30 13:39 - 2016-02-03 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-01-30 13:39 - 2016-01-30 13:40 - 00000000 ____D C:\Users\David\AppData\Local\Sony
2016-01-30 13:39 - 2016-01-30 13:39 - 00000785 _____ C:\Users\Public\Desktop\Vegas Pro 12.0 (64-bit).lnk
2016-01-30 13:39 - 2016-01-30 13:39 - 00000000 ____D C:\ProgramData\Sony
2016-01-30 13:39 - 2016-01-30 13:39 - 00000000 ____D C:\Program Files (x86)\Sony
2016-01-30 13:37 - 2016-02-01 11:11 - 00000000 ____D C:\Users\David\AppData\Roaming\Sony
2016-01-29 20:40 - 2016-02-03 19:56 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-01-29 20:40 - 2016-01-29 20:50 - 00000000 ____D C:\ProgramData\RogueKiller
2016-01-28 20:16 - 2016-01-28 20:16 - 00000000 ____D C:\Users\David\Documents\League of Legends
2016-01-26 21:03 - 2016-02-03 22:05 - 00000000 ____D C:\Users\David\AppData\Roaming\TS3Client
2016-01-26 21:03 - 2016-02-03 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-01-26 21:03 - 2016-01-26 21:03 - 00000859 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-01-26 21:01 - 2016-02-03 21:10 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-01-24 09:32 - 2016-02-03 20:42 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2016-01-24 09:32 - 2016-02-03 20:42 - 00000000 ____D C:\WINDOWS\system32\vbox
2016-01-24 00:32 - 2016-02-07 11:55 - 00000000 ____D C:\Users\David\Documents\My Games
2016-01-24 00:32 - 2015-12-11 09:28 - 00000000 ____D C:\Users\David\AppData\Roaming\Steam
2016-01-24 00:31 - 2016-02-06 15:49 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-23 22:57 - 2016-01-23 22:57 - 00000000 ____D C:\Users\David\AppData\Local\ElevatedDiagnostics
2016-01-23 22:56 - 2016-01-23 22:56 - 00000000 ____D C:\Users\David\AppData\Local\Ubisoft Game Launcher
2016-01-23 21:29 - 2016-01-23 21:29 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-01-23 21:12 - 2016-01-23 21:12 - 00000000 ____D C:\Users\David\Documents\Assassin's Creed Revelations
2016-01-23 21:12 - 2016-01-23 21:12 - 00000000 ____D C:\ProgramData\Ubisoft
2016-01-23 21:11 - 2016-01-23 21:11 - 00001232 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo III.lnk
2016-01-23 21:02 - 2016-01-23 21:02 - 00000000 ____D C:\Users\David\Documents\Diablo III
2016-01-23 20:56 - 2016-01-23 20:56 - 00002344 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blade & Soul.lnk
2016-01-23 20:50 - 2016-01-23 20:49 - 00000030 _____ C:\AVScanner.ini
2016-01-23 20:49 - 2016-02-10 20:15 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-23 20:49 - 2016-02-03 19:41 - 00003044 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-01-23 20:49 - 2016-01-23 20:49 - 00000000 ____D C:\ProgramData\McAfee
2016-01-23 20:48 - 2016-02-06 15:28 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2016-01-23 20:46 - 2016-01-23 20:46 - 00000000 ____D C:\Users\David\Documents\BnS
2016-01-23 20:46 - 2016-01-23 20:46 - 00000000 ____D C:\Users\David\AppData\Roaming\Awesomium
2016-01-23 20:43 - 2016-01-23 20:43 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-01-23 20:43 - 2016-01-10 04:39 - 03916368 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2016-01-23 20:43 - 2005-01-03 19:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2016-01-23 20:43 - 2003-07-19 10:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2016-01-23 20:28 - 2016-01-23 20:28 - 00000000 ____D C:\Users\David\AppData\Local\Steam
2016-01-23 20:28 - 2016-01-23 20:28 - 00000000 ____D C:\Users\David\AppData\Local\CEF
2016-01-23 20:27 - 2016-02-03 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-23 20:24 - 2016-02-10 20:32 - 00000000 ____D C:\Users\David\AppData\Roaming\OBS
2016-01-23 20:24 - 2016-02-03 19:40 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2016-01-23 20:24 - 2016-01-23 20:24 - 00000000 ____D C:\Program Files\OBS
2016-01-23 20:24 - 2016-01-23 20:24 - 00000000 ____D C:\Program Files (x86)\OBS
2016-01-23 20:22 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-01-23 20:22 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-01-23 20:22 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-01-23 20:22 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-01-23 20:22 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-01-23 20:22 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-01-23 20:22 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-01-23 20:22 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-01-23 20:22 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-01-23 20:22 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-01-23 20:22 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-01-23 20:22 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-01-23 20:22 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-01-23 20:22 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-01-23 20:22 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-01-23 20:22 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-01-23 20:22 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-01-23 20:22 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-01-23 20:22 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-01-23 20:22 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-01-23 20:22 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-01-23 20:22 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-01-23 20:22 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-01-23 20:22 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-01-23 20:22 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-01-23 20:22 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-01-23 20:22 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-01-23 20:22 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-01-23 20:22 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-01-23 20:22 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-01-23 20:22 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-01-23 20:22 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-01-23 20:22 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-01-23 20:22 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-01-23 20:22 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-01-23 20:22 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-01-23 20:22 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-01-23 20:22 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-01-23 20:22 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-01-23 20:22 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-01-23 20:22 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-01-23 20:22 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-01-23 20:22 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2016-01-23 20:22 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-01-23 20:22 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2016-01-23 20:22 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-01-23 20:22 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-01-23 20:22 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-01-23 20:22 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-01-23 20:22 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-01-23 20:22 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-01-23 20:22 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-01-23 20:22 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-01-23 20:22 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-01-23 20:22 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-01-23 20:22 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-01-23 20:22 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-01-23 20:22 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-01-23 20:22 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-01-23 20:22 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-01-23 20:22 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-01-23 20:22 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-01-23 20:22 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-01-23 20:22 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-01-23 20:22 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-01-23 20:22 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-01-23 20:22 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-01-23 20:22 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-01-23 20:22 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-01-23 20:22 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-01-23 20:22 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-01-23 20:22 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-01-23 20:22 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-01-23 20:22 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-01-23 20:22 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-01-23 20:22 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-01-23 20:22 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-01-23 20:22 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-01-23 20:22 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-01-23 20:22 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-01-23 20:22 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-01-23 20:22 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-01-23 20:22 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-01-23 20:22 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-01-23 20:22 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-01-23 20:22 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-01-23 20:22 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-01-23 20:22 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-01-23 20:22 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-01-23 20:22 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-01-23 20:22 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-01-23 20:22 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-01-23 20:22 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-01-23 20:22 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-01-23 20:22 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-01-23 20:22 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-01-23 20:22 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-01-23 20:22 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-01-23 20:22 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-01-23 20:22 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-01-23 20:22 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-01-23 20:22 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-01-23 20:22 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-01-23 20:22 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-01-23 20:22 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-01-23 20:22 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-01-23 20:22 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-01-23 20:22 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-01-23 20:22 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-01-23 20:22 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-01-23 20:22 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-01-23 20:22 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-01-23 20:22 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-01-23 20:22 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-01-23 20:22 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-01-23 20:22 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-01-23 20:22 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-01-23 20:22 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-01-23 20:22 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-01-23 20:22 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-01-23 20:22 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-01-23 20:22 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-01-23 20:22 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-01-23 20:22 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-01-23 20:22 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-01-23 20:22 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-01-23 20:22 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-01-23 20:22 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-01-23 20:22 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-01-23 20:22 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-01-23 20:22 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-01-23 20:22 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-01-23 20:22 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-01-23 20:22 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-01-23 20:22 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-01-23 20:22 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-01-23 20:22 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-01-23 20:22 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-01-23 20:22 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-01-23 20:22 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-01-23 20:22 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-01-23 20:22 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-01-23 20:22 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-01-23 20:22 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-01-23 20:22 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-01-23 20:22 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-01-23 20:22 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-01-23 20:22 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-01-23 20:22 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-01-23 20:22 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-01-23 20:22 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-01-23 20:22 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-01-23 20:22 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-01-23 20:22 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-01-23 20:22 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-01-23 20:22 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-01-23 20:22 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-01-23 20:22 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-01-23 20:22 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-01-23 20:22 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-01-23 20:22 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-01-23 20:22 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-01-23 20:22 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-01-23 20:22 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-01-23 20:22 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-01-23 20:22 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-01-23 20:22 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-01-23 20:22 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-01-23 20:22 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-01-23 20:13 - 2016-02-03 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-01-23 20:13 - 2016-01-23 20:13 - 00000000 ____D C:\Users\David\AppData\Roaming\Riot Games
2016-01-23 20:13 - 2016-01-23 20:13 - 00000000 ____D C:\Riot Games
2016-01-23 20:13 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-01-23 20:13 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-01-23 20:13 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-01-23 20:13 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-01-23 20:13 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-01-23 20:10 - 2016-02-03 19:40 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2016-01-23 20:10 - 2016-01-23 20:10 - 00000000 ____D C:\Users\David\AppData\Local\FluxSoftware
2016-01-23 19:59 - 2016-02-03 19:41 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-01-23 19:59 - 2016-02-03 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-23 19:59 - 2016-01-23 19:59 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-23 19:59 - 2016-01-23 19:59 - 00000000 ____D C:\Program Files\CCleaner
2016-01-23 19:58 - 2016-01-23 19:59 - 00000000 ____D C:\Users\David\AppData\Local\Comms
2016-01-23 19:55 - 2016-02-03 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2016-01-23 19:55 - 2016-01-23 19:55 - 00000000 ____D C:\Program Files (x86)\Deluge
2016-01-23 19:52 - 2016-01-23 19:52 - 00000000 ____D C:\ProgramData\Origin
2016-01-23 19:49 - 2016-02-03 19:41 - 00002954 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-23 19:49 - 2016-01-23 19:49 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-23 19:49 - 2016-01-23 19:49 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-23 19:48 - 2016-01-24 00:42 - 00000000 ____D C:\ProgramData\Adobe
2016-01-23 19:48 - 2016-01-23 20:50 - 00000000 ____D C:\Users\David\AppData\Local\Adobe
2016-01-23 19:47 - 2016-02-03 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2016-01-23 19:47 - 2016-01-23 19:47 - 00001055 _____ C:\Users\Public\Desktop\Winamp.lnk
2016-01-23 19:47 - 2016-01-23 19:47 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-01-23 19:47 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-01-23 19:47 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-01-23 19:43 - 2016-02-06 13:45 - 00000000 ____D C:\Users\David\AppData\Roaming\Gyazo
2016-01-23 19:37 - 2016-02-03 19:41 - 00002280 _____ C:\WINDOWS\System32\Tasks\{FF92C751-A003-4B6A-BC65-4C8288D3BA03}
2016-01-23 19:31 - 2016-02-10 19:30 - 00001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-23 19:31 - 2016-01-26 20:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-23 19:31 - 2016-01-23 19:46 - 00000000 ____D C:\Users\David\AppData\Local\Mozilla
2016-01-23 19:31 - 2016-01-23 19:31 - 00000824 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2016-01-23 19:31 - 2016-01-23 19:31 - 00000000 ____D C:\Users\David\AppData\Roaming\Mozilla
2016-01-23 19:30 - 2016-01-23 19:30 - 00000446 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Local Disk_MAIN (D).lnk
2016-01-23 19:20 - 2016-02-08 22:40 - 00000000 ____D C:\Users\David\AppData\Roaming\vlc
2016-01-23 19:20 - 2016-02-03 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-01-23 19:20 - 2016-01-24 00:28 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-01-23 19:20 - 2016-01-23 19:24 - 00000000 ____D C:\Users\David\AppData\Local\Dropbox
2016-01-23 19:20 - 2016-01-23 19:20 - 00000000 ____D C:\Users\David\AppData\Roaming\Dropbox
2016-01-23 19:20 - 2016-01-23 19:20 - 00000000 ____D C:\ProgramData\Dropbox
2016-01-23 19:20 - 2016-01-23 19:20 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-01-23 19:19 - 2016-02-03 19:41 - 00002666 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2016-01-23 19:19 - 2016-02-03 19:41 - 00002526 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2016-01-23 19:19 - 2016-02-03 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2016-01-23 19:19 - 2016-01-24 00:50 - 00000000 ____D C:\Program Files (x86)\Gyazo
2016-01-23 19:17 - 2016-01-23 19:17 - 00000000 ____D C:\Users\David\AppData\Roaming\LolClient
2016-01-23 19:17 - 2016-01-23 19:17 - 00000000 ____D C:\ProgramData\Riot Games
2016-01-23 19:11 - 2016-01-24 00:00 - 00000000 ____D C:\Users\David\AppData\Roaming\Winamp
2016-01-23 19:08 - 2016-01-23 19:08 - 00000000 ____D C:\Users\David\Tracing
2016-01-23 19:07 - 2016-02-10 20:47 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2016-01-23 19:07 - 2016-02-03 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-23 19:07 - 2016-01-23 19:38 - 00000000 ____D C:\ProgramData\Skype
2016-01-23 19:07 - 2016-01-23 19:07 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-23 19:05 - 2016-02-10 19:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-23 19:05 - 2016-02-05 20:29 - 00000000 ____D C:\Users\David\AppData\Roaming\deluge
2016-01-23 19:04 - 2016-02-03 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-23 19:04 - 2016-01-23 19:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-23 19:04 - 2016-01-23 19:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-23 19:04 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-23 19:04 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-01-23 19:04 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-01-23 18:55 - 2016-02-03 20:04 - 00000000 ____D C:\Users\David\AppData\Local\Google
2016-01-23 18:55 - 2016-02-03 20:04 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-23 18:55 - 2016-02-03 19:41 - 00002954 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-01-23 18:55 - 2016-01-23 18:55 - 01065208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-01-23 18:55 - 2016-01-23 18:55 - 00464256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-01-23 18:55 - 2016-01-23 18:55 - 00147088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngvss.sys
2016-01-23 18:55 - 2016-01-23 18:55 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-01-23 18:55 - 2016-01-23 18:55 - 00001982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-01-23 18:55 - 2016-01-23 18:55 - 00000000 ____D C:\Users\David\AppData\Roaming\AVAST Software
2016-01-23 18:55 - 2016-01-23 18:54 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-01-23 18:55 - 2016-01-23 18:54 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-01-23 18:55 - 2016-01-23 18:54 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-01-23 18:55 - 2016-01-23 18:54 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-01-23 18:55 - 2016-01-23 18:54 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-01-23 18:55 - 2016-01-23 18:54 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-01-23 18:54 - 2016-01-23 18:54 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-01-23 18:54 - 2016-01-23 18:54 - 00000000 ____D C:\Program Files\AVAST Software
2016-01-23 18:53 - 2016-01-23 18:53 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-23 18:48 - 2016-02-03 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-01-23 18:48 - 2016-01-23 22:50 - 00000000 ____D C:\Users\David\AppData\Local\Battle.net
2016-01-23 18:48 - 2016-01-23 18:49 - 00000000 ____D C:\Users\David\AppData\Roaming\Battle.net
2016-01-23 18:48 - 2016-01-23 18:48 - 00000000 ____D C:\Users\David\AppData\Local\Blizzard Entertainment
2016-01-23 18:48 - 2016-01-23 18:48 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-01-23 18:44 - 2016-01-23 18:44 - 00000000 ____D C:\Program Files (x86)\NCWest
2016-01-23 18:43 - 2016-01-23 18:43 - 00000000 ____D C:\ProgramData\Battle.net
2016-01-23 12:10 - 2016-01-23 12:10 - 00000000 ____D C:\Users\David\AppData\Roaming\Macromedia
2016-01-23 12:01 - 2016-01-23 12:01 - 00001051 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-01-23 12:00 - 2015-12-09 16:39 - 00301728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-01-23 11:59 - 2016-02-10 19:27 - 00003038 _____ C:\WINDOWS\System32\Tasks\AsrAPPShop
2016-01-23 11:59 - 2016-02-10 19:26 - 00022280 _____ (ASRock Incorporation) C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys
2016-01-23 11:59 - 2016-01-23 12:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-23 11:59 - 2016-01-23 11:59 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-23 11:59 - 2016-01-23 11:59 - 00000000 ____D C:\ProgramData\ASRock
2016-01-23 11:57 - 2016-01-23 11:57 - 00026880 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\Drivers\wdcsam64.sys
2016-01-23 11:51 - 2015-12-17 03:19 - 00103216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-01-23 11:50 - 2015-12-18 21:48 - 12426896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-01-23 11:50 - 2015-12-17 05:59 - 42976888 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 37608568 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 31098488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 24923768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 21131424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 20672376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 19727624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 17568432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 17164160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 17123736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 17104016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 14103608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 03603368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 03184152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 02560816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 02214192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 01915512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00786688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00784640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00735024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00630592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00601936 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00541000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00416560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00378784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00376440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00370992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00339760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00316960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-01-23 11:50 - 2015-12-17 05:59 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-01-23 11:50 - 2015-12-17 05:59 - 00035775 _____ C:\WINDOWS\system32\nvinfo.pb
2016-01-23 11:48 - 2016-01-12 17:40 - 00112032 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-01-23 11:47 - 2016-01-23 11:52 - 00000000 ____D C:\Users\David\AppData\Local\MicrosoftEdge
2016-01-23 11:47 - 2015-12-18 19:11 - 00047760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-01-23 11:47 - 2015-12-18 19:10 - 00099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-01-23 11:47 - 2015-12-18 19:10 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-01-23 09:58 - 2016-02-10 19:30 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7A2DD860-8018-45B9-8587-1A0C93DE3461}
2016-01-23 09:51 - 2016-02-03 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-01-23 09:51 - 2016-01-23 11:48 - 00000000 ____D C:\Users\David\AppData\Local\NVIDIA
2016-01-23 09:51 - 2016-01-23 09:51 - 00000000 ____D C:\Users\David\AppData\Local\NVIDIA Corporation
2016-01-23 09:51 - 2016-01-12 17:41 - 01542600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-01-23 09:51 - 2016-01-12 17:41 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-01-23 09:51 - 2016-01-12 17:40 - 01860120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-01-23 09:51 - 2016-01-12 17:40 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-01-23 09:51 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2016-01-23 09:51 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-01-23 09:51 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2016-01-23 09:51 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2016-01-23 09:51 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-01-23 09:51 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2016-01-23 09:50 - 2015-08-26 07:38 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435582.dll
2016-01-23 09:50 - 2015-08-26 07:38 - 01558648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435582.dll
2016-01-23 09:41 - 2016-02-03 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2016-01-23 09:41 - 2016-01-23 09:41 - 00000000 ____D C:\Program Files\ASRock Utility
2016-01-23 09:41 - 2016-01-23 09:41 - 00000000 ____D C:\Program Files (x86)\ASRock Utility
2016-01-23 09:41 - 2011-11-07 10:13 - 00017192 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\AsrAppCharger.sys
2016-01-23 09:40 - 2015-06-02 11:12 - 00003130 _____ C:\WINDOWS\system32\e1d65x64.din
2016-01-23 09:40 - 2015-05-19 05:45 - 00494064 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\e1d65x64.sys
2016-01-23 09:40 - 2015-05-07 20:31 - 00404752 ____R (Intel Corporation) C:\WINDOWS\system32\PROUnstl.exe
2016-01-23 09:40 - 2015-05-07 20:17 - 00001904 _____ C:\WINDOWS\system32\SetupBD.din
2016-01-23 09:40 - 2015-04-02 09:46 - 00075288 _____ (Intel Corporation) C:\WINDOWS\system32\e1dmsg.dll
2016-01-23 09:40 - 2015-02-25 09:23 - 00089872 _____ (Intel Corporation) C:\WINDOWS\system32\NicInstD.dll
2016-01-23 09:40 - 2014-04-18 18:17 - 00125728 _____ (Intel Corporation) C:\WINDOWS\system32\NicCo4.dll
2016-01-23 09:38 - 2016-01-23 09:38 - 00000000 ____D C:\Program Files (x86)\Intel
2016-01-23 09:37 - 2016-02-03 19:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-01-23 09:37 - 2016-01-23 09:37 - 00838760 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-01-23 09:37 - 2016-01-23 09:37 - 00000000 ____D C:\Users\David\Intel
2016-01-23 09:37 - 2016-01-23 09:37 - 00000000 ____D C:\Users\David\AppData\Roaming\Intel Corporation
2016-01-23 09:37 - 2016-01-23 09:37 - 00000000 ____D C:\ProgramData\Intel
2016-01-23 09:36 - 2016-01-23 09:36 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-01-23 09:36 - 2016-01-23 09:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-23 09:36 - 2016-01-23 09:36 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-01-23 09:36 - 2014-03-12 02:50 - 00853784 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-01-23 09:36 - 2014-03-12 02:00 - 03891800 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-01-23 09:36 - 2014-03-11 22:37 - 57362432 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-01-23 09:36 - 2014-03-11 15:06 - 01738032 _____ C:\WINDOWS\system32\SStudio.dll
2016-01-23 09:36 - 2014-03-10 22:09 - 00947928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-01-23 09:36 - 2014-03-07 15:57 - 02794200 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2016-01-23 09:36 - 2014-03-06 21:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-01-23 09:36 - 2014-03-05 10:11 - 01048824 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-01-23 09:36 - 2014-03-05 10:11 - 00889592 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-01-23 09:36 - 2014-03-05 10:11 - 00724728 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-01-23 09:36 - 2014-03-05 10:11 - 00246008 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-01-23 09:36 - 2014-03-05 01:27 - 02831576 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-01-23 09:36 - 2014-03-04 22:19 - 00627928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-01-23 09:36 - 2014-03-04 01:21 - 01019608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-01-23 09:36 - 2014-02-28 01:02 - 02162992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-01-23 09:36 - 2014-02-26 20:16 - 02080472 ____R (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-01-23 09:36 - 2014-02-26 13:48 - 00942384 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll
2016-01-23 09:36 - 2014-02-26 13:47 - 05751048 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-01-23 09:36 - 2014-02-18 23:12 - 01042520 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-01-23 09:36 - 2014-02-18 23:12 - 00882776 _____ (Waves Audio Ltd.) C:\WINDOWS\SysWOW64\MaxxAudioAPOShell.dll
2016-01-23 09:36 - 2014-02-18 22:04 - 02770976 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-01-23 09:36 - 2014-02-18 19:48 - 02396760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-01-23 09:36 - 2014-02-18 19:48 - 01424984 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-01-23 09:36 - 2014-02-18 19:48 - 01423960 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-01-23 09:36 - 2014-02-17 01:30 - 28314200 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnA64.dll
2016-01-23 09:36 - 2014-02-17 01:30 - 14742104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-01-23 09:36 - 2014-02-17 01:30 - 12816472 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-01-23 09:36 - 2014-02-17 01:30 - 03927640 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnN64.dll
2016-01-23 09:36 - 2014-02-17 01:30 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-01-23 09:36 - 2014-02-17 01:30 - 02040920 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-01-23 09:36 - 2014-02-17 01:30 - 01933400 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll
2016-01-23 09:36 - 2014-02-06 16:28 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2016-01-23 09:36 - 2014-01-31 22:28 - 00938608 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-01-23 09:36 - 2014-01-31 22:27 - 01313904 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-01-23 09:36 - 2014-01-28 16:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-01-23 09:36 - 2013-10-16 08:43 - 00209096 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-01-23 09:36 - 2013-10-11 17:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-01-23 09:36 - 2013-10-11 16:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-01-23 09:36 - 2013-10-07 05:26 - 00501184 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-01-23 09:36 - 2013-10-07 05:26 - 00487360 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-01-23 09:36 - 2013-10-07 05:26 - 00415680 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-01-23 09:36 - 2013-09-10 09:02 - 06217904 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-01-23 09:36 - 2013-09-10 09:02 - 00313520 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-01-23 09:36 - 2013-09-10 09:01 - 01938608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-01-23 09:36 - 2013-09-10 09:01 - 00260272 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-01-23 09:36 - 2013-08-20 22:37 - 00605496 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-01-23 09:36 - 2013-08-14 20:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-01-23 09:36 - 2013-08-14 20:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-01-23 09:36 - 2013-06-25 17:47 - 00871856 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2016-01-23 09:36 - 2013-06-25 17:47 - 00162224 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2016-01-23 09:36 - 2013-06-25 17:46 - 00582056 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2016-01-23 09:36 - 2013-06-21 16:01 - 00109848 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-01-23 09:36 - 2013-04-03 19:13 - 00906800 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-01-23 09:36 - 2012-09-01 00:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-01-23 09:36 - 2012-09-01 00:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-01-23 09:36 - 2012-09-01 00:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-01-23 09:36 - 2012-09-01 00:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-01-23 09:36 - 2012-09-01 00:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-01-23 09:36 - 2012-03-08 16:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-01-23 09:36 - 2012-01-30 16:43 - 00836544 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-01-23 09:36 - 2012-01-10 15:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-01-23 09:36 - 2011-12-20 20:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-01-23 09:36 - 2011-11-22 21:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-01-23 09:36 - 2011-09-02 19:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-01-23 09:36 - 2011-09-02 19:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-01-23 09:36 - 2011-09-02 19:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-01-23 09:36 - 2011-08-23 22:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-01-23 09:36 - 2011-05-31 14:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-01-23 09:36 - 2011-05-31 14:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-01-23 09:36 - 2011-05-31 14:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-01-23 09:36 - 2011-05-31 14:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-01-23 09:36 - 2011-05-31 14:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-01-23 09:36 - 2011-05-31 14:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-01-23 09:36 - 2011-05-31 14:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-01-23 09:36 - 2011-05-31 14:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-01-23 09:36 - 2011-05-31 14:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-01-23 09:36 - 2011-05-31 14:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-01-23 09:36 - 2011-05-31 14:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-01-23 09:36 - 2011-05-31 14:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-01-23 09:36 - 2011-03-17 17:17 - 01361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-01-23 09:36 - 2011-03-07 22:11 - 00148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-01-23 09:36 - 2010-11-08 12:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-01-23 09:36 - 2010-11-08 12:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-01-23 09:36 - 2010-11-08 12:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-01-23 09:36 - 2010-11-08 12:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-01-23 09:36 - 2010-11-08 12:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-01-23 09:36 - 2010-11-08 12:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-01-23 09:36 - 2010-11-03 23:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-01-23 09:36 - 2010-09-27 14:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-01-23 09:36 - 2010-07-22 21:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-01-23 09:36 - 2009-11-24 14:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-01-23 09:36 - 2009-11-24 14:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-01-23 09:36 - 2009-11-24 14:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-01-23 09:36 - 2009-11-24 14:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-01-23 09:31 - 2016-02-06 11:57 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-23 09:31 - 2016-01-23 09:40 - 00000000 ____D C:\Program Files\Intel
2016-01-23 09:30 - 2016-01-23 12:05 - 00022352 _____ (RW-Everything) C:\WINDOWS\SysWOW64\Drivers\AsrSetupDrv.sys
2016-01-23 09:30 - 2016-01-23 12:05 - 00000000 ____D C:\Users\David\Downloads\Setup
2016-01-23 09:23 - 2016-02-07 22:50 - 00881036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-23 09:18 - 2016-02-03 19:45 - 00002370 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-01-23 09:18 - 2016-01-23 09:18 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-01-23 09:16 - 2016-02-07 11:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-01-23 09:16 - 2016-02-03 20:00 - 00000000 ____D C:\Users\David\AppData\Local\Packages
2016-01-23 09:16 - 2016-01-23 09:16 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-TTGS3RU_defaultuser0_HistoryPrediction.bin
2016-01-23 09:16 - 2016-01-23 09:16 - 00000000 ____D C:\Users\David\AppData\Roaming\Adobe
2016-01-23 09:16 - 2016-01-23 09:16 - 00000000 ____D C:\Users\David\AppData\Local\VirtualStore
2016-01-23 09:16 - 2016-01-23 09:16 - 00000000 ____D C:\Users\David\AppData\Local\TileDataLayer
2016-01-23 09:16 - 2016-01-23 09:16 - 00000000 ____D C:\Users\David\AppData\Local\Publishers
2016-01-23 09:12 - 2016-01-23 09:12 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-10 19:56 - 2015-10-30 20:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-10 19:42 - 2015-10-30 20:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-10 19:34 - 2015-10-30 20:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-10 19:34 - 2015-10-30 20:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-07 15:05 - 2015-10-30 20:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-07 01:23 - 2015-10-30 20:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-02-07 01:23 - 2015-10-30 20:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-02-07 01:23 - 2015-10-30 20:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-02-07 01:23 - 2015-10-30 20:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-02-07 01:23 - 2015-10-30 20:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-02-07 01:23 - 2015-10-30 20:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-02-07 01:23 - 2015-10-30 20:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-02-07 01:23 - 2015-10-30 19:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-04 17:43 - 2015-10-30 20:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-02-04 16:37 - 2015-10-30 20:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-02-04 16:36 - 2015-10-30 20:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-02-04 16:36 - 2015-10-30 20:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-02-04 16:36 - 2015-10-30 19:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-02-04 16:36 - 2015-10-30 19:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-02-03 20:02 - 2015-10-30 20:24 - 00000000 ____D C:\WINDOWS\Registration
2016-02-03 19:59 - 2015-10-30 20:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-02-03 19:43 - 2015-10-30 20:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-02-03 19:43 - 2015-10-30 20:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-02-03 19:42 - 2015-10-30 20:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-02-03 19:41 - 2015-10-30 20:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-02-03 19:40 - 2015-10-30 19:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-03 19:40 - 2015-07-10 22:05 - 00000000 ____D C:\Users\Default.migrated
2016-02-03 19:39 - 2015-10-30 22:03 - 00000000 ____D C:\WINDOWS\OCR
2016-02-03 19:39 - 2015-10-30 20:24 - 00000000 ____D C:\WINDOWS\system32\spool
2016-02-03 19:39 - 2015-10-30 20:24 - 00000000 ____D C:\ProgramData\USOPrivate
2016-02-03 19:39 - 2015-10-30 20:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-02-03 19:39 - 2015-10-30 19:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-02-03 19:38 - 2015-10-30 22:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-02-03 19:38 - 2015-10-30 20:24 - 00000000 ____D C:\WINDOWS\Help
2016-02-03 19:28 - 2015-10-30 22:42 - 00000000 ___HD C:\$WINDOWS.~BT

==================== Files in the root of some directories =======

2016-02-08 20:23 - 2016-02-08 20:23 - 0001781 _____ () C:\Users\David\AppData\Local\recently-used.xbel
2016-02-03 19:38 - 2016-02-03 19:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\David\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-03 19:38

==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by David (2016-02-10 21:10:28)
Running from D:\Users\user\Desktop
Windows 10 Home (X64) (2016-02-03 06:42:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2806489308-2931262457-2236997717-500 - Administrator - Disabled)
David (S-1-5-21-2806489308-2931262457-2236997717-1001 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-2806489308-2931262457-2236997717-503 - Limited - Disabled)
Guest (S-1-5-21-2806489308-2931262457-2236997717-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
APP Shop v1.0.20 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.20 - ASRock Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Deluge 1.3.12 (HKLM-x32\...\Deluge) (Version:  - )
f.lux (HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\...\Flux) (Version:  - )
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Gyazo 3.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.12.253 - SurfRight B.V.)
Intel® Chipset Device Software (x32 Version: 10.0.27 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1147 - Intel Corporation)
Intel® Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Logitech Gaming Software 8.78 (HKLM\...\Logitech Gaming Software) (Version: 8.78.129 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 44.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 en-US)) (Version: 44.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Graphics Driver 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version:  - SQUARE ENIX)
Vegas Pro 12.0 (64-bit) (HKLM\...\{64A98EF1-2680-11E3-A909-F04DA23A5C58}) (Version: 12.0.726 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2806489308-2931262457-2236997717-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_2\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00BD4E25-0CAF-4FDB-B374-5AE1499E4158} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-23] (Adobe Systems Incorporated)
Task: {2886A211-14FF-4084-81F1-ABA2D5060753} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-01-23] (AVAST Software)
Task: {401BD97B-712C-434D-A770-89B7C3649803} - System32\Tasks\{FF92C751-A003-4B6A-BC65-4C8288D3BA03} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.109/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {48B4CBF1-DC8D-44AC-83A3-DB7B56CB468D} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-01-19] ()
Task: {6CBACF9D-28F4-49EA-B6E0-C6F975F4B9AD} - \KMS10Server -> No File <==== ATTENTION
Task: {6F8D6676-E372-4ACC-8B93-C01AF327416A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-09] (Piriform Ltd)
Task: {8377AC5C-8C24-422E-BEDB-D49E12C6C9A8} - \KMS10 -> No File <==== ATTENTION
Task: {84860AD7-7C80-4E81-A651-E4ECDF9E8C21} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {CE7F6990-ED96-4A1D-A6EC-F20F2C4BB6E2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-01-23] (Microsoft Corporation)
Task: {DBB78972-E9F4-427B-B881-670604A3923A} - System32\Tasks\AsrAPPShop => C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe [2015-07-01] ()
Task: {DE34054E-4E2C-4711-928F-4F56265803BB} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-01-19] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-01-23 11:48 - 2016-01-12 17:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-10-30 20:18 - 2015-10-30 20:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-03 20:18 - 2016-02-03 20:18 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-04 16:36 - 2016-02-04 16:36 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-04 16:36 - 2016-02-04 16:36 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-02-06 14:42 - 2016-01-16 18:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-06 14:42 - 2016-01-16 18:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-24 12:36 - 2015-11-24 12:36 - 01339984 _____ () C:\Program Files (x86)\OBS\OBS.exe
2014-01-21 16:54 - 2014-01-21 16:54 - 01301688 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2016-02-10 19:36 - 2016-02-10 19:36 - 02364928 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.9\deploy\LoLLauncher.exe
2016-02-10 19:36 - 2016-02-10 19:36 - 04287488 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.49\deploy\LoLPatcher.exe
2016-01-23 20:14 - 2016-01-23 20:14 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.186\deploy\LolClient.exe
2016-01-23 18:54 - 2016-01-23 18:54 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-01-23 18:54 - 2016-01-23 18:54 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-07 00:36 - 2016-02-07 00:36 - 02819072 _____ () C:\Program Files\AVAST Software\Avast\defs\16020600\algo.dll
2016-01-23 18:54 - 2016-01-23 18:54 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-07 11:44 - 2016-02-07 11:44 - 02819072 _____ () C:\Program Files\AVAST Software\Avast\defs\16020601\algo.dll
2016-01-23 18:54 - 2016-01-23 18:54 - 00241896 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-02-10 20:03 - 2016-02-10 20:03 - 02820096 _____ () C:\Program Files\AVAST Software\Avast\defs\16020902\algo.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2016-02-03 20:18 - 2016-02-03 20:18 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-03 20:18 - 2016-02-03 20:18 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-01-23 18:54 - 2016-01-23 18:54 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-01-23 09:51 - 2016-01-12 17:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-01-23 20:28 - 2015-12-15 18:54 - 00782336 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2016-01-23 20:28 - 2015-07-04 05:12 - 04962816 _____ () D:\Program Files (x86)\Steam\v8.dll
2016-01-23 20:28 - 2016-02-05 10:02 - 02546768 _____ () D:\Program Files (x86)\Steam\video.dll
2016-01-23 20:28 - 2015-09-24 13:33 - 02549248 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2016-01-23 20:28 - 2015-09-24 13:33 - 00491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2016-01-23 20:28 - 2015-09-24 13:33 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2016-01-23 20:28 - 2015-09-24 13:33 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2016-01-23 20:28 - 2015-09-24 13:33 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2016-01-23 20:28 - 2015-07-04 05:12 - 01556992 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2016-01-23 20:28 - 2015-07-04 05:12 - 01187840 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2016-01-23 20:28 - 2016-02-05 10:01 - 00802896 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-01-23 20:28 - 2015-12-30 14:51 - 00208896 _____ () D:\Program Files (x86)\Steam\bin\openvr_api.dll
2016-01-23 20:28 - 2016-01-06 14:52 - 48387872 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2016-01-23 20:28 - 2015-09-25 12:56 - 00119208 _____ () D:\Program Files (x86)\Steam\winh264.dll
2015-07-10 21:14 - 2015-07-10 21:14 - 01960016 _____ () C:\Program Files (x86)\OBS\OBSApi.dll
2015-11-24 12:36 - 2015-11-24 12:36 - 00214096 _____ () C:\Program Files (x86)\OBS\plugins\DShowPlugin.dll
2015-07-10 21:14 - 2015-07-10 21:14 - 00157264 _____ () C:\Program Files (x86)\OBS\plugins\GraphicsCapture.dll
2015-07-10 21:14 - 2015-07-10 21:14 - 00155728 _____ () C:\Program Files (x86)\OBS\plugins\NoiseGate.dll
2015-07-10 21:14 - 2015-07-10 21:14 - 00100944 _____ () C:\Program Files (x86)\OBS\plugins\PSVPlugin.dll
2016-02-10 19:36 - 2016-02-10 19:36 - 01458176 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.49\deploy\RiotLauncher.dll
2016-01-23 20:13 - 2016-01-23 20:13 - 04885152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.186\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2015-12-05 00:39 - 2015-12-05 00:39 - 00328272 _____ () C:\Program Files (x86)\OBS\plugins\GraphicsCapture\GraphicsCaptureHook.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-11 00:04 - 2016-01-23 20:50 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{027C8C67-5521-4D7E-9A7D-5D83C98EF962}D:\users\user\desktop\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) D:\users\user\desktop\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [TCP Query User{35C0D21F-D41A-4FF0-9D41-82C75961F1FB}D:\users\user\desktop\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) D:\users\user\desktop\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [UDP Query User{78B77051-DAF2-49F8-A85A-E3D884BF386B}D:\users\user\desktop\teamspeak3-server_win64-3.0.11.4\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) D:\users\user\desktop\teamspeak3-server_win64-3.0.11.4\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [TCP Query User{0FBA07EE-5F65-4BEB-93CF-14F8FB6273F1}D:\users\user\desktop\teamspeak3-server_win64-3.0.11.4\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) D:\users\user\desktop\teamspeak3-server_win64-3.0.11.4\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [{87CD1497-5BA0-42BB-AADB-A2B9E7DB9313}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{9DBA6033-D0D5-4B52-9A8B-8A795A0A207C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{FFDCD1D6-A193-490F-A1B0-037BE5797F34}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{BE69472D-7937-4854-A6EF-52F385B2AB0E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [UDP Query User{C2E84BB2-408D-4549-9A98-139AB5C02142}D:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) D:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{2AA60472-72BA-4E8B-9432-2C5F411359BF}D:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) D:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{9C24A0CA-EFFF-4437-80A5-E9F4DD102C12}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{5D115CF6-DAD9-4497-9CAB-42A74B2306EF}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [{7BCED4E8-1734-4007-A6F0-FFEDF3B5F8BA}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A59FAF84-DF1D-47A1-96A6-4C2D1097AA22}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4A83D416-0988-48EB-8CB7-D6C967CFA0AC}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BF694FE7-B002-46A4-800E-149B1D837B66}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D9CEA766-CC7D-4EF2-B10B-77452C034C42}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{DFFC3C3E-F3D3-44FE-9D5A-093D8F514AF1}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [UDP Query User{20586D36-6AB8-4DF1-BF69-A03C971722C7}D:\program files (x86)\winamp\winamp.exe] => (Allow) D:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{8D487544-DD5F-4E0F-8B0E-5BFB7F00487C}D:\program files (x86)\winamp\winamp.exe] => (Allow) D:\program files (x86)\winamp\winamp.exe
FirewallRules: [{79C63E2A-0F28-4706-9BBC-6D5A55AFF7F2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{6A284938-779E-44BA-8530-DC4A81C88E00}D:\program files (x86)\deluge\deluge.exe] => (Allow) D:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{7A22EB0D-C229-49B9-AA11-646BF0A56F46}D:\program files (x86)\deluge\deluge.exe] => (Allow) D:\program files (x86)\deluge\deluge.exe
FirewallRules: [{6BEF9BB7-FE97-4D47-BAF3-FA5B30AFFD39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D01598BB-C33B-4793-BEE0-C82827033185}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{42F2103A-4D37-44E2-BE8F-07401FDDE183}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4D6AD576-693C-4B2F-BF29-033B78870536}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4D703821-E5FE-4E52-BBD0-B771A5F575C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A52FAEC2-E25A-4108-955C-8751A455319A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1D177AE6-89F2-45CE-9F57-276EACB1A191}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0DC88F3F-EE5B-456B-B355-643FF33AA96C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CAF0355E-DAC8-46ED-BC24-CC4875FB4F0E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{D7E29FF7-ED1A-4908-99D5-886410665A5B}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{6F99A235-3B95-45DB-A2AE-D97C113E76FF}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{3B69FFBD-94CE-4494-AD25-E4961E115178}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{0913E938-D97A-43DF-8E1D-7876F4AF4DA1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{9BBAF5C8-8E6A-4263-BA57-F3F51683333B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{99B7715D-E192-4888-A4A3-EA306F773E68}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{6406D016-459E-49A1-BECC-E2812F353B2A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{1616E8BE-F8B9-45AD-ABC4-1AC58842E4C6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{4CEC44CD-A801-45EA-90B1-F6AB01256DD5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{BB92F4F1-FD3B-487C-8566-6F6A6A273880}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/10/2016 07:27:09 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/10/2016 07:26:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/10/2016 07:26:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=4

Error: (02/09/2016 07:21:13 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/09/2016 07:21:13 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=3

Error: (02/08/2016 06:38:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (02/08/2016 10:21:00 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (02/08/2016 10:19:44 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007139F
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/08/2016 10:19:35 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007139F
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/07/2016 03:04:43 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8


System errors:
=============
Error: (02/10/2016 07:49:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/09/2016 10:52:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_53b38ab service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/09/2016 10:52:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_53b38ab service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/09/2016 10:52:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_53b38ab service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/09/2016 10:52:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_53b38ab service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/09/2016 10:52:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/08/2016 10:42:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_35986cd service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/08/2016 10:42:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_35986cd service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/08/2016 10:42:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_35986cd service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/08/2016 10:42:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_35986cd service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.


CodeIntegrity:
===================================
  Date: 2016-02-10 20:03:57.465
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-07 23:27:48.789
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-07 11:57:14.426
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-07 11:44:36.619
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-07 00:51:38.549
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-03 19:41:35.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-03 19:41:12.475
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-03 19:38:23.773
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i5-6600 CPU @ 3.30GHz
Percentage of memory in use: 46%
Total physical RAM: 8124.1 MB
Available physical RAM: 4378.07 MB
Total Virtual: 9404.1 MB
Available Virtual: 4790.48 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:111.3 GB) (Free:69.3 GB) NTFS
Drive d: (Local Disk_MAIN) (Fixed) (Total:882.58 GB) (Free:647.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: A8BF66EA)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 93B028C8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=882.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19.5 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================


  • 0

#4
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,213 posts

What can you tell me about these log entries?  Why is KMS10 on this system?

Task: {6CBACF9D-28F4-49EA-B6E0-C6F975F4B9AD} - \KMS10Server -> No File <==== ATTENTION
Task: {8377AC5C-8C24-422E-BEDB-D49E12C6C9A8} - \KMS10 -> No File <==== ATTENTION

  • 0

#5
itsdave

itsdave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Honestly I don't know what KMS10 is or how it got there. I thought it was part of some program installation..

 

What should I do with it?


  • 0

#6
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,213 posts

Thanks for the info on KMS10; we will take care of it during the cleaning.
 

FIRST >>>>

Please go to START (Windows Orb) >> Control Panel >> Uninstall a Program or Programs and Features and remove the following (if listed):

Open Broadcaster Software

To do so, left clicking on the name once and then click Uninstall/Change at the bar above the list window.  

Follow the prompts of the uninstaller BUT please read carefully any questions it asks before answering; some uninstallers will try and deceive you into keeping the software.


SECOND >>>>

Your System Restore has been disabled.  Please go to Start > type System Restore in the search box and click on 'Create a Restore point' under Settings in the resulting list.
In the System Properties window that opens, click on Configure.  Set the Restore settings to ON, the Disk Space Usage to 5~10% and then click apply.
You can close these windows when you are finished.

 
LAST >>>>

Open notepad by pressing the Windows Key + R key, typing notepad in the Run box and pressing Enter.  Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it to your desktop as fixlist.txt
 

Start
CreateRestorePoint:
CloseProcesses:
C:\Program Files (x86)\OBS
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-nz/?pc=UE03&ocid=UE03DHP
2016-02-03 19:38 - 2016-02-03 19:38 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-01-23 20:24 - 2016-02-10 20:32 - 00000000 ____D C:\Users\David\AppData\Roaming\OBS
2016-01-23 20:24 - 2016-02-03 19:40 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2016-01-23 20:24 - 2016-01-23 20:24 - 00000000 ____D C:\Program Files\OBS
2016-01-23 20:24 - 2016-01-23 20:24 - 00000000 ____D C:\Program Files (x86)\OBS
C:\Users\David\AppData\Local\Temp\sqlite3.dll
Task: {401BD97B-712C-434D-A770-89B7C3649803} - System32\Tasks\{FF92C751-A003-4B6A-BC65-4C8288D3BA03} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.109/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {6CBACF9D-28F4-49EA-B6E0-C6F975F4B9AD} - \KMS10Server -> No File <==== ATTENTION
Task: {8377AC5C-8C24-422E-BEDB-D49E12C6C9A8} - \KMS10 -> No File <==== ATTENTION
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CMD: bitsadmin /reset /allusers
RemoveProxy:
EmptyTemp:
Reboot:
end


NOTE. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Start FRST that is on the desktop by right clicking on file and selecting "Run as Administrator..." and press the Fix button just once and wait.

Press%20the%20FIX%20button_zpsdd5zi3mt.p

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.



Information to Reply with >>>>

  • How did the uninstall go?  Any errors or issues?
  • Did the System Restore settings produce any errors when you tried to change them?
  • The Fixlog.txt log file text pasted here.
  • How is your system running now?

  • 0

#7
itsdave

itsdave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

After reading through your steps I accidentally forgot step 1 (uninstalling OBS) and went to step 2 sorry that was my fault. System Restore settings didn't produce any errors and they were set at 10% threshold before I ran FRST with the txt file. I went to Program and Features and realised OBS got uninstalled in the process(?)

 

Should I run the System Restore point? Nothing's out of the ordinary. Sometimes it takes a few hours + restart before the hao123 attaches itself to my browser shortcut again.

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by David (2016-02-11 19:41:27) Run:1
Running from D:\Users\user\Desktop
Loaded Profiles: David (Available Profiles: David)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
C:\Program Files (x86)\OBS
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-nz/?pc=UE03&ocid=UE03DHP
2016-02-03 19:38 - 2016-02-03 19:38 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-01-23 20:24 - 2016-02-10 20:32 - 00000000 ____D C:\Users\David\AppData\Roaming\OBS
2016-01-23 20:24 - 2016-02-03 19:40 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2016-01-23 20:24 - 2016-01-23 20:24 - 00000000 ____D C:\Program Files\OBS
2016-01-23 20:24 - 2016-01-23 20:24 - 00000000 ____D C:\Program Files (x86)\OBS
C:\Users\David\AppData\Local\Temp\sqlite3.dll
Task: {401BD97B-712C-434D-A770-89B7C3649803} - System32\Tasks\{FF92C751-A003-4B6A-BC65-4C8288D3BA03} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.109/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {6CBACF9D-28F4-49EA-B6E0-C6F975F4B9AD} - \KMS10Server -> No File <==== ATTENTION
Task: {8377AC5C-8C24-422E-BEDB-D49E12C6C9A8} - \KMS10 -> No File <==== ATTENTION
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CMD: bitsadmin /reset /allusers
RemoveProxy:
EmptyTemp:
Reboot:
end
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Program Files (x86)\OBS => moved successfully
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value removed successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Users\David\AppData\Roaming\OBS => moved successfully
C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software => moved successfully
C:\Program Files\OBS => moved successfully
"C:\Program Files (x86)\OBS" => not found.
C:\Users\David\AppData\Local\Temp\sqlite3.dll => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{401BD97B-712C-434D-A770-89B7C3649803}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{401BD97B-712C-434D-A770-89B7C3649803}" => key removed successfully
C:\WINDOWS\System32\Tasks\{FF92C751-A003-4B6A-BC65-4C8288D3BA03} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FF92C751-A003-4B6A-BC65-4C8288D3BA03}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6CBACF9D-28F4-49EA-B6E0-C6F975F4B9AD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CBACF9D-28F4-49EA-B6E0-C6F975F4B9AD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMS10Server" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8377AC5C-8C24-422E-BEDB-D49E12C6C9A8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8377AC5C-8C24-422E-BEDB-D49E12C6C9A8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMS10" => key removed successfully

=========  ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========  netsh advfirewall reset =========

Ok.


========= End of CMD: =========


=========  netsh advfirewall set allprofiles state on =========

Ok.


========= End of CMD: =========


========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.8.10586 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {8D22BB15-A209-429F-B437-B2766546C822}.
Unable to cancel {BAD9A84D-D780-4DCC-90DC-861476AB27B6}.
Unable to cancel {83185A85-0C97-4D85-B469-6C70D00ED757}.
0 out of 3 jobs canceled.

========= End of CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

EmptyTemp: => 513.3 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 19:41:51 ====


  • 0

#8
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,213 posts

No, you did fine.  Please do not do revert the system back by using System Restore; we will move forward from here.
 

FIRST >>>>

Junkware Removal Tool
Please download JRT from here to your desktop.

Note: Temporarily disable/shut down your protection software now to avoid potential conflicts, how to do so can be read here.

Double click the JRT.exe file to run the application.

The application will open an Command Prompt window and run from there (this is normal for this program, so not to be alarmed).

When it is asked, press any key to allow the program to continue / run.

This will create a log on the desktop; please copy and paste the JRT.txt log text in your next post.

Note: After the log file is created, please enable your protection software / reboot your system and verify your protection software is enabled.


SECOND >>>>


AdwCleaner by Xplode

Download AdwCleaner from here or from here. Save the file to the desktop.


NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.

  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:

    AdwCleaner_v5016_zpsf8ln0fea.png
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Waiting for action. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be deleted.
  • When the program has finished cleaning a report appears.
  • Once done it will ask to reboot, allow this

    adwcleaner_delete_restart.jpg
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[C0].txt

Optional:

NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.
 

 


  • 0

#9
itsdave

itsdave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Done.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Home x64
Ran by David (Administrator) on Thu 11/02/2016 at 21:18:20.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 11/02/2016 at 21:18:58.93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

# AdwCleaner v5.033 - Logfile created 11/02/2016 at 21:20:15
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : David - DESKTOP-TTGS3RU
# Running from : D:\Users\user\Desktop\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [567 bytes] ##########
 


  • 0

#10
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,213 posts

Malwarebytes' Anti-Malware
Please start Malwarebytes' Anti-Malware from either the desktop shortcut or the Start Menu item.

When the main screen opens, if the database is out of date, you can click on the Fix Now banner or the Update Now link
Main%20Screen_zpsnnwza0ky.png

Once updated, please select Settings > Detection and Protection. Please ensure that "Scan for Rootkits" is selected along with Non-Malware Protection PUP and PUM are set to "Treat detections as malware"
Detection%20Settings_zpsaviydqil.png

Once the settings have been configured, select the Dashboard tab to return to the Main screen and select "Scan Now >>" to start the scan.
Main%20Screen_zpsnnwza0ky.png

The scan may take some time to finish, so please be patient.
mbam21-scaninprogress_zps38w26yvt.jpg

If any malware is found, you will be presented with a screen like the one below.
mbam21-removeselected_zpsg83p7wis.jpg

If any malware is found, make sure that everything is checked, and click Remove Selected.
When the scan is complete, click View detailed log >> to view the results (even if MBAM did not find any malware).
The report screen will open.
At the bottom click on Export and select as txt file, save the file to your desktop and click OK.  When the export is complete, select OPEN.
The log file will be opened in your default text file viewer (usually Notepad); select the whole text (Ctrl + A) and copy (Ctrl + c) it to paste here in a reply.
 


  • 0

Advertisements


#11
itsdave

itsdave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/02/2016
Scan Time: 5:42 PM
Logfile: txt.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.02.12.01
Rootkit Database: v2016.02.08.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: David

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356410
Time Elapsed: 5 min, 28 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


  • 0

#12
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,213 posts

This next step may take a while (just to warn you) .....

ESET Online does not work with IE 11 (Internet Explorer) at the moment (a few weeks ago anyway) so if you have IE 11, Chrome or Firefox has to be used instead.  ESET Online does work with IE 10 and earlier.

You can leave Norton Enabled even though ESET may warn about it. just makes the scan take longer. The pictures below showing what to click may be blue instead of green on the ESET website now, but the procedure is still the same

Please read carefully and Slowly, Notice all the settings listed below to check before starting the scan. Stop and ask if you have any questions.

Take note of the NO tick in the Remove found threats setting below at it needs to have the tick removed.

-------------------------------------------------------------------------------------------------------------------

Hold down Control key and click on the following link to open ESET OnlineScan in a new window.

Link =>> ESET Online Scanner  <<

Click the Run ESET Online Scanner located on the left side of the page (not the free trial).

abfacb96-0c99-4b59-b9e9-9298aa0ee3ec_zps

For browsers other than Internet Explorer only: (Microsoft Internet Explorer users can skip this step)
Click on the esetsmartinstaller link in the popup window that opens. Save it to your desktop.

Getinstallerpopup2_zps65f446a6.png

Double click on the icon on your desktop.

desktopfile_zps98a1ee89.png

Check (accept) the Terms of Use.

TOU_zps4ecd3406.png

Click the START button.
Accept any security warnings from your browser.

Now in the Computer scan settings window that appears:-
Make sure that the option Enable detection of potentially unwanted applications is selected.
Now click on Advanced Settings and configure the options as follows:

Remove found threats is Not checked
Scan archives is checked
Scan for potentially unsafe applications is checked
Enable Anti-Stealth Technology is checked


Now click on: Start
Loadsettings_2014-08-23_zps3f2d0c88.png



ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

Downloadingsignatures_zps36c38587.png


Scanningdisplay_zpsec3aac14.png

When the scan is finished, if any threats are found you will see the screen below.  Click to view the found threats.

Threatsfound_zpsfe95fb4e.png

At the bottom of the listed threats, there is an option to save the results to a text file.  Please do this so you can attach the results here for review and removal of the items that are not false positives (these will be scripted out so do not worry).

Exporttotextfile_zps16cb487f.png

Once the log text file is saved, return to the Scan Finished screen by clicking "<<Back", then click on the uninstall button and click Finish.

UninstallcheckedandFinish_zps6fb26ad8.pn

Attach the saved log file in your next reply please.  Thanks.
 


  • 0

#13
itsdave

itsdave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834\HTA\install.1453455834.zip    a variant of Win32/OpenCandy.G potentially unsafe application
D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834\HTA\3rdparty\OCComSDK.dll    a variant of Win32/OpenCandy.G potentially unsafe application
D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834\HTA\3rdparty\OCSetupHlp.dll    a variant of Win32/OpenCandy.A potentially unsafe application
D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834_permissionsCopy\updates\7.9.2_31638.exe    a variant of Win32/AdkDLLWrapper.A potentially unwanted application
D:\Users\user\Desktop\My Stuff\transfer_new_pc\ccsetup513.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application
D:\Users\user\Desktop\Sony Vegas Pro 12 Build 726 (64 bit) (patch-keygen-DI) [ChingLiu]\patch - keygen DI\Keygen.exe    a variant of Win32/Keygen.HU potentially unsafe application
 


  • 0

#14
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,213 posts

Open notepad by pressing the Windows Key + R Key, typing in Notepad in the Run dialog and then pressing Enter.  Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it to your desktop as fixlist.txt
 

Start
CreateRestorePoint:
CloseProcesses:
D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834\HTA\install.1453455834.zip
D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834\HTA\3rdparty\OCComSDK.dll
D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834\HTA\3rdparty\OCSetupHlp.dll
D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834_permissionsCopy\updates\7.9.2_31638.exe
D:\Users\user\Desktop\My Stuff\transfer_new_pc\ccsetup513.exe
D:\Users\user\Desktop\Sony Vegas Pro 12 Build 726 (64 bit) (patch-keygen-DI) [ChingLiu]\patch - keygen DI\Keygen.exe
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CMD: bitsadmin /reset /allusers
RemoveProxy:
EmptyTemp:
Reboot:
end


NOTE. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST64 by right clicking on the FRST64.exe file, selecting "Run as Administrator..".  The User Account Control may open up; if it does, select Yes to continue to let FRST open and load.  

The tool will check for an updated version of itself every time it loads; please allow it to do this and the program will either inform you it is downloading an updated copy (and to wait until it is safe to continue) or show nothing (meaning there is no update found) and you can continue on.  Press the Fix button just once and wait.  The tool will create a restore point, process the script and ask for a restart of your system.

Press%20the%20FIX%20button_zpsdd5zi3mt.p

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
 
  • 0

#15
itsdave

itsdave

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Fix result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by David (2016-02-13 10:54:38) Run:2
Running from D:\Users\user\Desktop
Loaded Profiles: David (Available Profiles: David)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834\HTA\install.1453455834.zip
D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834\HTA\3rdparty\OCComSDK.dll
D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834\HTA\3rdparty\OCSetupHlp.dll
D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834_permissionsCopy\updates\7.9.2_31638.exe
D:\Users\user\Desktop\My Stuff\transfer_new_pc\ccsetup513.exe
D:\Users\user\Desktop\Sony Vegas Pro 12 Build 726 (64 bit) (patch-keygen-DI) [ChingLiu]\patch - keygen DI\Keygen.exe
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CMD: bitsadmin /reset /allusers
RemoveProxy:
EmptyTemp:
Reboot:
end
*****************

Restore point was successfully created.
Processes closed successfully.
D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834\HTA\install.1453455834.zip => moved successfully
D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834\HTA\3rdparty\OCComSDK.dll => moved successfully
D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834\HTA\3rdparty\OCSetupHlp.dll => moved successfully
D:\Users\user\AppData\Local\Temp\HYDDECC.tmp.1453455834_permissionsCopy\updates\7.9.2_31638.exe => moved successfully
D:\Users\user\Desktop\My Stuff\transfer_new_pc\ccsetup513.exe => moved successfully
D:\Users\user\Desktop\Sony Vegas Pro 12 Build 726 (64 bit) (patch-keygen-DI) [ChingLiu]\patch - keygen DI\Keygen.exe => moved successfully

=========  ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========  netsh advfirewall reset =========

Ok.


========= End of CMD: =========


=========  netsh advfirewall set allprofiles state on =========

Ok.


========= End of CMD: =========


========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========

The operation completed successfully.



========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.8.10586 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2806489308-2931262457-2236997717-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

EmptyTemp: => 381.6 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 10:54:52 ====


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP